Skip to content

v4.11.0

Choose a tag to compare

View all tags
@victornicolet victornicolet released this 18 May 18:40
· 26 commits to main since this release
v4.11.0
d86ed2e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Release 4.11.0, available on crates.io

Added

  • Public syntax tree (pst) module for programmatic construction, inspection, and manipulation of Cedar policies. Accessible via to_pst() / try_into_pst() / from_pst() on Policy, Template, and PolicySet. try_into_pst() consumes the value to avoid cloning. TPE residual policies can be converted to PST for structured inspection of residual expressions. Third-party types used in PST fields (SmolStr, LinkedHashMap, NonEmpty) are re-exported from the pst module. (#816, #366)
  • The Type-aware partial evaluation (TPE) experimental feature now supports template-linked policies. This would previously return a SlotNotSupportedError error.
    This error variant is removed and replaced with UnlinkedSlotError, occurring only when slot in a linked policy is not bound. (#2314).

Fixed

  • Improved Cedar schema parse help for two common syntax mistakes: forgetting appliesTo before an action block, and adding ; after a namespace declaration. (#1043, #1044)
  • FunctionArgumentValidation errors now include a help message describing the expected format for extension function arguments: decimal, ip, datetime, and duration. (#834)
  • Serialization of residual policies with error() nodes does not fail, instead results in JSON with {"error": []}. (#2202)
  • Fixed conversion from protobuf policy sets to public type for policy sets containing templates and template-linked policies. (#2330)
  • Fixed deserialization from protobuf of entity and context attributes containing extension values. (#2344)
Assets 2
Loading