3.11.0

Added

  • Reset functionality in Network Server, which resets session context and MAC state (see ttn-lw-cli end-devices reset command). For OTAA all data is wiped and device must rejoin, for ABP session keys, device address and downlink queue are preserved, while MAC state is reset.
  • Store and retrieve Gateway Claim Authentication Code from database.
    • This requires a database schema migration (ttn-lw-stack is-db migrate) because of the added column.
    • This uses the same encryption key set using the is.gateways.encryption-key-id configuration option.
  • Improved handling of connection issues in the Console, as well as automatic reconnects.
  • Helpful details for synthetic meta events in the data view of the Console.
  • Support field mask paths in Storage Integration API requests.
  • CUPS redirection.
    • This requires a database schema migration (ttn-lw-stack is-db migrate) because of the added columns.
  • Configuration option (is.user-registration.enabled) to enable or disable user registrations.
  • Missing CLI commands for getting single API keys or collaborators for entities.
  • New Account App for authentication, authorization and account related functionality.
    • This introduces various UX improvements and new designs around e.g. user login, registration and the “forgot password” flow.
  • Integrate Device Repository.
  • Device Repository component to integrate Device Repository with The Things Stack. See the dr configuration section.
    • The Device Repository database is bundled automatically into Docker release images. See the ttn-lw-stack dr-db init command to manually fetch the latest changes.
  • Device repository service to the JavaScript SDK.
  • Choosing array representation for end device session keys as well as gateway EUI.
  • Storage integration panel in the Console.

Changed

  • Network Server does not store recent_uplinks, recent_adr_uplinks and recent_downlinks anymore.
  • Improved Network Server downlink task performance.
  • Authorized Application Registry is changed to Authorized Entity Registry.
    • This requires a database schema migration (ttn-lw-stack dcs-db migrate) to migrate existing claims to the new registry.
  • Improved Network Server matching performance.
  • Network Server matching mapping in the database.
    • This requires a database migration (ttn-lw-stack ns-db migrate).
  • Sending a non-empty implicitly specified field disallowed field will now cause RPCs to fail. E.g. if RPC supports paths A and A.B, sending value with A.C non-empty and field mask A would result in an error.
  • Improved content of emails sent by the Identity Server.
  • Stricter validation of the maximum length of string fields, binary fields, lists and maps.
  • Frequency plans and webhook templates are now included in Docker images, and used by default, instead of fetching directly from GitHub.
  • JavaScript entrypoints changed from oauth.css and oauth.js to account.css and account.css. Note: For deployments using custom frontend bundles (e.g. via --is.oauth.ui.js-file), the filenames have to be updated accordingly as well.
  • Authentication Providers and External Users are now hard deleted by default.
    • This requires a database migration (ttn-lw-stack is-db migrate).

Deprecated

Removed

  • Application Server linking. The Network Server now pushes data to the cluster Application Server instead.
    • Applications which desire to handle payload decryption within their own domains should disable payload decryption at application or device level and decrypt the payload on their own end.
    • While not backwards compatible, the decision to remove linking was heavily motivated by scalability concerns - the previous linking model scales poorly when taking high availability and load balancing concerns into account.
  • The option to disable CUPS per gateway gcs.basic-station.require-explicit-enable.

Fixed

  • Network Server DevStatusReq scheduling conditions in relation to frame counter value.
  • Missing authentication, remote_ip and user_agent fields in events when using event backends other than internal.
  • Handling of DLChannelReq if dependent NewChannelReq was previously rejected.
  • Login after user registration leading to dead-end when originally coming from the Console.
  • Frame counter display of end devices on initial page load in the Console.
  • AU915-928 data rate indexes in Regional Parameter specification versions below 1.0.2b.

Security