chore(deps): update nautobot to v3.1.8#2152
Merged
Merged
Conversation
cardoe
approved these changes
Jul 17, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
3.1.6-py3.12→3.1.8-py3.12==3.1.6→==3.1.83.1.6→3.1.8Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
nautobot/nautobot (ghcr.io/nautobot/nautobot)
v3.1.8: - 2026-07-17Compare Source
v3.1.8 (2026-07-17)
Security in v3.1.8
add_approvalworkflowstageresponsepermission could POST to create "approved" responses, bypassing the intended approver checks and self-approving a workflow. The standaloneApprovalWorkflowStageResponseendpoint has been removed; responses are now exposed as read-only nested data on the approval workflow stage, filtered by view permission.djangoto>=5.2.16,<5.3to mitigate CVE-2026-48588, CVE-2026-53877, and CVE-2026-53878.Pillowto>=12.3.0,<13to mitigate multiple CVEs.Added in v3.1.8
Changed in v3.1.8
1,009,518).Removed in v3.1.8
ApprovalWorkflowStageResponseUI view registration, which was never linked.Fixed in v3.1.8
descriptionfield no longer being rendered as Markdown on the Custom Field detail view.tags), which should match objects having all of the given values.Dependencies in v3.1.8
regexto>=2026.6.28.Documentation in v3.1.8
__init__.pyfiles are required in both the Git repository root and thecustom_validators/folder for Data Compliance Rules to be discovered from a remote Git repository.Housekeeping in v3.1.8
invoke lint --fixto continue running in the event of a linting failure.VLANGroupdirectly instead of via a factory.fakerto^40.28.1.mkdocstringsto~1.0.5.ruffto~0.15.21.Contributors
New Contributors
Full Changelog: nautobot/nautobot@v3.1.7...v3.1.8
v3.1.7: - 2026-07-06Compare Source
v3.1.7 (2026-07-06)
Added in v3.1.7
objJinja2 variable to data validation regex rules to align with Nautobot's conventions.Changed in v3.1.7
Deprecated in v3.1.7
objectJinja2 variable in data validation regex rules in favor ofobj;objectwill be removed in Nautobot 4.0.Fixed in v3.1.7
gitsubprocesses.IntegrityErrorraised on every request after the first whenEXTERNAL_AUTH_DEFAULT_PERMISSIONSis configured for externally-authenticated users.<head>.prefix_length__ltefilter value being corrupted (e.g.['16']) when adding another filter in the Prefix list view.within_includefilter field inPrefixFilterFormnot supporting multiple values.MultiValueCharFieldsplitting a bare string value into per-character choices.Dependencies in v3.1.7
nh3to>=0.3.6,<0.4Housekeeping in v3.1.7
mkdocstrings-pythonto~2.0.5.pylintto~4.0.6.pymarkdownlntto~0.9.38.ruffto~0.15.20.linttask to support--fixflag in order to apply fixes for all.Contributors
Full Changelog: nautobot/nautobot@v3.1.6...v3.1.7
Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about these updates again.
This PR was generated by Mend Renovate. View the repository job log.