search

openfga / cli

A cross-platform CLI to interact with an OpenFGA server
https://openfga.dev
Apache License 2.0
50 stars 26 forks source link

chore(deps): bump the dependencies group across 1 directory with 3 updates #324

Closed dependabot[bot] closed 6 months ago

dependabot[bot] commented 6 months ago

Bumps the dependencies group with 3 updates in the / directory: github.com/openfga/go-sdk, github.com/openfga/openfga and google.golang.org/protobuf.

Updates github.com/openfga/go-sdk from 0.3.6-0.20240430041914-d27ef8fa20b8 to 0.3.6

Release notes

Sourced from github.com/openfga/go-sdk's releases.

v0.3.6

0.3.6 (2024-04-30)

  • feat: support the ListUsers endpoint (#81)
  • fix: do not call ReadAuthorizationModel on BatchCheck or non-Transactional Write (#78)
  • chore: fix typos in the readme (#91) - thanks @​balaji-dongare
Changelog

Sourced from github.com/openfga/go-sdk's changelog.

v0.3.6

0.3.6 (2024-04-30)

  • feat: support the ListUsers endpoint (#81)
  • feat: add retries to client credential requests (#51)
  • fix: do not call ReadAuthorizationModel on BatchCheck or non-Transactional Write (#78)
  • chore: fix typos in the readme (#91) - thanks @​balaji-dongare

v0.3.5

0.3.5 (2024-02-13)

  • fix: don't escape HTML characters in conditions when marshalling a model

v0.3.4

0.3.4 (2024-01-22)

  • feat: configurable client credentials token url - thanks @​le-yams
  • fix: WriteAuthorizationModel was not passing conditions to API

v0.3.3

0.3.3 (2023-12-21)

  • fix: WriteAuthorizationModel was not passing conditions to API
  • chore: add example project

v0.3.2

0.3.2 (2023-12-20)

  • fix: ListObjects was not passing context to API
  • chore: downgrade target go version to 1.20

v0.3.1

0.3.1 (2023-12-19)

  • feat: oauth2 client credentials support (#62), thanks @​le-yams
  • fix: remove canonical import path from oauth2 packages (#64), thanks @​bketelsen

v0.3.0

0.3.0 (2023-12-11)

  • feat!: initial support for conditions
  • feat: support specifying a port and path for the API (You can now set the ApiUrl to something like: https://api.fga.exampleL8080/some_path)
  • fix: resolve a bug in NewCredentials (#60) - thanks @​harper

... (truncated)

Commits


Updates github.com/openfga/openfga from 1.5.4-0.20240430205231-c4953b813b89 to 1.5.4-rc1

Release notes

Sourced from github.com/openfga/openfga's releases.

v1.5.4-rc1

The v1.5.4-rc1 release is an experimental release candidate that introduces support for the ListUsers API. This endpoint answers the question "what users have relation X with object Y?". This can be used for use cases like share dialogues and notifying users on document changes.

This API can be enabled in the server by passing the --experimentals enable-list-users flag. Also note the OPENFGA_LIST_USERS_MAX_RESULTS, OPENFGA_LIST_USERS_DEADLINE and OPENFGA_MAX_CONCURRENT_READS_FOR_LIST_USERS configuration options.

Note: This is not ready for production use. Currently outstanding issues:

  • Excluded users are not supported, which impacts models that pair wildcards (e.g. user:*) with exclusion (e.g. but not)
  • Chaining multiple exclusion (e.g. but not) operands may not return accurate set of results

Related resources:

Commits


Updates google.golang.org/protobuf from 1.33.0 to 1.34.1

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
stacklok-cloud[bot] commented 6 months ago

Minder Vulnerability Report ✅

Minder analyzed this PR and found no vulnerable dependencies.

Vulnerability scan of d6f760c8:

  • 🐞 vulnerable packages: 0
  • 🛠 fixes available for: 0
stacklok-cloud[bot] commented 6 months ago

Minder analyzed this PR with Trusty and found no dependencies scored lower than your profile threshold.