Releases: Uninett/nav
Releases · Uninett/nav
NAV 5.9.1
NAV 5.9.0
[5.9.0] - 2024-03-08
Added
- Added option to enable secure cookies in new web security section of
webfront.conf
(#2194, #2815) - Made
mod_auth_mellon
(SAML) work for logins (#2740)- Also added howto for setting up
mod_auth_mellon
for Feide authentication.
- Also added howto for setting up
Fixed
- Cycle session IDs on login/logout to protect against potential session fixation attacks (#2804, #2813, #2836, #2835)
- Flush sessions on logout (#2828)
- Prevent clickjacking attacks on NAV by disallowing putting NAV site in document frames (#2816, #2817)
- Cleaned up overview/intro docs (#2827)
- Various cleanups of the test suites:
- Removed nonsensical pydantic requirement (#2867)
- Removed warnings when building docs (#2856)
Changed
- Modernize installation of NAV scripts/binaries using
pyproject.toml
(#2676, #2679) - Changed the documentation theme from "Bootstrap" to "Read The Docs", as the Bootstrap theme was no longer being maintained. This also avoids unnecessary JavaScript libraries in the docs (#2805, #2825, #2824, #2834, #2837, #2833, #2853, #2868)
- Various changes needed to move NAV closer to being fully compatible with Python 3.11:
- Replaced all uses of
pkg_resources
withimportlib
(#2791, #2798, #2799) - Upgraded Twisted to a version that supports Python 3.11 (#2792, #2796)
- Upgraded psycopg to 2.9.9 (#2793, #2795)
- Dropped code that was there to support Django's older than 3.2 (#2823)
- Upgraded
python-ldap
from 3.4.0->3.4.4 (#2830) - Enabled running test suite on Python 3.10 by default (#2838)
- Stopped running test suite on Python 3.8 by default (#2851)
- Fixed invalid/deprecated backslash escapes in MIB dump files, as warned about in newer Python versions (#2846, #2848)
- Fixed deprecation warning for Django 4.0 in test suite (#2844)
- Removed an adaption to Pythons older than 3.7 (#2840)
- Install Node/NPM in docker dev environment (#2855)
- Vendor the PickleSerializer (#2866)
- Replaced all uses of
NAV 5.8.4
[5.8.4] - 2023-12-14
Fixed
- Allow admins to configure ports with invalid or unset native VLANs in PortAdmin (#2477, #2786)
- Fix bug that caused PoE config to be completely disabled for Cisco devices where at least one port did not support PoE (#2781)
- Fix PortAdmin save button moving around for ports without PoE support (#2782)
- Fix PortAdmin bug that prevented switching PoE state back and forth without reloading entire page (#2785)
- Fix regression that caused maintenance tasks to be un-editable (#2783, #2784)
NAV 5.8.3
NAV 5.8.2
NAV 5.8.1
[5.8.1] - 2023-11-29
Fixed
- Constrain version of 3rd party module
ciscoconfparse
, in order to avoid NAV not working under Python 3.7 (#2770, #2771) - Fix ipdevpoll crash error from using SNMP v2c profile example that came with NAV (#2767, #2768)
- Gracefully handle encoding errors in invalid sysname/IP input in SeedDB IP Device form (#2764)
- Gracefully handle errors from invalid profiles list input in SeedDB IP Device form (#2765)
NAV 5.8.0
[5.8.0] - 2023-11-24
Added
- Initial SNMPv3 support added to most parts of NAV
- Add an SNMPv3 management profile type (#2693, #2699)
- Add SNMPv3 session support to the synchronous SNMP libraries used by most parts of NAV except ipdevpoll (#2700, #2710)
- Add SNMPv3 reachability tests in SeedDB IP Device registration forms (#2704, #2734, #2727, #2730)
- Add SNMPv3 support to Portadmin (#2712, #2731)
- Add SNMPv3 support to
navsnmp
command line program (#2724, #2725) - Add SNMPv3 support to Arnold (#2726, #2733)
- Add SNMPv3 session support to ipdevpoll's asynchronous SNMP libraries (#2736, #2743)
- Add SNMPv3 support to
navoidverify
andnaventity
command line programs (#2747, #2748)
- Power-over-Ethernet configuration support for Cisco and Juniper equipment in PortAdmin (#2632, #2633, #2666, #2635, #2759)
- Extract VLAN association from router port names on Checkpoint firewalls (#2684, #2701)
- Add link to our GitHub discussion forums in "Getting help" documentation (#2746)
- Add subcommand to
navuser
command line program for deleting users (#2705) - Add toggle in
webfront.conf
for automatic creation of remote users (#2698, #2707) - Add proper documentation index page for all howto guides (#2716)
- Add description to threshold alarms (#2691, #2709)
Developer-centric additions
- Add tests for overview of alert profiles page (#2741)
- Add make rule for cleaning
doc
directory (#2717) - Add an snmpd service container for SNMPv3 comms testing (#2697)
Fixed
- Improve validation of maintenance form input in order to avoid unintentional crash reports (#2757)
- Handle invalid alert profile ID form input without crashing (#2756)
- Prevent crash errors in esoteric situations where multiple dashboards have been erroneously marked as a user's default dashboard (#2680)
- Fix broken
navoidverify
command on Linux (#2737) - Several regressions related to input validation in Alert Profiles were fixed:
- Fix regression that prevented filter groups from being deleted from an alert profile (#2729)
- Fix regression that prevented activation/deactivation of alert profiles (#2732)
- Fix form validation with "equal" and "in" operators for adding expression with group to filter (#2750)
- Add more expression operator tests for alert profiles and fix cleaning in
ExpressionForm
(#2752)
Developer-centric fixes
- Restructure alert profile tests (#2739)
Changed
- Allow write-enabled SNMP profiles to be used for reading when device has no read-only SNMP profiles (#2735, #2751)
- Improved howto guide for setting up remote user authentication using
mod_auth_oidc
(#2708)
Developer-centric changes
- Refactored web authentication code in preparation for future changes to authentication flow (#2706)
Removed
Developer-centric removals
NAV 5.7.1
NAV 5.7.0
[5.7.0] - 2023-09-07
Added
- Even more complex and flexible configuration of NAV logging is now supported through
logging.yml
(#2659) - Added howto guide for log configuration (#2660)
- Currently non-functional (aka. "blacklisted") alert sender mechanisms are now flagged in the Alert Profiles tool wherever an affected alert address is displayed (#2653, #2664, #2677, #2678)
- Added support for polling and alerting on Juniper chassis and system alerts (#2358, #2388)
- Added a new
contains_address
filter to theprefix
API endpoint, to enable lookup of matching prefix/vlan details from a single IP or subnet address (#2577, #2578) - Defined and added abstract methods for Power-over-Ethernet configuration to PortAdmin management handler classes (#2636)
- These are needed for the upcoming vendor specific implementations of PoE config in PortAdmin.
- Implemented configuration file parsing for upcoming local JWT token feature (#2568)
Fixed
User-visible fixes
- Properly dispose of outgoing alert notifications to invalid alert addresses (#2661)
- Fixed crash when attempting to log device errors with an empty comment in the Device History tool (#2579, #2580)
- Fixed bad styling and missing linebreaks in traceback section of the 500 error page (#2607, #2628)
- Show help text instead of error when running
nav
command without arguments (#2601, #2603) - Prevent users from entering invalid
sysObjectID
values when editing Netbox types in SeedDB (#2584, #2566) - Removed upper version bound for Pillow image manipulation library, to fix security warnings (#2567)
- Alerts that cannot be sent due to blacklisted media plugins will no longer fill up
alertengine.log
every 30 seconds, unless DEBUG level logging is enabled (#1787, #2652) - DNS lookups in ipdevinfo are now properly case insensitive (#2615, #2650)
- Alert Profiles will now properly require Slack alert addresses to be valid URLs (#2657)
- 5 minute and 15 minute load average values will now be collected correctly for Juniper devices (#2671, #2672)
- Fix cabling API, which broke due to internal refactorings (#2621)
- Only install NAV's custom
epollreactor2
in ipdevpoll if running on Linux (#2503, #2604)- Stops ipdevpoll from crashing on BSDs.
Developer-centric fixes
- Moved more of NAV's packaging definition to
pyproject.toml
(#2655) - Pin pip to version 23.1.0 for CI pipelines to continue working (#2647)
- Improve ipdevpoll logging of SQL queries and from Twisted library (#2640)
- Stop making skipped validation tests for non HTML content (#2623)
- Version-locked indirect dependencies of test suites (#2622, #2617)
- Improve SNMP forwarding/proxying container setup, including adding IPv6 support (#2637, #2516)
- Documented a recipe for establishing SNMP tunnels when testing devices on otherwise unreachable networks (#2426, #2435)
- Run Django development web server in "insecure" mode to improve simulation of a production environment when debug flag is turned off (#2625)
- Added a proper docstring to
bootstrap_django()
function (#2619, #2168) - Stop restoring stale tox environment caches in GitHub workflows (#2605)
- Added tests for ipdevpoll worker euthanization (#2599, #2548)
- Added tests to ensure snmptrapd can properly look up a NAV router that sends traps from one of its non-management IP addresses (#2500, #2510)
- Avoid redundant graphite time formatting strings by re-using constant (#2588, #2543)
- Make detection of running in a virtualenv more compatible with modern toolchain (#2573)
- Revert to having tox run its own dependency installer (#2572)
- Added explicit back-relation names for several Django ORM models (#2544, #2546, #2547, #2549, #2550, #2551)
NAV 5.6.1
[5.6.1] - 2023-03-23
Fixed
User-visible fixes
- Ensure event variables are always posted in transactions, so the event engine does not accidentally end up processing incomplete event information (#2594)
- Report broken cache configuration as an error in Ranked Statistics tool, rather than taking down the whole NAV site (#2561, #2563)
- Show error message on invalid ip address in ipdevinfo (#2590, #2589)
- Link to correct room in room report if room has a space in its name (#2593, #2592)
- Work around duplicate internal serial numbers in Juniper equipment by trusting data only from the device with the lowest entity index (#2583, #2493)
- Make save function in AlertHistory, EventHistory and AlertQueue atomic (#2594)
- Ignore LDAP server referral responses, rather then erroring out during the login process (#2576, #1166)
- Include the
new_version
variable in alert message templates for device hw/fw/sw upgrades (#2565) - Update NAV blog widget to use the new blog URL (#2585)
- Handle invalid IP address input in ipdevinfo device searches gracefully, rather then crashing with a 500 error (#2589, #2590)
- Fix broken links to room details from room report for rooms with spaces in their names (#2592, #2593))