Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump github.com/open-policy-agent/opa from 0.52.0 to 0.53.0 #404

Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 26, 2023

Bumps github.com/open-policy-agent/opa from 0.52.0 to 0.53.0.

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v0.53.0

This release contains some enhancements, bugfixes, and a new builtin function.

Runtime, Tooling, SDK

  • status: Ensure Status plugin is correctly reconfigured to register or unregister Prometheus Collectors based on the state provided in OPA's active config (#5918) authored by @​johanfylling
  • opa eval: Update OPA eval's --profile-sort flag description to highlight the valid options to sort the profile results (#5924) authored by @​ecbenezra
  • opa fmt: Fix cases in which invalid code was generated due to parentheses being improperly handled (#5537) authored by @​Trolloldem
  • rest: Allow users to configure the AWS STS domain when using Web Identity Credentials (#5915) authored by @​johanfylling
  • status: Add an OPA environment information Gauge to Prometheus metrics to capture information like OPA version (#5852) authored by @​jmoghisi
  • server: Add ability to configure Unix socket permissions if OPA is listening on a Unix socket (#5888) authored by @​ashutosh-narkar
  • loader: Allow extensions to the loader package that provide ability to register handlers for certain file extensions. This feature is currently EXPERIMENTAL (#5940) authored by @​srenatus

Topdown and Rego

  • New built-in function crypto.x509.parse_keypair: Returns a key pair from a pair of PEM or base64 encoded strings of data. See the documentation on the new built-in for all the details. (#5853) authored by @​volck.
  • ast: Abort query evaluation if the compiler has errors. These errors will be exposed via the Status API if enabled (#5947) authored by @​johanfylling
  • io.jwt.decode_verify: Fix issue where token verification succeeded in case where iss constraint was required but JWT did not contain it (#5850) authored by @​AleksanderBrzozowski
  • wasm: Fix memory leaks in WASM when incrementally adding or removing data (#5785) and (#5901) authored by @​ctelfer-sophos
  • http.send: Add a new option to the http.send input object which allows policy authors to specify a retry count for executing a HTTP request. Retries are performed with an exponential backoff delay (#5891) authored by @​ashutosh-narkar
  • ast: Fix issue with _ matching only scalars in rule indexing for arrays (#5916) authored by @​jaspervdj
  • rego: Allow for extending the Rego evaluation targets with plugins (#5939) authored by @​srenatus

Miscellaneous

  • Add PITS Global Data Recovery Services to ADOPTERS.md (authored by @​pheianox)
  • Avoid unnecessary byte/string conversion by using alternative functions/methods (#5944) authored by @​Juneezee
  • False positive finding of CVE-2022-3517 addressed by removing the dead code (#5941) authored by @​testwill
  • Dependency bumps, notably:
    • golang from 1.20.3 to 1.20.4
    • golang.org/x/net from 0.9.0 to 0.10.0
    • google.golang.org/grpc from 1.54.0 to 1.55.0
    • oras.land/oras-go/v2 from 2.0.2 to 2.2.0
    • github.com/prometheus/client_golang from 1.15.0 to 1.15.1
Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

0.53.0

This release contains some enhancements, bugfixes, and a new builtin function.

Runtime, Tooling, SDK

  • status: Ensure Status plugin is correctly reconfigured to register or unregister Prometheus Collectors based on the state provided in OPA's active config (#5918) authored by @​johanfylling
  • opa eval: Update OPA eval's --profile-sort flag description to highlight the valid options to sort the profile results (#5924) authored by @​ecbenezra
  • opa fmt: Fix cases in which invalid code was generated due to parentheses being improperly handled (#5537) authored by @​Trolloldem
  • rest: Allow users to configure the AWS STS domain when using Web Identity Credentials (#5915) authored by @​johanfylling
  • status: Add an OPA environment information Gauge to Prometheus metrics to capture information like OPA version (#5852) authored by @​jmoghisi
  • server: Add ability to configure Unix socket permissions if OPA is listening on a Unix socket (#5888) authored by @​ashutosh-narkar
  • loader: Allow extensions to the loader package that provide ability to register handlers for certain file extensions. This feature is currently EXPERIMENTAL (#5940) authored by @​srenatus

Topdown and Rego

  • New built-in function crypto.x509.parse_keypair: Returns a key pair from a pair of PEM or base64 encoded strings of data. See the documentation on the new built-in for all the details. (#5853) authored by @​volck.
  • ast: Abort query evaluation if the compiler has errors. These errors will be exposed via the Status API if enabled (#5947) authored by @​johanfylling
  • io.jwt.decode_verify: Fix issue where token verification succeeded in case where iss constraint was required but JWT did not contain it (#5850) authored by @​AleksanderBrzozowski
  • wasm: Fix memory leaks in WASM when incrementally adding or removing data (#5785) and (#5901) authored by @​ctelfer-sophos
  • http.send: Add a new option to the http.send input object which allows policy authors to specify a retry count for executing a HTTP request. Retries are performed with an exponential backoff delay (#5891) authored by @​ashutosh-narkar
  • ast: Fix issue with _ matching only scalars in rule indexing for arrays (#5916) authored by @​jaspervdj
  • rego: Allow for extending the Rego evaluation targets with plugins (#5939) authored by @​srenatus

Miscellaneous

  • Add PITS Global Data Recovery Services to ADOPTERS.md (authored by @​pheianox)
  • Avoid unnecessary byte/string conversion by using alternative functions/methods (#5944) authored by @​Juneezee
  • False positive finding of CVE-2022-3517 addressed by removing the dead code (#5941) authored by @​testwill
  • Dependency bumps, notably:
    • golang from 1.20.3 to 1.20.4
    • golang.org/x/net from 0.9.0 to 0.10.0
    • google.golang.org/grpc from 1.54.0 to 1.55.0
    • oras.land/oras-go/v2 from 2.0.2 to 2.2.0
    • github.com/prometheus/client_golang from 1.15.0 to 1.15.1
Commits
  • 5017e8c Prepare v0.53.0 release
  • 6109e6a Aborting query-eval if the compiler has errors (#5949)
  • d3811e2 fix: CVE-2022-3517 (#5941)
  • dfe947a build(deps): bump oras.land/oras-go/v2 from 2.1.0 to 2.2.0 (#5952)
  • 6f543ae rego: allow for extending the rego targets with plugins (#5939)
  • 34d5da4 loader: allow extensions (experimental) (#5940)
  • d3b8772 wasm: Don't order small blocks and add bulk free
  • 63114e9 adds builtin: crypto.x509.parse_keypair.
  • b3ae18d perf: avoid unnecessary byte/string conversion
  • e903f5d Add PITS Global Data Recovery Services to the list of adopters
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 0.52.0 to 0.53.0.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v0.52.0...v0.53.0)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 26, 2023
@jalseth jalseth merged commit 220ce16 into main May 29, 2023
@dependabot dependabot bot deleted the dependabot/go_modules/github.com/open-policy-agent/opa-0.53.0 branch May 29, 2023 23:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant