Update cedar-policy requirement from 3.3.0 to 4.0.0

[dependabot[bot]]

Updates the requirements on cedar-policy to permit the latest version.

Release notes

Sourced from cedar-policy's releases.

v4.0.0

Added

• Additional functionality to the JSON FFI including parsing utilities (#1079) and conversion between the Cedar and JSON formats (#1087)
• (*) Schema JSON syntax now accepts a type EntityOrCommon representing a typename that can resolve to either an entity or common type, matching the behavior of typenames written in the human-readable (Cedar) syntax. (#1060, as part of resolving #579)

Changed

• (*) Implemented RFC 70. In both the Cedar and JSON schema syntaxes, it is now illegal to define the same entity name, common type name, or action name in both the empty namespace and a nonempty namespace.
• (*) Implemented RFC 52. Names containing __cedar (e.g., __cedar, A::__cedar, __cedar::A, and A::__cedar::B) are now invalid. (#969)
• The API around Request::new has changed to remove the Options around the entity type arguments. See RFC 55.
• Replaced uses of "natural", "human", "human-readable", and "custom" with "Cedar" (#1114). APIs with these names are changed accordingly. E.g., Schema::from_str_natural to Schema::from_cedarschema_str. Moreover, the FromStr implementations of Schema and SchemaFragment now parse strings in the Cedar schema format. Use Schema::from_json_str and SchemaFragment::from_json_str to parse strings in the JSON schema format.
• Significantly reworked all public-facing error types to address some issues and improve consistency. See issue #745.
• Finalized the ffi module and cedar-wasm crate which were preview-released in 3.2.0. This involved API breaking changes in both. See #757 and #854.
• (*) Changed policy validation to reject comparisons and conditionals between record types that differ in whether an attribute is required or optional. (#769)
• (*) Improved consistency between JSON and Cedar schema formats. Both now forbid using Bool, Boolean, Entity, Extension, Long, Record, Set, and String as common type names. (#1150, resolving #1139)
• Changed the FFI to error on typos or unexpected fields in the input JSON (#1041)
• Changed Policy::parse and Template::parse to accept an Option<PolicyId> instead of Option<String> to set the policy id (#1055, resolving #1049)
• PolicySet::template_annotation now returns Option<&str> as opposed to Option<String> in the previous version (#1131, resolving #1116)
• Moved <PolicyId as FromStr>::Err to Infallible (#588, resolving #551)
• Removed unnecessary lifetimes from some validation related structs (#715)
• Marked errors/warnings related to parsing and validation as non_exhaustive, allowing future variants to be added without a breaking change. (#1137, #1169)

Removed

• (*) Removed unspecified entity type. See RFC 55.
• Removed integration testing harness from the cedar-policy crate. It is now in an internal crate, allowing us to make semver incompatible changes. (#857)

... (truncated)

Commits

• 85ff652 Remove duplicated method (#1205)
• a15e77e Backport 1190, 1194, and 1197 to 4.0.x release branch (#1203)
• 0fafed1 Pull in PRs (#1187)
• c800c43 copy in release-branch changelog stubs to 4.0.x (#1174)
• 4e5fd3b Revert "Add Entity Manifests to Cedar (#1102)" (#1173)
• 6aa2071 some refactoring in types.rs (#1172)
• a2e0315 changelog pass in preparation for 4.0 release (#1170)
• 6d386a8 Update deny.toml (#1168)
• d846083 add non_exhaustive to a couple more types (#1169)
• fc699ab Update lalrpop-util requirement from 0.20.0 to 0.21.0 (#1164)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[vercel[bot]]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
mega	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Sep 18, 2024 9:03am