NAV 5.14.1

Fixed

• Correctly display current chosen filter in Status tool (#3442)
• Fixed showing activity graphs in port details in ipdevinfo (#3484)

NAV 5.14.0

Added

User-visible additions

• New SQL reports in the Report tool:
  • Added an operational entities SQL report. (#1947)
  • Added an Events detected last 24 hours SQL report. (#3305)
• Collection job refreshing from web UI:
  • Added button to refresh ipdevpoll background jobs directly from IP Device Info tool. (#3350)
  • ipdevpoll can now immediately reschedule jobs on incoming refresh events on the NAV event queue. Refreshes can be ordered from the command line using the navrefresh program. (#2626)
• Added QR code link features:
  • Added link to "My Stuff" menu to generate QR code link to current page. (#2897)
  • Added button to SeedDB that downloads a ZIP file with QR Codes linking to the selected netboxes/rooms. (#2899)
  • Added config option to switch between generating SVG or PNG QR codes. (#2916)
• API additions:
  • Added API endpoint for looking up vendor of MAC address. (#3337)
  • Added API endpoint for the NetboxEntity model. (#3378)
  • JWT token signing features:
    • Added API endpoint for JWT refresh tokens. (#3270)
    • Added new tab to User and API administration tool for managing JWT refresh tokens. (#3273)
    • Expiration times for issued JWT refresh tokens can be configured via jwt.conf. (#3016)
    • Added support for including API endpoint read/write permission claims to JWT tokens.
• Added password security warnings:
  • Show a banner if the logged in user's password is insecure or old and it should be changed. (#3345)
  • Show a banner to admins if other users' passwords are insecure or old. (#3346)
• Added support for the T3611 sensor from Comet. (#3307)
• Added support for fetching DHCP pool statistics from Kea DHCP API. (#2931)

Developer-centric additions

• Added HTMX as new front-end library. (#3386)
• Document practical usage of devcontainer for developers. (#3398)
• Added developer utilities for easily dumping/loading production data into devcontainer.

Changed

User-visible changes

• Replaced QuickSelect component picker with dynamic HTMX-based search in Maintenance tool. (#3425)
• Replaced QuickSelect component picker with dynamic HTMX-based search in Device history tool. (#3434)
• Dependency changes:
  • Updated NAPALM dependency to 5.0 (#2358)
  • Updated django-rest-framework to version 3.14+, for proper compatibility Django 4.2 (#3403)

Developer-centric changes

• Replaced usage of twisted.internet.defer.returnValue with regular Python return, due to deprecation in newest Twisted version. (#2955)
• Redefined NAV account model to be usable as a Django user model. (#3332)
• Remove unused ColumnsForm (#3243)

Fixed

• Fixed missing ARP API endpoint documentation for IP address filtering. (#3215)
• Fixed broken location history searches from location view page. (#3360)
• Restored ISO timestamps in the web UI (as they were before NAV 5.13) (#3369)
• Fixed broken Add to dashboard functionality for boolean value sensors (#3394)
• Fixed sorting by timestamp columns in threshold rule table and Useradmin API-token table. (#3410)
• Take advantage of auxiliary end_time indexes on ARP table to improve prefix usage lookups in API. (#3413)
• Made Docker test environment usable for devs on Apple silicon Macs.

NAV 5.13.2

Fixed

• Relax API permissions for endpoints used by NAV web GUI tools intended for non-admin users. Several tools stopped working for non-admin users as a result of the permissions lockdown in the 5.13.1 security fix.
  • Relax permissions for API interface view endpoint (#3373)
  • Relax permissions for API prefix usage view endpoint (#3374)
  • Relax permissions for API list room endpoint (#3375)

NAV 5.13.1 (SECURITY)

Security

• Lock down API access for unprivileged users

  By default, NAV granted full API access to logged-in users, regardless of their configured privilege level. This would give unprivileged users access to manipulate NAV configuration and even elevate their own user privileges to administrator level. Read the full security advisory here.

Changed

• Update NAPALM dependency to 5.0 to keep NAV web GUI working (#2358)

Fixed

• Fix filtering of 'Last seen' and sorting by 'Last active' in netbox interfaces view in room info (#3329)

NAV 5.13.0

Security

• Omit Palo Alto API keys from ARP plugin log output (#3251)

Added

• Add option for showing OUI vendor name in Machine Tracker searches (#3292)
• Add cronjob for populating database with OUI data nightly (#3320)
• Run test suite by default on Python 3.11 and Django 4.2 (#2850)
• Added tests for device history search (#3261)

Changed

• Upgraded Django requirement to 4.2 (#2789)
• Upgraded and cleaned up various Docker environments used for development and testing to Debian Bookworm / Python 3.11 (#3284)

Fixed

• Fix minor incompatibilities with Django 4.2 (#2850)
• Fixed non-responsive search function in room map widget (#3207)
• Validate interval inputs in several search forms to avoid unhandled overflow errors (switch port activity, radius top talkers report, radius error log search, radius account log search) (#3242, #3245, #3246, #3247)
• Verify that multiple quarantine rules cannot be added with identical VLANs in Arnold (#3244)
• Fixed broken module history view in device history (#3258)
• Stop sending error mails to site admins from graphite-web proxy endpoint when graphite response code is in the 5XX range (#3259)
• Ignore case of sysname in IP device info (#3262)
• Add user-agent header when downloading OUI text file (#3291)

NAV 5.12.0

Removed

• Removed dependencies django-crispy-forms and crispy-forms-foundation (#2794)

Added

• Active maintenance tasks that only reference deleted components will be automatically cancelled (#3229)
• Alert profiles filter match value dropdowns now support interactive value searches (#3238)
• Added support for setting access port VLANs for Cisco Small Business switches in PortAdmin (by reverting to non-Cisco-specific handler routines for this subgroup of products) (#3249)

Changed

• Switched to building CSS from Sass using webpack instead of deprecated libsass. (#2849)
• Run tests using tox version 4 (#2973)
• The ipdevpoll plugin to fetch ARP cache data from a netbox's Palo Alto firewall API is now configured through a new management profile type assigned to that netbox (#3147)
• The old-style setup.py script was removed and installation docs were updated (#3176)
• Ensure that CSRF token info is included in all forms that have been refactored to remove the django-crispy-forms dependency (#3157)

Fixed

• Alert profiles filter match value dropdowns now support more than the old hard limit of 1000 choices (#2908)
• Disable deletion of the default dashboard (#3150)
• Rooms and locations with periods in their IDs can now be properly retrieved from the corresponding API endpoints (#3186)
• Fix spurious crashing when loading some Netmap layer 3 views (#3225)
• Improve description of deleted maintenance components (#3228)
• Stop SNMP-based arp plugin from stepping on the paloaltoarp plugins toes. Note that this requires updating the plugin order in the ip2mac job in ipdevpoll.conf (#3252)
• Ensure that each account has exactly one default dashboard

5.11.0

Removed

• Dropped support for Python 3.7 (#2790)

Added

• Post lifecycle event when power supplies or fans are removed (#2982)
• Post lifecycle event when a module or chassis is deleted via the status or device history tools (#2983)
• Database model for representing Organizationally Unique Identifiers (OUI) to identify vendors for MAC addresses
• Script for populating database with OUIs and corresponding vendors from IEEE (#2945)
• Module for generating JWTs (#2948)
• Documentation for configuring and using JWT tokens in NAV API (#2618)

Changed

• Upgraded dependencies after dropping support for Python 3.7 (#2790)
• Changed Sphinx version to 7.4.7 (#2826)
• Changed required PostgreSQL version to 13 (#2892)
• Moved the test suite's web crawler complexity away from the test discovery phase to the test phase itself. This reduces the number of generated test cases from N to 2 (where N is the number of reachable NAV pages) (#2966)
• Link to the doc for using docker for development from the README and mention what ports are used when using docker for development (#2978)
• Many user-facing forms of the web user interface have been refactored in order to remove a dependency that keeps NAV incompatible with Python 3.11. This should not affect looks or functionality. This work is still ongoing in the master branch and we hope it will be complete by NAV version 5.12.

Fixed

• Correctly delete an IP Device's existing function value when empty field value is submitted in the IP Device IP Device edit form (#2269)
• Fixed crash bug when reordering filters within a filter group in Alert Profiles (#2979)
• Fixed IPAM API crash bug that caused unnecessary error reports sent as e-mail to site admins (#2989)
• Fixed bad tooltip grammar in ipdevinfo "degraded aggregate link" badge
• Make the test suite easier to run under MacOS
• Skip tests when 3rd party requirements are missing, instead of outright failing

Security

• Ensure that CSRF token info is preserved when refactoring crispy forms to non-crispy equivalents. This means that flat_form.html and _form_content.html templates will include CSRF token info if form method is set to POST. (#3056)

NAV 5.10.2

Changed

• snmptrapd renamed to navtrapd to avoid naming conflicts with Net-SNMP programs (#2926)

Fixed

• Replace incorrect fix for premature ARP record closure introduced in 5.10.1 (#2910)

NAV 5.10.1

Fixed

• Fix Machine Tracker DNS search crashing from exhausting all available file descriptors (#2669)
• ARP records of unreachable devices are now closed by navclean cron job at configurable expiry intervals, rather than immediately as a response to a short ICMP packet loss (#2913)
• Palo Alto API XML responses are now parsed based on keys instead of indexes (#2924)

NAV 5.10.0

Removed

• Removed references to IRC support channel from documentation, as the channel is closing down (#2907)

Deprecated

• Support for Python versions older than 3.9 will be dropped in NAV 5.11.

Added

• New ipdevpoll plugin to fetch ARP cache data from Palo Alto firewall APIs (#2613)
• Introduced towncrier to aid in collaborative NAV changelog authoring (#2869)
• Add library utilities to produce QR codes to arbitrary URLs, for use in upcoming features (#2887)
• Added towncrier to automatically produce changelog

Changed

• Change the Docker Compose-based development environment to use more build caching and avoid running too many things as root (#2859)
• Changed required PostgreSQL version to 11

Fixed

• Avoid running command line scripts twice on every invocation (#2877, #2878)
• Fixed full-nav-restore.sh developer helper script that broke after Docker Compose development was reorganized (#2888)
• Fix missing delete icon in form selector labels (#2898)