nautobot

What's Changed

Security

• #5579 - Updated sqlparse to 0.5.0 to fix GHSA-2m57-hf25-phgg. This is not a direct dependency so it will not auto-update when upgrading Nautobot. Please be sure to update your local environment.

Added

• #2459 - Added nautobot.extras.utils.bulk_delete_with_bulk_change_logging helper function for improving performance on bulk delete.
• #2459 - Added nautobot.extras.context_managers.deferred_change_logging_for_bulk_operation context manager for improving performance on bulk update.

Changed

• #2459 - Improved performance of bulk-edit and bulk-delete UI operations by refactoring change logging logic.
• #5568 - Added hyperlink to the total device count number under device family.
• #5589 - Fixed an invalid Javascript operator in the LLDP neighbor view.

Fixed

• #5580 - Fixed bugs when assigning a VLAN to an Interface related to the recently introduced many-to-many relationship between VLANs and Locations.
• #5592 - Fixed plugins not loading when using Gunicorn.

Documentation

• #5583 - Re-added release note content for v1.6.16 through v1.6.18.

Housekeeping

• #5590 - Fixed upstream testing workflows showing successful when one of the steps fail.

Contributors

• @HanlinMiao
• @gsnider2195
• @abates
• @ericchou1

Full Changelog: https://github.com/nautobot/nautobot/compare/v2.2.1...v2.2.2

What's Changed

Security

• #5543 - Updated jquery-ui to version 1.13.2 due to CVE-2022-31160.

Dependencies

• #5543 - Updated jquery to version 3.7.1.

Contributors

@gertzakis

Full Changelog: https://github.com/nautobot/nautobot/compare/v1.6.17...v1.6.18

What's Changed

Security

• #5521 - Updated Pillow dependency to ~10.3.0 to address CVE-2024-28219.
• #5543 - Updated jquery-ui to version 1.13.2 due to CVE-2022-31160.
• #5561 - Updated idna to 3.7 due to CVE-2024-3651. This is not a direct dependency so will not auto-update when upgrading. Please be sure to upgrade your local environment.

Added

• #1631 - Added change logging for custom field background tasks.
• #5009 - Added the option to filter objects with select/multi-select custom fields based on the UUID of the defined custom field choice(s), for example /api/dcim/locations/?cf_multiselect=1ea9237c-3ba7-4985-ba7e-6fd9e9bff813 as an alternative to /api/dcim/locations/?cf_multiselect=some-choice-value.
• #5493 - Added a configuration setting METRICS_DISABLED_APPS to disable app metrics for specific apps.
• #5540 - Added total devices count to device family detail page.

Changed

• #5274 - Added a setting that changes all rack unit numbers to display a minimum of two digits in rack elevations.

Fixed

• #5469 - Fixed contacts and teams not being included in the global search.
• #5489 - Fixed REST API for Contact and Team incorrectly marking the phone and email fields as mandatory.
• #5502 - Fixed off-by-one error in generic filter testing helper BaseFilterTestCase.get_filterset_test_values.
• #5511 - Fixed contact tab disappearing when accessing dynamic groups tab.
• #5515 - Fixed javascript exception thrown in the Device LLDP neighbors view for neighbors without configured devices/interfaces.
• #5527 - Fixed incorrect "members" links in Virtual Chassis list view.
• #5531 - Re-added nautobot.setup() function mistakenly removed in 2.2.0.

Dependencies

• #5495 - Changed jsonschema version constraint from >=4.7.0,<4.19.0 to ^4.7.0.
• #5517 - Updated djangorestframework to ~3.15.1.
• #5521 - Updated most dependencies to the latest versions available as of 2024-04-01.
• #5543 - Updated jquery to version 3.7.1.

Documentation

• #5189 - Added "Model Development Checklist" to the core developer documentation.
• #5189 - Merged "Extending Models" documentation into the "Model Development Checklist" documentation.
• #5526 - Fixed doc reference to job cprofile file location.

Housekeeping

• #5531 - Removed nautobot-server pylint management command from the example_app, as pylint can be invoked directly with an appropriate --init-hook instead.
• #5547 - Fixed TransactionTestCase inheritance order so that test.client works in test cases using this class.

Contributors

• @glennmatthews
• @gsnider2195
• @jvanderaa
• @abates
• @tsm1th
• @itdependsnetworks
• @Kircheneer
• @HanlinMiao
• @ericchou1

New Contributors

• @tsm1th made their first contribution in https://github.com/nautobot/nautobot/pull/5508
• @ericchou1 made their first contribution in https://github.com/nautobot/nautobot/pull/5541

Full Changelog: https://github.com/nautobot/nautobot/compare/v2.2.0...v2.2.1

What's Changed

Dependencies

• #4583 - Updated pinned version of social-auth-core to remove dependency on python-jose & its dependency on ecdsa.
• #5495 - Changed jsonschema version constraint from >=4.7.0,<4.18.0 to ^4.7.0.

Contributors

• @whitej6
• @jvanderaa
• @glennmatthews

Full Changelog: https://github.com/nautobot/nautobot/compare/v1.6.16...v1.6.17

What's Changed

Added

Contact and Team Models (#230)

Contact and Team are models that represent an individual and a group of individuals who can be linked to an object. Contacts and teams store the necessary information (name, phone number, email, and address) to uniquely identify and contact them. They are added to track ownerships of organizational entities and to manage resources more efficiently in Nautobot. Check out the documentation for Contact and Team. There is also a user guide available on how to utilize these models.

A new management command has been introduced to assist with migrating the Location fields contact_name, contact_phone and contact_email to the new Contact and Team models. This command can be invoked with nautobot-server migrate_location_contacts and will present a series of prompts to guide you through migrating Locations that have data in the contact_name, contact_phone, or contact_email fields which are not already associated to a Contact or Team. This command will give you the option to create new Contacts or Teams or, if a similar Contact or Team already exists, to link the Location to the existing Contact or Team. Note that when assigning a Location to an existing Contact or Team that has a blank phone or email field, the value from the Location will be copied to the Contact/Team. After a Location has been associated to a Contact or Team, the contact_name, contact_phone, and contact_email fields will be cleared from the Location.

Controller Model (#3111)

Controller models have been added to the dcim app. A Controller in Nautobot is an abstraction meant to represent network or SDN (Software-Defined Networking) controllers. These may include, but are not limited to, wireless controllers, cloud-based network management systems, and other forms of central network control mechanisms.

For more details, refer to the user guide for a Controller model, a ControllerManagedDeviceGroup model, or developer documentation for Controllers.

DeviceFamily Model (#3559)

A Device Family represents a group of related Device Types. A Device Type can be optionally assigned to a Device Family. Each Device Family must have a unique name and may have a description assigned to it.

Jobs Tile View (#5129)

Job list is now available in two display variants: list and tiles. List is a standard table view with no major changes introduced. Tiles is a new type of view displaying jobs in a two-dimensional grid.

Prefix and VLAN Many Locations (#4334, #4412)

The Prefix and VLAN models have replaced their single location foreign-key field with a many-to-many locations field, allowing multiple Locations to be attached to a single Prefix or VLAN. To ensure backwards compatibility with pre-2.2 code, these models now have a location property which can be retrieved or set for the case of a single associated Location, but will raise a MultipleObjectsReturned exception if the Prefix or VLAN in question has more than one associated Location. REST API versions 2.0 and 2.1 similarly still have a location field, while REST API version 2.2 and later replace this with locations.

Software Image File and Software Version models (#1)

New models have been added for Software Image Files and Software Versions. These models are used to track the software versions of Devices, Inventory Items and Virtual Machines and their associated image files. These models have been ported from the Device Lifecycle Management App and a future update to that app will migrate all existing data from the nautobot_device_lifecycle_mgmt.SoftwareImageLCM and nautobot_device_lifecycle_mgmt.SoftwareLCM models to the dcim.SoftwareImageFile and dcim.SoftwareVersion models added here.

Software Versions must be associated to a Platform. Software Image Files must be associated to one Software Version and may be associated to one or more Device Types. Devices, Inventory Items and Virtual Machines may be associated to one Software Version to track their current version. See the documentation for Software Image File and Software Version. There is also a user guide with instructions on how to create these models.

Syntax Highlighting (#5098)

Language syntax highlighting for GraphQL, JSON, XML and YAML is now supported in the UI via JavaScript. To enable the feature, a code snippet has to be wrapped in the following HTML structure:

<pre><code class="language-{graphql,json,xml,yaml}">...</code></pre>

render_json and render_yaml template filters default to this new behavior with an optional opt-out syntax_highlight=False arg.

Changed

Data Imports as a System Job (#5064)

The CSV import functionality for all models has been changed from a synchronous operation to an asynchronous background task (system Job). As a result, imports of large CSV files will no longer fail due to browser timeout.

!!! tip
Users now must have the run action permission for extras > job (specifically the nautobot.core.jobs.ImportObjects Job) in order to import objects, in addition to the normal add permissions for the object type being imported.

Plugin to App Renames (#5341)

Installed Plugins view has been renamed to Installed Apps. Plugin terminologies in Installed Plugins (now Installed Apps) view and dependent views have been changed to App throughout. Plugin references in documentation (excluding old release-notes) have been replaced by App. Plugins navigation menu has been renamed to Apps.

Standardization of max_length on all Charfields (#2906)

Model CharFields' max_length attributes have been standardized globally to have at least 255 characters except where a shorter max_length is explicitly justified.

Full Changelog: https://github.com/nautobot/nautobot/compare/v2.1.9...v2.2.0

Contributors

• @bradh11
• @snaselj
• @edwardtheharris
• @gsnider2195
• @timizuoebideri1
• @abates
• @mzbroch
• @glennmatthews
• @lampwins
• @HanlinMiao
• @whitej6
• @norbert-mieczkowski-codilime
• @gertzakis

What's Changed

Security

• #5450 - Updated django to ~3.2.25 due to CVE-2024-27351.
• #5465 - Added requirement for user authentication to access the endpoint /extras/job-results/<uuid:pk>/log-table/; furthermore it will not allow an authenticated user to view log entries for a JobResult they don't otherwise have permission to view. (GHSA-m732-wvh2-7cq4)
• #5465 - Added narrower permissions enforcement on the endpoints /extras/git-repositories/<str:slug>/sync/ and /extras/git-repositories/<str:slug>/dry-run/; a user who has change permissions for a subset of Git repositories is no longer permitted to sync or dry-run other repositories for which they lack the appropriate permissions. (GHSA-m732-wvh2-7cq4)
• #5465 - Added narrower permissions enforcement on the /api/dcim/connected-device/?peer_device=...&?peer_interface=... REST API endpoint; a user who has view permissions for a subset of interfaces is no longer permitted to query other interfaces for which they lack permissions. (GHSA-m732-wvh2-7cq4)
• #5465 - Added narrower permissions enforcement on all <app>/<model>/<lookup>/notes/ UI endpoints; a user must now have the appropriate extras.view_note permissions to view existing notes. (GHSA-m732-wvh2-7cq4)
• #5465 - Added requirement for user authentication to access the REST API endpoints /api/redoc/, /api/swagger/, /api/swagger.json, and /api/swagger.yaml. (GHSA-m732-wvh2-7cq4)
• #5465 - Added requirement for user authentication to access the /api/graphql REST API endpoint, even when EXEMPT_VIEW_PERMISSIONS is configured. (GHSA-m732-wvh2-7cq4)
• #5465 - Added requirement for user authentication to access the endpoints /dcim/racks/<uuid>/dynamic-groups/, /dcim/devices/<uuid>/dynamic-groups/, /ipam/prefixes/<uuid>/dynamic-groups/, /ipam/ip-addresses/<uuid>/dynamic-groups/, /virtualization/clusters/<uuid>/dynamic-groups/, and /virtualization/virtual-machines/<uuid>/dynamic-groups/, even when EXEMPT_VIEW_PERMISSIONS is configured. (GHSA-m732-wvh2-7cq4)
• #5465 - Added requirement for user authentication to access the endpoint /extras/secrets/provider/<str:provider_slug>/form/. (GHSA-m732-wvh2-7cq4)

Added

• #5465 - Added nautobot.apps.utils.get_url_for_url_pattern and nautobot.apps.utils.get_url_patterns lookup functions.
• #5465 - Added nautobot.apps.views.GenericView base class.

Changed

• #5465 - Added support for view_name and view_description optional parameters when instantiating a nautobot.apps.api.OrderedDefaultRouter. Specifying these parameters is to be preferred over defining a custom APIRootView subclass when defining App API URLs.
• #5465 - Added requirement for user authentication by default on the nautobot.core.api.AuthenticatedAPIRootView class. As a consequence, viewing the browsable REST API root endpoints (e.g. /api/, /api/circuits/, /api/dcim/, etc.) now requires user authentication.
• #5465 - Added requirement for user authentication to access /api/docs/ and /graphql/ even when HIDE_RESTRICTED_UI is False.

Fixed

• #5465 - Fixed a 500 error when accessing any of the /dcim/<port-type>/<uuid>/connect/<termination_b_type>/ view endpoints with an invalid/nonexistent termination_b_type string.

Documentation

• #5465 - Updated example views in the App developer documentation to include ObjectPermissionRequiredMixin or LoginRequiredMixin as appropriate best practices.

Housekeeping

• #5465 - Updated custom views in the example_plugin to use the new GenericView base class as a best practice.

Full Changelog: https://github.com/nautobot/nautobot/compare/v1.6.15...v1.6.16

Contributors

• @HanlinMiao
• @glennmatthews

What's Changed

Security

• #5450 - Updated django to ~3.2.25 due to CVE-2024-27351.
• #5464 - Added requirement for user authentication to access the endpoint /extras/job-results/<uuid:pk>/log-table/; furthermore it will not allow an authenticated user to view log entries for a JobResult they don't otherwise have permission to view. (GHSA-m732-wvh2-7cq4)
• #5464 - Added narrower permissions enforcement on the endpoints /extras/git-repositories/<uuid:pk>/sync/ and /extras/git-repositories/<uuid:pk>/dry-run/; a user who has change permissions for a subset of Git repositories is no longer permitted to sync or dry-run other repositories for which they lack the appropriate permissions. (GHSA-m732-wvh2-7cq4)
• #5464 - Added narrower permissions enforcement on the /api/dcim/connected-device/?peer_device=...&?peer_interface=... REST API endpoint; a user who has view permissions for a subset of interfaces is no longer permitted to query other interfaces for which they lack permissions. (GHSA-m732-wvh2-7cq4)
• #5464 - Added narrower permissions enforcement on all <app>/<model>/<uuid>/notes/ UI endpoints; a user must now have the appropriate extras.view_note permissions to view existing notes. (GHSA-m732-wvh2-7cq4)
• #5464 - Added requirement for user authentication to access the REST API endpoints /api/redoc/, /api/swagger/, /api/swagger.json, and /api/swagger.yaml. (GHSA-m732-wvh2-7cq4)
• #5464 - Added requirement for user authentication to access the /api/graphql REST API endpoint, even when EXEMPT_VIEW_PERMISSIONS is configured. (GHSA-m732-wvh2-7cq4)
• #5464 - Added requirement for user authentication to access the endpoints /dcim/racks/<uuid>/dynamic-groups/, /dcim/devices/<uuid>/dynamic-groups/, /ipam/prefixes/<uuid>/dynamic-groups/, /ipam/ip-addresses/<uuid>/dynamic-groups/, /virtualization/clusters/<uuid>/dynamic-groups/, and /virtualization/virtual-machines/<uuid>/dynamic-groups/, even when EXEMPT_VIEW_PERMISSIONS is configured. (GHSA-m732-wvh2-7cq4)
• #5464 - Added requirement for user authentication to access the endpoint /extras/secrets/provider/<str:provider_slug>/form/. (GHSA-m732-wvh2-7cq4)

Added

• #5464 - Added nautobot.apps.utils.get_url_for_url_pattern and nautobot.apps.utils.get_url_patterns lookup functions.
• #5464 - Added nautobot.apps.views.GenericView base class.

Changed

• #5464 - Added support for view_name and view_description optional parameters when instantiating a nautobot.apps.api.OrderedDefaultRouter. Specifying these parameters is to be preferred over defining a custom APIRootView subclass when defining App API URLs.
• #5464 - Added requirement for user authentication by default on the nautobot.apps.api.APIRootView class. As a consequence, viewing the browsable REST API root endpoints (e.g. /api/, /api/circuits/, /api/dcim/, etc.) now requires user authentication.

Removed

• #5464 - Removed the URL endpoints /api/users/users/my-profile/, /api/users/users/session/, /api/users/tokens/authenticate/, and /api/users/tokens/logout/ as they are unused at this time.

Fixed

• #5413 - Updated Device "LLDP Neighbors" detail panel to handle LLDP neighbors with MAC address as port-id.
• #5423 - Fixed collapsable navbar for GraphiQL page /graphql.
• #5423 - Fixed collapsable navbar for Admin page /admin.
• #5423 - Fixed collapsable navbar for Django Rest Framework (DRF) page /api/.
• #5423 - Improved footer responsiveness for certain media sizes.
• #5464 - Fixed a 500 error when accessing any of the /dcim/<port-type>/<uuid>/connect/<termination_b_type>/ view endpoints with an invalid/nonexistent termination_b_type string.
• #5466 - Remove duplicated location param in vlan table.

Dependencies

• #5296 - Fixed bug in pyproject.toml that added coverage as a nautobot dependency instead of a development dependency.

Documentation

• #5340 - Added installation documentation about recommended health-checks for Docker Compose and Kubernetes.
• #5464 - Updated example views in the App developer documentation to include ObjectPermissionRequiredMixin or LoginRequiredMixin as appropriate best practices.

Housekeeping

• #1746 - Replaced OrderedDict instance in nautobot/core/api/routers.py#21 with with a plain dict instance.
• #1746 - Replaced OrderedDict instance in nautobot/dcim/models/racks.py#275 with a plain dict instance.
• #5435 - Added --pattern argument to invoke unittest.
• #5435 - Added --parallel-workers argument to invoke unittest.
• #5464 - Updated custom views in the example_plugin to use the new GenericView base class as a best practice.

Full Changelog: https://github.com/nautobot/nautobot/compare/v2.1.8...v2.1.9

Contributors

• @HanlinMiao
• @bradh11
• @snaselj
• @edwardtheharris
• @gsnider2195
• @abates
• @mzbroch
• @glennmatthews

What's Changed

Added

• #1 - Added new models for software versions and software image files.
• #1 - Added a many-to-many relationship from Device to SoftwareImageFile.
• #1 - Added a many-to-many relationship from DeviceType to SoftwareImageFile.
• #1 - Added a many-to-many relationship from InventoryItem to SoftwareImageFile.
• #1 - Added a many-to-many relationship from VirtualMachine to SoftwareImageFile.
• #1 - Added a foreign key relationship from Device to SoftwareVersion.
• #1 - Added a foreign key relationship from InventoryItem to SoftwareVersion.
• #1 - Added a foreign key relationship from VirtualMachine to SoftwareVersion.
• #230 - Added Contact and Team Models.
• #1150 - Added environment variable support for most admin-configurable settings (ALLOW_REQUEST_PROFILING, BANNER_TOP, etc.)
• #3111 - Initial work on the controller model.
• #3559 - Added HardwareFamily model class. (Renamed before release to DeviceFamily.)
• #3559 - Added device_family field to Device Type model class.
• #4269 - Added REST API endpoint for VRFDeviceAssignment model.
• #4270 - Added REST API endpoint for VRFPrefixAssignment model.
• #4811 - Enabled sorting on the API endpoints for tree node models.
• #5012 - Added database indexes to the ObjectChange model to improve performance when filtering by user_name, changed_object, or related_object, and also by changed_object in combination with user or user_name.
• #5064 - Added job_import_button template-tag and marked import_button button template-tag as deprecated.
• #5064 - Added nautobot.apps.utils.get_view_for_model utility function.
• #5064 - Added can_add, can_change, can_delete, can_view, and has_serializer filters to the /api/extras/content-types/ REST API.
• #5067 - Added q (SearchFilter) filter to all filtersets where it was missing.
• #5067 - Added two generic test cases for q filter: test_q_filter_exists and test_q_filter_valid.
• #5097 - Added a JSON Schema file for Nautobot settings (nautobot/core/settings.yaml).
• #5097 - Added REST API endpoint to show the JSON Schema for authenticated users.
• #5098 - Added client-side GraphQL, JSON, XML, and YAML syntax highlighting with the highlight.js library.
• #5101 - Added a utility to help when writing migrations that replace database models.
• #5107 - Added hyperlinked_email and hyperlinked_phone_number template tags/filters.
• #5127 - Added bulk-edit and bulk-delete capabilities for Jobs.
• #5129 - Implemented jobs tile view.
• #5188 - Added table of related Device Families to the DeviceType detail view.
• #5278 - Added permission constraint for User Token.
• #5341 - Added /apps/ and /api/apps/ URL groupings, initially containing only the installed-apps/ sub-items.
• #5341 - Added nautobot-apps key to the /api/status/ REST API endpoint.
• #5342 - Added MigrationsBackend to health-check, which will fail if any unapplied database migrations are present.
• #5347 - Added an option to the Job-based CSV import to make atomic transactions optional.
• #5349 - Added REST API for vlan-to-location and prefix-to-location M2M.

Changed

• #2906 - Increased max_length on all CharFields to at least 255 characters except where a shorter max_length is explicitly justified.
• #4334 - Changed Prefix.location to Prefix.locations allowing multiple Locations to be associated with a given Prefix.
• #4334 - Changed VLANGroup default ordering to be sorted by name alone since it is a unique field.
• #4412 - Changed VLAN.location to VLAN.locations allowing multiple Locations to be associated with a given VLAN.
• #4811 - Changed the behavior of tree model tables: now they are sortable, and after sorting is applied, all hierarchy indentations are removed.
• #5064 - Changed CSV import functionality to run as a system Job, avoiding HTTP timeouts when importing large data sets.
• #5064 - Updated JobResult main tab to render any return value from the Job as syntax-highlighted JSON.
• #5126 - Rearranged Job List table row contents.
• #5341 - Renamed Plugins navigation menu to Apps. Apps that add to this menu are encouraged to update their navigation.py to use the new name.
• #5341 - Renamed Installed Plugins view to Installed Apps.
• #5341 - Changed permissions on the Installed Apps views to be visible to all authenticated users, not just staff/superuser accounts.
• #5342 - Changed default Docker HEALTHCHECK to use nautobot-server health_check CLI command.
• #5405 - Changed DeviceType list view "Import" button to include a dropdown to select between JSON/YAML or CSV import formats.
• #5405 - Changed DeviceType list view "Export" button to default to YAML format.
• #5412 - Changed DeviceType YAML/JSON import to now map unrecognized port template type values to "other" instead of failing the import.
• #5414 - Changed ImportObjects.roll_back_if_error form field help text and label.

Deprecated

• #5064 - Deprecated the import_button button template-tag.
• #5116 - Deprecated the nautobot.apps.exceptions.ConfigurationError class as it is no longer used in Nautobot core and is trivially reimplementable by any App if desired.
• #5341 - Deprecated the plugins key under the /api/status/ REST API endpoint. Refer to nautobot-apps instead.

Removed

• #5064 - Removed the requirement for ViewTestCases subclasses to define csv_data for testing bulk-import views, as this functionality is now covered by a generic system Job.
• #5116 - Removed logan-derived application startup logic, simplifying the Nautobot startup code flow.

Fixed

• #4334 - Fixed ordering of VLANs in the UI list view.
• #5064 - Fixed an exception in Job.after_return() if a Job with an optional FileVar was executed without supplying a value for that variable.
• #5116 - Fixed inability to specify a --config PATH value with the nautobot-server runserver command.
• #5186 - Fixed Prefix.ip_version and IPAddress.ip_version fields to be non-nullable.
• #5220 - Fixed contacts field in "Add a new team" form not populating.
• #5241 - Fixed rendering of NavMenuItems that do not define any specific required permissions.
• #5241 - Fixed incorrect construction of NavMenuTab and NavMenuGroup permissions.
• #5241 - Fixed incorrect permissions required for Roles navigation menu item.
• #5298 - Fixed a ValidationError that was being thrown when a user logged out.
• #5298 - Fixed a case where viewing a completed JobResult that was missing a date_done value would cause the JobResult view to repeatedly refresh.

Dependencies

• #5248 - Broadened Markdown dependency to permit versions up to 3.5.x.

Documentation

• #5179 - Updated all documentation referencing the example_plugin to refer to the (renamed) example_app.
• #5179 - Replaced some "plugin" references in the documentation with "App" or "Nautobot App" as appropriate.
• #5248 - Removed source code excerpts from the "App Developer Guide > Code Reference" section of the documentation.
• #5341 - Replaced references to "plugins" in the documentation with "Apps".

Housekeeping

• #5099 - Added mkdocs-macros-plugin as a development/documentation-rendering dependency.
• #5099 - Refactored documentation in optional-settings and required-settings to be generated automatically from settings.yaml schema.
• #5099 - Replaced nautobot/core/settings.json with nautobot/core/settings.yaml for improved readability and maintainability.
• #5105 - Added Bulk Edit functionality for ContactAssociation.
• #5105 - Added Bulk Edit buttons for associated contact tables in the contacts tabs of object detail views.
• #5145 - Added data migration to populate default statuses and default roles for the ContactAssociation model.
• #5179 - Renamed example_plugin to example_app.
• #5179 - Renamed example_plugin_with_view_override to example_app_with_view_override.
• #5179 - Replaced all "plugin" terminology within the examples directory with "App", except in cases where the terminology is embedded in core code (settings.PLUGINS, plugins: and plugins-api named URLs, etc.)
• #5179 - Replaced some "plugin" terminology in docstrings, comments, and test code with "app" as appropriate.
• #5187 - Removed "Add Contact" button from the standard buttons in the detail views.
• #5187 - Renamed "Assign Contact/Team" UI buttons text from "Create", "Create and Add Another" to "Assign" and "Assign and Add Another".
• #5187 - Split out Contact/Team icons into a separate column and renamed the columns to "Type" and "Name" on AssociatedContactsTable.
• #5207 - Made role attribute required on ContactAssociation Model.
• #5213 - Made the default action when assigning a contact/team to an object to be the assignment of an existing contact/team.
• #5214 - Fixed the bug causing Contact Tab disappear when the user navigates to the Notes and Changelog Tabs.
• #5221 - Fixed the return URL from adding/assigning a contact/team from ObjectDetailView to redirect to the contacts tab instead of the main tab.
• #5248 - Updated development dependencies including coverage, django-debug-toolbar, factory-boy, mkdocs-material, mkdocstrings, mkdocstrings-python, pylint, rich, ruff, selenium, splinter, towncrier, watchdog, and yamllint to their latest available versions.
• #5272 - Fixed incorrectly set return urls on the edit and delete buttons of job tile view.
• #5352 - Renamed HardwareFamily to DeviceFamily.

Contributors

• @glennmatthews
• @timizuoebideri1
• @gsnider2195
• @HanlinMiao
• @norbert-mieczkowski-codilime
• @gertzakis
• @whitej6

Full Changelog: https://github.com/nautobot/nautobot/compare/v2.1.8...v2.2.0-beta.1

What's Changed

Added

• #1102 - Added CELERY_BEAT_HEARTBEAT_FILE settings variable.
• #5228 - Added the option to configure and enforce validation_minimum and validation_maximum as length constraints on a Custom Field of type Text, URL, JSON, Markdown, Selection, or Multiple Selection.
• #5228 - Added the option to configure and enforce validation_regex as a constraint on valid choice definitions for a Custom Field of type Selection or Multiple Selection.
• #5400 - Added power-port/power-outlet types IEC 60906-1, 2P+T 10A (NBR 14136), and 2P+T 20A (NBR 14136).
• #5401 - Added front/rear port types LX.5, LX.5/PC, LX.5/UPC, and LX.5/APC.
• #5402 - Added interface types CXP (100GE), DSFP (100GE), SFP-DD (100GE), QSFP-DD (100GE), QSFP-DD (200GE), CFP2 (400GE), OSFP-RHS (400GE), CDFP (400GE), CPF8 (400GE), SFP+ (32GFC), SFP-DD (64GFC), and SFP+ (64GFC).
• #5424 - Added TemplateExtension.list_buttons() API, allowing apps to register button content to be injected into object list views.

Changed

• #5403 - Changed uses of functools.lru_cache to use django-redis cache instead.
• #5403 - Standardized cache key strings used with the django-redis cache.

Removed

• #5228 - Removed the hard-coded 255-character limit on custom fields of type Text.

Fixed

• #5247 - Fixed Job buttons do not respect the task_queues of the job class.
• #5380 - Fixed incorrect permission for "Add Tenant" button in the navigation menu.
• #5380 - Added missing extras.view_scheduledjob permission to the "Job Approval Queue" navigation menu item.
• #5395 - Fixed incorrect permission for "Roles" link in the navigation menu.
• #5403 - Fixed an issue with stale CustomField, ComputedField, Relationship, and TreeModel caches that caused incorrect data at times.

Documentation

• #5437 - Added release-note for version 1.6.15.
• #5421 - Added release-notes for versions 1.6.11 through 1.6.14.

Housekeeping

• #1102 - Added health check for Celery Beat based on it touching a file (by default /tmp/nautobot_celery_beat_heartbeat) each time its scheduler wakes up.
• #3213 - Removed redundant filter tests for related boolean filters.
• #5434 - Fixed health check for beat container in docker-compose.yml under docker-compose v1.x.

Contributors

• @gsnider2195
• @glennmatthews
• @HanlinMiao
• @whitej6
• @lampwins
• @Kircheneer

Full Changelog: https://github.com/nautobot/nautobot/compare/v2.1.7...v2.1.8

What's Changed

Added

• #1102 - Added CELERY_BEAT_HEARTBEAT_FILE settings variable.
• #5424 - Added TemplateExtension.list_buttons() API, allowing apps to register button content to be injected into object list views.

Fixed

• #5247 - Fixed Job buttons do not respect the task_queues of the job class.
• #5354 - Fixed Configuration Context not applied based on nested Tenant Groups.

Housekeeping

• #1102 - Added health check for Celery Beat based on it touching a file (by default /tmp/nautobot_celery_beat_heartbeat) each time its scheduler wakes up.
• #5434 - Fixed health check for beat container in docker-compose.yml under docker-compose v1.x.

Contributors

• @HanlinMiao
• @lampwins
• @glennmatthews

Full Changelog: https://github.com/nautobot/nautobot/compare/v1.6.14...v1.6.15

What's Changed

Fixed

• #5387 - Fixed an error in the Dockerfile that resulted in pyuwsgi being installed without SSL support.

Contributors

• @glennmatthews

Full Changelog: https://github.com/nautobot/nautobot/compare/v1.6.13...v1.6.14

What's Changed

Fixed

• #5387 - Fixed an error in the Dockerfile that resulted in pyuwsgi being installed without SSL support.

Contributors

• @glennmatthews

Full Changelog: https://github.com/nautobot/nautobot/compare/v2.1.6...v2.1.7

What's Changed

Added

• #4247 - Added a check to the nautobot-server pre_migrate command to identify Interfaces and VMInterfaces with multiple VRFs through IPAddress relationships.

Fixed

• #5307 - Fixed Custom Field form field(s) missing from git repository edit form.
• #5336 - Fixed 'docker-compose: command not found' error when running invoke commands.
• #5345 - Fixed intermittent 405 errors when using the Docker image with SAML authentication.

Documentation

• #5345 - Added a note to the Nautobot installation documentation about the need to do pip3 install --no-binary=pyuwsgi in order to have SSL support in pyuwsgi.
• #5345 - Added a note to the SSO documentation about the need to do pip3 install --no-binary=lxml to avoid incompatibilities between lxml and xmlsec packages.

Contributors

• @gsnider2195
• @glennmatthews
• @HanlinMiao

Full Changelog: https://github.com/nautobot/nautobot/compare/v1.6.12...v1.6.13

What's Changed

Security

• #5319 - Updated cryptography to 42.0.4 due to CVE-2024-26130. This is not a direct dependency so will not auto-update when upgrading. Please be sure to upgrade your local environment.

Added

• #5172 - Added Collapse Capable Side Navbar: Side Navbar is now able to be expanded and collapsed
• #5172 - Added Expandable Main Content: The Main Content part of the UI grows as the Side Navbar collapses and shrinks as the Side Navbar expands.
• #5172 - Added Better mobile friendly bottom navbar: This update will switch to vertically aligned bottom nav menu items once a certain media query is hit, making for a better mobile experience.
• #5172 - Added automatic Side Navbar collapse for mobile devices. This is based on media query and will trigger at specific width.
• #5329 - Added caching of ChangeLoggedModelsQuery().as_queryset() to improve performance when saving many objects in a change-logged context.
• #5361 - Added nautobot.core.testing.forms.FormTestCases base class and added it to nautobot.apps.testing as well.

Changed

• #5082 - Adjusted Edit / Create panels to occupy more page width on medium and large screens.

Fixed

• #4106 - Fixed inefficient query in VirtualMachine create form.
• #5172 - Fixed Brand Icon mouseover Background: Fix for mouseover effect on the Brand / Icon (was flashing white background vs being transparent) when in dark mode.
• #5307 - Fixed Custom Field form field(s) missing from git repository edit form.
• #5309 - Fixed Tenant UI detail view breadcrumb with invalid TenantGroup filter link.
• #5309 - Fixed TenantGroup UI detail view with invalid "add tenant" button invalid query_params link.
• #5309 - Fixed DeviceForm invalid cluster field query_params.
• #5309 - Fixed PrefixForm invalid vlan and vlan_group fields query_params.
• #5311 - Fixed dependencies in various migration files.
• #5332 - Fixed Docker image missing OS-level dependencies for SSO (SAML) support.
• #5334 - Fixed migration from 1.x failing when specific duplicate prefixes are present.
• #5343 - Fixed incorrect reference for device.device_role on the Rack detail view for non-racked device objects.
• #5345 - Fixed intermittent 405 errors when using the Docker image with SAML authentication.
• #5346 - Fixed device LLDP view to work when interface names include a space.
• #5365 - Fixed invalidate_max_depth_cache itself calculating max_depth on querysets without tree fields.

Documentation

• #4419 - Added documentation on nautobot.apps import locations.
• #4419 - Added documentation about the supported public interfaces.
• #4419 - Removed some incorrect content from the documentation about nav menu changes that were reverted during 2.0 development.
• #4511 - Added documentation on how to correctly implement NautobotUIViewSet with custom views.
• #5284 - Added a quick overview of the most used models.
• #5311 - Added documentation on writing custom migrations.
• #5326 - Fixed simple typo in creating-location-types-and-locations.md.
• #5330 - Updated SSO documentation to include a view for presenting SAML metadata.
• #5345 - Added a note to the Nautobot installation documentation about the need to do pip3 install --no-binary=pyuwsgi in order to have SSL support in pyuwsgi.
• #5345 - Added a note to the SSO documentation about the need to do pip3 install --no-binary=lxml to avoid incompatibilities between lxml and xmlsec packages.

Contributors

• @HanlinMiao
• @timizuoebideri1
• @gsnider2195
• @itdependsnetworks
• @edwardtheharris
• @dependabot
• @whitej6
• @glennmatthews
• @bradh11
• @abates
• @Kircheneer
• @mathiaswegner

New Contributors

• @edwardtheharris made their first contribution in https://github.com/nautobot/nautobot/pull/5327
• @mathiaswegner made their first contribution in https://github.com/nautobot/nautobot/pull/5331

Full Changelog: https://github.com/nautobot/nautobot/compare/v2.1.5...v2.1.6

What's Changed

Security

• #5303 - Updated cryptography to 42.0.2 due to CVE-2024-0727. This is not a direct dependency so will not auto-update when upgrading. Please be sure to upgrade your local environment.

Added

• #5171 - Added latest and latest-py<version> tags to the nautobot Docker images published for the latest stable release of Nautobot.
• #5210 - Added METRICS_AUTHENTICATED setting to control authentication for the HTTP endpoint /metrics.
• #5243 - Added support for setting display_field on DynamicModelChoiceField to nested values in suggested choices list.

Changed

• #5171 - Changed the tagging of nautobot-dev Docker images to reserve the latest and latest-py<version> tags for the latest stable release of Nautobot, rather than the latest build from the develop branch.
• #5254 - Changed TreeQuerySet.ancestors implementation to a more efficient approach for shallow trees.
• #5254 - Changed the location detail view not to annotate tree fields on its queries.
• #5267 - Updated navbar user dropdown with chevron.

Fixed

• #5058 - Changed more filter parameters from location_id to location in virtualization/forms.py.
• #5121 - Fixed an issue where deleting a git repository resulted in a job result stuck in running state.
• #5186 - Fixed a case where an IPAddress created with a host and mask_length would default to a null ip_version.
• #5267 - Fixed hover coloring after closing/reopening navbar dropdown.
• #5267 - Fixed button spacing when there are multiple buttons in navbar.
• #5283 - Fixed inconsistent ordering of IP addresses in various tables.

Documentation

• #3349 - Added annotations to document the importance of keeping the TIME_ZONE setting consistent on Nautobot web servers and Celery Beat servers.
• #5297 - Updated the low level application stack diagram to orient user traffic coming from the top.

Housekeeping

• #5267 - Reorganized navbar css rules in base.css.

Contributors

• @gsnider2195
• @timizuoebideri1
• @glennmatthews
• @nlgotz
• @gsnider2195
• @skrobul
• @Kircheneer
• @DistantVoyager
• @tlourey
• @itdependsnetworks
• @HanlinMiao

New Contributors

• @skrobul made their first contribution in https://github.com/nautobot/nautobot/pull/5244

Full Changelog: https://github.com/nautobot/nautobot/compare/v2.1.4...v2.1.5

What's Changed

Added

• #5104 - Added User Token as permission constraints.

Security

• #5251 - Updated Django dependency to 3.2.24 due to CVE-2024-24680.

Changed

• #5254 - Changed TreeQuerySet.ancestors implementation to a more efficient approach for shallow trees.
• #5254 - Changed the location detail view not to annotate tree fields on its queries.

Fixed

• #5253 - Fixed issue with Job Button Groups displaying when Conditional Rendering should remove the button.
• #5261 - Fixed a regression introduced in v1.6.8 where Job Buttons would always run with commit=False.

Contributors

• @glennmatthews
• @smk4664
• @Kircheneer
• @gertzakis
• @HanlinMiao

Full Changelog: https://github.com/nautobot/nautobot/compare/v1.6.11...v1.6.12

What's Changed

Security

• #5251 - Updated Django dependency to 3.2.24 due to CVE-2024-24680.

Fixed

• #5254 - Fixed TypeError and similar exceptions thrown when rendering certain App data tables in v2.1.3.

Documentation

• #4778 - Added troubleshooting documentation for PostgreSQL databases with unsupported encoding settings.

Housekeeping

• #5240 - Changed test config to use constance.backends.memory.MemoryBackend to avoid intermittent failures in parallel tests.

Contributors

• @glennmatthews
• @gsnider2195

Full Changelog: https://github.com/nautobot/nautobot/compare/v2.1.3...v2.1.4

What's Changed

Security

• #5151 - Updated pillow dependency to 10.2.0 due to CVE-2023-50447.

Added

• #4981 - Add serial types to InterfaceTypeChoices.
• #5012 - Added database indexes to the ObjectChange model to improve performance when filtering by user_name, changed_object, or related_object, and also by changed_object in combination with user or user_name.
• #5169 - Added support for user session profiling via django-silk.
• #5178 - Added Navbar dropdown arrow rotation on open/close.
• #5178 - Added behavior of resetting navbar state when the "home" link is clicked.

Changed

• #5149 - Updated the Job List to show Job Hook Receiver and Job Button Receiver Jobs, which were previously being hidden from view.
• #5178 - Changed navbar dropdown link behavior to turn orange when active/clicked; state is saved.
• #5178 - Changed navbar dropdown link hover style.
• #5178 - Changed navbar state save to use session storage.
• #5178 - Changed navbar dropdown to use chevron icon instead of carets.
• #5178 - Aligned navbar dropdown icons to the right.

Removed

• #5178 - Removed unneeded tooltip of dropdown title.
• #5178 - Removed navbar dropdown links underlining.

Fixed

• #3664 - Fixed AssertionError when querying Date type custom fields in GraphQL.
• #4898 - Improved automatic query optimization when rendering object list views.
• #4898 - Optimized database queries to improve performance of /api/ipam/prefixes/ and /api/ipam/vrfs/ REST API endpoints.
• #5067 - Fixed missing search filter on ExternalIntegration.
• #5146 - Changed nav menu items to collapse in a smooth animated way, rather than jumping 100% open immediately and covering menu items below. Previously opened menu items now collapse smoothly as well.
• #5146 - Changed nav menu so that menu expansion now pushes other menus below it downward rather than covering them (z axis).
• #5146 - Changed nav menu headers to not lose their color after a link was clicked.
• #5146 - Added nav menu state (expanded or closed) and scroll position to local storage, allowing it to be maintained on page refresh, link clicked, or page reload.
• #5174 - Added missing postgresql public schema permission grant command.
• #5178 - Fixed navbar dropdown links alignment and spacing.
• #5198 - Fixed error in device and rack dropdowns when attempting to add an Interface to an InterfaceRedundancyGroup.

Dependencies

• #4821 - Updated MarkupSafe dependency to 2.1.5.
• #4821 - Updated mysqlclient dependency to 2.2.3.
• #4821 - Updated python-slugify dependency to 8.0.3.
• #4821 - Updated pyuwsgi dependency to 2.0.23.

Housekeeping

• #4821 - Updated mkdocs-section-index documentation dependency to 0.3.8.
• #4821 - Updated ruff development dependency to 0.1.15.
• #5130 - Added experimental --parallel option to invoke unittest.
• #5163 - Added --parallel flag to invoke unittest in CI.
• #5163 - Fixed code coverage calculation when running invoke unittest --parallel.
• #5163 - Changed invoke unittest and invoke integration-test to automatically report code coverage on successful completion.
• #5163 - Changed test code coverage analysis to exclude the test code itself from the analysis.
• #5206 - Added q filter test for ExternalIntegration.

Contributors

• @glennmatthews
• @dependabot
• @nicholaskuechler
• @bradh11
• @gsnider2195
• @whitej6
• @HanlinMiao
• @Torstein-Eide
• @lampwins
• @renovate
• @MittWillson
• @DistantVoyager

New Contributors

• @nicholaskuechler made their first contribution in https://github.com/nautobot/nautobot/pull/5150
• @bradh11 made their first contribution in https://github.com/nautobot/nautobot/pull/5146
• @Torstein-Eide made their first contribution in https://github.com/nautobot/nautobot/pull/4981
• @MittWillson made their first contribution in https://github.com/nautobot/nautobot/pull/5175

Full Changelog: https://github.com/nautobot/nautobot/compare/v2.1.2...v2.1.3

What's Changed

Security

• #5151 - Updated pillow dependency to 10.2.0 due to CVE-2023-50447.

Added

• #5169 - Added support for user session profiling via django-silk.

Fixed

• #3664 - Fixed AssertionError when querying Date type custom fields in GraphQL.
• #5162 - Fixed incorrect rack group variable in device template.

Contributors

• @glennmatthews
• @qduk
• @lampwins
• @HanlinMiao

Full Changelog: https://github.com/nautobot/nautobot/compare/v1.6.10...v1.6.11

What's Changed

Security

• #5054 - Added validation of redirect URLs to the "Add a new IP Address" and "Assign an IP Address" views.
• #5109 - Removed /files/get/ URL endpoint (for viewing FileAttachment files in the browser), as it was unused and could potentially pose security issues.
• #5133 - Fixed an XSS vulnerability (GHSA-v4xv-795h-rv4h) in the render_markdown() utility function used to render comments, notes, job log entries, etc.

Added

• #3877 - Added global filtering to Job Result log table, enabling search across all pages.
• #5102 - Enhanced the sanitize function to also handle sanitization of lists and tuples of strings.
• #5133 - Enhanced Markdown-supporting fields (comments, description, Notes, Job log entries, etc.) to also permit the use of a limited subset of "safe" HTML tags and attributes.

Changed

• #5102 - Changed the nautobot-server runjob management command to check whether the requested user has permission to run the requested job.
• #5102 - Changed the nautobot-server runjob management command to check whether the requested job is installed and enabled.
• #5102 - Changed the nautobot-server runjob management command to check whether a Celery worker is running when invoked without the --local flag.
• #5131 - Improved the performance of the /api/dcim/locations/ REST API.

Removed

• #5078 - Removed nautobot-server startplugin management command.

Fixed

• #4075 - Fixed sorting of Device Bays list view by installed device status.
• #4444 - Fixed Sync Git Repository requires non-matching permissions for UI vs API.
• #4998 - Fixed inability to import CSVs where later rows include references to records defined by earlier rows.
• #5024 - Improved performance of the Job Result list view by optimizing the way JobLogEntry records are queried.
• #5024 - Improved performance of the Device list view by including the manufacturer name in the table queryset.
• #5024 - Improved performance of most ObjectListViews by optimizing how Custom fields, Computed fields, and Relationships are queried.
• #5024 - Fixed a bug that caused IPAddress objects to query their parent Prefix and Namespace every time they were instantiated.
• #5024 - Improved performance of the IPAddress list view by including the namespace in the table queryset.
• #5024 - Updated bulk-edit and bulk-delete views to auto-hide any "actions" column in the table of objects being edited or deleted.
• #5031 - Updated the default sanitizer pattern to include secret(s) and to be flexible with python dictionaries.
• #5043 - Fixed early return conditional in ensure_git_repository.
• #5045 - Adjusted Bootstrap grid breakpoints to account for the space occupied by the sidebar, fixing various page rendering.
• #5054 - Fixed missing search logic on the "Assign an IP Address" view.
• #5058 - Changed filter query parameters from location_id to location in virtualization/forms.py.
• #5081 - Fixed core.tables.BaseTable to terminate dynamic queryset's building of pre-fetched fields upon first non-RelatedField of a column.
• #5095 - Fixed a couple of potential KeyError when refreshing Git repository Jobs.
• #5095 - Fixed color highlighting of error and critical log entries when viewing a Job Result.
• #5102 - Fixed missing log messages when errors occur during Job.__call__() initial setup.
• #5102 - Fixed misleading "Job completed" message from being logged when a Job aborted.
• #5102 - Fixed an error in nautobot-server runjob if a job returned data other than a dict.
• #5102 - Fixed misleading "SUCCESS" message when nautobot-server runjob resulted in any JobResult status other than "FAILED".
• #5102 - Fixed incorrect JobResult data when using nautobot-server runjob --local or JobResult.execute_job().
• #5111 - Fixed rack group and rack filtering by the location selected in the device bulk edit form.

Dependencies

• #5083 - Updated GitPython to version 3.1.41 to address Windows security vulnerability GHSA-2mqj-m65w-jghx.
• #5086 - Updated Jinja2 to version 3.1.3 to address to address XSS security vulnerability GHSA-h5c8-rqwp-cp95.
• #5133 - Added nh3 HTML sanitization library as a dependency.

Documentation

• #5078 - Added a link to the cookiecutter-nautobot-app project in the App developer documentation.

Housekeeping

• #4906 - Added automatic superuser creation environment variables to docker development environment.
• #4906 - Updated VS Code Dev Containers configuration and documentation.
• #5076 - Updated packaging dependency to permit newer versions since it follows CalVer rather than SemVer.
• #5079 - Increased overly-brief start_period for development nautobot container to allow sufficient time for initial migrations to run.
• #5079 - Fixed bug with invoke cli and invoke nbshell.
• #5118 - Updated PR template to encourage inclusion of screenshots.

Contributors

• @Kircheneer
• @glennmatthews
• @gsnider2195
• @erjac77
• @housepbass
• @bryanculver
• @dependabot
• @lampwins
• @timizuoebideri1
• @jvanderaa
• @gertzakis
• @jeffkala
• @jmcgill298
• @HanlinMiao
• @joewesch
• @tlourey

New Contributors

• @housepbass made their first contribution in https://github.com/nautobot/nautobot/pull/5077
• @tlourey made their first contribution in https://github.com/nautobot/nautobot/pull/5124

Full Changelog: https://github.com/nautobot/nautobot/compare/v2.1.1...v2.1.2