Cerbos Versions Save

Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage by writing context-aware access control policies for your application resources.

v0.26.0

1 year ago

Cerbos 0.26.0

View the full release notes at https://docs.cerbos.dev/cerbos/latest/releases/v0.26.0.html

Changelog

Features

a38efe6d feat: Add JUnit output format for test results (#1508)
52f0daf2 feat: Cerbos Cloud bundle store driver (#1530)
4a440e92 feat: Kafka audit log (#1499)

Enhancements

06c514da enhancement!: Group test results by test name (#1498)
1a949a13 enhancement!: Make config flag optional (#1462)
138a1cd9 enhancement: Add includeDisabled to Admin API and schema deletion to cerbosctl (#1463)
a5c1dc34 enhancement: Add principal, resource and action as properties of JUnit output (#1520)
f38a10ea enhancement: Add support for reading archive files for the disk driver (#1473)
a5c6b106 enhancement: Audit error metric (#1513)
ad0dbb2f enhancement: Enable auth on API explorer page (#1464)
22fff65a enhancement: Enable disabled policies (#1472)
eb0d3dac enhancement: Report audit close error (#1501)

Bug fixes

b6fdc81f fix: Fix passing tests not being visible in JUnit test output (#1534)
f40a8a8c fix: Kafka async produce context cancellation (#1516)
a9e540df fix: Kafka async publish fails when the API request returns (#1510)
b6756b07 fix: Prevent default config from being turned into a path (#1533)

Documentation

4fddbfb8 docs: Add Kafka audit backend docs (#1506)
80e73601 docs: Add resource ID to test examples (#1488)
e5dbcb53 docs: Document /api/server_info (#1469)
27a22119 docs: Document CEL string.format function (#1528)
397d6264 docs: Fix README snapshot.yml badge (#1497)
53c6a412 docs: Fix name of test output format flag (#1481)
a1a61435 docs: Fix typo in 04_testing-policies.adoc (#1477)

Chores

5fa93905 chore(api): Remove api/x/plan/resources endpoint (#1471)
92725a97 chore(ci): Add timeouts to workflows (#1505)
7507b683 chore(ci): Increase snapshot build timeout (#1509)
52d990c8 chore(deps): Bump github.com/docker/docker from 20.10.23+incompatible to 20.10.24+incompatible (#1517)
58315563 chore(deps): Bump github.com/docker/docker from 23.0.2+incompatible to 23.0.3+incompatible in /tools (#1518)
f2a2b8f7 chore(deps): Bump github.com/opencontainers/runc from 1.1.2 to 1.1.5 (#1507)
682f41b4 chore(deps): Bump golang.org/x/net from 0.5.0 to 0.7.0 (#1465)
bf08b735 chore(deps): Bump golang.org/x/net from 0.5.0 to 0.7.0 in /tools (#1466)
dcaf942f chore(deps): Update bufbuild/buf-setup-action action to v1.15.0 (#1484)
215c4eed chore(deps): Update bufbuild/buf-setup-action action to v1.16.0 (#1512)
c11163b4 chore(deps): Update bufbuild/buf-setup-action action to v1.17.0 (#1522)
f19a9f37 chore(deps): Update github actions deps (#1475)
19e7e0b4 chore(deps): Update github actions deps (#1494)
bd60c15b chore(deps): Update github actions deps to v4 (major) (#1495)
a72e7525 chore(deps): Update go deps (#1474)
bbc795d2 chore(deps): Update go deps (#1483)
54beb34d chore(deps): Update go deps (#1493)
072810a0 chore(deps): Update go deps (#1502)
72225933 chore(deps): Update go deps (#1511)
df020fbe chore(deps): Update go deps (#1521)
ada36c1a chore(deps): Update module github.com/dgraph-io/badger/v3 to v4 (#1503)
08474cd1 chore(release): Add 0.26.0 release notes (#1532)
7b6638f5 chore(release): Prepare release 0.26.0
936b2e35 chore(version): Bump version to 0.26.0
6a400732 chore: Deprecate old policy disable endpoint (#1476)
80072f5f chore: Ignore stdout/stderr sync errors in audit log (#1515)
2e3fd4e3 chore: Make Otel resource schemaless (#1487)
b81b2185 chore: Publish unstable API to BSR (#1531)
62244d2e chore: Remove Playground from API explorer (#1467)

v0.25.0

1 year ago

Cerbos 0.25.0

View the full release notes at https://docs.cerbos.dev/cerbos/latest/releases/v0.25.0.html

Changelog

Features

31a474bc feat: Add Cerbos version to response headers (#1448)
840a4172 feat: Admin API endpoint to disable policy(s) (#1426)

Enhancements

dfb42e9c enhancement!: Return number of schemas deleted, and don't error if none (#1445)
49ccfb39 enhancement: Add DeleteSchema RPC to the SDK AdminClient (#1459)
6b6ea4c6 enhancement: Prevent scoped policies being disabled (#1441)

Bug fixes

4630a081 fix: Evict disabled policy from the cache (#1436)
5fc98615 fix: Evict policies that are changed in-place (#1439)
b40303fd fix: Fix erroneous check in the Disable command (#1447)
986d3d08 fix: Fix typo in policy metadata field (#1454)
49c94059 fix: Fix typo in policy metadata field (#1458)

Documentation

4297ad5a docs: Add note on resource-led policy design in Best practices section (#1423)
eb8bf6d3 docs: Add policyVersion example to tests (#1430)
20b00522 docs: Clarify how to provide blob store credentials (#1433)

Chores

a7a542cd chore(ci): Improve caching (#1446)
c2628e2c chore(ci): Update gcloud auth (#1420)
f7ecc845 chore(ci): Use Go 1.20 in CI (#1440)
e458fd27 chore(deps): Bump helm.sh/helm/v3 from 3.11.0 to 3.11.1 (#1450)
e6450bda chore(deps): Revert update of github.com/jackc/pgx/v4 to v5 (#1425) (#1427)
c7bf9264 chore(deps): Update bufbuild/buf-setup-action action to v1.12.0 (#1422)
860d4c06 chore(deps): Update github actions deps (#1429)
90034111 chore(deps): Update go deps (#1416)
d20bb6e7 chore(deps): Update go deps (#1421)
60b07aea chore(deps): Update go deps (#1424)
5dad5ce4 chore(deps): Update go deps (#1428)
e02ad244 chore(deps): Update go deps (#1437)
142c44c4 chore(deps): Update go deps to v2 (major) (#1417)
09d538f2 chore(deps): Update google-github-actions/setup-gcloud action to v1.1.0 (#1438)
349afb1d chore(deps): Update module github.com/jackc/pgx/v4 to v5 (#1425)
7e10fc60 chore(deps): Update module go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp to v0.39.0 [security] (#1452)
45557372 chore(release): Add 0.25.0 release notes (#1460)
6b5a051a chore(release): Prepare release 0.25.0
bee90fc1 chore(version): Bump version to 0.25.0
20593267 chore: Add licence file for pjbgf/sha1cd (#1418)
3c888ccd chore: Upgrade Otel semconv version (#1444)

Others

fa28609d revert: Fix typo in policy metadata field (#1454) (#1456)

v0.24.0

1 year ago

Cerbos 0.24.0

View the full release notes at https://docs.cerbos.dev/cerbos/latest/releases/v0.24.0.html

Changelog

Features

47a635e1 feat!: Include metadata in decision logs (#1385)
2159cc96 feat: Support for filtering decision logs (#1387)

Enhancements

13e27abe enhancement(helm): Annotations for deployment and service (#1363)
6d9fb62f enhancement(helm): Optional cert-manager integration (#1365)
8b37e583 enhancement: Add wrapper function for sqlx.Connect call, incorporating basic retries (#1405)

Bug fixes

c3ae7039 fix(planner): R.id unresolved (#1371)
065b1474 fix: Fix handling of the SIGUSR1 on Windows (#1401)
32bc32d9 fix: Flaky query plan test (#1364)
6601401a fix: Handle principal-policy-only cases (#1406)
b3440015 fix: Reject duplicate tests (#1412)

Documentation

ac2e6654 docs: Add excludeMetadataKeys and includeMetadataKeys to audit page on docs (#1383)
28a6142e docs: Add policy best practices section (#1361)
6988a238 docs: List available SDKs (#1366)
2619857c docs: Port SQLAlchemy integration guide from blog to docs (#1378)
a7fb7990 docs: Remove unstable warning from Linux packages (#1368)
3739fe92 docs: Update Prisma recipe to bring in line with demo repo (#1386)

Chores

5be75a80 chore(ci): Add CodeQL analyzer (#1396)
97707f97 chore(ci): Disable Renovate go.mod Go version update (#1359)
8547126a chore(ci): Use token with Buf setup action (#1413)
176eb493 chore(deps): Update bufbuild/buf-push-action action to v1.1.0 (#1393)
0729e965 chore(deps): Update bufbuild/buf-setup-action action to v1.11.0 (#1409)
5d8d4c4e chore(deps): Update github actions deps (#1399)
3bcacd51 chore(deps): Update go deps (#1356)
7f52f1b1 chore(deps): Update go deps (#1367)
7e32c7c6 chore(deps): Update go deps (#1382)
60e5a506 chore(deps): Update go deps (#1392)
b2d20699 chore(deps): Update go deps (#1398)
5d68a19b chore(deps): Update go deps (#1404)
1c54170b chore(deps): Update go deps (#1408)
c4cbcc1e chore(deps): Update google-github-actions/setup-gcloud action to v1 (#1357)
2fc6774a chore(deps): Update module helm.sh/helm/v3 to v3.10.3 [security] (#1395)
89266e2e chore(release): Add 0.23.1 release notes (#1375)
5571c977 chore(release): Add 0.24.0 release notes (#1415)
6368d3b5 chore(release): Prepare release 0.24.0
8d6aea6d chore(test): Exercise audit log filtering in E2E tests (#1388)
6de575d1 chore(version): Bump version to 0.24.0
c8b4afa3 chore: Update copyright notice (#1407)

v0.23.1

1 year ago

Cerbos 0.23.1

View the full release notes at https://docs.cerbos.dev/cerbos/latest/releases/v0.23.1.html

Changelog

Enhancements

d7d00870 enhancement(helm): Annotations for deployment and service (#1363) (#1372)

Bug fixes

a741fc5b fix(backport): Flaky query plan test (#1364) (#1373)
81a2bc9f fix(planner): R.id unresolved (#1371) (#1374)

Documentation

50f0f47b docs(backport): Remove unstable warning from Linux packages (#1368) (#1369)

Chores

9343665c chore(release): Prepare v0.23.1 release (#1376)

v0.23.0

1 year ago

Cerbos 0.23.0

View the full release notes at https://docs.cerbos.dev/cerbos/latest/releases/v0.23.0.html

Changelog

Enhancements

1727099f enhancement(planner): Optimize membership test expression having index into struct (#1353)
e7eda5e0 enhancement: Clearer errors when trying to query audit logs (#1342)
e208e83c enhancement: Support zip files in cerbosctl put (#1343)

Bug fixes

6e321aad fix(planner): Known resource attribute as an index into a struct (#1351)
f61a7492 fix(sdk): Set scope of the plan resources request (#1347)
1e33a52a fix: Rewrite log level change without Go 1.19 features (#1350)

Documentation

4ceea8fa docs: Add link to git-sync (#1344)
ba021355 docs: Add recipe link to admin API demo (#1338)

Chores

493e90f6 chore(ci): Enable LFS for snapshot build (#1352)
88db1435 chore(deps): Update go deps (#1337)
f3a294ec chore(deps): Update go deps (#1348)
093ee32e chore(deps): Update golangci/golangci-lint-action action to v3.3.1 (#1349)
02016101 chore(release): Add 0.22.1 release notes (#1355)
e03a8d19 chore(release): Add 0.23.0 release notes (#1358)
4ad4dce6 chore(release): Prepare release 0.23.0
36445a91 chore(version): Bump version to 0.23.0
1c54373b chore: Disable CGO for "all" make target (#1341)

v0.22.0

1 year ago

Cerbos 0.22.0

View the full release notes at https://docs.cerbos.dev/cerbos/latest/releases/v0.22.0.html

Changelog

Features

7614d509 feat: Optimise a query plan of a membership test in a single-item list (#1299)
314b8591 feat: Optimise query plan for index into struct (#1327)
babbf213 feat: Temporary log level change with USR1 signal (#1255)
e4b9c77f feat: Update list functions to support partial eval (#1281)

Enhancements

55195457 enhancement: Group compile requests (#1235)
8565255d enhancement: Relax validation rule for scopes (#1254)

Bug fixes

6e2b1e4c fix(sdk): Missing setters in policy builders (#1325)
37ee72e7 fix: Derived role condition is optional (#1301)
aeb49cc4 fix: Disable CGO for "compile" and "test" make targets (#1336)
906bd547 fix: Handle other data types while optimizing IN expression (#1334)
d2873460 fix: Handling of null value by the query planner (#1317)
af2bdaaf fix: Treat non-boolean expression results as false (#1256)
feafe618 fix: Update hasIntersection function to support partial eval (#1278)
6d7deeff fix: Validate required fields in PlanResourcesRequest (#1262)

Documentation

d104007e docs: Add tip about using cerbosctl to load policies (#1332)
7c47eaac docs: Added Engineering section with post on single process usage (#1264)
8f06383f docs: Fix formatting of table in tutorial (#1329)
741e0240 docs: Fix usage of CEL matches operator (#1245)
ad930981 docs: Make optionality of Scoped Policies more explicit (#1251)
ca1568f2 docs: README key concepts (#1274)
f54636d6 docs: Updated the user logos on the readme (#1321)
cdd8507e docs: Updating the logos (#1313)

Chores

6e2f6948 chore(ci): Configure Renovate (#1302)
47e6f737 chore(ci): Remove single commit validation (#1316)
aad669a9 chore(ci): Run Go vulnerability check periodically (#1236)
7f4108d6 chore(ci): Set output via environment file rather than stdout (#1277)
664bd748 chore(ci): Use latest Go version in builds (#1275)
982bf22c chore(deps): Bump amannn/action-semantic-pull-request from 4.5.0 to 4.6.0 (#1239)
8c2b4f1e chore(deps): Bump amannn/action-semantic-pull-request from 4.6.0 to 5.0.2 (#1283)
471d301a chore(deps): Bump github.com/denisenkom/go-mssqldb from 0.12.2 to 0.12.3 (#1285)
a507452d chore(deps): Bump github.com/dgraph-io/badger/v3 from 3.2103.2 to 3.2103.3 (#1291)
1fb3ee19 chore(deps): Bump github.com/envoyproxy/protoc-gen-validate from 0.6.8 to 0.6.13 (#1270)
c0b2922b chore(deps): Bump github.com/envoyproxy/protoc-gen-validate from 0.6.8 to 0.6.13 in /hack/tools/protoc-gen-jsonschema (#1273)
8e6d722f chore(deps): Bump github.com/envoyproxy/protoc-gen-validate from 0.6.8 to 0.6.13 in /tools (#1271)
941f274f chore(deps): Bump github.com/fergusstrange/embedded-postgres from 1.17.0 to 1.18.0 (#1241)
9c358493 chore(deps): Bump github.com/fergusstrange/embedded-postgres from 1.18.0 to 1.19.0 (#1267)
34beff71 chore(deps): Bump github.com/goreleaser/goreleaser from 1.11.4 to 1.11.5 in /tools (#1272)
1626d47b chore(deps): Bump github.com/minio/minio-go/v7 from 7.0.37 to 7.0.38 (#1244)
dc11c4b4 chore(deps): Bump github.com/minio/minio-go/v7 from 7.0.38 to 7.0.39 (#1258)
7cf1f9af chore(deps): Bump github.com/minio/minio-go/v7 from 7.0.39 to 7.0.40 (#1266)
5f82f44f chore(deps): Bump github.com/minio/minio-go/v7 from 7.0.40 to 7.0.41 (#1295)
1afd8885 chore(deps): Bump github.com/pterm/pterm from 0.12.46 to 0.12.48 (#1260)
cea28fb0 chore(deps): Bump github.com/pterm/pterm from 0.12.48 to 0.12.49 (#1269)
441a3929 chore(deps): Bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.35.0 to 0.36.0 (#1242)
1a024fe4 chore(deps): Bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.36.0 to 0.36.1 (#1259)
73b026e0 chore(deps): Bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.36.1 to 0.36.3 (#1294)
5c3e3799 chore(deps): Bump go.opentelemetry.io/contrib/propagators/autoprop from 0.35.0 to 0.36.0 (#1243)
d147fd20 chore(deps): Bump go.opentelemetry.io/contrib/propagators/autoprop from 0.36.0 to 0.36.1 (#1257)
c887152a chore(deps): Bump go.opentelemetry.io/contrib/propagators/autoprop from 0.36.1 to 0.36.3 (#1293)
336e9da1 chore(deps): Bump go.opentelemetry.io/contrib/propagators/b3 from 1.10.0 to 1.11.0 (#1288)
9e48ce03 chore(deps): Bump go.opentelemetry.io/otel from 1.10.0 to 1.11.0 (#1286)
cbf873e7 chore(deps): Bump go.opentelemetry.io/otel/bridge/opencensus from 0.32.1 to 0.32.3 (#1290)
b1c996a6 chore(deps): Bump go.opentelemetry.io/otel/exporters/jaeger from 1.10.0 to 1.11.0 (#1287)
dc7d3974 chore(deps): Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc from 1.10.0 to 1.11.0 (#1292)
d35341eb chore(deps): Bump gocloud.dev from 0.26.0 to 0.27.0 (#1261)
7b60b797 chore(deps): Bump google-github-actions/setup-gcloud from 0.6.0 to 0.6.2 (#1284)
2fe3d468 chore(deps): Bump google.golang.org/grpc from 1.49.0 to 1.50.0 (#1268)
1f1c6ffb chore(deps): Bump google.golang.org/grpc from 1.50.0 to 1.50.1 (#1298)
88e9a2ce chore(deps): Bump helm.sh/helm/v3 from 3.10.0 to 3.10.1 (#1296)
c9e66897 chore(deps): Bump helm.sh/helm/v3 from 3.9.4 to 3.10.0 (#1240)
6119a10b chore(deps): Bump helm/kind-action from 1.3.0 to 1.4.0 (#1238)
603e419c chore(deps): Bump modernc.org/sqlite from 1.19.1 to 1.19.2 (#1297)
29624b57 chore(deps): Update alpine base image from 3.15 to 3.16 (#1248)
f774993f chore(deps): Update azure/setup-helm action to v3.4 (#1322)
8665a87a chore(deps): Update github actions deps (#1314)
60f15400 chore(deps): Update go deps (#1304)
953f9e82 chore(deps): Update go deps (#1315)
1d45c062 chore(deps): Update go deps (#1323)
c4549dc1 chore(deps): Update go.opentelemetry.io/otel/bridge/opencensus to 0.32.1 (#1237)
cc8e8d12 chore(deps): Update module github.com/google/go-licenses to v1 (#1305)
7e997378 chore(deps): Update voxmedia/github-action-slack-notify-build action to v2 (#1306)
fc0ca593 chore(helm): Allow configuring a custom nodePort in helm chart values (#1250)
04046a88 chore(release): Add 0.22.0 release notes (#1335)
713efe5a chore(release): Prepare release 0.22.0
2856ee09 chore(version): Bump version to 0.22.0
ff77048e chore: Confirm hierarchy funcs support partial eval (#1282)
f8e06bc1 chore: Re-generate mocks (#1324)
71c22028 chore: Stable string representation for query filter (#1307)

v0.21.0

1 year ago

Cerbos 0.21.0

View the full release notes at https://docs.cerbos.dev/cerbos/latest/releases/v0.21.0.html

Changelog

Enhancements

0a84961 enhancement: Advanced server configuration (#1218)
b4ba131 enhancement: Allow specification of gRPC request metadata keys to be logged (#1202)

Bug fixes

cd18c72 fix(sdk): Allow plaintext connections to any host (#1210)
f1cd422 fix: Change the query planner handling of the condition "any" (#1216)
ef67d54 fix: Purge compile cache on store reload (#1217)
7097351 fix: Query planner partially evaluates a lambda body (#1198)

Documentation

49738fb docs: Add Java and .NET code examples to quickstart (#1179)
6df6dd7 docs: Add clarification about who provides parentRoles (#1207)

Chores

61bd5f7 chore(deps): Bump bufbuild/buf-lint-action from 1.0.1 to 1.0.2 (#1193)
e76b134 chore(deps): Bump bufbuild/buf-setup-action from 1.7.0 to 1.8.0 (#1220)
262a210 chore(deps): Bump contrib.go.opencensus.io/exporter/prometheus from 0.4.1 to 0.4.2 (#1184)
12910ac chore(deps): Bump github.com/bojand/ghz from 0.109.0 to 0.110.0 in /tools (#1206)
d5be27e chore(deps): Bump github.com/bufbuild/buf from 1.7.0 to 1.8.0 in /tools (#1228)
fbac91d chore(deps): Bump github.com/envoyproxy/protoc-gen-validate from 0.6.7 to 0.6.8 (#1230)
fd2ce35 chore(deps): Bump github.com/envoyproxy/protoc-gen-validate from 0.6.7 to 0.6.8 in /hack/tools/protoc-gen-jsonschema (#1229)
2b56000 chore(deps): Bump github.com/envoyproxy/protoc-gen-validate from 0.6.7 to 0.6.8 in /tools (#1227)
418d15c chore(deps): Bump github.com/gdamore/tcell/v2 from 2.5.2 to 2.5.3 (#1174)
4dbfa51 chore(deps): Bump github.com/google/cel-go from 0.12.4 to 0.12.5 (#1176)
88bbc4a chore(deps): Bump github.com/google/go-cmp from 0.5.8 to 0.5.9 (#1205)
bf31f34 chore(deps): Bump github.com/goreleaser/goreleaser from 1.10.3 to 1.11.0 in /tools (#1189)
dab89cf chore(deps): Bump github.com/goreleaser/goreleaser from 1.11.0 to 1.11.2 in /tools (#1197)
31654dd chore(deps): Bump github.com/goreleaser/goreleaser from 1.11.2 to 1.11.4 in /tools (#1226)
9ce9921 chore(deps): Bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.11.2 to 2.11.3 (#1186)
9edf906 chore(deps): Bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.11.2 to 2.11.3 in /tools (#1188)
6ae8941 chore(deps): Bump github.com/jackc/pgx/v4 from 4.17.0 to 4.17.1 (#1191)
7e47f03 chore(deps): Bump github.com/jackc/pgx/v4 from 4.17.1 to 4.17.2 (#1194)
4ece928 chore(deps): Bump github.com/lestrrat-go/jwx/v2 from 2.0.5 to 2.0.6 (#1183)
3658e3a chore(deps): Bump github.com/lyft/protoc-gen-star from 0.6.0 to 0.6.1 in /hack/tools/protoc-gen-jsonschema (#1178)
8ed66e0 chore(deps): Bump github.com/minio/minio-go/v7 from 7.0.34 to 7.0.35 (#1196)
ba977b4 chore(deps): Bump github.com/minio/minio-go/v7 from 7.0.35 to 7.0.36 (#1203)
d2ade77 chore(deps): Bump github.com/minio/minio-go/v7 from 7.0.36 to 7.0.37 (#1232)
24d3f18 chore(deps): Bump github.com/pterm/pterm from 0.12.45 to 0.12.46 (#1195)
f647305 chore(deps): Bump github.com/rudderlabs/analytics-go from 3.3.2+incompatible to 3.3.3+incompatible (#1175)
da3efea chore(deps): Bump github.com/santhosh-tekuri/jsonschema/v5 from 5.0.0 to 5.0.1 (#1224)
f34322b chore(deps): Bump github.com/tidwall/gjson from 1.14.2 to 1.14.3 (#1173)
6edcc05 chore(deps): Bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.34.0 to 0.35.0 (#1221)
55f5ec7 chore(deps): Bump go.opentelemetry.io/contrib/propagators/autoprop from 0.34.0 to 0.35.0 (#1234)
d86af54 chore(deps): Bump go.opentelemetry.io/contrib/propagators/b3 from 1.9.0 to 1.10.0 (#1222)
293d543 chore(deps): Bump go.opentelemetry.io/otel/exporters/jaeger from 1.9.0 to 1.10.0 (#1231)
18ef4f3 chore(deps): Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc from 1.9.0 to 1.10.0 (#1223)
08b01b4 chore(deps): Bump go.uber.org/zap from 1.22.0 to 1.23.0 (#1187)
454bcde chore(deps): Bump google.golang.org/grpc from 1.48.0 to 1.49.0 (#1190)
2bb6210 chore(deps): Bump gotest.tools/gotestsum from 1.8.1 to 1.8.2 in /tools (#1177)
88a4e2c chore(deps): Bump helm.sh/helm/v3 from 3.9.3 to 3.9.4 (#1185)
cd706c4 chore(deps): Bump modernc.org/sqlite from 1.18.1 to 1.18.2 (#1204)
775b13a chore(deps): Bump modernc.org/sqlite from 1.18.2 to 1.19.1 (#1225)
773ff8d chore(deps): Private API buf mod update (#1200)
7ccdd20 chore(deps): Update buf modules (#1199)
ee53d7b chore(deps): Update dependencies (#1181)
20c4dd6 chore(docs): Fix git storage driver configuration example (#1211)
ede8db0 chore(release): Add 0.21.0 release notes (#1219)
5074fee chore(release): Prepare release 0.21.0
82107a0 chore(test): Increase client timeout in E2E tests (#1213)
2ad0196 chore(version): Bump version to 0.21.0
d8f75b6 chore: Refactor private/verify package (#1182)

v0.20.0

1 year ago

Cerbos 0.20.0

View the full release notes at https://docs.cerbos.dev/cerbos/latest/releases/v0.20.0.html

Changelog

Features

dcebd31 feat: Allow policy tests to use deterministic time functions (#1169)

Enhancements

33fccbf enhancement: Use plan decorator to provide consistent time functions (#1125)
3d8516f enhancement: Warn if (and only if) using the default admin password (#1171)

Bug fixes

b06c100 fix(sdk): Allow setting scope on SDK requests (#1151)
88ded11 fix: Allow wildcards for principal policy resource names (#1166)

Documentation

d6da5e7 docs: Add links to PHP SDK (#1092)
534849d docs: Fix broken links to tutorial files (#1157)
b44a108 docs: Merge cerbos guide into main docs (#1095)
1c2e2c6 docs: Tabs-block multi language quickstart examples (#1126)

Chores

f4a4f31 chore(ci): Add docs preview (#1128)
8a3b151 chore(ci): Deploy docs previews (#1129)
3ca1b92 chore(ci): Make PR labels job optional (#1155)
17cb6ea chore(ci): Remove docs preview generation (#1158)
36f4de0 chore(ci): Update Netlify conf (#1133)
c71092f chore(ci): Use Go 1.19 in CI (#1127)
e595176 chore(ci): Use pull request title to apply labels (#1091)
12ff2db chore(deps): Bump azure/setup-helm from 2.1 to 3.0 (#1061)
95b48b3 chore(deps): Bump azure/setup-helm from 3.0 to 3.1 (#1085)
034d2e0 chore(deps): Bump azure/setup-helm from 3.1 to 3.3 (#1110)
dee7e8d chore(deps): Bump bufbuild/buf-setup-action from 1.6.0 to 1.7.0 (#1109)
938c1fa chore(deps): Bump github.com/alecthomas/participle/v2 from 2.0.0-beta.2 to 2.0.0-beta.4 (#1064)
7f15771 chore(deps): Bump github.com/alecthomas/participle/v2 from 2.0.0-beta.4 to 2.0.0-beta.5 (#1135)
579182b chore(deps): Bump github.com/bufbuild/buf from 1.6.0 to 1.7.0 in /tools (#1118)
54a33ac chore(deps): Bump github.com/fullstorydev/grpcurl from 1.8.6 to 1.8.7 in /tools (#1165)
ac8003b chore(deps): Bump github.com/gdamore/tcell/v2 from 2.5.1 to 2.5.2 (#1122)
33111b5 chore(deps): Bump github.com/google/cel-go from 0.12.2 to 0.12.3 (#1084)
a58ef5e chore(deps): Bump github.com/google/cel-go from 0.12.3 to 0.12.4 (#1086)
d44ca68 chore(deps): Bump github.com/google/gops from 0.3.24 to 0.3.25 (#1080)
bb4b28c chore(deps): Bump github.com/goreleaser/goreleaser from 1.10.2 to 1.10.3 in /tools (#1117)
0a96b31 chore(deps): Bump github.com/goreleaser/goreleaser from 1.9.2 to 1.10.2 in /tools (#1074)
67a1b52 chore(deps): Bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.10.3 to 2.11.0 (#1099)
d8b77e5 chore(deps): Bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.10.3 to 2.11.0 in /tools (#1102)
7b7726b chore(deps): Bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.11.0 to 2.11.1 (#1115)
4b509b0 chore(deps): Bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.11.0 to 2.11.1 in /tools (#1116)
640273f chore(deps): Bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.11.1 to 2.11.2 (#1134)
b37e97f chore(deps): Bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.11.1 to 2.11.2 in /tools (#1139)
c43f6ca chore(deps): Bump github.com/jackc/pgtype from 1.11.0 to 1.12.0 (#1142)
a23f3a5 chore(deps): Bump github.com/jackc/pgx/v4 from 4.16.1 to 4.17.0 (#1148)
aa58017 chore(deps): Bump github.com/lestrrat-go/jwx/v2 from 2.0.3 to 2.0.4 (#1098)
655d5d0 chore(deps): Bump github.com/lestrrat-go/jwx/v2 from 2.0.4 to 2.0.5 (#1162)
ed15eec chore(deps): Bump github.com/mattn/go-isatty from 0.0.14 to 0.0.16 (#1163)
bb1f324 chore(deps): Bump github.com/minio/minio-go/v7 from 7.0.29 to 7.0.30 (#1062)
e0cf04d chore(deps): Bump github.com/minio/minio-go/v7 from 7.0.30 to 7.0.31 (#1071)
a98c4a8 chore(deps): Bump github.com/minio/minio-go/v7 from 7.0.31 to 7.0.32 (#1104)
a6cfcbc chore(deps): Bump github.com/minio/minio-go/v7 from 7.0.32 to 7.0.34 (#1146)
0127d50 chore(deps): Bump github.com/oklog/ulid/v2 from 2.0.2 to 2.1.0 (#1089)
c699770 chore(deps): Bump github.com/prometheus/client_golang from 1.12.2 to 1.13.0 (#1141)
8609e96 chore(deps): Bump github.com/pterm/pterm from 0.12.42 to 0.12.44 (#1103)
c695307 chore(deps): Bump github.com/pterm/pterm from 0.12.44 to 0.12.45 (#1112)
a26c0e8 chore(deps): Bump github.com/spf13/afero from 1.8.2 to 1.9.0 (#1088)
5c0b99f chore(deps): Bump github.com/spf13/afero from 1.9.0 to 1.9.2 (#1101)
d7e4813 chore(deps): Bump github.com/stretchr/testify from 1.7.5 to 1.8.0 (#1063)
f1aefe2 chore(deps): Bump github.com/tidwall/sjson from 1.2.4 to 1.2.5 (#1143)
db6e451 chore(deps): Bump github.com/vektra/mockery/v2 from 2.13.1 to 2.14.0 in /tools (#1065)
4d511c4 chore(deps): Bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.32.0 to 0.33.0 (#1078)
0b09de6 chore(deps): Bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.33.0 to 0.34.0 (#1144)
00ee687 chore(deps): Bump go.opentelemetry.io/contrib/propagators/b3 from 1.7.0 to 1.8.0 (#1075)
4c6bb13 chore(deps): Bump go.opentelemetry.io/contrib/propagators/b3 from 1.8.0 to 1.9.0 (#1137)
be25f1f chore(deps): Bump go.opentelemetry.io/otel/bridge/opencensus from 0.30.0 to 0.31.0 (#1073)
afb4e3a chore(deps): Bump go.opentelemetry.io/otel/exporters/jaeger from 1.7.0 to 1.8.0 (#1070)
74e83e3 chore(deps): Bump go.opentelemetry.io/otel/exporters/jaeger from 1.8.0 to 1.9.0 (#1136)
d5536af chore(deps): Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc from 1.7.0 to 1.8.0 (#1079)
df1b729 chore(deps): Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc from 1.8.0 to 1.9.0 (#1138)
d6ddf12 chore(deps): Bump go.uber.org/zap from 1.21.0 to 1.22.0 (#1160)
31570c2 chore(deps): Bump gocloud.dev from 0.25.0 to 0.26.0 (#1145)
775b2b9 chore(deps): Bump golang.org/x/tools from 0.1.11 to 0.1.12 (#1113)
73aa7de chore(deps): Bump golang.org/x/tools from 0.1.11 to 0.1.12 in /hack/tools/testsplit (#1121)
bcdf787 chore(deps): Bump google.golang.org/grpc from 1.47.0 to 1.48.0 (#1087)
39e2d29 chore(deps): Bump google.golang.org/protobuf from 1.28.0 to 1.28.1 (#1114)
cc51090 chore(deps): Bump google.golang.org/protobuf from 1.28.0 to 1.28.1 in /hack/tools/protoc-gen-jsonschema (#1120)
ce076cd chore(deps): Bump helm.sh/helm/v3 from 3.9.0 to 3.9.1 (#1090)
ea98a12 chore(deps): Bump helm.sh/helm/v3 from 3.9.1 to 3.9.2 (#1097)
35d4008 chore(deps): Bump helm.sh/helm/v3 from 3.9.2 to 3.9.3 (#1161)
6d192f4 chore(deps): Bump modernc.org/sqlite from 1.17.3 to 1.18.0 (#1111)
d1e5a1e chore(deps): Bump modernc.org/sqlite from 1.18.0 to 1.18.1 (#1164)
bb1ab85 chore(deps): Use latest otel semconv version (#1149)
c7ede29 chore(perf): Add template for CheckResources request (#1108)
793d2a9 chore(refactor): Replace deprecated CEL options (#1083)
5836299 chore(refactor): Split store interface (#1068)
6612ce2 chore(release): Add 0.19.1 release notes (#1153)
7c92704 chore(release): Add 0.20.0 release notes (#1172)
523fb84 chore(release): Prepare release 0.20.0
e6b692b chore(test): Update E2E setup script (#1150)
140b2f4 chore(version): Bump version to 0.20.0
f9590f5 chore: Add Go report card and Codecov badges (#1060)
488f105 chore: Add function to run policy tests (#1107)
7484b70 chore: Add metadata field to bundle manifest (#1082)
7a2d6b9 chore: Add schema list field to manifest (#1066)
bb9b634 chore: Use golangci-lint binary distribution (#1067)

v0.19.1

1 year ago

Cerbos 0.19.1

View the full release notes at https://docs.cerbos.dev/cerbos/latest/releases/v0.19.1.html

Changelog

Bug fixes

360e726 fix(backport): Allow setting scope on SDK requests (#1152)

Documentation

b5fa416 docs(backport): Add links to PHP SDK (#1092) (#1093)
9c3cc4a docs(backport): Merge cerbos guide into main docs (#1095) (#1105)
87ceb1a docs(backport): Tabs-block multi language quickstart examples (#1126) (#1132)

Chores

365a84e chore(release): Prepare release 0.19.1 (#1154)

v0.19.0

1 year ago

Cerbos 0.19.0

View the full release notes at https://docs.cerbos.dev/cerbos/latest/releases/v0.19.0.html

Changelog

Enhancements

5afb6db enhancement: Export traces via OTLP to a collector (#1017)
21ca214 enhancement: Output detailed index build errors when the number of errors is low (#1038)
c4d06e0 enhancement: Validate schemas when planning queries (#1013)

Bug fixes

8ff3f01 fix: Avoid short-circuit when expressions access non-existent attributes (#1056)
f73beed fix: Handle missing scopes in playground validate API (#1042)
538a42b fix: Transform _&&_/_||_ to and/or in ASTs (#1021)
3b6dc13 fix: Transform maps to lists for membership test (#1032)
0ffaa62 fix: Transform maps to lists in comprehension expressions (#1044)
aca845a fix: Transform membership test in empty list to false (#1059)

Documentation

0a488c1 docs: Add AWS Cognito integration demo docs (#1037)
328392d docs: Add link to AWS Cognito docs in sidebar (#1039)
db7c19f docs: Updating customer logos (#1054)
557f405 docs: Use analogy to explain derived roles (#1015)

Chores

e4634ac chore(ci): Split tests across multiple runners (#1019)
45338eb chore(deps): Bump bufbuild/buf-lint-action from 1.0.0 to 1.0.1 (#1047)
5418ff6 chore(deps): Bump bufbuild/buf-setup-action from 1.5.0 to 1.6.0 (#1048)
adc8a8f chore(deps): Bump github.com/alecthomas/kong from 0.6.0 to 0.6.1 (#1028)
8e18d58 chore(deps): Bump github.com/alecthomas/participle/v2 (#1026)
1a16a49 chore(deps): Bump github.com/alecthomas/participle/v2 from 2.0.0-alpha11 to 2.0.0-beta.2 (#1051)
e8d5e55 chore(deps): Bump github.com/bufbuild/buf from 1.5.0 to 1.6.0 in /tools (#1053)
ba79af5 chore(deps): Bump github.com/fergusstrange/embedded-postgres (#1029)
6a7398d chore(deps): Bump github.com/google/gops from 0.3.23 to 0.3.24 (#1049)
6b57b19 chore(deps): Bump github.com/lestrrat-go/jwx/v2 from 2.0.2 to 2.0.3 (#1025)
1b01fd7 chore(deps): Bump github.com/minio/minio-go/v7 from 7.0.28 to 7.0.29 (#1033)
c8d6e3f chore(deps): Bump github.com/pterm/pterm from 0.12.41 to 0.12.42 (#1050)
7d3743a chore(deps): Bump github.com/stretchr/testify from 1.7.2 to 1.7.5 (#1052)
37e9fc9 chore(deps): Bump github.com/vektra/mockery/v2 from 2.12.3 to 2.13.1 in /tools (#1024)
fd50611 chore(deps): Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc (#1027)
58d53fe chore(deps): Bump google.golang.org/protobuf (#1023)
4546a09 chore(deps): Bump helm/kind-action from 1.2.0 to 1.3.0 (#1022)
c0f491d chore(docs): Fix confdocs panic when no struct tag is provided (#1020)
ab06046 chore(release): Add 0.19.0 release notes (#1057)
3f7d60c chore(release): Prepare release 0.19.0
0931221 chore(test): Fix flaky query plan test by sorting map keys in deterministic order (#1043)
e4c776a chore(test): Fix flaky update store test (#1045)
02c86fc chore(version): Bump version to 0.19.0
fabf0bd chore: Add function to compile a set of files (#1046)
95ceef5 chore: Ignore OpenTelemetry error message about sampler (#1031)