Releases: authzed/spicedb
Releases · authzed/spicedb
v1.29.5
This release adds support for a phased migration in Spanner, and is otherwise the same as v1.29.2
Full Changelog: 1.29.2...v1.29.5
Docker Images
This release is available at authzed/spicedb:v1.29.5, quay.io/authzed/spicedb:v1.29.5, ghcr.io/authzed/spicedb:v1.29.5
v1.29.2
Highlights
This is primarily a bugfix release to address GHSA-h3m7-rqc4-7h9p
What's Changed
- Fix typo in datastore by @josephschorr in #1726
- Add a retry to PG connections to reduce test flakiness by @josephschorr in #1727
- Update runc dependency for reported vuln in runc by @josephschorr in #1736
- Bump golang from 1.21.5-alpine3.18 to 1.21.6-alpine3.18 by @dependabot in #1733
- Bump github.com/jackc/pgx/v5 from 5.4.3 to 5.5.2 by @dependabot in #1730
- Bump github.com/aws/aws-sdk-go from 1.45.26 to 1.50.10 by @dependabot in #1737
- Bump github.com/prometheus/client_golang from 1.17.0 to 1.18.0 by @dependabot in #1732
- Bump google.golang.org/grpc from 1.59.0 to 1.61.0 by @dependabot in #1734
- Bump google.golang.org/api from 0.152.0 to 0.161.0 by @dependabot in #1735
- Add missing datastore READMEs by @josephschorr in #1738
- Clarify that the datastore-revision-quantization-max-staleness-percent is a float value by @josephschorr in #1740
- Prevent the staleness of an optimized revision from exceeding the GC window by @josephschorr in #1741
- Reduce memory usage of WriteSchema by @josephschorr in #1743
- fixes pgx min connection count always being set to max count by @vroldanbet in #1747
Full Changelog: v1.29.1...v1.29.2
Docker Images
This release is available at authzed/spicedb:v1.29.2, quay.io/authzed/spicedb:v1.29.2, ghcr.io/authzed/spicedb:v1.29.2
Contributors
josephschorr, vroldanbet, and dependabot
Assets 16
v1.29.1
What's Changed
- Add some invalid schema tests as per a recently reported error by @josephschorr in #1713
- Add invalid permission tests onto the various permissions APIs by @josephschorr in #1714
- Change telemetry failure to a warning and have Postgres check for its unique ID on startup by @josephschorr in #1717
- Respect dispatch concurrency limits for clusterdispatch by @sashayakovtseva in #1676
- implements schema watch support for MemDB by @vroldanbet in #1720
- fix broken v1alpha gRPC reflection support by @vroldanbet in #1718
- HLC Parsing fixes by @josephschorr in #1724
- Fix flaky Postgres GC tests by @josephschorr in #1655
- Add additional datastore revision tests by @josephschorr in #1725
New Contributors
- @sashayakovtseva made their first contribution in #1676
Full Changelog: v1.29.0...v1.29.1
Docker Images
This release is available at authzed/spicedb:v1.29.1, quay.io/authzed/spicedb:v1.29.1, ghcr.io/authzed/spicedb:v1.29.1
Contributors
josephschorr, vroldanbet, and sashayakovtseva
Assets 15
v1.29.1-rc1
What's Changed
- Add some invalid schema tests as per a recently reported error by @josephschorr in #1713
- Add invalid permission tests onto the various permissions APIs by @josephschorr in #1714
- Change telemetry failure to a warning and have Postgres check for its unique ID on startup by @josephschorr in #1717
- Respect dispatch concurrency limits for clusterdispatch by @sashayakovtseva in #1676
- implements schema watch support for MemDB by @vroldanbet in #1720
- fix broken v1alpha gRPC reflection support by @vroldanbet in #1718
- HLC Parsing fixes by @josephschorr in #1724
- Fix flaky Postgres GC tests by @josephschorr in #1655
- Add additional datastore revision tests by @josephschorr in #1725
New Contributors
- @sashayakovtseva made their first contribution in #1676
Full Changelog: v1.29.0...v1.29.1-rc1
Docker Images
This release is available at authzed/spicedb:v1.29.1-rc1, quay.io/authzed/spicedb:v1.29.1-rc1, ghcr.io/authzed/spicedb:v1.29.1-rc1
Contributors
josephschorr, vroldanbet, and sashayakovtseva
Assets 16
v1.29.0
Highlights
🔊 New foundation in Datastore Watch API now streams checkpoint revisions and schema changes
🥽 Postgres datastore now supports new experimental Schema Cache
⏰ Watch API now supports write timeouts
Warning
A bug has been identified in this release around handling of CRDB timestamps. Its recommended to move to v1.29.1
What's Changed
- bulk import: reduce allocations by allocation a value buffer by @vroldanbet in #1658
- Don't call ObserveDuration more than one in the observable proxy by @josephschorr in #1666
- Fix garbage collector interval and backoff resets by @chriskdon in #1663
- crdb: don't allow relationship counters to go negative by @ecordell in #1657
- Fix handling of NULL caveats in Postgres watch by @josephschorr in #1668
- make datastore metrics more representative of the actual underlying datastore by @vroldanbet in #1669
- CRDB: adds missing observability for Watch API by @vroldanbet in #1656
- Bump cloud.google.com/go/spanner from 1.51.0 to 1.53.0 by @dependabot in #1670
- Bump go.opentelemetry.io/otel/trace from 1.20.0 to 1.21.0 by @dependabot in #1671
- Bump github.com/spf13/cobra from 1.7.0 to 1.8.0 by @dependabot in #1674
- Bump google.golang.org/api from 0.149.0 to 0.152.0 by @dependabot in #1673
- Bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.46.0 to 0.46.1 by @dependabot in #1672
- Bump golang from 1.21.3-alpine3.18 to 1.21.4-alpine3.18 by @dependabot in #1675
- Move the diff library into pkg for use by external tooling by @josephschorr in #1677
- schemadsl/compiler: optionally skip validation by @jzelinskie in #1679
- Make sure to clone metadata in LR before changing by @josephschorr in #1680
- decorate check dispatch spans with caching and singleflight attributes by @vroldanbet in #1678
- fixes datastore command not using the
spicedbprefix for ENV by @vroldanbet in #1682 - fixes regression in Schema Watch led schema caching by @vroldanbet in #1684
- fixes regression in compiler.Compile() contract by @vroldanbet in #1683
- Add an integration test for schema watch by @josephschorr in #1685
- Use logger from context in RedactAndLogSensitiveConnString by @bison in #1686
- Watch improvements in datastore by @josephschorr in #1681
- Move to Go 1.21.5 for external vuln fixed in crypto lib by @josephschorr in #1690
- authenticate with docker to raise rate-limits by @vroldanbet in #1691
- Ignore the source position when diffing permission expressions by @josephschorr in #1689
- fixes WriteRelationships/BulkImport GRPC error codes on conflicts and retryable errors by @vroldanbet in #1688
- .github: use public-read-only docker account by @jzelinskie in #1694
- pkg/proto: upgrade vtprotobuf to support WKTs by @jzelinskie in #1693
- Major cleanup and improvements around revision handling in the datastores by @josephschorr in #1695
- Bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.46.0 to 0.46.1 by @dependabot in #1697
- Bump github.com/jzelinskie/stringz from 0.0.2 to 0.0.3 by @dependabot in #1700
- Bump github.com/google/uuid from 1.4.0 to 1.5.0 by @dependabot in #1699
- Bump golang.org/x/mod from 0.13.0 to 0.14.0 by @dependabot in #1698
- Fix flakiness of HLC changes test by @josephschorr in #1701
- Bump github.com/samber/lo from 1.38.1 to 1.39.0 by @dependabot in #1696
- Small micro-optimizations around set performance by @josephschorr in #1702
- Add Union and Merge to Set by @josephschorr in #1704
- expose revision parsing function for tests by @vroldanbet in #1705
- Watch revision checkpoints using memdb datastore by @alecmerdler in #1706
- Add timeout to watch buffers by @josephschorr in #1707
- Switch HLC timestamps to be stored as an array of two int64s by @josephschorr in #1709
- makes less verbose CRDB connection balacer by @vroldanbet in #1708
- compiler: adds a helper method to require any object type prefix by @vroldanbet in #1710
- Have spiceerrors.MustBugf contain the full stack trace of the bug by @josephschorr in #1711
New Contributors
- @chriskdon made their first contribution in #1663
- @bison made their first contribution in #1686
- @alecmerdler made their first contribution in #1706
Full Changelog: v1.28.0...v1.29.0
Docker Images
This release is available at authzed/spicedb:v1.29.0, quay.io/authzed/spicedb:v1.29.0, ghcr.io/authzed/spicedb:v1.29.0
Contributors
ecordell, bison, and 6 other contributors
Assets 15
v1.28.0
What's Changed
- fix dispatch deduplication regression by @vroldanbet in #1643
- use internal/logging instead of zerolog global logger by @vroldanbet in #1647
- singleflight dispatch: adds a fallback in case the traversal bloom is not present by @vroldanbet in #1648
- Add missing combined recursive test case by @josephschorr in #1645
- Add additional expand canonical key tests by @josephschorr in #1649
- singleflight dispatcher: do not double-singleflight on remote cluster dispatch by @vroldanbet in #1650
- Disable the default GC process in PG GC tests by @josephschorr in #1654
- Add a
datastore repaircommand for revisions from Postgres backups by @josephschorr in #1642 - crdb: fix watch error: %!s() by @vroldanbet in #1660
Docker Images
This release is available at authzed/spicedb:v1.28.0, quay.io/authzed/spicedb:v1.28.0, ghcr.io/authzed/spicedb:v1.28.0
Contributors
josephschorr and vroldanbet
Assets 15
v1.28.0-rc1
What's Changed
- Add missing combined recursive test case by @josephschorr in #1645
- Add additional expand canonical key tests by @josephschorr in #1649
- singleflight dispatcher: do not double-singleflight on remote cluster dispatch by @vroldanbet in #1650
- Disable the default GC process in PG GC tests by @josephschorr in #1654
- Add a
datastore repaircommand for revisions from Postgres backups by @josephschorr in #1642 - crdb: fix watch error: %!s() by @vroldanbet in #1660
Full Changelog: v1.27.1-rc1...v1.28.0-rc1
Docker Images
This release is available at authzed/spicedb:v1.28.0-rc1, quay.io/authzed/spicedb:v1.28.0-rc1, ghcr.io/authzed/spicedb:v1.28.0-rc1
Contributors
josephschorr and vroldanbet
Assets 15
v1.27.1-rc1
What's Changed
- fix dispatch deduplication regression by @vroldanbet in #1643
- use internal/logging instead of zerolog global logger by @vroldanbet in #1647
- singleflight dispatch: adds a fallback in case the traversal bloom is not present by @vroldanbet in #1648
Full Changelog: v1.27.0...v1.27.1-rc1
Docker Images
This release is available at authzed/spicedb:v1.27.1-rc1, quay.io/authzed/spicedb:v1.27.1-rc1, ghcr.io/authzed/spicedb:v1.27.1-rc1
Contributors
vroldanbet
Assets 16
v1.27.0
Docker Images
This release is available at authzed/spicedb:v1.27.0, quay.io/authzed/spicedb:v1.27.0, ghcr.io/authzed/spicedb:v1.27.0
What's Changed
- Optimistic locking on Spanner read/write transactions by @jzelinskie in #1590
- .github: move to buildjet by @jzelinskie in #1591
- spanner: add missing calls to RowIterator.Stop by @vroldanbet in #1592
- Some improvements to tracing UX by @vroldanbet in #1595
- middleware/consistency: fix source of atLeast by @jzelinskie in #1597
- Revert Optimistic Locking in Spanner by @vroldanbet in #1599
- tracing ux: enriches traversal operations by @vroldanbet in #1596
- propagates gRPC errors in graph package by @vroldanbet in #1598
- Disable spanner gzip compression by @vroldanbet in #1601
- Add a map of revision parsing functions by engine kind by @josephschorr in #1604
- Add support for experimental secondary dispatching by @josephschorr in #1603
- Add a golden unit test for parser associativity by @josephschorr in #1605
- Have diff of namespaces and caveats report changes to comments by @josephschorr in #1606
- add singleflight check dispatch by @vroldanbet in #1607
- More spanner observability / Go Scheduler metrics by @vroldanbet in #1609
- fix grpc-health-probe flagged by trivy by @vroldanbet in #1613
- dispatch: singleflight expand by @jzelinskie in #1617
- datastore/proxy: add singleflight proxy by @jzelinskie in #1610
- do not open a new Spanner client for version checks by @vroldanbet in #1616
- Add schema watch support in Spanner datastore driver by @josephschorr in #1588
- log payloads, and add grpc duration as an integer by @vroldanbet in #1615
- Run postgres datastore tests with pgbouncer by @bradengroom in #1594
- MySQL: introduces an index to speed up Watch API calls by @vroldanbet in #1566
- Fix benchmark test for changes in ReadWriteTx by @josephschorr in #1623
- derive Spanner default gRPC connection count from GOMAXPROCS by @vroldanbet in #1622
- Ensure all datastores return an error if accessed after Close by @josephschorr in #1624
- Remove support for MySQL v5 by @josephschorr in #1625
- introduces flags to set min/max Spanner sessions by @vroldanbet in #1627
- Fix error redaction in MySQL driver by @josephschorr in #1628
- adds flags to enable block and mutex profiles by @vroldanbet in #1621
- do not create custom canceled graph error by @vroldanbet in #1629
- Bump github.com/google/uuid from 1.3.1 to 1.4.0 by @dependabot in #1634
- Bump google.golang.org/grpc from 1.58.3 to 1.59.0 by @dependabot in #1633
- Bump github.com/golangci/golangci-lint from 1.54.2 to 1.55.1 by @dependabot in #1636
- Bump github.com/prometheus/common from 0.44.0 to 0.45.0 by @dependabot in #1632
- Fix flake in Postgres GC revision test by ensuring GC is run by @josephschorr in #1631
- Fix the caveat expr limit to be processed by our code by @josephschorr in #1638
- Bump google.golang.org/api from 0.147.0 to 0.149.0 by @dependabot in #1635
- Fix handling of recursive calls via singleflight dispatch by @josephschorr in #1640
Full Changelog: v1.26.0...v1.27.0
Contributors
jzelinskie, bradengroom, and 3 other contributors
Assets 15
v1.27.0-rc1
What's Changed
- Optimistic locking on Spanner read/write transactions by @jzelinskie in #1590
- .github: move to buildjet by @jzelinskie in #1591
- spanner: add missing calls to RowIterator.Stop by @vroldanbet in #1592
- Some improvements to tracing UX by @vroldanbet in #1595
- middleware/consistency: fix source of atLeast by @jzelinskie in #1597
- Revert Optimistic Locking in Spanner by @vroldanbet in #1599
- tracing ux: enriches traversal operations by @vroldanbet in #1596
- propagates gRPC errors in graph package by @vroldanbet in #1598
- Disable spanner gzip compression by @vroldanbet in #1601
- Add a map of revision parsing functions by engine kind by @josephschorr in #1604
- Add support for experimental secondary dispatching by @josephschorr in #1603
- Add a golden unit test for parser associativity by @josephschorr in #1605
- Have diff of namespaces and caveats report changes to comments by @josephschorr in #1606
- add singleflight check dispatch by @vroldanbet in #1607
- More spanner observability / Go Scheduler metrics by @vroldanbet in #1609
- fix grpc-health-probe flagged by trivy by @vroldanbet in #1613
- dispatch: singleflight expand by @jzelinskie in #1617
- datastore/proxy: add singleflight proxy by @jzelinskie in #1610
- do not open a new Spanner client for version checks by @vroldanbet in #1616
- Add schema watch support in Spanner datastore driver by @josephschorr in #1588
- log payloads, and add grpc duration as an integer by @vroldanbet in #1615
- Run postgres datastore tests with pgbouncer by @bradengroom in #1594
- MySQL: introduces an index to speed up Watch API calls by @vroldanbet in #1566
- Fix benchmark test for changes in ReadWriteTx by @josephschorr in #1623
- derive Spanner default gRPC connection count from GOMAXPROCS by @vroldanbet in #1622
- Ensure all datastores return an error if accessed after Close by @josephschorr in #1624
- Remove support for MySQL v5 by @josephschorr in #1625
- introduces flags to set min/max Spanner sessions by @vroldanbet in #1627
- Fix error redaction in MySQL driver by @josephschorr in #1628
- adds flags to enable block and mutex profiles by @vroldanbet in #1621
- do not create custom canceled graph error by @vroldanbet in #1629
Full Changelog: v1.26.0...v1.27.0-rc1
Docker Images
This release is available at authzed/spicedb:v1.27.0-rc1, quay.io/authzed/spicedb:v1.27.0-rc1, ghcr.io/authzed/spicedb:v1.27.0-rc1
Contributors
jzelinskie, bradengroom, and 2 other contributors