v3.16.0

Added

• ttn_lw_as_subscription_sets_publish_success_total and ttn_lw_as_subscription_sets_publish_failed_total metrics to track the number of subscription set publish attempts.
• Application Server advanced distribution settings:
  • as.distribution.global.individual.subscription-blocks controls if the Application Server should block while publishing traffic to individual global subscribers (such as MQTT clients).
  • as.distribution.global.individual.subscription-queue-size controls how many uplinks the Application Server should buffer for an individual global subscriber. Note that when the buffer is full, the Application Server will drop the uplinks if --as.distribution.global.individual.subscription-blocks is not enabled. Use a negative value in order to disable the queue.
  • as.distribution.local.broadcast.subscription-blocks controls if the Application Server should block while publishing traffic to broadcast local subscribers (such as webhooks and application packages matching).
  • as.distribution.local.broadcast.subscription-queue-size controls how many uplinks the Application Server should buffer for an broadcast local subscriber. Has the same semantics as --as.distribution.global.individual.subscription-queue-size.
  • as.distribution.local.individual.subscription-blocks controls if the Application Server should block while publishing traffic to individual local subscribers (such as PubSub integrations).
  • as.distribution.local.individual.subscription-queue-size controls how many uplinks the Application Server should buffer for an individual local subscriber. Has the same semantics as --as.distribution.global.individual.subscription-queue-size.
• ttn_lw_gs_txack_received_total, ttn_lw_gs_txack_forwarded_total and ttn_lw_gs_txack_dropped_total metrics, which track the transmission acknowledgements from gateways.
• gs.txack.receive, gs.txack.drop and gs.txack.forward events, which track the transmission acknowledgements from gateways.
• ttn-lw-stack as-db migrate command to migrate the Application Server database. This command records the schema version and only performs migrations if on a newer version.
  • Use the --force flag to force perform migrations.
• Server-side event filtering with the names field.

Changed

• Gateway Server default UDP worker count has been increased to 1024, from 16.
• Application Server webhooks and application packages default worker count has been increased to 1024, from 16.
• Application Server no longer sets the end device's session.started_at and pending_session.started_at. The session start time should be retrieved from the Network Server, per API specification.
  • This requires an Application Server database migration (ttn-lw-stack as-db migrate) to clear the started_at field in existing (pending) sessions.
• Console changing to server-side event filtering (used to be client-side).

Removed

• The ttn_lw_gs_status_failed_total, ttn_lw_gs_uplink_failed_total metrics. ttn_lw_gs_status_dropped_total and ttn_lw_gs_uplink_dropped_total should be used instead, as they contain the failure cause.
• The gs.status.fail and gs.up.fail events. gs.status.drop and gs.up.drop should be used instead, as they contain the failure cause.
• The data_rate_index field in uplink message metadata. Observe the fully described data rate in the data_rate field instead.
• LoRaWAN data rate index reported to LoRa Cloud DMS.
• Dockerfile doesn't define environmental variables TTN_LW_BLOB_LOCAL_DIRECTORY, TTN_LW_IS_DATABASE_URI and TTN_LW_REDIS_ADDRESS anymore. They need to be set when running the container: please refer to docker-compose.yml for example values.
• CockroachDB from development tooling as well as config option within docker-compose.yml.
  • This also changes the default value of the --is.database-uri option, so it can connect to the development Postgres database by default.

Fixed

• Handling of NaN values in our JSON API.
• Receiver metadata from more than one antenna is now available in messages received from Packet Broker.
• Unhelpful error message when aborting the OIDC Login in the Console.
• Parsing of multi-word description search queries.

Docker images

• docker pull thethingsnetwork/lorawan-stack:3.16
• docker pull thethingsnetwork/lorawan-stack:3.16.0
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.16
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.16.0

v3.15.3

Fixed

• Gateway disconnection when location updates from status messages are enabled.

Docker images

• docker pull thethingsnetwork/lorawan-stack:3.15
• docker pull thethingsnetwork/lorawan-stack:3.15.3
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.15
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.15.3

v3.15.2

⚠️ Known Issues

• Gateways that report location updates via status messages may sporadically disconnect. Use v3.15.3 instead.

Added

• tls.cipher-suites config option to specify used cipher suites.
• Support for enhanced security policies of Packet Broker services.
• Handling of MAC and PHY versions in end device forms based on selected frequency plan in the Console.
• Support for scheduling downlink messages as JSON in the Console.
• Support for Packet Broker authentication through LoRaWAN Backend Interfaces. This adds the following configuration options:
  • interop.public-tls-address: public address of the interop server. The audience in the incoming OAuth 2.0 token from Packet Broker is verified against this address to ensure that other networks cannot impersonate as Packet Broker;
  • interop.packet-broker.enabled: enable Packet Broker to authenticate;
  • interop.packet-broker.token-issuer: the issuer of the incoming OAuth 2.0 token from Packet Broker is verified against this value.
• Support for LoRaWAN Backend Interfaces in Identity Server to obtain an end device's NetID, tenant ID and Network Server address with the use of a vendor-specifc extension (VSExtension). This adds the following configuration options:
  • is.network.net-id: the NetID of the network. When running a Network Server, make sure that this is the same value as ns.net-id.
  • is.network.tenant-id: the Tenant ID in the host NetID. Leave blank if the NetID that you use is dedicated for this Identity Server.
• Configuration option experimental.features to enable experimental features.
• Tooltip descriptions for "Last activity" values (formerly "Last seen") and uplink/downlink counts in the Console.
• Status pulses being triggered by incoming data in the Console.
• Packet broker page crashing when networks with a NetID of 0 are present.
• Allowing to toggle visibility of sensitive values in text inputs in the Console.
• Webhook failed event.

Changed

• Searching for entity IDs is now case insensitive.
• Renamed entitie's "Last seen" to "Last activity" in the Console.
• The database queries for determining the rights of users on entities have been rewritten to reduce the number of round-trips to the database.
• The default downlink path expiration timeout for UDP gateway connections has been increased to 90 seconds, and the default connection timeout has been increased to 3 minutes.
  • The original downlink path expiration timeout was based on the fact that the default PULL_DATA interval is 5 seconds. In practice we have observed that most gateways actually send a PULL_DATA message every 30 seconds instead in order to preserve data transfer costs.
• The default duration for storing (sparse) entity events has been increased to 24 hours.

Removed

• Option to select targeted stack components during end device import in the Console.

Fixed

• LoRaWAN Backend Interfaces 1.1 fields that were used in 1.0 (most notably SenderNSID and ReceiverNSID). Usage of NSID is now only supported with LoRaWAN Backend Interfaces 1.1 as specified.
• Connection status not being shown as toast notification.
• Registering and logging in users with 2 character user IDs in the Account App.
• Frequency plan display for the gateway overview page in the Console.
• Profile settings link not being present in the mobile menu in the Console.
• Calculation of "Last activity" values not using all available data in the Console.
• Layout jumps due to length of "Last activity" text.
• Invalid session handling in Network Layer settings form in the Console.

Security

• Network Servers using LoRaWAN Backend Interfaces to interact with the Join Server can now provide a single Network Server address in the X.509 Common Name of the TLS client certificate (the old behavior) or multiple Network Server addresses in the X.509 DNS Subject Alternative Names (SANs). DNS names have precedence over an address in the Common Name.

Docker images

• docker pull thethingsnetwork/lorawan-stack:3.15
• docker pull thethingsnetwork/lorawan-stack:3.15.2
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.15
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.15.2

v3.15.1

Added

• Packet Broker gateway visibility management (default settings only). See ttn-lw-cli packetbroker home-networks gateway-visibilities --help for more information.

Changed

• The Gateway Server worker pools may now drop workers if they are idle for too long.
• FPort = 0 uplinks are no longer decoded by the Application Server, and the Network Server no longer provides the frame payload to the Application Server for these messages.

Fixed

• Emails to admins about requested OAuth clients.
• session handling for joined OTAA end devices in the Console.
• Empty Join Server address handling in end device creation form in the Console.
• Data Rate to data rate index matching for uplinks and downlinks.

Docker images

• docker pull thethingsnetwork/lorawan-stack:3.15
• docker pull thethingsnetwork/lorawan-stack:3.15.1
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.15
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.15.1

v3.15.0

Added

• RPC to query supported PHY versions for a given Band ID.
• Non-TLS LNS endpoint support.

Changed

• Update to Go 1.17.
• LBS timestamp rollover threshold.
• Layout of error pages.
• The Application Server worker pools may now drop workers if they are idle for too long.
• Improved error page UX in the Console.

Fixed

• Entity purge handling for non-admin users in the Console.
• URL field validation in webhook forms in the Console when value is not trimmed.
• Not rendering site header and footer for error pages in some situations.
• Not providing a copy button for error pages in some situations.
• Improved errors for invalid URLs.
• Limit length of search queries within tables in the Console to 50 to comply with API validation.
• External Join Server address handling in end device creation form in the Console.
• Updating supports_class_b field in the end device general settings page in the Console.

Docker images

• docker pull thethingsnetwork/lorawan-stack:3.15
• docker pull thethingsnetwork/lorawan-stack:3.15.0
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.15
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.15.0

v3.14.2

Added

• CLI warnings about insecure connections.
• CLI warnings about using the --all flag.
• Packet Broker network listed switch in the Console.
• Improved errors for invalid command-line flags.
• Validation of entity attributes in the Console, with regards to maximum length for keys and values.
• CLI command to decode raw LoRaWAN frames (ttn-lw-cli lorawan decode), useful for debugging purposes.
• Options to restore or purge deleted applications, gateways and organizations in the Console.
• Handling of default mac settings values when manually registering end devices in the Console.
• Add a new class_b_c_downlink_interval field that can be configured to set the minimum interval between a network initiated downlink (Class B & Class C) and an arbitrary downlink per device.
• Retrieve count of upstream messages from the Storage Integration by end device.
  • See the new GetStoredApplicationUpCount RPC.
  • See the new ttn-lw-cli applications storage count and ttn-lw-cli end-devices storage count CLI commands.

Changed

• The Identity Server now returns a validation error when trying to update the EUIs of an end device.
• Network Server no longer accepts RX metadata from Packet Broker if the originating forwarder network equals the current Network Server (by NetID and cluster ID, based onns.net-id and ns.cluster-id configuration). This avoids duplicate RX metadata as well as redundant downlink scheduling attempts through Packet Broker after the cluster's Gateway Server already failed to schedule.
• Usability of the end device import function in the Console.
  • Show a per-device report when errors occur.
  • More structural changes to the process to improve UX.

Removed

• Packet Broker mutual TLS authentication; only OAuth 2.0 is supported now.
• request_details from errors in the Console.

Fixed

• Generated CLI configuration for The Things Stack Community Edition.
• End device access with limited rights in the Console.
• Parsing of ID6 encoded EUIs from Basic Station gateways.
• Warnings about unknown fields when getting or searching for gateways.
• Internal Server Errors from pkg/identityserver/store.
• Console rendering blank pages in outdated browsers due to missing or incomplete internationalization API.
• Error in edit user form (Console) when submitting without making any changes.
• description field not being fetched in edit user form (admin only) in the Console.
• Ignore invalid configuration when printing configuration with ttn-lw-cli config or ttn-lw-stack config.
• Emails about API key changes.
• Avoid rendering blank pages in the Console for certain errors.
• Blank page crashes in the Console for certain browsers that do not fully support Intl API.
• End device session keys handling in the Console.
• Byte input width in Safari in the Console.

Docker images

• docker pull thethingsnetwork/lorawan-stack:3.14
• docker pull thethingsnetwork/lorawan-stack:3.14.2
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.14
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.14.2

v3.14.1

Added

• New config option --as.packages.timeout to control the message processing timeout of application packages.
• Option to view and copy error details in full view errors in the Console.
• Metrics for CUPS requests.
• Language chooser in the footer in the Console.
• Japanese language support in the Console.

Changed

• Cache Root CA for client TLS configuration.
• Identity Server no longer allows removing the _ALL right from entity collaborators if that leaves the entity without any collaborator that has the _ALL right.
• The Network Server application uplink queue may now be skipped if the Application Server peer is available at enqueue time.
• The interval for updating gateways in Packet Broker is now 10 minutes (was 5 minutes) and the timeout is 5 seconds (was 2 seconds).

Fixed

• Improved errors when ordering search requests by non-existent fields.
• LNS authentication key handling for gateways in the Console.

Docker images

• docker pull thethingsnetwork/lorawan-stack:3.14
• docker pull thethingsnetwork/lorawan-stack:3.14.1
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.14
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.14.1

v3.14.0

Added

• Gateway antenna placement; unknown, indoor or outdoor. This can now be specified with CLI, e.g. for the first antenna: ttn-lw-cli gateways set <gateway-id> --antenna.index 0 --antenna.placement OUTDOOR. The antenna placement will be reported to Packet Broker Mapper.
  • This requires a database schema migration (ttn-lw-stack is-db migrate) because of the added columns.
• Payload formatter length validation in the Console.
• User session management (listing and deleting) in the Identity Server and the CLI.
• Improved logging for the OAuth server.
• LR-FHSS modulation
  • Additional fields for the Gateway and Rx Metadata API. This requires a database schema migration (ttn-lw-stack is-db migrate) because of the added columns.
  • Support for LR-FHSS fields when translating uplink messages with the UDP protocol.
• Network Server now appends network identifiers in forwarded uplink messages. These are populated from the ns.net-id and the new ns.cluster-id configuration option.
  • See the new uplink_message.network_identifiers.net_id, uplink_message.network_identifiers.cluster_id and uplink_message.network_identifiers.tenant_id fields.
  • This can be useful for HTTP webhooks to determine the Network Server that received and forwarded an uplink message.
• GetDefaultMACSettings RPC for requesting the default and desired MAC settings for a Band (Frequency Plan) and LoRaWAN regional parameters version.
• Error handling for missing templates in device repository form in the Console.
• Opt out of Packet Broker for individual gateways, see the new disable_packet_broker_forwarding gateway option.
  • This requires a database schema migration (ttn-lw-stack is-db migrate) because of the added columns.
  • This is only relevant when Packet Broker is enabled and configured by the network operator.
• Gateways are now disconnected when settings affecting the connection with Gateway Server change. Use the gs.fetch-gateway-interval and gs.fetch-interval-jitter to configure how often the gateway is fetched from the entity registry.
• Small UX improvements to the LoRaCloud DAS forms in the Console.
• End device first activation timestamp in the Identity Server end device store.
  • This requires a database schema migration (ttn-lw-stack is-db migrate) because of the added columns.
• AppJs interface for applications to get the LoRaWAN AppSKey directly from the Join Server.
• Console support for DevEUI generation from the configured DevEUI address block.
  • This requires console.ui.dev-eui-issuing-enabled and console.ui.dev-eui-app-limit to be set with the same values as in the Identity Server configuration.

Changed

• When a gateway uplink message contains duplicate data uplinks, only the one with the highest RSSI are forwarded.
• The HTTP port now allows HTTP/2 connections over cleartext (h2c).
• ttn-lw-stack ns-db migrate command records the schema version and only performs migrations if on a newer version.
  • Use the --force flag to force perform migrations.
• Any authenticated user in the network can now list the collaborators of entities in the network.
• The search RPCs no longer require fields to be specified in the field mask when those fields are already specified as filters.
• When generating client configuration with the CLI use command, automatically set the correct Identity Server and OAuth Server addresses for The Things Stack Cloud and The Things Stack Community Edition.

Removed

• The old log format.

Fixed

• Network Server ADR algorithm data rate adjustment behavior on negative margin.
• CLI gateway set --antenna.remove command failing to remove gateway antennas in some cases.
• CLI gateway set --antenna.gain <gain> command crashing when no gateway antennas are present.
• Webhook template path variable expansion of query parameters.
• LBS LNS Auth Secret displays garbage value when updated.
• Transmit confirmation messages for LoRa Basics Station gateways.
• Instability and frequent crashes when internet connection is lost in the Console.
• Panic in GCS when CUPS rotation is set without a key.
• Rate limiting for GatewayRegistry.GetGatewayIdentifiersForEUI is now applied per gateway EUI.
• Network Server ensures that the Band ID in the end device version identifiers match the configured Frequency Plan of the device.

Docker images

• docker pull thethingsnetwork/lorawan-stack:3.14
• docker pull thethingsnetwork/lorawan-stack:3.14.0
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.14
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.14.0

v3.13.3

Added

• Email sent to admins when an OAuth client is requested by a non-admin user.
• Packet Broker UI in the Console (admin only).
• New config option --console.oauth.cross-site-cookie to control access to OAuth state cookie between origins.
  • This option needs to be set to true (default is false) in multi-cluster deployments in order to support OAuth clients that use POST callbacks.
• Application Server forwards upstream messages of type ApplicationDownlinkSent for application downlink messages that were acknowledged with a TxAck message from the gateway.
  • MQTT clients can subscribe to the topic v3/{application-id}/devices/{device-id}/down/sent.
  • For HTTP webhooks, make sure that the Downlink Sent messages are enabled.
• Query for the most recent application messages from the Storage Integration API with the new last parameter (for example, ?last=10m or ?last=2h). See also --last argument for the ttn-lw-cli applications storage get and ttn-lw-cli end-devices storage get commands.
• A location solved message is published automatically by Application Server when the decoded payload contains coordinates (e.g. latitude and longitude, among other combinations, as well as support for accuracy and altitude).
• Configuration option to include Packet Broker metadata in uplink messages: pba.home-network.include-hops. By default, this is now disabled.
• Update gateway identity, status, antennas, frequency plan, location and receive and transmit rates to Packet Broker Mapper. Mapping is enabled when the Forwarder role is enabled. The following new configuration options are introduced to change the default behavior:
  • gs.packetbroker.update-gateway-interval: Update gateway interval
  • gs.packetbroker.update-gateway-jitter: Jitter (fraction) to apply to the update interval to randomize intervals
  • gs.packetbroker.online-ttl-margin: Time to extend the online status before it expires
  • pba.mapper-address: Address of Packet Broker Mapper
  • pba.forwarder.gateway-online-ttl: Time-to-live of online status reported to Packet Broker

Changed

• Low-level log messages from the go-redis library are printed only when the log level is set to DEBUG.
• GS will discard repeated gateway uplink messages (often received due to buggy gateway forwarder implementations). A gateway uplink is considered to be repeated when it has the same payload, frequency and antenna index as the last one.
  • The new gs_uplink_repeated_total metric counts how many repeated uplinks have been discarded.
  • A gs.up.repeat event is emitted (once per minute maximum) for gateways that are stuck in a loop and forward the same uplink message.
• For ABP sessions, the CLI now requests a DevAddr from the Network Server instead of generating one from the testing NetID.
• Descriptions, tooltips and defaults for checkboxes for public gateway status and location in the Console.
• All HTTP requests made by The Things Stack now contain a User-Agent header in the form of TheThingsStack/{version}.
• No connection to Packet Broker is being made when neither the Forwarder nor the Home Network role is enabled.
• Increase the default size limit for payload formatter scripts to 40KB (up from 4KB). The maximum size enforced at API level is 40KB (up from 16KB).
  • For more context see issue #4053 and issue #4278.

Fixed

• Parse error in Webhook Templates.
• Application deletion handling in the Console.
• Error when logging into the Console when using connections without TLS.
• Account for antenna gain when the gateway is not authenticated (i.e. UDP gateway).
• Preserve antenna gain when the gateway status message contains GPS coordinates.
• Location map coordinate selection in the Console.
• Rights required for reading scheduled downlinks.

Docker images

• docker pull thethingsnetwork/lorawan-stack:3.13
• docker pull thethingsnetwork/lorawan-stack:3.13.3
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.13
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.13.3

v3.13.2

Added

• Configurable log formats with the log.format configuration option.
  • The console format that prints logs as more human-friendly text. This is the new default.
  • The json format that prints logs as JSON. This is the recommended format for production deployments.
  • The old format (deprecated). This can be used if you need to adapt your log analysis tooling before v3.14.
• ttn_lw_gs_ns_uplink_latency_seconds, ttn_lw_ns_as_uplink_latency_seconds and ttn_lw_gtw_as_uplink_latency_seconds metrics to track latency of uplink processing.
• Signing of releases.
• Hard delete option to delete applications, gateways and organizations in the Console.

Changed

• Relaxed the cookie policy for cross-origin requests from Strict to Lax.
• Changed the cookie policy for OAuth state to None.

Deprecated

• The old log format is deprecated and will be removed in v3.14.

Fixed

• Permissions issue for reading and writing gateway secrets in the Console.
• Current and future rights selection for organization collaborators in the Console.
• Current and future rights selection for user api keys in the Console.
• Low or no throughput of message handling from Packet Broker when the ingress is high when Packet Broker Agent starts.
• Unset ADR bit in downlink messages to multicast devices.

Docker images

• docker pull thethingsnetwork/lorawan-stack:3.13
• docker pull thethingsnetwork/lorawan-stack:3.13.2
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.13
• docker pull ghcr.io/thethingsnetwork/lorawan-stack:3.13.2