Skip to content

Update ghcr.io/nautobot/nautobot Docker tag to v3#746

Open
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/ghcr.io-nautobot-nautobot-3.x
Open

Update ghcr.io/nautobot/nautobot Docker tag to v3#746
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/ghcr.io-nautobot-nautobot-3.x

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate Bot commented May 25, 2026
edited
Loading

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Update Change
ghcr.io/nautobot/nautobot major 2.4.343.1.3

Release Notes

nautobot/nautobot (ghcr.io/nautobot/nautobot)

v3.1.3: - 2026-05-26

Compare Source

v3.1.3 (2026-05-26)

Security in v3.1.3
  • #​8957 - Updated development npm dependency fast-uri to 3.1.2 to mitigate CVE-2026-6321 and CVE-2026-6322.
  • #​8990 - Updated dependency idna to 3.15 to mitigate CVE-2026-45409. As this is not a direct dependency, it will not auto-update when upgrading; please be sure to update your local environment.
  • #​8990 - Updated indirect development dependency pymdown-extensions to 10.21.3 to mitigate CVE-2026-46338.
Added in v3.1.3
  • #​8917 - Added support for custom redirect buttons on the job result modal.
Changed in v3.1.3
  • #​8969 - Added "View change log" item to "actions" dropdown in Device component (Interface, etc.) tables.
  • #​8969 - Added model verbose name to "Edit" and "Delete" items in table action dropdowns.
  • #​8969 - Changed nautobot-migrate-bootstrap-v3-to-v5 script to apply to *.js files as well.
Fixed in v3.1.3
  • #​8954 - Job Result Summary timestamps now display in user timezone instead of UTC.
  • #​8962 - Fixed a case where the Run/Re-Run button on the Job Result detail view wouldn't correctly refresh once task kwargs became available.
  • #​8965 - Fixed slow page loads on detail views at large scale.
  • #​8969 - Fixed "Mark planned"/"Mark installed" actions not working in Device Interfaces table and others.
  • #​8972 - Fixed an issue where form auto-population logic in forms.js would crash when a form contained an id_slug or id_key field without a slug-source attribute, silently breaking downstream form initialization (including Flatpickr date/time pickers) on affected pages such as the API Token create form.
  • #​8976 - Fixed an exception when rendering an object list view whose viewset has no filterset_class configured.
  • #​8988 - Fixed Git Repository Job loading producing multiple class objects for the same source file, which caused isinstance checks against shared classes to return false negatives.
  • #​8999 - Fixed "Job Queue" in Re-Run form when queue type is kubernetes.
Dependencies in v3.1.3
  • #​8959 - Added urllib3 (>=2.7.0,<3.0.0) as a direct dependency as Nautobot now directly uses it. (Previously it was an indirect dependency.)
  • #​8968 - Updated cryptography dependency to (>=48.0.0,<49).
Housekeeping in v3.1.3
  • #​8917 - The _JobModalButton now uses POST requests instead of GET requests for the job modal flow.
  • #​8964 - Changed "View job results" to "View Job Results" in modal button text.
  • #​8969 - Removed initializeSortableList logic in forms.js, unused since 3.1.0.

Contributors

Full Changelog: nautobot/nautobot@v3.1.2...v3.1.3

v3.1.2: - 2026-05-08

Compare Source

Security in v3.1.2
  • GHSA-c35q-vxrp-ph26 - Added support for WEBHOOK_ALLOWED_SCHEMES settings variable. By default new or updated Webhook records will be restricted to HTTP or HTTPS only, disallowing other schemes that may have been previously allowed. Administrators should audit existing Webhook records to identify any that are invalid, and either update/delete said records or customize WEBHOOK_ALLOWED_SCHEMES as appropriate.
  • GHSA-c35q-vxrp-ph26 - Added support for WEBHOOK_ADDITIONAL_BLOCKED_NETWORKS settings variable. This can be used to specify additional IP networks that should be denied to Webhook sending, for example some deployments may wish to disallow RFC1918 addresses.
  • GHSA-c35q-vxrp-ph26 - Added support for WEBHOOK_ALLOWED_HOSTS settings variable. This can be used to provide an allow-list of specific hosts that would otherwise be blocked by any WEBHOOK_ADDITIONAL_BLOCKED_NETWORKS configuration.
  • GHSA-c35q-vxrp-ph26 - Added logic to deny loopback, link-local, multicast, unspecified, or reserved IP addresses when defining or executing a Webhook. Administrators should audit existing Webhook records to identify any that are invalid and delete said records (CVE-2026-44797).
  • GHSA-c35q-vxrp-ph26 - Added various logic to protect Webhook definitions against being used as a vector for server-side request forgery (SSRF) (CVE-2026-44797).
  • GHSA-p3hx-pwf3-j8wr - Fixed GitRepository.current_head being incorrectly user-editable through the REST API (CVE-2026-44798).
  • GHSA-p3hx-pwf3-j8wr - Added additional data validation to GitRepository.clean() and to various methods of the GitRepo helper class.
  • GHSA-qrpw-gjvh-x5gm - Added a timeout to bulk-rename views (both legacy BulkRenameView and viewset ObjectBulkRenameViewMixin) when doing regular-expression-based bulk renames to protect against denial-of-service (REDoS) due to an overly-complex or maliciously crafted regular expression provided by the user (CVE-2026-44796).
  • GHSA-wpxj-44w3-2j6x - Added logic in the REST API to enforce user "view" permissions when assigning related objects via a GenericForeignKey (CVE-2026-44794).
  • #​8931 - Updated dependency django to >=5.2.14,<5.3 to mitigate CVE-2026-5766, CVE-2026-35192, and CVE-2026-6907.
  • #​8940 - Updated dependency gitpython to >=3.1.50,<3.2 to mitigate CVE-2026-44243, CVE-2026-44244, and GHSA-mv93-w799-cj2w.
Added in v3.1.2
  • #​8413 - Added an "Assume Ownership" action button on the Scheduled Job detail view that allows users with the required permissions to take over ownership of a scheduled job.
Removed in v3.1.2
Fixed in v3.1.2
  • GHSA-wpxj-44w3-2j6x - Fixed ImageAttachment REST API incorrectly marking the image_height and image_width as required fields.
  • GHSA-wpxj-44w3-2j6x - Fixed ImageAttachment REST API incorrectly allowing creation of attachments to an unsupported content_type.
  • GHSA-wpxj-44w3-2j6x - Fixed ContactAssociation REST API incorrectly allowing creation of associations to an invalid associated_object_type.
  • #​8413 - Fixed silent failure of scheduled jobs whose originating user has been removed. The scheduler now records a failed JobResult as well as disables the schedule with state ERRORED.
  • #​8861 - Add an iterator to the queryset in migration 0130_jobresult_generate_log_entry_counts to prevent resource exhaustion.
  • #​8884 - Fixed _JobModalButton refresh_on_close_if_done flag being dropped during modal polling, causing the page to not reload when the Close button (footer, header, or Escape key) is used after a Job completes.
  • #​8890 - Fixed N+1 query patterns on the VRF detail view for templated fields (devices, vms, virtual device contexts).
  • #​8937 - Fixed Job History home page panel sorting.
Dependencies in v3.1.2
  • GHSA-qrpw-gjvh-x5gm - Added regex>=2026.4.4 as a dependency. (Previously it was a development-only dependency.)
  • #​8931 - Updated dependency nh3 to >=0.3.5,<0.4.
Documentation in v3.1.2
  • #​8943 - Updated the security notices documentation.
Housekeeping in v3.1.2
  • GHSA-qrpw-gjvh-x5gm - Replaced bespoke bulk_rename actions on ModuleBayUIViewSet and ModuleBayTemplateUIViewSet with the generic ObjectBulkRenameViewMixin.
  • #​8925 - Added support for --no-input option to invoke tests task.
  • #​8925 - Added support for --command option to invoke nbshell task.
  • #​8931 - Updated development dependency faker to ^40.15.0.
  • #​8931 - Updated development dependency pymarkdownlnt to ~0.9.37.
  • #​8932 - Addressed a number of CodeQL-reported issues in the code base.
  • #​8940 - Loosened timeout requirement in test_bulk_rename_regex_redos_protection to reduce spurious failures in CI.

Contributors

Full Changelog: nautobot/nautobot@v3.1.1...v3.1.2

v3.1.1: - 2026-04-27

Compare Source

v3.1.1 (2026-04-27)

Security in v3.1.1
  • #​8840 - Updated dependency GitPython to >=3.1.47,<3.2 to mitigate CVE-2026-42215 and CVE-2026-42284.
  • #​8895 - Updated dependency lxml to 6.1.0 to mitigate CVE-2026-41066. As this is not a direct dependency, it will not auto-update when upgrading; please be sure to upgrade your local environment.
Added in v3.1.1
  • #​8876 - Added render_default_panels_for_object template tag.
  • #​8883 - Added copyright notice to the About page.
Changed in v3.1.1
  • #​8894 - Changed the CSV export algorithm to speed up the export of a large number of objects.
Fixed in v3.1.1
  • #​6199 - Fixed job class template override not working when template_name is set as a Meta attribute.
  • #​8876 - Re-added placeholders for files nautobot/extras/templates/extras/inc/jobresult_js.html, nautobot/project-static/js/job_result.js, and nautobot/project-static/js/log_level_filtering.js that were removed in 3.1.0, in order to avoid breaking Apps still referencing these files.
  • #​8877 - Fixed incorrect refreshing of GitRepository "Synchronization Status" tab.
  • #​8885 - Fixed Kubernetes job kwarg serialization.
  • #​8887 - Fixed NoReverseMatch crash when adding Data Validation Rules.
Dependencies in v3.1.1
  • #​8840 - Updated dependency djangorestframework to >=3.17.1,<3.18.
  • #​8840 - Updated dependency psycopg2-binary to >=2.9.12,<2.10.
  • #​8840 - Updated dependency social-auth-core to >=4.8.6,<4.9.
  • #​8880 - Updated npm dependency htmx.org to ^2.0.10.
  • #​8909 - Updated dependency social-auth-core to >=4.8.7,<4.9.
Documentation in v3.1.1
  • #​8820 - Added documentation on how to set logging levels for Nautobot Jobs.
  • #​8873 - Improved documentation for VPN Terminations, VPN service types, and related VPN models added in v3.1.0.
Housekeeping in v3.1.1
  • #​8840 - Updated development dependency rich to ~14.3.4.
  • #​8840 - Updated documentation dependency mkdocs-section-index to ~0.3.12.
  • #​8840 - Updated documentation dependency mkdocstrings to ~1.0.4.
  • #​8840 - Updated development dependency ruff to ~0.15.11.
  • #​8880 - Updated npm development dependency postcss to ^8.5.10.
  • #​8880 - Updated npm development dependency prettier to ^3.8.3.
  • #​8906 - Fixed a unit test issue that was causing a number of view test cases to be incorrectly skipped.
  • #​8906 - Adjusted the RouteTargetFactory implementation to ensure data is suitable for use with the bulk_rename test cases.
  • #​8909 - Updated development dependency ruff to ~0.15.12.
  • #​8909 - Updated development dependency openapi-spec-validator to ~0.8.5.

Contributors

New Contributors

Full Changelog: nautobot/nautobot@v3.1.0...v3.1.1

v3.1.0: - 2026-04-14

Compare Source

This document describes all new features and changes in Nautobot 3.1.

Upgrade Actions

Administrators
Migrate From Legacy PostgreSQL Versions As Needed

Nautobot 3.1, as a consequence of the Django 5.2 dependency upgrade, drops support for PostgreSQL versions 12.x and 13.x and now requires a minimum of PostgreSQL 14.0. If you have an existing Nautobot deployment on these no-longer-supported versions of PostgreSQL, you will need to upgrade and migrate your database.

!!! tip
In general we recommend that you upgrade PostgreSQL as a separate step and change window from upgrading Nautobot in order to reduce the complexity of the upgrade and allow easier troubleshooting and recovery should anything go wrong in the process.

Migrate Configuration To STORAGES As Needed

As a consequence of the Django 5.2 dependency upgrade, Nautobot 3.1 drops support for the Django DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings variables in favor of a unified STORAGES setting. Additionally, support for the corresponding Nautobot-specific STORAGE_BACKEND, STORAGE_CONFIG, and JOB_FILE_IO_STORAGE settings variables has been removed and merged into the STORAGES setting.

If your deployment of Nautobot had overridden any of the above settings (for example, to use S3 storage), you will need to update your nautobot_config.py file to use the STORAGES setting instead. More details are available in the Nautobot documentation for STORAGES.

Configure New Performance Settings As Appropriate

If you have a large number of Location and/or Prefix records, you can configure LOCATION_LIST_DEFAULT_MAX_DEPTH and/or PREFIX_LIST_DEFAULT_MAX_DEPTH to limit the depth of data that's initially retrieved and rendered when first accessing these list views, with the potential to significantly improve the performance of these enhanced views as a result.

Enforced Permissions for Job Log Entries

Nautobot 3.1 introduces stricter permission enforcement for viewing job log entries in the log table view. Previously, the extras.view_joblogentry permission was not consistently required to access this data.

As a result, users who were previously able to view job logs may now be restricted unless they have been explicitly granted the appropriate extras.view_joblogentry permission. This change may have unexpected impact on existing deployments where access to job logs was implicitly available.

Administrators should review user roles and permissions to ensure that appropriate access to job logs is granted where needed.

App Authors/Maintainers
Changes For Django 5.2 Compatibility

Nautobot's dependency update to Django 5.2, as typical of Django major version updates, included a small number of breaking changes to Django's Python APIs. For a comprehensive guide, refer to the "Backwards incompatible changes" and "Features removed" sections of Django's release-notes for versions 5.0, 5.1, and 5.2. The most likely impacts we have identified to Nautobot Apps are the following:

  • Support for Model.Meta.index_together (previously deprecated in Django 4.2) is removed; App models with custom indexes using index_together will need to migrate to use Model.Meta.indexes instead and create a database migration accordingly.
  • Models using a ManyToManyField with an explicit through table (as is recommended by Nautobot) may need to run nautobot-server makemigrations <app> to generate a schema migration explicitly specifying the through_fields for each such ManyToManyField.
  • The test method assertQuerysetEqual() (previously deprecated in Django 4.2) is removed; App tests using this method will need to migrate to use assertQuerySetEqual() (note capitalization) instead.
  • Nautobot previously maintained a Django templatetag named querystring, which may conflict with the built-in querystring templatetag introduced in Django 5.1. Additionally, Django Tables2 has a similar namespace conflict. It is recommended to use Django's built-in version where possible. If compatibility issues arise, use nautobot.app.templatetags.legacy_querystring instead.
Changes for HTMX

See HTMX List View Rendering below.

Support Dependent Object Creation and Search In Forms

See Dependent Object Creation and Search below.

Bootstrap FileStyle Deprecation

The Bootstrap FileStyle library is now deprecated and will be removed in Nautobot 4.0. The ClearableFileInput widget, which previously depended on Bootstrap FileStyle, has already been migrated to the standard Bootstrap 5 file input.

If you do not directly reference the bootstrap-filestyle-1.2.3/bootstrap-filestyle.min.js script in your code, no action is required. Otherwise, we encourage you to transition to the Bootstrap 5 file input or import an external library of your choice.

django-ajax-tables Deprecation

The django-ajax-tables library is now deprecated and will be removed in Nautobot 4.0. The dynamic table rendering, filtering, and pagination features, which previously depended on this library, have been migrated to use standard django-tables2 combined with HTMX.

If you do not directly reference django-ajax-tables components or its associated JavaScript handlers in your code, no action is required. Otherwise, we encourage you to transition your dynamic tables to the new HTMX-based approach.

Release Overview

Breaking Changes
Dropped Support for PostgreSQL Versions Less Than 14.0

As a consequence of the dependency update to Django 5.2, support for PostgreSQL versions before 14.0 has been removed from Nautobot.

Dropped Support for MySQL Versions Less Than 8.0.11

As a consequence of the dependency update to Django 5.2, support for MySQL versions before 8.0.11 has been removed from Nautobot.

Unified Storage Backend Configuration

As a consequence of the dependency update to Django 5.2, Nautobot 3.1 drops support for the Django DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings variables in favor of a unified STORAGES setting. Additionally, support for the corresponding Nautobot-specific STORAGE_BACKEND, STORAGE_CONFIG, and JOB_FILE_IO_STORAGE settings variables has been removed and merged into the STORAGES setting. More details are available in the Nautobot documentation for STORAGES.

Added
Dependent Object Creation and Search

Dependent objects can now be created directly from the current page using an embedded modal, without interrupting your workflow. Additionally, dependent object search supports advanced filtering, making it easier to find related records, especially in cases like interfaces where simple string matching was not sufficient.

Both creation and search are handled within a modal, so you don't have to leave the main form.

Form migration guide for App developers is available in Embedded Actions.

Configurable Columns

Configurable Columns have been redesigned for improved usability. You can now easily toggle columns on and off via moveable checkboxes, while preserving the order of selected columns.

Job Console

When running jobs, Nautobot now optionally captures and displays all console output in the Job Console tab, including logs previously omitted due to log settings or C-program output. You can now see the complete console log as if running the job interactively, creating a clear separation between job troubleshooting (Job Console) and job reporting (Job Log Entries).

Custom Field Scoping

Custom Fields can now be scoped to display or edit only when specific, user-defined filtering conditions are met. Previously, all Custom Fields appeared on all objects. Common use cases include:

  • Displaying SMARTnet details for Device objects only when the device is a Cisco model.
  • Showing local contact information for Location objects only when the LocationType is Site.
  • Presenting ATT billing account information for Circuit objects only when the circuit is an ATT circuit.
Python 3.14 Support

Added official support for Python 3.14.

Bulk Rename for More Models

UI viewsets inheriting from NautobotUIViewSet now include a Rename bulk action alongside Bulk Edit and Bulk Delete when their model exposes an editable name field. Users can supply a find/replace pattern (literal string or regular expression) against the selected objects' names and preview the resulting names before applying the change. Previously, bulk rename was only available on a small number of legacy views. Models without a name field are automatically opted out, so Apps pick this up with no code changes required.

To ensure server responsiveness, regular-expression patterns submitted for bulk rename are validated before execution and may be rejected with a clear error message if too complex. Additionally, only objects visible to the user can be renamed in bulk, unlike other bulk operations that allow the full queryset. This ensures users can preview changes before applying them.

Changed
HTMX List View Rendering

In Nautobot 3.1, object list views (including both those derived from generic.ObjectListView and those using NautobotUIViewSet) now load in two stages (using HTMX) to improve the responsiveness of the UI. Custom implementations of these views, and/or custom test cases written for these views, may require some updates to handle this behavior correctly. Refer to the developer documentation for more specific guidance.

Async Global Search

Global search is now loaded asynchronously. When performing a search, results are returned incrementally, so you see matches immediately without waiting for the slowest queries to complete.

Improved Location and Prefix List Views

In addition to the generalized list-view performance enhancements described above, the list views for Location and Prefix records specifically have been enhanced in several ways:

  • The rendering of the "tree" data hierarchy for these records has in general been improved to visualize object relationships more clearly.
  • An administrator can configure LOCATION_LIST_DEFAULT_MAX_DEPTH and/or PREFIX_LIST_DEFAULT_MAX_DEPTH to limit the depth of data that's initially retrieved and rendered when first accessing these list views, improving their responsiveness substantially at high data scale.
  • Users can interactively "drill down" into deeper nested data as needed with a few quick clicks, incrementally loading additional "child" records on the fly.
Deprecated
assertQuerysetEqualAndNotEmpty() Test Method

The Nautobot test method assertQuerysetEqualAndNotEmpty() has been deprecated in favor of the new assertQuerySetEqualAndNotEmpty() method (note change in capitalization) to align with Django's assertQuerySetEqual() test method. Support for assertQuerysetEqualAndNotEmpty() may be removed in a future Nautobot release.

Dependencies
Django 5.2

Nautobot 3.1 upgrades the core Django dependency from 4.2.x LTS to 5.2.x LTS. Nautobot has been updated accordingly, but Apps and third-party dependencies may need to update to newer versions for compatibility with Django 5.2.

Contributors

New Contributors

Full Changelog: nautobot/nautobot@v3.0.11...v3.1.0

v3.0.11: - 2026-04-08

Compare Source

v3.0.11 (2026-04-08)

Security in v3.0.11
  • #​8768 - Updated dependency Django to ~4.2.30 to mitigate CVE-2026-33033 and others.
  • #​8768 - Updated dependency cryptography to ~46.0.7 to mitigate CVE-2026-39892.
  • #​8782 - Updated dependency pygments to 2.20.0 to mitigate CVE-2026-4539. As this is not a direct dependency, it will not auto-update when upgrading; please be sure to upgrade your local environment.
  • #​8782 - Updated dependency pymdown-extensions to 10.21.2 to address an incompatibility with pygments version 2.20. As this is not a direct dependency, it will not auto-update when upgrading; please be sure to upgrade your local environment.
Added in v3.0.11
  • #​8432 - Added the capability to assign a Secrets Group to a VPN Tunnel.
  • #​8689 - Added ARM64 variants for all published Docker images.
  • #​8791 - Added VPN, VPNTunnel to searchable models.
Changed in v3.0.11
  • #​8388 - Changed rear of full-length device in rack elevation view to be clickable
Fixed in v3.0.11
  • #​8316 - Fixed scheduled jobs with custom crontab schedules running once immediately (ASAP) before following their crontab schedule.
  • #​8730 - Fixed filtering for all VPN-related list views.
  • #​8802 - Fixed config_context_schema value failing to update when syncing a config context repository.
Dependencies in v3.0.11
  • #​8767 - Updated npm dependency mini-css-extract-plugin to ^2.10.2.
  • #​8767 - Updated npm dependency postcss to ^8.5.9.
  • #​8768 - Updated dependency requests to ~2.33.1.
Documentation in v3.0.11
  • #​8774 - Updated release process documentation to reflect available automation.
Housekeeping in v3.0.11
  • #​6267 - Replaced third-party GitHub action in release CI.
  • #​8502 - Improved the Docker build process and tagging in CI.
  • #​8689 - Refactored GitHub CI to use multi-architecture runners for Docker image build and publish.
  • #​8697 - Fixed Docker image publication for integration branches and releases.
  • #​8699 - Fixed isolation of docker image digests by cache scope when building multiple images in a single workflow.
  • #​8768 - Updated development dependency djhtml to ~3.0.11.
  • #​8768 - Updated development dependency mkdocs-redirects to ~1.2.3.
  • #​8774 - Updated PyPI publication to use Trusted Publisher.
  • #​8799 - Fixed state leakage between consecutive calls to merge-image-digests GitHub action.

Contributors

Full Changelog: nautobot/nautobot@v3.0.10...v3.0.11

v3.0.10: - 2026-03-30

Compare Source

What's Changed

Security in v3.0.10
  • #​8710 - Updated dependency pyasn1 to 0.6.3 to mitigate CVE-2026-30922. As this is not a direct dependency, it will not auto-update when upgrading; please be sure to upgrade your local environment.
  • #​8722 - Updated dependency cryptography to ~46.0.6 to mitigate CVE-2026-34073.
  • #​8722 - Updated dependency requests to ~2.33.0. to mitigate CVE-2026-25645. As this is not a direct dependency, it will not auto-update when upgrading; please be sure to upgrade your local environment.
  • #​8722 - Updated development npm dependency flatted to ~3.4.2 to mitigate CVE-2026-33228.
  • #​8778 - Added missing enforcement of any configured Django password validators when managing users via the REST API (CVE-2026-34203).
Added in v3.0.10
  • #​5789 - Added graphql and webhooks extras features to all ComponentTemplateModel subclasses.
  • #​8736 - Added clear_cache step to nautobot-server post_upgrade command.
Changed in v3.0.10
  • #​8747 - Job profiling results are now available for download as a file attached to the Job Result, rather than only being written to the worker's local filesystem.
Fixed in v3.0.10
  • #​6111 - Fixed an issue where Contact and Team objects could not be looked up by name alone when creating a ContactAssociation via the REST API.
  • #​8465 - Fixed an issue where cable terminations for module interfaces incorrectly displayed as "Circuit" instead of showing the device, type, and component fields.
  • #​8547 - Resolved issues with the job logs DB connection. It now correctly respects CONN_MAX_AGE and can recover from errored connections.
  • #​8614 - Fixed a race condition when running jobs concurrently that could cause multiple threads to modify the jobs registry at the same time.
  • #​8629 - Fixed a scenario where rendering a GitRepository related Jobs "Scheduled Job View" would sometimes show the Job as not installed
  • #​8706 - Fixed a bug where GraphQL queries that included related objects were not being optimized correctly since upgrading to graphene-django v3.x in Nautobot 3.0.0.
  • #​8724 - Fixed permission name in JobRunScheduleButton in JobView.
  • #​8725 - Fixed an issue where nested job kwargs were not being serialized correctly which caused problems when using Kubernetes jobs.
  • #​8748 - Fixed a performance issue where the validated_save() method was being called unnecessarily on all VRFDeviceAssignment objects when adding a new assignment to a VRF.
  • #​8759 - Fixed an exception related to version control branches and recursive Job execution.
  • #​8763 - Fixed get_config_context and ConfigContexModel annotation for subclasses of Device model
Dependencies in v3.0.10
  • #​8722 - Updated dependency celery to ~5.6.3.
  • #​8722 - Updated dependency nh3 to ~0.3.4.
Documentation in v3.0.10
  • #​4234 - Documented suggested method for periodic metrics files removal.
Housekeeping in v3.0.10
  • #​8607 - Refreshed indirect npm dependencies to their latest relevant versions.
  • #​8608 - Refreshed indirect dependencies to their latest valid versions.
  • #​8722 - Updated documentation dependency mkdocs-gen-files to ~0.6.1.
  • #​8722 - Updated documentation dependency mkdocs-material to ~9.7.6.
  • #​8722 - Updated documentation dependency mkdocs-section-index to ~0.3.11.
  • #​8722 - Updated development dependency coverage to ~7.13.5.
  • #​8734 - Changed ObjectChangeFactory to use set start and end dates for deterministic timestamps for the time field for tests.

Contributors

New Contributors

Full Changelog: nautobot/nautobot@v3.0.9...v3.0.10

v3.0.9: - 2026-03-17

Compare Source

What's Changed

Security in v3.0.9
Added in v3.0.9
  • #​8488 - Added the ability to configure multiple Kubernetes job manifests via file-based configuration.
  • #​8682 - Added software_version__platform filter to SoftwareImageFileFilterSet to allow filtering software image files by their software version's platform.
Fixed in v3.0.9
  • #​8643 - Fixed a bug in "Update Group Assignment" modal where modal title rendering is broken, after applying the fix, the close button is on the top right corner and the title is on the far left margin.
  • #​8657 - Fixed a few display regressions in the JobResult detail view.
  • #​8661 - Enhanced import_string_optional to avoid ignoring certain exceptions unrelated to the specific import.
  • #​8681 - Fixed an exception when viewing JobResult records with associated file outputs.
Dependencies in v3.0.9
  • #​8639 - Updated dependency django-constance to ~4.3.5.
  • #​8670 - Updated Node.js UI dependency to version 24.
  • #​8670 - Updated npm UI dependency to >=11.9.0.
Housekeeping in v3.0.9
  • #​8638 - Updated development npm dependency @eslint/js and eslint to ^9.39.4.
  • #​8638 - Updated development npm dependency mini-css-extract-plugin to ^2.10.1.
  • #​8638 - Updated development npm dependency postcss to ^8.5.8.
  • #​8638 - Updated development npm dependency webpack to ^5.105.4.
  • #​8639 - Updated documentation dependency mkdocs-material to ~9.7.5.
  • #​8639 - Updated development dependency pymarkdownlnt to ~0.9.36.
  • #​8670 - Updated development npm dependency copy-webpack-plugin to ^14.0.0.

Contributors

New Contributors

Full Changelog: nautobot/nautobot@v3.0.8...v3.0.9

v3.0.8: - 2026-03-02

Compare Source

What's Changed

Added in v3.0.8
  • #​8575 - Added HYPERLINKED_OBJECT option to ObjectTextPanel.RenderOptions to automatically render the value as a hyperlink to the related object.
Changed in v3.0.8
  • #​8519 - Improved rendering of cable traces, particularly for black and white colored cables.
Fixed in v3.0.8
  • #​8537 - Fixed sorting on multiple tables.
  • #​8560 - Fixed an issue where the JobResult status was not being set to STARTED when a job was run synchronously.
  • #​8571 - Fixed filtering on multiple tables.
  • #​8589 - Fixed the ability to provide your own CACHES client to allow health_check to pass.
  • #​8642 - Fixed issue where islower was not called as a function in the conditional.
  • #​8642 - Added missing f-string to the raised error message.
  • #​8646 - Fixed scheduled jobs incorrectly running after their associated approval workflow was denied.
Dependencies in v3.0.8
  • #​8556 - Updated dependency django-tree-queries to ~0.23.1.
  • #​8556 - Updated dependency nh3 to ~0.3.3.
Housekeeping in v3.0.8
  • #​7729 - Refactored JobResult model related UI views to use UI component framework.
  • #​8555 - Updated development npm dependency @eslint/js to ^9.39.3.
  • #​8555 - Updated development npm dependency autoprefixer to ^10.4.26.
  • #​8555 - Updated development npm dependency css-loader to ^7.1.4.
  • #​8555 - Updated development npm dependency eslint to ^9.39.3.
  • #​8555 - Updated development npm dependency postcss-loader to ^8.2.1.
  • #​8555 - Updated development npm dependency webpack to ^5.105.2.
  • #​8556 - Updated documentation dependency mkdocs-material to ~9.7.3.
  • #​8590 - Updated deploy-sandbox action for release CI.
  • #​8613 - Fixed ui_build container not running successfully in a fresh development environment.
  • #​8613 - Changed invoke npm and related tasks to not install node_modules into the local filesystem.

Contributors

Full Changelog: nautobot/nautobot@v3.0.7...v3.0.8

v3.0.7: - 2026-02-17

Compare Source

What's Changed

Security in v3.0.7
Added in v3.0.7
  • #​8484 - Added polish type variants to CS connector in PortTypeChoices
  • #​8511 - Added missing bulk edit buttons to the IP Addresses and Child Prefix tabs on the Prefix detail view.
  • #​8530 - Added Status field to InterfaceRedundancyGroupTable.
Fixed in v3.0.7
  • #​8267 - Fixed missing stack traces for HTTP 500 errors in the REST API when using structlog.
  • #​8319 - Fixed the creation of Interface Dynamic Groups by Duplex, 802.1Q Mode and Tagged/Untagged VLANs.
  • #​8479 - Fixed missing text on the trace action button.
  • #​8500 - Fixed KeyError when CACHES setting does not include an explicit TIMEOUT key.
  • #​8522 - Adjusted the foreground color contrast threshold used for color labels to improve readability.
  • #​8530 - Fixed FilterForm definitions of InterfaceRedundancyGroupFilterForm and VirtualDeviceContextFilterForm.
  • #​8550 - Fixed "Rack" selection on basic filter form for Cables being incorrectly mapped to rack=<UUID> instead of rack=<name>.
  • #​8550 - Fixed Cable filterset support for rack=null and tenant=null filters.
Dependencies in v3.0.7
  • #​8475 - Updated npm dependency jquery-ui to ^1.14.2.
  • #​8476 - Updated dependency mysqlclient to ~2.2.8.
  • #​8476 - Updated dependency social-auth-core to ~4.8.5.
House

Note

PR body was truncated to here.

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot force-pushed the renovate/ghcr.io-nautobot-nautobot-3.x branch 21 times, most recently from 6f4f76d to 54e6591 Compare May 31, 2026 08:48
@renovate renovate Bot force-pushed the renovate/ghcr.io-nautobot-nautobot-3.x branch from 54e6591 to 39e792a Compare June 1, 2026 03:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants