-
-
The xtest project originally validated that files created in one version of a client library are able to be read by the others. For the go client, it uses the otdfctl tool.
Over time it has also g…
-
These are some of the most common offenders for version conflicts currently, in my experience. I propose doing a version bump for the listed recipes, about a 100 packages in total. I would add Boost t…
-
# Table of Contents
1. [Background](#background)
2. [Option 1: Obligations as a separate policy construct](#option-1-obligations-as-a-separate-policy-construct)
3. [Option 2: Obligations via flag…
-
The addition of Entity Resolution Service offers the ability to fetch custom data from an IdP or some other source when making an Authorization request. The challenge with this is that it increases th…
-
Allow the ability to deploy a pdb to protect the platform from ever being scaled to 0 during a cluster upgrade or some other event.
https://kubernetes.io/docs/tasks/run-application/configure-pdb/
…
-
The `GetAttributesByValueFQNs` RPC in policy is powered by [an advanced database query](https://github.com/opentdf/platform/blob/main/service/policy/db/query.sql#L85) to join everything relevant about…
-
In the go sdk it was detected that a protocol attack could happen by reading an excessively large manifest. We should introduce the same limits within the java-sdk.
Let's do a test that recreates the…
-
### Background
Due to the decision in https://github.com/opentdf/platform/issues/1296, KAS Grants are supported within policy from a registered KAS to an attribute namespace.
KAS and SDK logic s…
-
There is somewhere in the code that is logging all subject mappings when log level is set to debug. Debug log level should still be performant even when debugging an issue. With the log being so large…