All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
This changelog format was introduced in NAV 5.4.0. Older changelogs can be found in the HISTORY file.
This project uses towncrier and the changes for the upcoming release can be found in https://github.com/Uninett/nav/tree/master/changelog.d/.
- Removed dependencies django-crispy-forms and crispy-forms-foundation (#2794)
- Active maintenance tasks that only reference deleted components will be automatically cancelled (#3229)
- Alert profiles filter match value dropdowns now support interactive value searches (#3238)
- Added support for setting access port VLANs for Cisco Small Business switches in PortAdmin (by reverting to non-Cisco-specific handler routines for this subgroup of products) (#3249)
- Switched to building CSS from Sass using webpack instead of deprecated
libsass
. (#2849) - Run tests using tox version 4 (#2973)
- The ipdevpoll plugin to fetch ARP cache data from a netbox's Palo Alto firewall API is now configured through a new management profile type assigned to that netbox (#3147)
- The old-style
setup.py
script was removed and installation docs were updated (#3176) - Ensure that CSRF token info is included in all forms that have been
refactored to remove the
django-crispy-forms
dependency (#3157)
- Alert profiles filter match value dropdowns now support more than the old hard limit of 1000 choices (#2908)
- Disable deletion of the default dashboard (#3150)
- Rooms and locations with periods in their IDs can now be properly retrieved from the corresponding API endpoints (#3186)
- Fix spurious crashing when loading some Netmap layer 3 views (#3225)
- Improve description of deleted maintenance components (#3228)
- Stop SNMP-based
arp
plugin from stepping on thepaloaltoarp
plugins toes. Note that this requires updating the plugin order in theip2mac
job inipdevpoll.conf
(#3252) - Ensure that each account has exactly one default dashboard
- Dropped support for Python 3.7 (#2790)
- Post lifecycle event when power supplies or fans are removed (#2982)
- Post lifecycle event when a module or chassis is deleted via the status or device history tools (#2983)
- Database model for representing Organizationally Unique Identifiers (OUI) to identify vendors for MAC addresses
- Script for populating database with OUIs and corresponding vendors from IEEE (#2945)
- Module for generating JWTs (#2948)
- Documentation for configuring and using JWT tokens in NAV API (#2618)
- Upgraded dependencies after dropping support for Python 3.7 (#2790)
- Changed Sphinx version to 7.4.7 (#2826)
- Changed required PostgreSQL version to 13 (#2892)
- Moved the test suite's web crawler complexity away from the test discovery
phase to the test phase itself. This reduces the number of generated test
cases from
N
to 2 (whereN
is the number of reachable NAV pages) (#2966) - Link to the doc for using docker for development from the README and mention what ports are used when using docker for development (#2978)
- Many user-facing forms of the web user interface have been refactored in order to remove a dependency that keeps NAV incompatible with Python 3.11. This should not affect looks or functionality. This work is still ongoing in the master branch and we hope it will be complete by NAV version 5.12.
- Correctly delete an IP Device's existing
function
value when empty field value is submitted in the IP Device IP Device edit form (#2269) - Fixed crash bug when reordering filters within a filter group in Alert Profiles (#2979)
- Fixed IPAM API crash bug that caused unnecessary error reports sent as e-mail to site admins (#2989)
- Fixed bad tooltip grammar in ipdevinfo "degraded aggregate link" badge
- Make the test suite easier to run under MacOS
- Skip tests when 3rd party requirements are missing, instead of outright failing
- Ensure that CSRF token info is preserved when refactoring crispy forms to
non-crispy equivalents. This means that
flat_form.html
and_form_content.html
templates will include CSRF token info if form method is set toPOST
. (#3056)
snmptrapd
renamed tonavtrapd
to avoid naming conflicts with Net-SNMP programs (#2926)
- Replace incorrect fix for premature ARP record closure introduced in 5.10.1 (#2910)
- Fix Machine Tracker DNS search crashing from exhausting all available file descriptors (#2669)
- ARP records of unreachable devices are now closed by
navclean
cron job at configurable expiry intervals, rather than immediately as a response to a short ICMP packet loss (#2913) - Palo Alto API XML responses are now parsed based on keys instead of indexes (#2924)
- Removed references to IRC support channel from documentation, as the channel is closing down (#2907)
- Support for Python versions older than 3.9 will be dropped in NAV 5.11.
- New ipdevpoll plugin to fetch ARP cache data from Palo Alto firewall APIs (#2613)
- Introduced
towncrier
to aid in collaborative NAV changelog authoring (#2869) - Add library utilities to produce QR codes to arbitrary URLs, for use in upcoming features (#2887)
- Added towncrier to automatically produce changelog
- Change the Docker Compose-based development environment to use more build caching and avoid running too many things as root (#2859)
- Changed required PostgreSQL version to 11
- Avoid running command line scripts twice on every invocation (#2877, #2878)
- Fixed
full-nav-restore.sh
developer helper script that broke after Docker Compose development was reorganized (#2888) - Fix missing delete icon in form selector labels (#2898)
- Added option to enable secure cookies in new web security section of
webfront.conf
(#2194, #2815) - Made
mod_auth_mellon
(SAML) work for logins (#2740)- Also added howto for setting up
mod_auth_mellon
for Feide authentication.
- Also added howto for setting up
- Cycle session IDs on login/logout to protect against potential session fixation attacks (#2804, #2813, #2836, #2835)
- Flush sessions on logout (#2828)
- Prevent clickjacking attacks on NAV by disallowing putting NAV site in document frames (#2816, #2817)
- Cleaned up overview/intro docs (#2827)
- Various cleanups of the test suites:
- Removed nonsensical pydantic requirement (#2867)
- Removed warnings when building docs (#2856)
- Modernize installation of NAV scripts/binaries using
pyproject.toml
(#2676, #2679) - Changed the documentation theme from "Bootstrap" to "Read The Docs", as the Bootstrap theme was no longer being maintained. This also avoids unnecessary JavaScript libraries in the docs (#2805, #2825, #2824, #2834, #2837, #2833, #2853, #2868)
- Various changes needed to move NAV closer to being fully compatible with Python 3.11:
- Replaced all uses of
pkg_resources
withimportlib
(#2791, #2798, #2799) - Upgraded Twisted to a version that supports Python 3.11 (#2792, #2796)
- Upgraded psycopg to 2.9.9 (#2793, #2795)
- Dropped code that was there to support Django's older than 3.2 (#2823)
- Upgraded
python-ldap
from 3.4.0->3.4.4 (#2830) - Enabled running test suite on Python 3.10 by default (#2838)
- Stopped running test suite on Python 3.8 by default (#2851)
- Fixed invalid/deprecated backslash escapes in MIB dump files, as warned about in newer Python versions (#2846, #2848)
- Fixed deprecation warning for Django 4.0 in test suite (#2844)
- Removed an adaption to Pythons older than 3.7 (#2840)
- Install Node/NPM in docker dev environment (#2855)
- Vendor the PickleSerializer (#2866)
- Replaced all uses of
- Allow admins to configure ports with invalid or unset native VLANs in PortAdmin (#2477, #2786)
- Fix bug that caused PoE config to be completely disabled for Cisco devices where at least one port did not support PoE (#2781)
- Fix PortAdmin save button moving around for ports without PoE support (#2782)
- Fix PortAdmin bug that prevented switching PoE state back and forth without reloading entire page (#2785)
- Fix regression that caused maintenance tasks to be un-editable (#2783, #2784)
- Fix broken "operate as user" function in User and API Administration tool (#2766, #2777)
- Fix crashing PDU widget (#2776)
- Fix bug that caused PortAdmin to stop working for Cisco switches (#2773, #2774)
- Constrain version of 3rd party module
ciscoconfparse
, in order to avoid NAV not working under Python 3.7 (#2770, #2771) - Fix ipdevpoll crash error from using SNMP v2c profile example that came with NAV (#2767, #2768)
- Gracefully handle encoding errors in invalid sysname/IP input in SeedDB IP Device form (#2764)
- Gracefully handle errors from invalid profiles list input in SeedDB IP Device form (#2765)
- Initial SNMPv3 support added to most parts of NAV
- Add an SNMPv3 management profile type (#2693, #2699)
- Add SNMPv3 session support to the synchronous SNMP libraries used by most parts of NAV except ipdevpoll (#2700, #2710)
- Add SNMPv3 reachability tests in SeedDB IP Device registration forms (#2704, #2734, #2727, #2730)
- Add SNMPv3 support to Portadmin (#2712, #2731)
- Add SNMPv3 support to
navsnmp
command line program (#2724, #2725) - Add SNMPv3 support to Arnold (#2726, #2733)
- Add SNMPv3 session support to ipdevpoll's asynchronous SNMP libraries (#2736, #2743)
- Add SNMPv3 support to
navoidverify
andnaventity
command line programs (#2747, #2748)
- Power-over-Ethernet configuration support for Cisco and Juniper equipment in PortAdmin (#2632, #2633, #2666, #2635, #2759)
- Extract VLAN association from router port names on Checkpoint firewalls (#2684, #2701)
- Add link to our GitHub discussion forums in "Getting help" documentation (#2746)
- Add subcommand to
navuser
command line program for deleting users (#2705) - Add toggle in
webfront.conf
for automatic creation of remote users (#2698, #2707) - Add proper documentation index page for all howto guides (#2716)
- Add description to threshold alarms (#2691, #2709)
- Add tests for overview of alert profiles page (#2741)
- Add make rule for cleaning
doc
directory (#2717) - Add an snmpd service container for SNMPv3 comms testing (#2697)
- Improve validation of maintenance form input in order to avoid unintentional crash reports (#2757)
- Handle invalid alert profile ID form input without crashing (#2756)
- Prevent crash errors in esoteric situations where multiple dashboards have been erroneously marked as a user's default dashboard (#2680)
- Fix broken
navoidverify
command on Linux (#2737) - Several regressions related to input validation in Alert Profiles were fixed:
- Fix regression that prevented filter groups from being deleted from an alert profile (#2729)
- Fix regression that prevented activation/deactivation of alert profiles (#2732)
- Fix form validation with "equal" and "in" operators for adding expression with group to filter (#2750)
- Add more expression operator tests for alert profiles and fix cleaning in
ExpressionForm
(#2752)
- Restructure alert profile tests (#2739)
- Allow write-enabled SNMP profiles to be used for reading when device has no read-only SNMP profiles (#2735, #2751)
- Improved howto guide for setting up remote user authentication using
mod_auth_oidc
(#2708)
- Refactored web authentication code in preparation for future changes to authentication flow (#2706)
- Remove remaining uses of
Netbox.snmp_version
(#2522) - Remove unused function
snmp_parameter_factory
(#2753) - Remove deprecated Netbox SNMP properties (#2754, #2761)
- Even more complex and flexible configuration of NAV logging is now supported through
logging.yml
(#2659) - Added howto guide for log configuration (#2660)
- Currently non-functional (aka. "blacklisted") alert sender mechanisms are now flagged in the Alert Profiles tool wherever an affected alert address is displayed (#2653, #2664, #2677, #2678)
- Added support for polling and alerting on Juniper chassis and system alerts (#2358, #2388)
- Added a new
contains_address
filter to theprefix
API endpoint, to enable lookup of matching prefix/vlan details from a single IP or subnet address (#2577, #2578) - Defined and added abstract methods for Power-over-Ethernet configuration to PortAdmin management handler classes (#2636)
- These are needed for the upcoming vendor specific implementations of PoE config in PortAdmin.
- Implemented configuration file parsing for upcoming local JWT token feature (#2568)
- Properly dispose of outgoing alert notifications to invalid alert addresses (#2661)
- Fixed crash when attempting to log device errors with an empty comment in the Device History tool (#2579, #2580)
- Fixed bad styling and missing linebreaks in traceback section of the 500 error page (#2607, #2628)
- Show help text instead of error when running
nav
command without arguments (#2601, #2603) - Prevent users from entering invalid
sysObjectID
values when editing Netbox types in SeedDB (#2584, #2566) - Removed upper version bound for Pillow image manipulation library, to fix security warnings (#2567)
- Alerts that cannot be sent due to blacklisted media plugins will no longer fill up
alertengine.log
every 30 seconds, unless DEBUG level logging is enabled (#1787, #2652) - DNS lookups in ipdevinfo are now properly case insensitive (#2615, #2650)
- Alert Profiles will now properly require Slack alert addresses to be valid URLs (#2657)
- 5 minute and 15 minute load average values will now be collected correctly for Juniper devices (#2671, #2672)
- Fix cabling API, which broke due to internal refactorings (#2621)
- Only install NAV's custom
epollreactor2
in ipdevpoll if running on Linux (#2503, #2604)- Stops ipdevpoll from crashing on BSDs.
- Moved more of NAV's packaging definition to
pyproject.toml
(#2655) - Pin pip to version 23.1.0 for CI pipelines to continue working (#2647)
- Improve ipdevpoll logging of SQL queries and from Twisted library (#2640)
- Stop making skipped validation tests for non HTML content (#2623)
- Version-locked indirect dependencies of test suites (#2622, #2617)
- Improve SNMP forwarding/proxying container setup, including adding IPv6 support (#2637, #2516)
- Documented a recipe for establishing SNMP tunnels when testing devices on otherwise unreachable networks (#2426, #2435)
- Run Django development web server in "insecure" mode to improve simulation of a production environment when debug flag is turned off (#2625)
- Added a proper docstring to
bootstrap_django()
function (#2619, #2168) - Stop restoring stale tox environment caches in GitHub workflows (#2605)
- Added tests for ipdevpoll worker euthanization (#2599, #2548)
- Added tests to ensure snmptrapd can properly look up a NAV router that sends traps from one of its non-management IP addresses (#2500, #2510)
- Avoid redundant graphite time formatting strings by re-using constant (#2588, #2543)
- Make detection of running in a virtualenv more compatible with modern toolchain (#2573)
- Revert to having tox run its own dependency installer (#2572)
- Added explicit back-relation names for several Django ORM models (#2544, #2546, #2547, #2549, #2550, #2551)
- Document a recipe for establishing SNMP tunnels using socat/SSH (#2426, #2435)
- Updated/added explicit relation names to various ORM models (#2544, #2546, #2547, #2549, #2550, #2551, #2595, #2596)
- Added tests for simple searches (#2597)
- Ensure event variables are always posted in transactions, so the event engine does not accidentally end up processing incomplete event information (#2594)
- Report broken cache configuration as an error in Ranked Statistics tool, rather than taking down the whole NAV site (#2561, #2563)
- Show error message on invalid ip address in ipdevinfo (#2590, #2589)
- Link to correct room in room report if room has a space in its name (#2593, #2592)
- Work around duplicate internal serial numbers in Juniper equipment by trusting data only from the device with the lowest entity index (#2583, #2493)
- Make save function in AlertHistory, EventHistory and AlertQueue atomic (#2594)
- Ignore LDAP server referral responses, rather then erroring out during the login process (#2576, #1166)
- Include the
new_version
variable in alert message templates for device hw/fw/sw upgrades (#2565) - Update NAV blog widget to use the new blog URL (#2585)
- Handle invalid IP address input in ipdevinfo device searches gracefully, rather then crashing with a 500 error (#2589, #2590)
- Fix broken links to room details from room report for rooms with spaces in their names (#2592, #2593)
- Catch Validation error in filtering of prefixes in API (#2606, #2608)
- Redesign the 500 Error page so that the exception traceback if formatted as one
- NAPALM/NETCONF management profiles can now be configured with custom timeout values (#2460, #2390)
- Post lifecycle events the first time new chassis/module/PSU/fan devices are seen (#2391, #2414)
- Accept JSON Web Tokens signed by third-parties as valid API authentication/authorization tokens (#2483, #2511)
- Collect "chassis" serial numbers from Aruba wireless controllers (#2514)
- Added an API endpoint for module information (#2517, #2520)
- Result caching added to ranked statistics - including the ability to populate the cache regularly behind-the-scenes in a cronjob ((#1504, #2398)
- Added
buglog.py
option to fetch issue numbers from git reflog (#2474) - Added tests for
get_memory_usage
for all memory MIBs (#2376, #2441) - Added tests to discover invalid MIB dumps from smidump (#2501, (#2521)
- Updated/added explicit relation names to various ORM models (#2539, #2540, #2541, #2542)
- Empty alert messages are no longer sent when device software upgrades are detected (#2533)
- Merged two fixes from the 5.4.x stable series that never actually made it into the 5.5 series:
- Properly log (for posterity) old and new revision numbers with every software/hardware/firmware upgrade event NAV posts (#2515, #2545, #2560)
- snmpwalk routine for synchronous NAV code now correctly handles end-of-mib-view errors (#1925, #2489)
- Removed deprecation warnings from command line programs
navsnmp
,naventity
andnavoidverify
(#2389, #2429)
- Use pip-compile's backtracking dependency resolver to fix failing CI pipelines (#2509)
- Updated libsnmp dependency for newer Ubuntu runners in GitHub pipelines (#2532)
- Use same version of Django for pylint runs as the latest stable release (#2536)
- Fixed a slew of new CI pipeline / test suite problems that appear after new years (#2537)
- Fix serious collection breakdown in ipdevpoll by re-generating a valid Python representation of CISCO-ENHANCED-MEMPOOL-MIB (#2494, #2495)
- Fix broken trap processing in snmptrapd (#2497, #2498)
- Delete and ignore module devices with fake serial number
BUILTIN
, as reported by Juniper equipment, in order to avoid spamming withdevice[SFH]wUpgrade
alerts (#2491, #2492)
- Bump
lxml
from 4.6.5 to 4.9.1 in /tests (#2443) - Links and documented references to the NAV mailing lists have changed to the
lister.sikt.no
domain.
- Add link to #nav irc channel on Libera.Chat to README file (#2475)
- Add
mac_addresses
attribute to/netbox/
API endpoint (#2487, #2490) - Add ability to filter by alert severity in the status tool (#2467)
- Support for fetching ARP cache entries from all Arista VRF instances (#2262, #2454))
- Link aggregation information added to NAV API (#1765, #2440)
- Support fetching memory stats from
CISCO-ENHANCED-MEMPOOL-MIB
(#2236, #2439) - Added a flag to
navcheckservice
that shows all available handler plugins (#2378, #2437) - Post
deviceHwUpgrade
/deviceSwUpgrade
/deviceFwUpgrade
events when changes are detected to devices' hardware, software or firmware revisions (#2393, #2413) - Call a
cleanup()
method for individual container objects after ipdevpoll save stage (#2421) - Added
Device
methods to resolve and return related objects/entities (chassis, modules, fans, power supplied) and extended device descriptions (#2428)
- Avoid potential resource leaks by properly closing configuration files after reading them (#2451)
- Geomap "link to this configuration" now actually opens the correct location at the correct zoom level (#2412, #2488)
- snmptrapd can now identify an SNMP agent from any of its interface addresses (#2387, #2461)
- PortAdmin now ignores incorrectly configured VLAN tags (tagged as
NA
) on Juniper switches, instead of crashing (#2452, #2453) - Fix potential ipdevpoll crashes due to database fetches in wrong thread (#2478, #2480)
- Handle Graphite connection issues gracefully in ranked statistics page (#2459)
- Handle Graphite connection issues gracefully in device group detail page (#2345, #2434)
- Removed needless carbon data chunking from
activeipcollector
(#1696, #2462) - Evaluate
0.0
as a valid numeric metric value during threshold rule evaluations (#2447 - Updated dead links in Geomap documentation (#2419)
- Link from IPAM to reserve prefixed in SeedDB now works again (#2410, #2422)
- Improved inefficient database queries in Arnold (#2425)
- Updated tox examples in hacking documentation (#2427, #2430)
- Fixed an
AttributeError
crash bug in thenaventity
command line program (#2433, #2444)
- The changelog format has changed from the legacy format into one based on Keep a Changelog.
- Transceivers are no longer classed as modules (#1154)
- Generate more secure API tokens (#2366)
- Remaining instances of "Uninett" in footer FAQ have changed to Sikt (#2367)
- Upgrade to napalm 3.4.1 (#2403)
- Support more recent AKCP environment probes (#2107
- Collect and graph temperature readings from JUNIPER-MIB (#2342)
- Add support for wildcards in report IN operator (a.k.a.
(,,)
) (#2347) - Get VLAN tag from Juniper chassis cluster redundant ethernet interface ("RETH") names (#2357)
- Collect and graph memory usage from JUNIPER-MIB (#2359)
- Document NAV's various command line utilities (#2368)
- Add a contrib script to ship ISC DHCP server lease stats to NAV's Graphite instance (#2371)
- Don't display JavaScript alert dialog box when generating links to the current Geomap configuration (#1016)
- Optimize SeedDB prefix listing queries (#2156)
- Fix broken deletion of quick links from "My stuff"-menu (#2334)
- Display friendlier Juniper RPC error reports in Portadmin (#2362)
- Get rid of warning:
CacheKeyWarning: Cache key contains characters that will cause errors if used with memcached
(#2379) - Get rid of warning:
DeprecationWarning: Using or importing the ABCs from 'collections' instead of from 'collections.abc' is deprecated
(#2381) - Get rid of warning:
django.contrib.postgres.fields.JSONField is deprecated. Support for it (except in historical migrations) will be removed in Django 4.0.
(#2382) - Rotate room image thumbnails correctly based on EXIF orientation tag (#2385)
- Fix Django JSONField import deprecation warnings (#2396)
- Fix broken documentation build environment in Read The Docs (#2399)
- Optimize SeedDB room listing queries (#2400)
- Optimize SeedDB netboxtype listing queries (#2401)
- Optimize SeedDB vlan listing queries (#2402)
- Fix broken deserialization of Rack data (#2407)
- Remove unnecessary quotation marks in SeedDB (#2416)
- Fix incorrect handling of stateless event posting in internal APIs (#2417)
- Remaining Python 2 compatibility code (#2319)
- Dependency on the
six
Python module