Skip to main content

NAV

The first feature release of the 5.19 series of NAV is now out!

The source code is available for download at GitHub.

New packages for Debian 12 (Bookworm) and 13 (Trixie) are available in our APT repository.

Removed

  • Stopped supporting Python versions older than 3.11 (#3994)
  • Removed tomli dependency (#3996)

Added

  • The ipdevpoll cam plugin can now optionally log CAM records for switch ports connected to unmanaged neighbors, so that Machine Tracker can locate both the unmanaged device itself and any end hosts behind it. For now, this must be explicitly enabled: See the [cam] section in the ipdevpoll reference docs for details. (#2915)
  • navtopology --l2 now logs a per-run summary line to navtopology.log with phase timings, per-source resolved-link counts, and database write counts. Per-edge DEBUG lines from the reducer are also tagged with the heuristic that produced each resolution. (#4067)
  • The interface details page now shows the full aggregate and stacking hierarchy as a tree, surfacing the derived layer-2 topology (including per-member MLAG neighbours) even when the link is recorded on a lower-layer member port rather than the aggregate itself. (#4081)
  • Collect Juniper DOM threshold values as sensors (#2340)
  • Added API endpoint for getting, creating and deleting maintenance tasks (#2927)
  • Room aliases are now shown as tooltips in IP device info (#3881)
  • Added new column to user admin tool user list to show which users have enabled 2-factor authentication (#4005)
  • Added navdashboard CLI tool for listing, exporting and importing dashboards (#4028)
  • Added REST API endpoint for organizations at api/organization/
  • Added read-only REST API endpoint for router port information at api/gwportprefix/

Changed

User-visible changes
  • Upgraded Django from 4.2 to 5.2. Remove unused pytz dependency. Changed minimum required PostgreSQL version to 14. (#3958)
  • Upgraded Sphinx version to 9.0.4 (#3950)
  • Excluded JavaScript test files from installed package. (#3916)
  • Improved the usability of the two-factor authentication pages with status indicators, clearer warnings, guided setup steps, and copy-to-clipboard support for recovery codes and TOTP secrets. (#3961)
  • Improved docs for configuring allauth social auth providers, sans OIDC. (#5075)
  • Updated “Installing NAV on Debian” guide to Debian Trixie (#2886)
  • Added PostgreSQL rule to never allow the default user to be active (#4027)
  • Hide map for rooms/locations without coordinates (#4008)
  • Hide empty lines in room detail view (#3893)
Refactorings (developer-centric)
  • Replaced TOML config parser with Pydantic models for authentication config. (#4025)
  • Migrated gauge and linear_gauge from D3 v3 to D3 v7. (#3907)
  • Migrated IPAM prefix visualizations from D3 v3 to D3 v7. (#3965)
  • Migrated the netmap force-directed graph from D3 v3 to D3 v7. (#3966)
  • Replace deprecated USE_L10N = False setting with a custom FORMAT_MODULE_PATH to preserve ISO date formatting for Django 5.0 compatibility.
  • Refactored the Watchdog page to fetch its statistics via HTMX instead of a custom RequireJS/jQuery module. (#4054)
  • Refactored the sensor-details page to fetch its current on/off state via HTMX instead of a custom RequireJS/jQuery module. (#4056)
  • Improve Devex when using docker compose for development. (#4036)

Fixed

  • Restored audit-log and application-log recording of user logins, which stopped when the login flow moved to django-allauth in 5.18.0. (#4106)
  • Fixed topology detector assigning the wrong neighbor to aggregate (LAG) interfaces, such as Juniper ae interfaces, whose members are discovered through one or more layers of stacked interfaces. (#4029)
  • Fixed VLAN topology detection dropping detected VLANs from aggregated (LAG) uplinks, e.g. Juniper ae interfaces, where the layer-2 topology resolves on the physical member ports while the 802.1q configuration lives on the aggregate above them. (#1687)
  • Made ‘My stuff’ dropdown behave consistently (#3799)
  • Fixed a crash in the Room/Location Status navlets when an alert lacks an associated SMS message record. (#3899)
  • Fixed a race condition crash in asyncdns ForwardResolver where a DNS error on one record type (A/AAAA) could cause an AttributeError when the other record type resolved successfully. (#3902)
  • Fixed pipe characters in management profile names or netbox data breaking bulk dump/import (#3960)
  • Fixed the broken “approximate database size” indicator on the Watchdog page. (#4052)
  • Fixed ipdevpoll crashing shortly after startup on systems that forbid writable-and-executable memory. (#4066)
  • pping no longer misclassifies hosts whose ICMP echo reply round-trip time measures as exactly 0s (a logic error that would only occur during system clock adjustments) (#4071)
  • Fixed outdated list of available API endpoints in the documentation (#4085)
  • Stopped the room image views from returning spurious server errors (and emailing admins) when deleting already-deleted images or on malformed requests. (#4103)
  • Stopped allowing the navuser unlock and passwd commands to work for the default user
  • AuthorizationMiddleware now raises an error if HtmxMiddleware has not run before it (#3713)

Release notes

We always advise you to have a look at NAV’s accompanying release notes before upgrading.

Happy NAVing everyone!

The first maintenance release of the 5.18 series of NAV is now out!

The source code is available for download at GitHub.

New packages for Debian 11 (Bullseye), 12 (Bookworm) and 13 (Trixie) are available in our APT repository. NB! This will be the LAST package we publish for Debian 11 (Bullseye).

Fixed

  • Fixed post-login redirect not returning users to the page they originally requested (#3954)
  • Fix unclickable edit button for widget titles on the dashboard. (#3980)
  • Fixed removal of all aliases from rooms/locations in SeedDB not being persisted on save. (#4002)
  • Fixed LDAP authentication unconditionally rehashing the password on every login, which invalidated the Django session auth hash and broke MFA/TOTP setup for LDAP users. (#4003)

Release notes

We always advise you to have a look at NAV’s accompanying release notes before upgrading.

Happy NAVing everyone!

The first feature release of the 5.18 series of NAV is now out!

The source code is available for download at GitHub.

New packages for Debian 12 (Bookworm), 11 (Bullseye) and 13 (Trixie) are available in our APT repository.

Please be sure to check the release notes before upgrading, as there may be recommended changes to your config files.

Security

  • The CSRF cookie is now marked as secure when needs_tls is enabled in webfront.conf, matching the existing behavior of the session cookie. (#3829)
  • Passwords are no longer leaked in cleartext in Django error emails when LDAP authentication crashes. (#3870)

Removed (developer-centric)

  • Removed obsolete Docker-based test environment. Replaced by test suite changes that can run in ‘normal’ development environments. (#3849)

Added

  • Rooms and locations can now have multiple names (aliases). Aliases are searchable throughout NAV – in the navbar, global search, device history, maintenance, netmap, network explorer, status widgets, and the REST API. Aliases can be managed in SeedDB and via bulk import/export. They are displayed on room/location detail pages, in search results, and in SeedDB list views. (#3314, #3315, #3815, #3818, #3819, #3820, #3821, #3822, #3823, #3836, #3840, #3841, #3844, #3851, #3852, #3868, #3880, #3895)
  • Added support for two-factor authentication (TOTP), OAuth2, OIDC, and SAML login via django-allauth. Authentication can be configured through the new TOML config file webfront/authentication.toml. (#3622, #3676, #3834, #3862, #3873, #3889, #3934, #3936)
  • Added a report of devices without a known uplink in the topology.
  • Debug log runtimes of individual NAVbar search providers.

Changed

  • Auditlog entries can now be sorted by individual columns. Hyperlinks to more details are now provided for actors, objects and targets that still exist in the NAV database. (#3776)
  • Updated markdown dependency to 3.8.1. (#3812)
  • Downgraded spammy WARNING log about alerts referencing deleted objects to DEBUG level. (#3927)

Changed (developer-centric)

  • Standardize vendored JavaScript library management.

    Vendored JS files now follow a consistent <name>-<version>.min.js naming convention and are tracked as npm dependencies for easier version management. A vendor.py tool is included to automate installing and copying vendored files. (#2470)

  • Tox environments and GitHub workflows switched over to uv for dependency management. (#3859)

Fixed

  • Fix network explorer search not working after the first search per page load. (#3853)
  • Fixed l2trace crash when tracing through a netbox with no associated prefix. (#3866)
  • LDAP login no longer crashes with a 500 error when a user cannot be found during group membership verification. (#3871)
  • Fix report column tooltips ($explain_) not showing when the column also has a $name_ override. (#3876)
  • Fixed a crash in SeedDB bulk import when IP addresses contain trailing whitespace. (#3884)

Release notes

We always advise you to have a look at NAV’s accompanying release notes before upgrading.

Happy NAVing everyone!

The first maintenance release of the 5.17 series of NAV is now out!

The source code is available for download at GitHub.

New packages for Debian 12 (Bookworm), 11 (Bullseye) and 13 (Trixie) are available in our APT repository.

Fixed

  • Fix collapsed multiselects in status tool filters (#3797)
  • Event engine now yields to overdue scheduler callbacks between processing queued events, preventing long event batches from blocking time-critical tasks. (#3798) - Added missing index on netboxentity.deviceid to speed up lookups by device. (#3794)
  • Fix crash when rendering navlet error responses due to missing navlet ID (#3802)
  • Fixed a session crash (UpdateError) on the login page that could leak cleartext passwords in Django error emails. (#3803)
  • Fix chart widget failing to load images from URLs without query parameters (#3805)
  • Fixed sc.05.16.0001.sql migration failure on PostgreSQL 14 caused by ambiguous || operator when concatenating an integer without an explicit ::TEXT cast. (#3806)
  • Fixed a crash in Netmap when the topology graph exceeds memcached’s max item size. The graph is now returned successfully even when it cannot be cached. (#3795)
  • Improved active IP collector query performance (~10x) by utilizing partial database indexes on the arp table more effectively. (#3793)
  • PortAdmin’s “commit configuration” endpoint now returns 503 instead of 500 when the device is unreachable or does not support configuration commits, and no longer triggers spurious admin error emails for these expected operational failures. (#3801)
  • Turned support for REMOTE_USER back on. Regression caused by the new auth-system and its complicated route to the finish line.

Release notes

We always advise you to have a look at NAV’s accompanying release notes before upgrading.

Happy NAVing everyone!

The first feature release of the 5.17 series of NAV is now out!

The source code is available for download at GitHub.

New packages for Debian 12 (Bookworm), 11 (Bullseye) and 13 (Trixie) are available in our APT repository.

Please be sure to check the release notes before upgrading, as there may be recommended changes to your config files.

Security

  • Enable CSRF protection in entire NAV web UI (#3395)

Added

  • DHCP usage statistics graphs are now shown on VLAN and prefix pages when found in Graphite (#2373)
  • Added “more than” / “less than” option to the “Last Seen” filter on the Room view interface list (#3313)
  • Added hyperlink to management profile options in SeedDB netbox form (#3643)
  • Added browse tree and description search for easier maintenance task component selection (#3778)
  • Added support for SNMP v3-based CAM data collection on Cisco switches (Adds support for SNMP v3 context switching for logical MIB instances) (#2811)
  • Added script to generate GitHub, blog and e-mail release announcements from CHANGELOG.md

Changed

  • Finally switched from NAV’s homegrown authentication system to Django’s own. This makes NAV compatible with a lot of 3rd party libraries, and is a necessary step to support MFA.

    This is a big change. Test thoroughly before putting this version into production. This is especially important if you have configured REMOTE_USER authentication. NAV’s classic REMOTE_USER support has a lot of bells and whistles that Django’s support lacks. We have added support for NAV’s config options but it is a little used feature. There should be no need to update the confg file. (#3626)

  • Allow users to set a subscribed dashboard as their default (#3572)

  • Refactored dhcpstats backend. Users beware: option user_context_poolname_key in dhcpstats.conf renamed to user_context_groupname_key and its default value changed from name to group. (#3766)

  • Upgraded jQuery library to version 4 (#3730)

  • Upgraded Marionette to V4 in the IPAM tool (#1873)

  • Refactored dashboard navlets to use HTMX for rendering and updates (#3635)

  • Stopped CI testing on Python 3.12 by default (#3741)

Fixed

  • Re-enabled sorting by actor in auditlog table, now actually working robustly! (#3581)
  • Fixed breadcrumbs missing from JWT Create and Edit frontend pages (#3682)
  • Fixed bug where Netmap views could not be created or updated (#3737)
  • Ensure that the auditlog entries for deleting accounts behave like other entries. (#3738)
  • Fixed IP Device select in Add New Service form (#3749)
  • Filtering on SeedDB Patch and Cable pages now searches all visible columns instead of only the jack field (#3760)
  • Popover arrow is now correctly positioned when aligned to the end (#3770)
  • Fix bug where Getting Started tour does not highlight the correct element (#3771)
  • PortAdmin’s save feedback modal now appears instantly instead of being delayed by a network round-trip (#3772)
  • Add global CSRF token handlers for all HTMX and jQuery AJAX POST requests, to ensure things do not break unintentionally when CSRF validation is enabled
  • Fixed a crash in nav config where when no config file directory could be found

Release notes

We always advise you to have a look at NAV’s accompanying release notes before upgrading.

Happy NAVing everyone!

The first maintenance release of the 5.16 series of NAV is now out!

The source code is available for download at GitHub.

New packages for Debian 12 (Bookworm), 11 (Bullseye) and 13 (Trixie) are available in our APT repository.

Please be extra aware of config file changes, especially in ipdevpoll.conf. Look out for *.dpkg-dist files in /etc/nav and make sure to update your running config.

Fixed

  • Fixed location search for locations with slashes in names (#3717)
  • Fixed pping and snmptrapd crashes when attempting to look for config files in inaccessible directories (#3720)
  • Support RFC3339/ISO8601-formatted timestamps when parsing syslog messages in logengine (#3722)
  • Fixed GeoMap display of rooms/locations with slashes in their IDs (#3724)

Release notes

We always advise you to have a look at NAV’s accompanying release notes before upgrading.

Happy NAVing everyone!

The first feature release of the 5.16 series of NAV is now out!

The source code is available for download at GitHub.

New packages for Debian 12 (Bookworm), 11 (Bullseye) and 13 (Trixie) are available in our APT repository.

Please be extra aware of config file changes, especially in ipdevpoll.conf. Look out for *.dpkg-dist files in /etc/nav and make sure to update your running config.

Security

  • Upgrade jQuery library and dependencies (#3582)
  • Stop revealing actual API tokens in any type of log (#3686)
  • Escape column text in audit log table to mitigate potential XSS vulnerabilities (#2803)

Added

  • Added support for searching for inactive devices by serial number in Device History tool (#1996)
  • Added OS version and NAV version to exception debug view (#2082)
  • Add proper audit log entries for API token manipulations (legacy and JWT) (#3405)
  • Added a Django authentication backend to do NAV legacy style LDAP authentication, in preparation for authentication system rewrite (#3498)
  • Added confirmation modal when deleting dashboards (#3648)
  • Added test/research program nav_cisco_auth_sessions to retrieve information about authentication framework sessions from Cisco switches (#3711)
  • Added support for searching by description in main info search (#3149)
  • Allow NAV_CONFIG_DIR environment variable to override where NAV looks for configuration files (#3697)

Changed

  • Added new dependency distro for identifying Linux distributions (#2082)
  • Load info page search results with HTMX (#3618)
  • Load filtered device history with HTMX (#3663)
  • Disabled broken audit log actor sorting (#3581)

Fixed

  • Fixed room urls for rooms with slashes in name (#3661)
  • Upgrade select2 dependency to latest version (#1873)
  • Strip null bytes from LLDP local chassis IDs to avoid topo job abort errors (ValueErrors) (#2479)
  • Fixed ipdevpoll inventory job crash when including Comet T3611 MIB for collecting information for other Comet sensors (#3566)
  • Properly redirect entire browser to login page when a background HTMX request is received on an unauthenticated session (e.g. after session times out) (#3656)
  • Fixed accessing seeddb/room URLs for rooms with ‘/’ in names (#3659)
  • Fixed broken event search URL (#3677)
  • Fixed accessing SeedDB urls for locations, usages, organizations and device groups with ‘/’ in names (#3687)
  • Fixed bug where subnets were not selectable in the IPAM subnet allocator (#3692)
  • Fixed bug in SeedDB IP Device form where enter in a text field triggered an unwanted connectivity check (#3694)
  • Added success messages for JWT Token Create and Edit views

Release notes

We always advise you to have a look at NAV’s accompanying release notes before upgrading.

Happy NAVing everyone!

The first maintenance release of the 5.15 series of NAV is now out!

The source code is available for download at GitHub.

New packages for Debian 12 (Bookworm), 11 (Bullseye) and 13 (Trixie) are available in our APT repository.

Please be extra aware of config file changes, especially in ipdevpoll.conf. Look out for *.dpkg-dist files in /etc/nav and make sure to update your running config.

Fixed

  • Fixed crash reports being sent by unauthenticated clients accessing the API (#3650)
  • Fixed non-working port overviews for devices that contain modules with slashes in their name. A broken interfaces API endpoint caused both ipdevinfo and interface browser port lists to malfunction. (#3652)

Release notes

We always advise you to have a look at NAV’s accompanying release notes before upgrading.

Happy NAVing everyone!

The first feature release of the 5.15 series of NAV is now out!

The source code is available for download at GitHub.

New packages for Debian 12 (Bookworm) and 11 (Bullseye) are available in our APT repository.

Please be extra aware of config file changes, especially in ipdevpoll.conf. Look out for *.dpkg-dist files in /etc/nav and make sure to update your running config.

Security

  • In preparation for properly protecting against CSRF attacks throughout NAV:
    • Added CSRF tokens to AJAX POST requests (#3465)
    • Removed CSRF tokens from GET requests (#3472)

Removed

  • Removed unused vendored Foundation CSS stylesheets (#3479)
  • Removed vendored Foundation JavaScript library from codebase (#3542)

Added

  • Show VLAN netident in ipdevinfo port list (#2160)
  • Dashboards are now shareable between users (#2344)
  • Show device MAC address in the Device Info tab of ipdevinfo (#3222)
  • Added Django 5.2 and Python 3.13 to default test matrix (#3467)
  • Improved user feedback in PortAdmin by loading live port details in background, after initial page load (#3544)
  • Added search results preview in navbar (#3577)
  • Documented how to enable IPv6 connectivity inside devcontainer (Docker)

Changed

  • Updated NAPALM dependency to 5.1.0 (#3495)
  • Replaced SeedDB IP Device “check connectivity” JavaScript with HTMX, including improved user feedback (#3560)

Non-visible and developer-centric changes

  • The dated Foundation JavaScript libraries and CSS stylesheets are being replaced by a combination of HTMX-based features, new internal libraries and newer alternative libraries. The goal is to keep the outward user interface more or less unchanged:

    • Use HTMX modals in SeedDB Patch tool (#3461)
    • Replaced tooltip in status actions with accessible help text toggle (#3463)
    • Replaced Foundation Joyride with Driver.js implementation (#3468)
    • Replaced Foundation Topbar JS with JQuery (#3476)
    • Replaced Foundation Equalizer with JQuery (#3477)
    • Replaced foundation alert plugin with custom JavaScript (#3481)
    • Replaced native tooltips with NAV tooltips (#3482)
    • Replaced navlet modals with HTMX implementation (#3487)
    • Replaced search hint modals in Radius tool with HTMX (#3494)
    • Replaced radius detail modals with HTMX (#3514)
    • Added fit-content size to modals to support large content
    • Replace IPAM subnet diagram help modal with HTMX
    • Replaced “about logging” modal with HTMX
    • Replaced Foundation dropdowns with custom implementation
    • Replaced “import dashboard” modal with HTMX
    • Replaced Machine Tracker modals with HTMX
    • Replaced modals in ipdevinfo tool with HTMX
    • Replaced threshold form help modal with HTMX
    • Added custom NAV tooltip as replacement for Foundation JS (#3449)
    • Added reusable HTMX modal utilities and styles (#3461)
    • Added modal closing behaviour controls for close button visibility and outside click handling (#3537)
    • Added support for positioning popover on multiple sides (#3550)
    • Replaced feedback modal in Portadmin with HTMX (#3540)
    • Replaced Foundation dropdowns with popovers (#3531)
    • Upgraded tinysort dependency (#3580)
    • Replaced Foundation Clearing Lightbox with custom Lightbox plugin for room/location picture gallery (#3530)
    • Use fixed position tooltips in status widgets and SeedDB list tree (#3576)
    • Added support for controlling popovers with client side events (#3578)
    • Replaced outdated timepicker library with flatpickr (#3587)
  • Modernized Django URL config, mostly by replacing usage of re_path() with path() (#3515, (#3548, (#3631)

Fixed

  • Protect against unexpected NUL bytes in SNMP strings by stripping them (#2479)
  • Fixed bug where status widget tooltip gets stuck (#3301)
  • Show friendly error message in Arnold when attempting to block ports on switches that do not feature a writeable management profile (#3383)
  • Fixed bug where ipdevinfo job refresh does not display error messages properly (#3385)
  • Made it possible to un-revoke JWT refresh token by recreating the token (#3457)
  • Fixed broken all-time searches in Radius tool (#3500)
  • Removed “no racks” alert after adding a new rack to a room (#3506)
  • Show distinct filter groups in Groups and Permissions modal in Alert Profiles (#3523)
  • Show errors on invalid IP in Network Explorer search (#3534)
  • Fixed saving rooms/locations with active alerts widgets after editing (#3561)
  • Fixed sudo-ing to the default (anonymous) account (#3571)
  • Fixed PortAdmin bug where restarting interfaces fails (#3589)
  • Fixed tooltips in Device History and Subnet Matrix tools (#3591)
  • Enabled GetBulk / bulkwalk operations under synchronous SNMP v3 communication (enormously speeding up PortAdmin SNMPv3 queries) (#3594)
  • Adjusted size and position of “close modal” icon to avoid overlap with text
  • Fixed bug where QR Code button is not clickable

Release notes

We always advise you to have a look at NAV’s accompanying release notes before upgrading.

Happy NAVing everyone!

The first maintenance release of the 5.14 series of NAV is now out!

The source code is available for download at GitHub.

New packages for Debian 12 (Bookworm) and 11 (Bullseye) are available in our APT repository.

Please be extra aware of config file changes, especially in ipdevpoll.conf. Look out for *.dpkg-dist files in /etc/nav and make sure to update your running config.

Fixed

  • Correctly display current chosen filter in Status tool (#3442)
  • Fixed showing activity graphs in port details in ipdevinfo (#3484)

Release notes

We always advise you to have a look at NAV’s accompanying release notes before upgrading.

Happy NAVing everyone!