Releases: cedar-policy/cedar
Releases · cedar-policy/cedar
v3.4.0
v2.5.0
v3.3.0
Release 3.3.0, available on crates.io
Added
- JSON representation for Policy Sets, along with methods like
::from_json_value/file/strand::to_jsonforPolicySet. (#783,
resolving #549) - Methods for reading and writing individual
Entitys as JSON (#924,
resolving #807) Context::into_iterto get the contents of aContextandContext::merge
to combineContexts, returning an error on duplicate keys (#1027,
resolving #1013)- Several new APIs for schemas to allow accessing principal and resource
types, action entity uids, etc. (#1141, resolving #1134)
Changed
- Added deprecation warnings to APIs that will be removed in the upcoming 4.0
release, as well as wrapper methods with the new names, where appropriate.
See the notes under that release for more details. (#1128) - Reduced precision of partial evaluation for
||,&&, and conditional
expressions.if { foo : <unknown> }.foo then 1 + "hi" else falsenow
evaluates toif <unknown> then 1 + "hi" else false. (#874) - Removed the
errorextension function, which was previously used during
partial evaluation. (#874)
Fixed
- (*) JSON format Cedar policies will now fail to parse if the action scope
constraint contains a non-action entity type, matching the behavior for
human-readable Cedar policies. (#943, resolving #925) Templateparsing functions (e.g.,Template::parse()) will now fail when
passed a static policy as input. Use thePolicyparsing functions instead.
(#1108, resolving #1095)
v3.2.4
v3.2.1
Release 3.2.1, available on crates.io
Fixed
- Fixed policy formatter dropping newlines in string literals. (#870, #910, resolving #862)
- Fixed a performance issue when constructing an error for accessing
a non-existent attribute on sufficiently large records (#887, resolving #754) - Fixed identifier parsing in human-readable schemas (#914, resolving #913)
- Fixed the typescript generated type for
ffi::AuthorizationCallto remove
unsupported string option (#939) - Fixed Wasm build script to be multi-target in JS ecosystem (#933)
v2.4.7
v3.2.0
Release 3.2.0, available on crates.io
Added
Expression::new_ip,Expression::new_decimal,RestrictedExpression::new_ip,
andRestrictedExpression::new_decimal(#661, resolving #659)Entities::into_iter(#713, resolving #680)Entity::into_inner(#685, resolving #636)- New
ffimodule with an improved FFI interface. This will replace the
frontendmodule in the 4.0 release, but is available now for early adopters;
thefrontendmodule is now deprecated.
This should be considered a preview-release offfi; more API breaking
changes are anticipated for Cedar 4.0. (#852) wasmCargo feature for targeting Wasm (and thecedar-wasmcrate was added
to this repo).
This should be considered a preview-release ofcedar-wasm; more API
breaking changes are anticipated for Cedar 4.0. (#858)
Changed
- Common type definitions in both human-readable and JSON schemas may now
reference other common type definitions. There may not be any cycles formed by
these references. (#766, resolving #154) - Improved validation error messages when incompatible types appear in
if,==,contains,containsAll, andcontainsAnyexpressions. (#809, resolving #346) - Deprecated error
TypeErrorKind::ImpossiblePolicyin favor of warning
ValidationWarningKind::ImpossiblePolicyso future improvements to Cedar
typing precision will not result in breaking changes. (#716, resolving #539) - Rework API for the
partial-evalexperimental feature (#714, #817, #838). - Validation errors for unknown entity types and action entities now
report the precise source location where the unknown type was encountered.
Error for invalid use of an action now includes a source location containing
the offending policy. (#802, #808, resolving #522) - Deprecated the
frontendmodule in favor of the newffimodule. The
frontendmodule will be removed fromcedar-policyin the next major version.
See notes above aboutffi. (#852) - Deprecated the integration testing harness code. It will be removed from the
cedar-policycrate in the next major version. (#707)
Fixed
- Validation error message for an invalid attribute access now reports the
correct attribute and entity type when accessing an optional attribute that is
itself an entity. (#811) - The error message returned when parsing an invalid action scope constraint
action == ?actionno longer suggests thataction == [...]would be a
valid scope constraint. (#818, resolving #563) - Fixed policy formatter reordering some comments around if-then-else and
entity identifier expressions. (#861, resolving #787)
Full Changelog: v3.1.4...v3.2.0
v3.1.4
v2.4.6
v3.1.3
Release 3.1.3, available on crates.io
Changed
- Improve parser errors on unexpected tokens. (#698, partially resolving #176)
- Validation error messages render types in the new, more readable, schema
syntax. (#708, resolving #242) - Improved error messages when
nulloccurs in entity json data. (#751,
resolving #530) - Improved source location reporting for error
found template slot in a when clause.
(#758, resolving #736) - Improved
Displayimplementation for Cedar schemas, both JSON and human
syntax. (#780) - The CLI
translate-schemacommand now produces prettier output.
Fixed
- Support identifiers in context declarations in the human-readable schema
format. (#734, resolving #681)
Full Changelog: v3.1.2...v3.1.3