Last Month in Nautobot – October 2023

Welcome to our monthly Nautobot community update! We’ll dive into the latest updates across the Nautobot community each month, highlighting the key milestones, releases, and noteworthy contributions. From new features and enhancements to bug fixes and events, there’s always something happening in our dynamic ecosystem. Open source is at the core of our values, empowering individuals and organizations to collaborate, innovate, and make a positive impact together. This monthly blog post is our way of celebrating the accomplishments and contributions of our Nautobot community members.

Nautobot Core

Releases – 2.0

Users on Nautobot v2.0.0, v2.0.1, and v2.0.2 are encouraged to upgrade to v2.0.3 as soon as possible to address GHSA-r2hw-74xv-4gqp, CVE-2023-45803 and CVE-2023-43804.

  • v2.0.3 – 2023-10-24
    • #4612 – Added validation step to handle invalid/legacy filters from v1.x in DynamicGroup form validation.
    • #4668 – Added an ENABLE_ALPHA_UI configuration option to the settings, which is initially set to False. When set to True, this option enables the “Alpha UI 2.0” feature.
    • #4668 – Changed the flag --no-build-ui to --build-ui, and its default value to False for the nautobot-server post-upgrade command.
    • #4604 – Fixed post_upgrade bug involving potential leftover references to Aggregate, DeviceRole, and RackRole ContentTypes in ObjectChange records.
    • #4608 – Fixed error 'IPAddressBulkAddForm' has no field named 'parent' when bulk creating IPs via UI.
    • #4669 – Added redirects from 1.x documentation paths to their 2.x equivalents to fix broken links/bookmarks.
    • #4676 – Ensured that ScheduledJob.job_class values are correctly transferred to ScheduledJob.task during v2 migration.
    • #4692 – Fixed incorrect inheritance of Meta attributes into nested serializers (depth >= 1).
    • #4671 – Updated urllib3 to 2.0.7 due to CVE-2023-45803. This is not a direct dependency so it will not auto-update when upgrading. Please be sure to upgrade your local environment.
    • #4673 – Fixed token exposure in JobResult traceback and result output when a GitRepositorySync job fails in certain ways.
    • #4692 – Fixed potential exposure of hashed user password data on certain REST API endpoints when using the ?depth=1 query parameter. For more details, please refer to GHSA-r2hw-74xv-4gqp.
  • v2.0.2 – 2023-10-17
    • #4361 – Added SUPPORT_MESSAGE configuration setting.
    • #4607 – Added nautobot-server audit_graphql_queries management command for evaluating breaking filter changes to existing GraphQLQuery instances.
    • #4472 – Fixed incorrect logic in nautobot_config.py.j2 template that wouldn’t detect the MySQL engine when Prometheus metrics are enabled.
    • #4547 – Fixed incorrect form field type for DeviceFilterForm.device_redundancy_group_priority.
    • #4588 – Fixed the error when creating a child Location under a non-globally-unique named parent Location.
    • #4603 – Fixed a bug that makes Manufacturers list fail to load.
    • #4639 – Fixed the ability to attach images to Locations.
    • #4586 – Updated urllib3 to 2.0.6 due to CVE-2023-43804. This is not a direct dependency so it will not auto-update when upgrading. Please be sure to upgrade your local environment.
  • v2.0.1 – 2023-10-04
    • #4436 – Allowed Interfaces of type VirtualLAG, and Bridge to be selected as a virtual Interface’s parent.
    • #4572 – Fixed a JS crash when using list view search box to filter objects in legacy UI.

Releases – Long-Term Maintenance 1.6

  • v1.6.4 – 2023-10-17
    • #4361 – Added SUPPORT_MESSAGE configuration setting.
    • #4573 – Added caching for display property of Location and LocationType, mitigating duplicated SQL queries in the related API views.
    • #4313 – Updated device search to include manufacturer name.
    • #4595 – Removed stable tagging for container builds in LTM release workflow.
  • v1.6.3 – 2023-10-03
    • #3372 – Added ObjectPermission constraints check to pre_migrate management command.
    • #4396 – Fixed rack form silently dropping custom field values.

Apps Ecosystem

New SSoT Integration

Please see the announcement of our latest Single Source of Truth (SSoT) App for Device42.

Conference Talks and Webinars


Conclusion

Do you have any cool Nautobot related project we should write about? Swing by the Network to Code Slack -> channel #nautobot and write us a quick line! Sign up here if you don’t have an account.



ntc img
ntc img

Contact Us to Learn More

Share details about yourself & someone from our team will reach out to you ASAP!

Author