Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump github.com/open-policy-agent/opa from 0.28.0 to 0.53.0 in /services/gateway #2063

Closed
wants to merge 1 commit into from
Closed

build(deps): bump github.com/open-policy-agent/opa from 0.28.0 to 0.53.0 in /services/gateway #2063

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 29, 2023

Bumps github.com/open-policy-agent/opa from 0.28.0 to 0.53.0.

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v0.53.0

This release contains some enhancements, bugfixes, and a new builtin function.

Runtime, Tooling, SDK

  • status: Ensure Status plugin is correctly reconfigured to register or unregister Prometheus Collectors based on the state provided in OPA's active config (#5918) authored by @​johanfylling
  • opa eval: Update OPA eval's --profile-sort flag description to highlight the valid options to sort the profile results (#5924) authored by @​ecbenezra
  • opa fmt: Fix cases in which invalid code was generated due to parentheses being improperly handled (#5537) authored by @​Trolloldem
  • rest: Allow users to configure the AWS STS domain when using Web Identity Credentials (#5915) authored by @​johanfylling
  • status: Add an OPA environment information Gauge to Prometheus metrics to capture information like OPA version (#5852) authored by @​jmoghisi
  • server: Add ability to configure Unix socket permissions if OPA is listening on a Unix socket (#5888) authored by @​ashutosh-narkar
  • loader: Allow extensions to the loader package that provide ability to register handlers for certain file extensions. This feature is currently EXPERIMENTAL (#5940) authored by @​srenatus

Topdown and Rego

  • New built-in function crypto.x509.parse_keypair: Returns a key pair from a pair of PEM or base64 encoded strings of data. See the documentation on the new built-in for all the details. (#5853) authored by @​volck.
  • ast: Abort query evaluation if the compiler has errors. These errors will be exposed via the Status API if enabled (#5947) authored by @​johanfylling
  • io.jwt.decode_verify: Fix issue where token verification succeeded in case where iss constraint was required but JWT did not contain it (#5850) authored by @​AleksanderBrzozowski
  • wasm: Fix memory leaks in WASM when incrementally adding or removing data (#5785) and (#5901) authored by @​ctelfer-sophos
  • http.send: Add a new option to the http.send input object which allows policy authors to specify a retry count for executing a HTTP request. Retries are performed with an exponential backoff delay (#5891) authored by @​ashutosh-narkar
  • ast: Fix issue with _ matching only scalars in rule indexing for arrays (#5916) authored by @​jaspervdj
  • rego: Allow for extending the Rego evaluation targets with plugins (#5939) authored by @​srenatus

Miscellaneous

  • Add PITS Global Data Recovery Services to ADOPTERS.md (authored by @​pheianox)
  • Avoid unnecessary byte/string conversion by using alternative functions/methods (#5944) authored by @​Juneezee
  • False positive finding of CVE-2022-3517 addressed by removing the dead code (#5941) authored by @​testwill
  • Dependency bumps, notably:
    • golang from 1.20.3 to 1.20.4
    • golang.org/x/net from 0.9.0 to 0.10.0
    • google.golang.org/grpc from 1.54.0 to 1.55.0
    • oras.land/oras-go/v2 from 2.0.2 to 2.2.0
    • github.com/prometheus/client_golang from 1.15.0 to 1.15.1

v0.52.0

This release contains some enhancements, bugfixes, and a new builtin function.

Allow Adding Labels via Discovery

Previously OPA did not allow any updates to the labels provided in the boot configuration via the discovered (ie. service) config. This was done to avoid breaking the discovery configuration. But there are use cases where labels can serve as a convenient way to pass information that could be used in policies, status updates or decision logs. This change allows additional labels to be configured in the service config which are then made available during runtime.

See the Discovery documentation for more details.

Authored by @​mjungsbluth.

New Built-In Function: crypto.hmac.equal

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

0.53.0

This release contains some enhancements, bugfixes, and a new builtin function.

Runtime, Tooling, SDK

  • status: Ensure Status plugin is correctly reconfigured to register or unregister Prometheus Collectors based on the state provided in OPA's active config (#5918) authored by @​johanfylling
  • opa eval: Update OPA eval's --profile-sort flag description to highlight the valid options to sort the profile results (#5924) authored by @​ecbenezra
  • opa fmt: Fix cases in which invalid code was generated due to parentheses being improperly handled (#5537) authored by @​Trolloldem
  • rest: Allow users to configure the AWS STS domain when using Web Identity Credentials (#5915) authored by @​johanfylling
  • status: Add an OPA environment information Gauge to Prometheus metrics to capture information like OPA version (#5852) authored by @​jmoghisi
  • server: Add ability to configure Unix socket permissions if OPA is listening on a Unix socket (#5888) authored by @​ashutosh-narkar
  • loader: Allow extensions to the loader package that provide ability to register handlers for certain file extensions. This feature is currently EXPERIMENTAL (#5940) authored by @​srenatus

Topdown and Rego

  • New built-in function crypto.x509.parse_keypair: Returns a key pair from a pair of PEM or base64 encoded strings of data. See the documentation on the new built-in for all the details. (#5853) authored by @​volck.
  • ast: Abort query evaluation if the compiler has errors. These errors will be exposed via the Status API if enabled (#5947) authored by @​johanfylling
  • io.jwt.decode_verify: Fix issue where token verification succeeded in case where iss constraint was required but JWT did not contain it (#5850) authored by @​AleksanderBrzozowski
  • wasm: Fix memory leaks in WASM when incrementally adding or removing data (#5785) and (#5901) authored by @​ctelfer-sophos
  • http.send: Add a new option to the http.send input object which allows policy authors to specify a retry count for executing a HTTP request. Retries are performed with an exponential backoff delay (#5891) authored by @​ashutosh-narkar
  • ast: Fix issue with _ matching only scalars in rule indexing for arrays (#5916) authored by @​jaspervdj
  • rego: Allow for extending the Rego evaluation targets with plugins (#5939) authored by @​srenatus

Miscellaneous

  • Add PITS Global Data Recovery Services to ADOPTERS.md (authored by @​pheianox)
  • Avoid unnecessary byte/string conversion by using alternative functions/methods (#5944) authored by @​Juneezee
  • False positive finding of CVE-2022-3517 addressed by removing the dead code (#5941) authored by @​testwill
  • Dependency bumps, notably:
    • golang from 1.20.3 to 1.20.4
    • golang.org/x/net from 0.9.0 to 0.10.0
    • google.golang.org/grpc from 1.54.0 to 1.55.0
    • oras.land/oras-go/v2 from 2.0.2 to 2.2.0
    • github.com/prometheus/client_golang from 1.15.0 to 1.15.1

0.52.0

This release contains some enhancements, bugfixes, and a new builtin function.

Allow Adding Labels via Discovery

Previously OPA did not allow any updates to the labels provided in the boot configuration via the discovered (ie. service) config. This was done to avoid breaking the discovery configuration. But there are use cases where labels can serve as a convenient way to pass information that could be used in policies, status updates or decision logs. This change allows additional labels to be configured in the service config which are then made available during runtime.

See the Discovery documentation for more details.

... (truncated)

Commits
  • 5017e8c Prepare v0.53.0 release
  • 6109e6a Aborting query-eval if the compiler has errors (#5949)
  • d3811e2 fix: CVE-2022-3517 (#5941)
  • dfe947a build(deps): bump oras.land/oras-go/v2 from 2.1.0 to 2.2.0 (#5952)
  • 6f543ae rego: allow for extending the rego targets with plugins (#5939)
  • 34d5da4 loader: allow extensions (experimental) (#5940)
  • d3b8772 wasm: Don't order small blocks and add bulk free
  • 63114e9 adds builtin: crypto.x509.parse_keypair.
  • b3ae18d perf: avoid unnecessary byte/string conversion
  • e903f5d Add PITS Global Data Recovery Services to the list of adopters
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump github.com/open-policy-agent/opa in /services/gateway
6e76122 
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.28.0 to 0.53.0.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v0.28.0...v0.53.0)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 29, 2023
@dependabot dependabot bot mentioned this pull request May 29, 2023
Closed
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jun 7, 2023

Superseded by #2064.

@dependabot dependabot bot closed this Jun 7, 2023
@dependabot dependabot bot deleted the dependabot/go_modules/services/gateway/master/github.com/open-policy-agent/opa-0.53.0 branch June 7, 2023 00:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants