Skip to content

Releases: dbward-dev/dbward

v0.1.6

18 Jun 00:38
@github-actions github-actions
v0.1.6
c463e5b

Choose a tag to compare

View all tags
v0.1.6 Latest
Latest 
chore: release v0.1.6
Assets 26

v0.1.5

15 Jun 01:23
@metapox metapox
v0.1.5
aa8c2ff

Choose a tag to compare

View all tags
v0.1.5

Config as Authority

TOML config becomes the sole source of truth for all policy resources. Hot reload via SIGHUP. TLS enforcement. Read-only transaction safety.

Highlights

  • Config as Authority (CFG-24): Workflows, execution policies, roles, webhooks — all managed in server.toml. API write endpoints return 405.
  • Hot reload via SIGHUP: Change config and reload without downtime.
  • TLS enforcement: Agent requires HTTPS by default (allow_insecure for dev).
  • SAFE-1/3/4/6: Read-only transaction for SELECT, execution plan signing, SQL review rules, CancellationGuard.
  • Break-glass DDL: --allow-ddl for controlled DDL execution outside migrations.
  • MySQL DML timeout fix: Reclassified SELECT queries now correctly timeout via tokio + KILL.

Breaking Changes

  • auth.mode default changed: "token" when OIDC absent, "both" when present. "oidc"/"both" require Pro license.
  • All Tier 1 write API endpoints return 405. Define resources in server.toml.
  • Webhook id field mandatory.
  • Custom roles are config-managed only.

Bug Fixes

  • MySQL DML timeout: max_execution_time removed from DML path (was silently succeeding on timeout).
  • Fail-open security: 3 critical paths closed.
  • Orphan heartbeat detection + fail-closed user status.
  • Config user sync status changes.
  • Result data double-encoding fixed.

See CHANGELOG.md for full details.

Loading

v0.1.4

30 May 13:09
@github-actions github-actions
v0.1.4
e850e74

Choose a tag to compare

View all tags
v0.1.4 
chore: release v0.1.4

CHANGELOG and version bump for v0.1.4.
See CHANGELOG.md for full details.
Loading

v0.1.3

26 May 01:53
@github-actions github-actions
v0.1.3
51c896f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.1.3 
chore: release v0.1.3 (#73)

CHANGELOG.md + version bump to 0.1.3
Loading

v0.1.2

18 May 10:31
@github-actions github-actions
v0.1.2
e388a61
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.1.2 
feat(ci): separate Docker images for server/agent/CLI + glibc fix (#45)

* feat(ci): publish separate Docker images for server, agent, and CLI

- ghcr.io/dbward-dev/dbward-server
- ghcr.io/dbward-dev/dbward-agent
- ghcr.io/dbward-dev/dbward (CLI)

Dockerfile.release uses multi-stage targets. Release workflow
builds all 3 images in parallel via matrix.

* fix: update all image references to use separate server/agent images

- Helm: server.image / agent.image split in values.yaml + templates
- k8s manifests: dbward-server / dbward-agent images
- ECS templates: per-component defaults
- Docs: server.md, agent.md, upgrading.md, CHANGELOG

* fix: address Codex review — Helm values dedup, restore command, fix docs

* docs: add Helm values breaking change note to upgrading.md
Loading

v0.1.1

15 May 02:10
@github-actions github-actions
v0.1.1
f38a6ec

Choose a tag to compare

View all tags
v0.1.1 
chore: bump version to 0.1.1

Update workspace and all crate versions.
Add CHANGELOG entry for v0.1.1.
Loading

v0.1.0: Initial Release

13 May 13:11
@metapox metapox
v0.1.0
45e428e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.1.0: Initial Release

Changelog

[0.1.0] — 2026-05-13

Initial release. A workflow and approval engine for database operations.

Architecture

  • Agent-only execution: CLI/MCP clients never touch the database directly. Only the agent connects to target databases.
  • Three components: CLI (request/approve), Server (workflow/audit/coordination), Agent (DB execution)
  • On-demand execution: Agent executes only after client dispatches, preventing result loss

Features

Query Execution

  • PostgreSQL and MySQL support via DatabaseDriver trait
  • SELECT (read-only) and DML (write) with workflow-based approval
  • Multi-statement execution with atomicity guarantees (PG simple query protocol, MySQL explicit TX)
  • Statement timeout (PG statement_timeout, MySQL max_execution_time + external timeout fallback)
  • Query classification via sqlparser AST (3-layer defense: structural/semantic/opaque)
  • Cancel support with graceful KILL

Migrations

  • migrate up/down/status/create commands
  • Idempotent execution (applied_versions check + max_count limit)
  • Concurrent migration prevention (same db/env exclusion)
  • Migration content embedded in request detail (no agent filesystem access needed)

Workflow & Approval

  • Policy engine with multi-step approval workflows
  • Designated approvers (role/group/user selectors)
  • Admin override (per-step, not all-at-once)
  • Self-approve prevention, cross-step distinct actor enforcement
  • Break-glass emergency bypass with audit trail
  • Pending TTL with automatic expiration

Authentication & Authorization

  • API token authentication (Ed25519 signed execution tokens)
  • OIDC authentication (Google, Keycloak, etc.)
  • Dual auth mode (token, oidc, both)
  • RBAC with built-in roles (admin, developer, readonly, agent-default)
  • Role bindings + OIDC role mappings via ConfigRoleResolver
  • Scoped permissions per database/environment

Audit

  • Hash-chain integrity (SHA-256 linked events)
  • 7 categories, 24+ event types
  • SQL redaction via sqlparser VisitorMut (literals → ?)
  • IP recording, detail fingerprint (search-only, not in chain)
  • Export: dbward audit --output csv/json, --verify integrity check

Result Storage

  • Always-store default with --no-store opt-out
  • --share-with access control (user/group/role selectors, validated on creation)
  • 30-day retention with automatic cleanup
  • Result list endpoint (GET /api/results)

Webhook Notifications

  • Slack Block Kit format with v1-style separators
  • Generic JSON format with HMAC signing
  • Event filtering per webhook
  • Smart retry (4xx immediate fail, 5xx exponential backoff)
  • Requester/actor/operation visibility in notifications

MCP (Model Context Protocol)

  • Async stdio mode with Connection Actor
  • 15 tools, Resources, Prompts, Elicitation
  • Same workflow enforcement as CLI/API

CLI

  • dbward execute, request list/show/approve/reject/cancel/resume
  • dbward result list/get, dbward audit
  • dbward migrate up/down/status/create
  • dbward dev up (local server+agent auto-start)
  • Ctrl+C graceful handling with continuation message
  • State-specific error messages for resume
  • --pending-for-me filter (denormalized table, no N+1)
  • Exit code 2 for pending (CI/CD friendly)

API

  • REST API with structured errors (ApiError type)
  • Long-poll support for request status changes
  • Pagination, lease reclaim, result size limits
  • pending_for_me query parameter

Infrastructure

  • SQLite embedded storage (WAL mode, checkpoint, token purge)
  • Docker development environment (BuildKit cache, cargo-chef)
  • Structured logging (tracing, JSON/compact, file output + daily rotation)
  • Free tier limits (5 workflows, 3 databases, 3 agents, 3 webhooks, 10 tokens)

Security

  • Fail-closed workflow evaluation
  • Token replay prevention (execution token protocol)
  • SSRF protection for webhooks (private IP/invalid URL rejection)
  • Query classification prevents DDL via execute API
  • Audit redaction prevents sensitive data in logs
  • cargo deny clean (licenses + advisories)
Loading