Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump github.com/open-policy-agent/opa from 0.49.2 to 0.50.0 #32

Merged
merged 1 commit into from
Mar 14, 2023
Merged

Bump github.com/open-policy-agent/opa from 0.49.2 to 0.50.0 #32

merged 1 commit into from
Mar 14, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 13, 2023

Bumps github.com/open-policy-agent/opa from 0.49.2 to 0.50.0.

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v0.50.0

This release contains a mix of new features, bugfixes, security fixes, optimizations and build updates related to OPA's published images.

New Built-in Functions: JSON Schema Verification and Validation

These new built-in functions add functionality to verify and validate JSON Schema (#5486) (co-authored by @​jkulvich and @​johanfylling).

  • json.verify_schema: Checks that the input is a valid JSON schema object
  • json.match_schema: Checks that the document matches the JSON schema

See the documentation for all details.

Annotations scoped to package carries across modules

package scoped schema annotations are now applied across modules instead of only local to the module where it's declared (#5251) (authored by @​johanfylling). This change may cause compile-time errors and behavioural changes to type checking when the schemas annotation is used, and to rules calling the rego.metadata.chain() built-in function:

  • Existing projects with the same package declared in multiple files will trigger a rego_type_error: package annotation redeclared error if two or more of these are annotated with the package scope.
  • If using the package scope, the schemas annotation will be applied to type checking also for rules declared in another file than the annotation declaration, as long as the package is the same.
  • The chain of metadata returned by the rego.metadata.chain() built-in function will now contain an entry for the package even if the annotations are declared in another file, if the scope is package.

Remote bundle URL shorthand for run command

To load a remote bundle using opa run, the set directive can be provided multiple times as shown below:

 $ opa run -s --set "services.default.url=https://example.com" \
              --set "bundles.example.service=default" \
              --set "bundles.example.resource=/bundles/bundle.tar.gz" \
              --set "bundles.example.persist=true"

The following command can be used as a shorthand to easily start OPA with a remote bundle (#5674) (authored by @​anderseknert):

$ opa run -s https://example.com/bundles/bundle.tar.gz

Performance Improvements for json.patch Built-in Function

Performance improvements in json.patch were achieved with the introduction of a new EditTree data structure, which is built for applying in-place modifications to an ast.Term, and can render the final result of all edits efficiently by applying all patches in a JSON-Patch sequence rapidly, and then collapsing all edits at the end with minimal wasted ast.Term copying (authored by @​philipaconrad). For more details and benchmarks refer #5494 and #5390.

Surface decision log errors via status API

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

0.50.0

This release contains a mix of new features, bugfixes, security fixes, optimizations and build updates related to OPA's published images.

New Built-in Functions: JSON Schema Verification and Validation

These new built-in functions add functionality to verify and validate JSON Schema (#5486) (co-authored by @​jkulvich and @​johanfylling).

  • json.verify_schema: Checks that the input is a valid JSON schema object
  • json.match_schema: Checks that the document matches the JSON schema

See the documentation for all details.

Annotations scoped to package carries across modules

package scoped schema annotations are now applied across modules instead of only local to the module where it's declared (#5251) (authored by @​johanfylling). This change may cause compile-time errors and behavioural changes to type checking when the schemas annotation is used, and to rules calling the rego.metadata.chain() built-in function:

  • Existing projects with the same package declared in multiple files will trigger a rego_type_error: package annotation redeclared error if two or more of these are annotated with the package scope.
  • If using the package scope, the schemas annotation will be applied to type checking also for rules declared in another file than the annotation declaration, as long as the package is the same.
  • The chain of metadata returned by the rego.metadata.chain() built-in function will now contain an entry for the package even if the annotations are declared in another file, if the scope is package.

Remote bundle URL shorthand for run command

To load a remote bundle using opa run, the set directive can be provided multiple times as shown below:

 $ opa run -s --set "services.default.url=https://example.com" \
              --set "bundles.example.service=default" \
              --set "bundles.example.resource=/bundles/bundle.tar.gz" \
              --set "bundles.example.persist=true"

The following command can be used as a shorthand to easily start OPA with a remote bundle (#5674) (authored by @​anderseknert):

$ opa run -s https://example.com/bundles/bundle.tar.gz

Performance Improvements for json.patch Built-in Function

Performance improvements in json.patch were achieved with the introduction of a new EditTree data structure, which is built for applying in-place modifications to an ast.Term, and can render the final result of all edits efficiently by applying all patches in a JSON-Patch sequence rapidly, and then collapsing all edits at the end with minimal wasted ast.Term copying (authored by @​philipaconrad). For more details and benchmarks refer #5494 and #5390.

Surface decision log errors via status API

... (truncated)

Commits
  • 50d14ac Prepare v0.50.0 release
  • ed97b78 docs: Add example of decision log error surfaced via status (#5745)
  • dadf43f build(deps): bump github.com/golang/protobuf from 1.5.2 to 1.5.3
  • b36da40 [server/identifier] Support SPIFFEID use in authz (#5742)
  • f24f18e Retract pre go module OPA versions (#5741)
  • 85a10ff build: bump golang 1.20.1 -> 1.20.2 (#5740)
  • 46d0f05 docs: Update generated CLI docs
  • fbfa705 [ast/opa parse] Support marshalling of all ast location data (#5576)
  • 9e97f98 This change allows the HTTP clients to consume and send gzip compressed respo...
  • dc37446 Add 2U to adopters.md
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump github.com/open-policy-agent/opa from 0.49.2 to 0.50.0
08fb312 
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.49.2 to 0.50.0.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v0.49.2...v0.50.0)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Mar 13, 2023
@bendrucker bendrucker merged commit d2cd6fd into main Mar 14, 2023
@bendrucker bendrucker deleted the dependabot/go_modules/github.com/open-policy-agent/opa-0.50.0 branch March 14, 2023 01:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@bendrucker