Release v3.4.9

.github/ISSUE_TEMPLATE/bug_report.yaml

@@ -14,7 +14,7 @@ body:
     attributes:
       label: NetBox version
       description: What version of NetBox are you currently running?
-      placeholder: v3.4.8
+      placeholder: v3.4.9
     validations:
       required: true
   - type: dropdown

.github/ISSUE_TEMPLATE/deprecation.yaml

@@ -0,0 +1,24 @@
+---
+name: 🗑️ Deprecation
+description: The removal of an existing feature or resource
+labels: ["type: deprecation"]
+body:
+  - type: textarea
+    attributes:
+      label: Proposed Changes
+      description: >
+        Describe in detail the proposed changes. What is being removed?
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Justification
+      description: Please provide justification for the proposed change(s).
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Impact
+      description: List all areas of the application that will be affected by this change.
+    validations:
+      required: true

.github/ISSUE_TEMPLATE/feature_request.yaml

@@ -14,7 +14,7 @@ body:
     attributes:
       label: NetBox version
       description: What version of NetBox are you currently running?
-      placeholder: v3.4.8
+      placeholder: v3.4.9
     validations:
       required: true
   - type: dropdown

README.md

@@ -29,9 +29,18 @@ as the cornerstone for network automation in thousands of organizations.
 
 ## Getting Started
 
+<div align="center">
+
+  [![NetBox logo](https://raw.githubusercontent.com/wiki/netbox-community/netbox/images/deploy/deploy1.png)](https://github.com/netbox-community/netbox)
+  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+  [![Docker logo](https://raw.githubusercontent.com/wiki/netbox-community/netbox/images/deploy/deploy2.png)](https://github.com/netbox-community/netbox-docker)
+  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+  [![NetBox Labs logo](https://raw.githubusercontent.com/wiki/netbox-community/netbox/images/deploy/deploy3.png)](https://netboxlabs.com/netbox-cloud/)
+
+</div>
+
 * Just want to explore? Check out [our public demo](https://demo.netbox.dev/) right now!
 * The [official documentation](https://docs.netbox.dev) offers a comprehensive introduction.
-* Choose your deployment: [self-hosted](https://github.com/netbox-community/netbox), [Docker](https://github.com/netbox-community/netbox-docker), or [NetBox Cloud](https://netboxlabs.com/netbox-cloud/).
 * Check out [our wiki](https://github.com/netbox-community/netbox/wiki/Community-Contributions) for even more projects to get the most out of NetBox!
 
 ## Get Involved

base_requirements.txt

@@ -1,85 +1,85 @@
 # HTML sanitizer
-# https://github.com/mozilla/bleach
+# https://github.com/mozilla/bleach/blob/main/CHANGES
 bleach<6.0
 
 # The Python web framework on which NetBox is built
-# https://github.com/django/django
+# https://docs.djangoproject.com/en/stable/releases/
 Django<4.2
 
 # Django middleware which permits cross-domain API requests
-# https://github.com/OttoYiu/django-cors-headers
+# https://github.com/adamchainz/django-cors-headers/blob/main/CHANGELOG.rst
 django-cors-headers
 
 # Runtime UI tool for debugging Django
-# https://github.com/jazzband/django-debug-toolbar
+# https://github.com/jazzband/django-debug-toolbar/blob/main/docs/changes.rst
 django-debug-toolbar
 
 # Library for writing reusable URL query filters
-# https://github.com/carltongibson/django-filter
+# https://github.com/carltongibson/django-filter/blob/main/CHANGES.rst
 django-filter
 
 # Django debug toolbar extension with support for GraphiQL
-# https://github.com/flavors/django-graphiql-debug-toolbar/
+# https://github.com/flavors/django-graphiql-debug-toolbar/blob/main/CHANGES.rst
 django-graphiql-debug-toolbar
 
 # Modified Preorder Tree Traversal (recursive nesting of objects)
-# https://github.com/django-mptt/django-mptt
+# https://github.com/django-mptt/django-mptt/blob/main/CHANGELOG.rst
 django-mptt
 
 # Context managers for PostgreSQL advisory locks
-# https://github.com/Xof/django-pglocks
+# https://github.com/Xof/django-pglocks/blob/master/CHANGES.txt
 django-pglocks
 
 # Prometheus metrics library for Django
-# https://github.com/korfuri/django-prometheus
+# https://github.com/korfuri/django-prometheus/blob/master/CHANGELOG.md
 django-prometheus
 
 # Django caching backend using Redis
-# https://github.com/jazzband/django-redis
+# https://github.com/jazzband/django-redis/blob/master/CHANGELOG.rst
 django-redis
 
 # Django extensions for Rich (terminal text rendering)
-# https://github.com/adamchainz/django-rich
+# https://github.com/adamchainz/django-rich/blob/main/CHANGELOG.rst
 django-rich
 
 # Django integration for RQ (Reqis queuing)
-# https://github.com/rq/django-rq
+# https://github.com/rq/django-rq/blob/master/CHANGELOG.md
 django-rq
 
 # Abstraction models for rendering and paginating HTML tables
-# https://github.com/jieter/django-tables2
+# https://github.com/jieter/django-tables2/blob/master/CHANGELOG.md
 django-tables2
 
 # User-defined tags for objects
-# https://github.com/alex/django-taggit
+# https://github.com/jazzband/django-taggit/blob/master/CHANGELOG.rst
 django-taggit
 
 # A Django field for representing time zones
 # https://github.com/mfogel/django-timezone-field/
 django-timezone-field
 
 # A REST API framework for Django projects
-# https://github.com/encode/django-rest-framework
+# https://www.django-rest-framework.org/community/release-notes/
 djangorestframework
 
 # Swagger/OpenAPI schema generation for REST APIs
-# https://github.com/axnsan12/drf-yasg
+# https://drf-yasg.readthedocs.io/en/stable/changelog.html
 drf-yasg[validation]
 
 # Django wrapper for Graphene (GraphQL support)
-# https://github.com/graphql-python/graphene-django
+# https://github.com/graphql-python/graphene-django/releases
 graphene_django
 
 # WSGI HTTP server
-# https://gunicorn.org/
+# https://docs.gunicorn.org/en/latest/news.html
 gunicorn
 
 # Platform-agnostic template rendering engine
-# https://github.com/pallets/jinja
+# https://jinja.palletsprojects.com/changes/
 Jinja2
 
 # Simple markup language for rendering HTML
-# https://github.com/Python-Markdown/markdown
+# https://python-markdown.github.io/change_log/
 # mkdocs currently requires Markdown v3.3
 Markdown<3.4
 
@@ -88,50 +88,50 @@ Markdown<3.4
 markdown-include
 
 # MkDocs Material theme (for documentation build)
-# https://github.com/squidfunk/mkdocs-material
+# https://squidfunk.github.io/mkdocs-material/changelog/
 mkdocs-material
 
 # Introspection for embedded code
-# https://github.com/mkdocstrings/mkdocstrings
+# https://github.com/mkdocstrings/mkdocstrings/blob/master/CHANGELOG.md
 mkdocstrings[python-legacy]
 
 # Library for manipulating IP prefixes and addresses
-# https://github.com/netaddr/netaddr
+# https://github.com/netaddr/netaddr/blob/master/CHANGELOG
 netaddr
 
 # Fork of PIL (Python Imaging Library) for image processing
-# https://github.com/python-pillow/Pillow
+# https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst
 Pillow
 
 # PostgreSQL database adapter for Python
-# https://github.com/psycopg/psycopg2
+# https://www.psycopg.org/docs/news.html
 psycopg2-binary
 
 # YAML rendering library
-# https://github.com/yaml/pyyaml
+# https://github.com/yaml/pyyaml/blob/master/CHANGES
 PyYAML
 
 # Sentry SDK
-# https://github.com/getsentry/sentry-python
+# https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md
 sentry-sdk
 
 # Social authentication framework
-# https://github.com/python-social-auth/social-core
+# https://github.com/python-social-auth/social-core/blob/master/CHANGELOG.md
 social-auth-core
 
 # Django app for social-auth-core
-# https://github.com/python-social-auth/social-app-django
+# https://github.com/python-social-auth/social-app-django/blob/master/CHANGELOG.md
 # See https://github.com/python-social-auth/social-app-django/issues/429
 social-auth-app-django==5.0.0
 
 # SVG image rendering (used for rack elevations)
-# https://github.com/mozman/svgwrite
+# hhttps://github.com/mozman/svgwrite/blob/master/NEWS.rst
 svgwrite
 
 # Tabular dataset library (for table-based exports)
-# https://github.com/jazzband/tablib
+# https://github.com/jazzband/tablib/blob/master/HISTORY.md
 tablib
 
 # Timezone data (required by django-timezone-field on Python 3.9+)
-# https://github.com/python/tzdata
+# https://github.com/python/tzdata/blob/master/NEWS.md
 tzdata

docs/administration/authentication/overview.md

@@ -26,6 +26,8 @@ REMOTE_AUTH_BACKEND = 'netbox.authentication.RemoteUserBackend'
 
 Another option for remote authentication in NetBox is to enable HTTP header-based user assignment. The front end HTTP server (e.g. nginx or Apache) performs client authentication as a process external to NetBox, and passes information about the authenticated user via HTTP headers. By default, the user is assigned via the `REMOTE_USER` header, but this can be customized via the `REMOTE_AUTH_HEADER` configuration parameter.
 
+Optionally, user profile information can be supplied by `REMOTE_USER_FIRST_NAME`, `REMOTE_USER_LAST_NAME` and `REMOTE_USER_EMAIL` headers. These are saved to the users profile during the authentication process. These headers can be customized like the `REMOTE_USER` header.
+
 ### Single Sign-On (SSO)
 
 ```python

docs/configuration/miscellaneous.md

@@ -45,6 +45,16 @@ Sets content for the top banner in the user interface.
 
 ---
 
+## CENSUS_REPORTING_ENABLED
+
+Default: True
+
+Enables anonymous census reporting. To opt out of census reporting, set this to False.
+
+This data enables the project maintainers to estimate how many NetBox deployments exist and track the adoption of new versions over time. Census reporting effects a single HTTP request each time a worker starts. The only data reported by this function are the NetBox version, Python version, and a pseudorandom unique identifier.
+
+---
+
 ## CHANGELOG_RETENTION
 
 !!! tip "Dynamic Configuration Parameter"

docs/configuration/remote-authentication.md

@@ -79,6 +79,30 @@ When remote user authentication is in use, this is the name of the HTTP header w
 
 ---
 
+## REMOTE_AUTH_USER_EMAIL
+
+Default: `'HTTP_REMOTE_USER_EMAIL'`
+
+When remote user authentication is in use, this is the name of the HTTP header which informs NetBox of the email address of the currently authenticated user. For example, to use the request header `X-Remote-User-Email` it needs to be set to `HTTP_X_REMOTE_USER_EMAIL`. (Requires `REMOTE_AUTH_ENABLED`.)
+
+---
+
+## REMOTE_AUTH_USER_FIRST_NAME
+
+Default: `'HTTP_REMOTE_USER_FIRST_NAME'`
+
+When remote user authentication is in use, this is the name of the HTTP header which informs NetBox of the first name of the currently authenticated user. For example, to use the request header `X-Remote-User-First-Name` it needs to be set to `HTTP_X_REMOTE_USER_FIRST_NAME`. (Requires `REMOTE_AUTH_ENABLED`.)
+
+---
+
+## REMOTE_AUTH_USER_LAST_NAME
+
+Default: `'HTTP_REMOTE_USER_LAST_NAME'`
+
+When remote user authentication is in use, this is the name of the HTTP header which informs NetBox of the last name of the currently authenticated user. For example, to use the request header `X-Remote-User-Last-Name` it needs to be set to `HTTP_X_REMOTE_USER_LAST_NAME`. (Requires `REMOTE_AUTH_ENABLED`.)
+
+---
+
 ## REMOTE_AUTH_SUPERUSER_GROUPS
 
 Default: `[]` (Empty list)

docs/configuration/security.md

@@ -67,6 +67,12 @@ The name of the cookie to use for the cross-site request forgery (CSRF) authenti
 
 ---
 
+## CSRF_COOKIE_SECURE
+
+Default: False
+
+If true, the cookie employed for cross-site request forgery (CSRF) protection will be marked as secure, meaning that it can only be sent across an HTTPS connection.
+
 ---
 
 ## CSRF_TRUSTED_ORIGINS
@@ -145,6 +151,17 @@ The view name or URL to which a user is redirected after logging out.
 
 ---
 
+## SECURE_SSL_REDIRECT
+
+Default: False
+
+If true, all non-HTTPS requests will be automatically redirected to use HTTPS.
+
+!!! warning
+    Ensure that your frontend HTTP daemon has been configured to forward the HTTP scheme correctly before enabling this option. An incorrectly configured frontend may result in a looping redirect.
+
+---
+
 ## SESSION_COOKIE_NAME
 
 Default: `sessionid`
@@ -153,6 +170,14 @@ The name used for the session cookie. See the [Django documentation](https://doc
 
 ---
 
+## SESSION_COOKIE_SECURE
+
+Default: False
+
+If true, the cookie employed for session authentication will be marked as secure, meaning that it can only be sent across an HTTPS connection.
+
+---
+
 ## SESSION_FILE_PATH
 
 Default: None

docs/integrations/rest-api.md

@@ -638,7 +638,7 @@ $ curl -X POST \
 https://netbox/api/users/tokens/provision/ \
 --data '{
     "username": "hankhill",
-    "password": "I<3C3H8",
+    "password": "I<3C3H8"
 }'
 ```
 

docs/release-notes/version-3.4.md

@@ -1,5 +1,27 @@
 # NetBox v3.4
 
+## v3.4.9 (2023-04-26)
+
+### Enhancements
+
+* [#10987](https://github.com/netbox-community/netbox/issues/10987) - Show peer racks as a dropdown list under rack view
+* [#11386](https://github.com/netbox-community/netbox/issues/11386) - Introduce `CSRF_COOKIE_SECURE`, `SECURE_SSL_REDIRECT`, and `SESSION_COOKIE_SECURE` configuration parameters
+* [#11623](https://github.com/netbox-community/netbox/issues/11623) - Hide PSK strings under wireless LAN & link views
+* [#12205](https://github.com/netbox-community/netbox/issues/12205) - Sanitize rendered custom links to mitigate malicious links
+* [#12226](https://github.com/netbox-community/netbox/issues/12226) - Enable setting user name & email values via remote authenticate headers
+* [#12337](https://github.com/netbox-community/netbox/issues/12337) - Enable anonymized reporting of census data
+
+### Bug Fixes
+
+* [#11383](https://github.com/netbox-community/netbox/issues/11383) - Fix ordering of global search results by object type
+* [#11902](https://github.com/netbox-community/netbox/issues/11902) - Fix import of inventory items for devices with duplicated names
+* [#12238](https://github.com/netbox-community/netbox/issues/12238) - Improve error message for API token IP prefix validation failures
+* [#12255](https://github.com/netbox-community/netbox/issues/12255) - Restore the ability to move inventory items among devices
+* [#12270](https://github.com/netbox-community/netbox/issues/12270) - Fix pre-population of list values when creating a saved filter
+* [#12296](https://github.com/netbox-community/netbox/issues/12296) - Fix "mark connected" form field for bulk editing front & rear ports
+
+---
+
 ## v3.4.8 (2023-04-12)
 
 ### Enhancements

netbox/dcim/forms/bulk_edit.py

@@ -1324,6 +1324,11 @@ class FrontPortBulkEditForm(
     form_from_model(FrontPort, ['label', 'type', 'color', 'mark_connected', 'description']),
     ComponentBulkEditForm
 ):
+    mark_connected = forms.NullBooleanField(
+        required=False,
+        widget=BulkEditNullBooleanSelect
+    )
+
     model = FrontPort
     fieldsets = (
         (None, ('module', 'type', 'label', 'color', 'description', 'mark_connected')),
@@ -1335,6 +1340,11 @@ class RearPortBulkEditForm(
     form_from_model(RearPort, ['label', 'type', 'color', 'mark_connected', 'description']),
     ComponentBulkEditForm
 ):
+    mark_connected = forms.NullBooleanField(
+        required=False,
+        widget=BulkEditNullBooleanSelect
+    )
+
     model = RearPort
     fieldsets = (
         (None, ('module', 'type', 'label', 'color', 'description', 'mark_connected')),