This is a bug fix release that addresses the following:
storage/disk: make symlinks work with relative paths (#4869)
bundle: Normalize paths before bundle root check
v0.42.1
This is a bug fix release that addresses the following:
An issue while writing data to the in-memory store at a non-root nonexistent path (#4855), reported by @wermerb and others.
Policies owned by a bundle could be replaced via the REST API because of a missing bundle scope check (#4846).
Adds missing future.keywords import for the examples in the policy testing section of the docs (#4849), reported by @robert-elles.
v0.42.0
This release contains a number of fixes and enhancements.
New built-in function: object.subset
This function checks if a collection is a subset of another collection. It works on objects, sets, and arrays.
If both arguments are objects, then the operation is recursive, e.g. {"c": {"x": {10, 15, 20}}
is considered a subset of {"a": "b", "c": {"x": {10, 15, 20, 25}, "y": "z"}.
This is a bug fix release that addresses the following:
storage/disk: make symlinks work with relative paths (#4869)
bundle: Normalize paths before bundle root check
0.42.1
This is a bug fix release that addresses the following:
An issue while writing data to the in-memory store at a non-root nonexistent path (#4855), reported by @wermerb and others.
Policies owned by a bundle could be replaced via the REST API because of a missing bundle scope check (#4846).
Adds missing future.keywords import for the examples in the policy testing section of the docs (#4849), reported by @robert-elles.
0.42.0
This release contains a number of fixes and enhancements.
New built-in function: object.subset
This function checks if a collection is a subset of another collection.
It works on objects, sets, and arrays.
If both arguments are objects, then the operation is recursive, e.g. {"c": {"x": {10, 15, 20}}
is considered a subset of {"a": "b", "c": {"x": {10, 15, 20, 25}, "y": "z"}.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps github.com/open-policy-agent/opa from 0.28.0 to 0.42.2.
Release notes
Sourced from github.com/open-policy-agent/opa's releases.
... (truncated)
Changelog
Sourced from github.com/open-policy-agent/opa's changelog.
... (truncated)
Commits
efcf506
Prepare Release 0.42.216bae6c
CI: remove trivy from PRs, add CVE-2022-1996 to ignores (#4867)e6626cd
bundle: Normalize paths before bundle root checkdb3a4e7
storage/disk: make symlinks work with relative paths (#4870)60b7193
Prepare v0.42.1 release2819143
server: check old policy path for bundle ownership (#4847)22641e5
docs/policy-testing: add missing future.keywords imports (#4852)fa6ccbc
storage/inmem: Create path if does not exist during truncate (#4853)9b5fb9b
Prepare release v0.42.0 (#4834)7305b16
server: pass IQBC to authorizer (#4838)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)