Next | Query returned 56 messages, browsing 21 to 30 | Previous

History of commit frequency

CVS Commit History:


   2023-10-29 15:48:24 by Benny Siegert | Files touched by this commit (152)
Log message:
Revbump all Go packages because go121 is now the default
   2023-10-15 14:04:35 by Benny Siegert | Files touched by this commit (155) | Package updated
Log message:
Revbump all Go packages after go120 security update
   2023-09-28 21:40:58 by Leonardo Taccari | Files touched by this commit (3) | Package updated
Log message:
opa: Update to 0.57.0

Changes:
0.57.0
------
This release contains an updated Rego syntax to allow general
references in rule heads, and a mix of new features and bugfixes.
Support for General References in Rule Heads

In OPA 0.56.0, we introduced support for general references in rule
heads as an experimental feature.  It has now graduated to a fully
supported feature, and is no longer experimental.

A general reference is a reference with variables at arbitrary locations.
In Rego, partial rules are used for generating sets and objects.
In previous versions of OPA, variables were only allowed in the very
last position in the rule's reference.
Now, Rego has been expanded to allow rules to be declared with general
references in their head, with variables at arbitrary locations.
   2023-09-08 21:06:15 by Benny Siegert | Files touched by this commit (154) | Package updated
Log message:
Revbump all Go packages after go120 update
   2023-09-06 11:24:49 by Leonardo Taccari | Files touched by this commit (3)
Log message:
opa: Update to 0.56.0

Changes:
v0.56.0
-------
This release contains a mix of new features, bugfixes and a new builtin
function.

### Support for General References in Rule Heads (Experimental)

A new experimental feature in OPA is support for general refs in rule
heads. Where a general ref is a reference with variables at arbitrary
locations.

```rego
package example

import future.keywords

# Converting a flat list of users to a mapping by "role" and then \ 
"id".
users_by_role[role][id] := user if {
    some user in data.users
    id := user.id
    role := user.role
}

# Explicit "admin" key override to the above mapping.
users_by_role.admin[id] := user if {
    some user in data.admins
    id := user.id
}

# Leaf entries can be multi-value.
users_by_country[country] contains user.id if {
    some user in data.users
    country := user.country
}
```

General refs are currently not supported by the OPA planner, making
this feature unsupported for Wasm and IR.

Note: this feature is disabled by default, and needs to be enabled by
setting the `EXPERIMENTAL_GENERAL_RULE_REFS` environment variable (once
the feature is complete - supports Wasm and IR - this requirement will
be dropped).

### New Built-In Function: `numbers.range_step`

Similar to the `numbers.range` built-in function, `numbers.range_step`
returns an array of numbers in a given range. The new built-in function
also allows you to control the _step between each entry_.

### Breaking changes

Since its introduction in 0.34.0, the `--exit-zero-on-skipped` option
always made the `opa test` command return an exit code 0. When used, it
now returns the exit code 0 only if no failed tests were found.

Test runs on existing projects using `--exit-zero-on-skipped` will fail
if any failed tests were inhibited by this behavior.
   2023-08-26 18:31:41 by Benny Siegert | Files touched by this commit (149) | Package updated
Log message:
Revbump all Go packages after go120 update
   2023-08-10 23:41:50 by Leonardo Taccari | Files touched by this commit (3)
Log message:
opa: Update to 0.55.0

Changes:
0.55.0
------
This release contains a mix of new features, bugfixes and a new builtin
function.

### Honor `default` keyword on functions

Previously if a function was defined with a `default` value, OPA would
ignore it. Now the `default` function is honored if all functions with
the same name are undefined. For example,

The value of a `default` function follows the same conditions as that
of a `default` rule. In addition, a `default` function satisfies the
following properties:

- same arity as other functions with the same name
- arguments should only be plain variables ie. no composite values
- argument names should not be repeated

### New Built-In Function: crypto.parse_private_keys

`crypto.parse_private_keys` returns zero or more private keys from the
given encoded string containing DER certificate data.  If the input
contains a list of one or more concatenated PEM blocks, then the
built-in will output the parsed private keys represented as objects.
   2023-07-23 18:25:52 by Leonardo Taccari | Files touched by this commit (3)
Log message:
opa: Update to 0.54.0

Changes:
v0.54.0
This release focuses on bug fixes, but also includes some improvements
to the SDK and commandline.

Note: This will be the last OPA release to support building with Golang
1.18. (Golang 1.21 is expected to be released in August. Keeping the
support for 1.18 is blocking OPA from upgrading OpenTelemetry.)

### Topdown and Rego

- Add unwrap functionality to topdown.Error
- Lazy obj performance
- ast: Only realizing `lazyObj` when compared against other object type
- ast: Fixing issue in type-checker where partial objects couldn't have key
  overrides of divergent type
- planner: CallDynamic regression fix
- fmt: Fix `fmt` panic in comprehension with comments
- topdown: Format integer numbers without exponent
- topdown: Fix panic in partial eval with ref head rule
- Fixed a bug in `object.union_n` where nested objects were mutated
- Fixed the issue of the `object.subset` method failing to correctly
  compare array relationships
- topdown: Fixed caching race condition issue in `http.send`
- Allow time formatting constants in rego `time.format` and `time.parse_ns`

### Runtime, Tooling, SDK

- Add `--schema` flag to `opa test`
- Add ability to specify namespace for optimized files
- Fix for the issue when OPA throws misleading error
  (storage_not_found_error) message while loading the delta bundle when
  persist property in config is true.
- cmd: Update storage when a file remove op is detected
- cmd: Add support for watch mode in opa test
- download: Pass request to docker.Authorizer
- plugins/discovery: Fix discovery erasing `persistence_directory` config
- plugins/discovery: Fix persistence of discovery bundle
- Add tracing to bundle/discovery download
- Fallback on embedded timezone database if `tzdata` is not found on filesystem
- extensibility: Adding hooks (plugins, discovery, sdk)
- sdk: allow passing in a separate `Store` implementation in SDK
- config: Show "extra", unknown fields in `/v1/config` API result
   2023-07-15 12:53:10 by Benny Siegert | Files touched by this commit (151) | Package updated
Log message:
Revbump all Go packages after go120 update
   2023-06-28 16:16:00 by Leonardo Taccari | Files touched by this commit (3) | Package updated
Log message:
opa: Update to 0.53.1

Changes:
v0.53.1
This is a bug fix release.

v0.53.0
This release contains some enhancements, bugfixes, and a new builtin function.

- New built-in function `crypto.x509.parse_keypair`: Returns a key pair
  from a pair of PEM or base64 encoded strings of data.
- `http.send`: Add a new option to the `http.send` input object which
  allows policy authors to specify a retry count for executing a HTTP
  request. Retries are performed with an exponential backoff delay

v0.52.0
This release contains some enhancements, bugfixes, and a new builtin function.

### Allow Adding Labels via Discovery

Previously OPA did not allow any updates to the labels provided in the
boot configuration via the discovered (ie. service) config. This was
done to avoid breaking the discovery configuration. But there are use
cases where labels can serve as a convenient way to pass information
that could be used in policies, status updates or decision logs. This
change allows additional labels to be configured in the service config
which are then made available during runtime.

See the Discovery documentation at
<https://www.openpolicyagent.org/docs/v0.52.0/management-discovery/#limitations>
for more details.

### New Built-In Function: crypto.hmac.equal

`crypto.hmac.equal` provides a convenient way to compare hashes
generated by the MD5, SHA-1, SHA-256 and SHA-512 hashing algorithms.

See the documentation on the new built-in:

<https://www.openpolicyagent.org/docs/v0.52.0/policy-reference/#builtin-crypto-cryptohmacequal>
for all the details.

### Extend Authentication Methods Supported by OCI Downloader

Previously the OCI Downloader had support for only three types of
authentication methods, namely `Client TLS Certificates`, `Basic
Authentication` and `Bearer Token`. This change adds support for other
authentication methods such as AWS
Signature, GCP Metadata Token.

### Update Profiler Output With Number of Generated Expressions

The number of EVAL/REDO counts in the profile result are sometimes
difficult to understand. This is mainly due to the fact that the
compiler rewrites expressions and assigns the same location to each
generated expression and the profiler keys the counters by the
location. To provide more clarity, the profile output now includes the
number of generated expressions for each given expression thereby
helping to better understand the result and also how the evaluation
works.

See the Profiling documentation at
<https://www.openpolicyagent.org/docs/v0.52.0/policy-performance/#profiling>
for more details.

Next | Query returned 56 messages, browsing 21 to 30 | Previous