search

Soluto / tweek

Tweek - an open source feature manager
https://tweek.soluto.io
MIT License
351 stars 50 forks source link

build(deps): bump github.com/open-policy-agent/opa from 0.28.0 to 0.50.0 in /services/gateway #2038

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps github.com/open-policy-agent/opa from 0.28.0 to 0.50.0.

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v0.50.0

This release contains a mix of new features, bugfixes, security fixes, optimizations and build updates related to OPA's published images.

New Built-in Functions: JSON Schema Verification and Validation

These new built-in functions add functionality to verify and validate JSON Schema (#5486) (co-authored by @​jkulvich and @​johanfylling).

  • json.verify_schema: Checks that the input is a valid JSON schema object
  • json.match_schema: Checks that the document matches the JSON schema

See the documentation for all details.

Annotations scoped to package carries across modules

package scoped schema annotations are now applied across modules instead of only local to the module where it's declared (#5251) (authored by @​johanfylling). This change may cause compile-time errors and behavioural changes to type checking when the schemas annotation is used, and to rules calling the rego.metadata.chain() built-in function:

  • Existing projects with the same package declared in multiple files will trigger a rego_type_error: package annotation redeclared error if two or more of these are annotated with the package scope.
  • If using the package scope, the schemas annotation will be applied to type checking also for rules declared in another file than the annotation declaration, as long as the package is the same.
  • The chain of metadata returned by the rego.metadata.chain() built-in function will now contain an entry for the package even if the annotations are declared in another file, if the scope is package.

Remote bundle URL shorthand for run command

To load a remote bundle using opa run, the set directive can be provided multiple times as shown below:

 $ opa run -s --set "services.default.url=https://example.com" \
              --set "bundles.example.service=default" \
              --set "bundles.example.resource=/bundles/bundle.tar.gz" \
              --set "bundles.example.persist=true"

The following command can be used as a shorthand to easily start OPA with a remote bundle (#5674) (authored by @​anderseknert):

$ opa run -s https://example.com/bundles/bundle.tar.gz

Performance Improvements for json.patch Built-in Function

Performance improvements in json.patch were achieved with the introduction of a new EditTree data structure, which is built for applying in-place modifications to an ast.Term, and can render the final result of all edits efficiently by applying all patches in a JSON-Patch sequence rapidly, and then collapsing all edits at the end with minimal wasted ast.Term copying (authored by @​philipaconrad). For more details and benchmarks refer #5494 and #5390.

Surface decision log errors via status API

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

0.50.0

This release contains a mix of new features, bugfixes, security fixes, optimizations and build updates related to OPA's published images.

New Built-in Functions: JSON Schema Verification and Validation

These new built-in functions add functionality to verify and validate JSON Schema (#5486) (co-authored by @​jkulvich and @​johanfylling).

  • json.verify_schema: Checks that the input is a valid JSON schema object
  • json.match_schema: Checks that the document matches the JSON schema

See the documentation for all details.

Annotations scoped to package carries across modules

package scoped schema annotations are now applied across modules instead of only local to the module where it's declared (#5251) (authored by @​johanfylling). This change may cause compile-time errors and behavioural changes to type checking when the schemas annotation is used, and to rules calling the rego.metadata.chain() built-in function:

  • Existing projects with the same package declared in multiple files will trigger a rego_type_error: package annotation redeclared error if two or more of these are annotated with the package scope.
  • If using the package scope, the schemas annotation will be applied to type checking also for rules declared in another file than the annotation declaration, as long as the package is the same.
  • The chain of metadata returned by the rego.metadata.chain() built-in function will now contain an entry for the package even if the annotations are declared in another file, if the scope is package.

Remote bundle URL shorthand for run command

To load a remote bundle using opa run, the set directive can be provided multiple times as shown below:

 $ opa run -s --set "services.default.url=https://example.com" \
              --set "bundles.example.service=default" \
              --set "bundles.example.resource=/bundles/bundle.tar.gz" \
              --set "bundles.example.persist=true"

The following command can be used as a shorthand to easily start OPA with a remote bundle (#5674) (authored by @​anderseknert):

$ opa run -s https://example.com/bundles/bundle.tar.gz

Performance Improvements for json.patch Built-in Function

Performance improvements in json.patch were achieved with the introduction of a new EditTree data structure, which is built for applying in-place modifications to an ast.Term, and can render the final result of all edits efficiently by applying all patches in a JSON-Patch sequence rapidly, and then collapsing all edits at the end with minimal wasted ast.Term copying (authored by @​philipaconrad). For more details and benchmarks refer #5494 and #5390.

Surface decision log errors via status API

... (truncated)

Commits
  • 50d14ac Prepare v0.50.0 release
  • ed97b78 docs: Add example of decision log error surfaced via status (#5745)
  • dadf43f build(deps): bump github.com/golang/protobuf from 1.5.2 to 1.5.3
  • b36da40 [server/identifier] Support SPIFFEID use in authz (#5742)
  • f24f18e Retract pre go module OPA versions (#5741)
  • 85a10ff build: bump golang 1.20.1 -> 1.20.2 (#5740)
  • 46d0f05 docs: Update generated CLI docs
  • fbfa705 [ast/opa parse] Support marshalling of all ast location data (#5576)
  • 9e97f98 This change allows the HTTP clients to consume and send gzip compressed respo...
  • dc37446 Add 2U to adopters.md
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

Superseded by #2041.