Last Month in Nautobot – May 2024

Welcome to our monthly Nautobot community update! We’ll dive into the latest updates across the Nautobot community, highlighting the key milestones, releases, and noteworthy contributions. From new features and enhancements to bug fixes and events, there’s always something happening in our dynamic ecosystem. Open source is at the core of our values, empowering individuals and organizations to collaborate, innovate, and make a positive impact together. This monthly blog post is our way of celebrating the accomplishments and contributions of our Nautobot community members.

Nautobot Core

Releases – Stable

  • Nautobot: v2.2.5 – 2024-05-28
    • #5740 – Updated requests to 2.32.1 to address GHSA-9wx4-h78v-vm56. This is not a direct dependency, so it will not auto-update when upgrading Nautobot. Please be sure to update your local environment.
    • #5757 – Fixed missing member object permission enforcement (e.g., enforce Device permissions for a Dynamic Group containing Devices) when viewing Dynamic Group member objects in the UI or REST API (GHSA-qmjf-wc2h-6x3q).
    • #5690 – Removed deprecated CustomFieldFilterForm alias of CustomFieldModelFilterFormMixin, as this would have caused confusion with the newly added CustomFieldFilterForm class providing filtering support for the Custom Fields list view.
    • Multiple other various bug fixes and enhancements
  • Nautobot: v2.2.4 – 2024-05-13
    • #1858 – Added sanitization of HTML tags in the content of BANNER_TOPBANNER_BOTTOM, and BANNER_LOGIN configuration to prevent potential injection of malicious scripts (stored XSS) via these features (GHSA-r2hr-4v48-fjv3).
    • #5672 – Updated Jinja2 dependency to 3.1.4 to address CVE-2024-34064.
    • #1858 – Added support in BRANDING_FILEPATHS configuration to specify a custom css and/or javascript file to be added to Nautobot page content.
    • #1858 – Added Markdown support to the BANNER_TOPBANNER_BOTTOM, and BANNER_LOGIN configuration settings.
    • #4986 – Fixed inconsistent active tab in several views.
    • #5644 – Made the uniqueness constraints between the ContactAssociation model and the related API serializer consistent.
    • #5684 – Fixed standard CSV export when using export templates.
    • #5689 – Fixed change logging for bulk delete operations so that user is included in the log.

Releases – LTM 1.6

  • Nautobot: v1.6.23 – 2024-05-28
    • #5740 – Updated requests to 2.32.1 to address GHSA-9wx4-h78v-vm56. This is not a direct dependency so it will not auto-update when upgrading Nautobot. Please be sure to update your local environment.
    • #5762 – Fixed missing member object permission enforcement (e.g., enforce Device permissions for a Dynamic Group containing Devices) when viewing Dynamic Group member objects in the UI or REST API (GHSA-qmjf-wc2h-6x3q).
  • Nautobot: v1.6.22 – 2024-05-13
    • #1858 – Added sanitization of HTML tags in the content of BANNER_TOPBANNER_BOTTOM, and BANNER_LOGIN configuration to prevent potential injection of malicious scripts (stored XSS) via these features (GHSA-r2hr-4v48-fjv3).
    • #1858 – Added support in BRANDING_FILEPATHS configuration to specify a custom css and/or javascript file to be added to Nautobot page content.
    • #1858 – Added Markdown support to the BANNER_TOPBANNER_BOTTOM, and BANNER_LOGIN configuration settings.
    • #2974 – Fixed an error when deleting and then re-creating a GitRepository that provides Jobs.
  • Nautobot: v1.6.21 – 2024-05-07
    • #5521 – Updated Pillowsocial-auth-app-django, and Jinja2 to address CVEs.
    • #5561 – Updated idna to 3.7 due to CVE-2024-3651. This is not a direct dependency, so it will not auto-update when upgrading. Please be sure to upgrade your local environment.

Apps Ecosystem

Community


Conclusion

Do you have any cool Nautobot-related project we should write about? Swing by the Network to Code Slack -> channel #nautobot and write us a quick line! Sign up here if you don’t have an account.

-Cristian and Gary



ntc img
ntc img

Contact Us to Learn More

Share details about yourself & someone from our team will reach out to you ASAP!

Author