diff --git a/Cargo.lock b/Cargo.lock index 2816087107..d7139feb44 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -800,7 +800,7 @@ dependencies = [ [[package]] name = "polar-c-api" -version = "0.6.0" +version = "0.7.0" dependencies = [ "cbindgen", "polar-core", @@ -810,7 +810,7 @@ dependencies = [ [[package]] name = "polar-core" -version = "0.6.0" +version = "0.7.0" dependencies = [ "anyhow", "criterion", @@ -832,7 +832,7 @@ dependencies = [ [[package]] name = "polar-wasm-api" -version = "0.6.0" +version = "0.7.0" dependencies = [ "console_error_panic_hook", "js-sys", diff --git a/VERSION b/VERSION index 09a3acfa13..faef31a435 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.6.0 \ No newline at end of file +0.7.0 diff --git a/docs/Makefile b/docs/Makefile index e2770fd535..ec97633247 100644 --- a/docs/Makefile +++ b/docs/Makefile @@ -16,7 +16,7 @@ export JS_DIR := $(abspath ../languages/js) rwildcard=$(foreach d,$(wildcard $(1:=/*)),$(call rwildcard,$d,$2) $(filter $(subst *,%,$2),$d)) -JAVA_PACKAGE_JAR_PATH := $(JAVA_DIR)/target/oso-0.6.0.jar +JAVA_PACKAGE_JAR_PATH := $(JAVA_DIR)/target/oso-0.7.0.jar RUBY_FILES := $(call rwildcard,../languages/ruby/lib,*.rb) JAVA_FILES := $(call rwildcard ../languages/java/oso/src, *.java) diff --git a/docs/changelogs/0.7.0.rst b/docs/changelogs/0.7.0.rst new file mode 100644 index 0000000000..3479e58471 --- /dev/null +++ b/docs/changelogs/0.7.0.rst @@ -0,0 +1,96 @@ +===== +0.7.0 +===== + +**Release date:** 2020-10-13 + +Breaking changes +================ + +.. warning:: This release contains breaking changes. Be sure + to follow migration steps before upgrading. + +``Oso.clear()`` replaced with ``Oso.clear_rules()``/``clearRules()`` +-------------------------------------------------------------------- + +The ``Oso.clear()`` method in oso's language libraries has been removed. +To clear rules from the Polar knowledge base, use the new ``clear_rules()`` +(or ``clearRules()``) method, which clears rules but leaves registered classes +and constants in place. + +To migrate, replace calls to ``Oso.clear()`` with either ``Oso.clear_rules()`` or +``Oso.clearRules()``, depending on the library you are using. +It is no longer necessary to re-register classes/constants after clearing. + +Method signature for ``Oso.register_constant()`` updated +-------------------------------------------------------- + +The parameters were swapped to mirror the signature of +``Oso.register_class()``. + +Select Ruby methods now return ``self`` to enable method chaining +----------------------------------------------------------------- + +- ``Oso#clear_rules`` +- ``Oso#load_file`` +- ``Oso#load_str`` +- ``Oso#register_class`` +- ``Oso#register_constant`` + +Custom constructors no longer supported in the Java, Python, or Ruby libraries +------------------------------------------------------------------------------ + +For the Java, Python, and Ruby libraries, custom constructors are a relic. They +were useful for translating keyword args into positional args before oso +supported supplying positional args when constructing an instance via Polar's +:ref:`new operator `. They were also useful for specifying a +``find_or_create``-style class method as a constructor, but that's been +superseded by the introduction of calling methods directly on registered +constants, including classes. + +To migrate, replace usage of a custom constructor with an equivalent class +method. + +Note that custom constructors are still supported for the Rust library since +specifying a static ``new`` method for a type is nothing more than a +convention. + +New features +============ + +List filtering in ``django-oso`` (preview) +------------------------------------------- + +oso can now respond to some queries with a set of constraints instead of a yes +or no decision. In the ``django-oso`` library, the +:py:meth:`django_oso.auth.authorize_model` function and +:py:class:`django_oso.models.AuthorizedModel` class have been added to use this +functionality to authorize a **collection** of objects. Instead of fetching +all objects and evaluating a query, the relevant authorization constraints will +be pushed down to the ORM and applied to a Django ``QuerySet``. + +This feature makes implementing list endpoints with authorization more +performant, since authorization does not need to be applied after fetching +data. + +**This feature is currently in preview.** + +.. todo:: Link to blog post + +Other bugs & improvements +========================= + +- Language libraries that haven't yet implemented operations on application + instances (Java, Node.js, Ruby, Rust) now throw a uniform error type. + +Improvements to the debugger +---------------------------- + +- Changes to the way stepping is implemented: + - ``step`` steps by query instead of goal. + - ``over`` and ``out`` are now implemented using a stack that tracks query + parents. +- New ``goal`` command to step by goal (the way ``step`` used to work). +- New ``stack`` command to show all parent queries of the current one. +- ``query n`` command can take an integer argument ``n`` to inspect the query + at the nth level of the stack. diff --git a/docs/changelogs/vNEXT.rst b/docs/changelogs/vNEXT.rst index 73caeb65fe..cec412fda0 100644 --- a/docs/changelogs/vNEXT.rst +++ b/docs/changelogs/vNEXT.rst @@ -7,91 +7,35 @@ NEXT Breaking changes ================ +.. TODO remove warning and replace with "None" if no breaking + changes. + .. warning:: This release contains breaking changes. Be sure to follow migration steps before upgrading. -``Oso.clear()`` replaced with ``Oso.clear_rules()``/``clearRules()`` --------------------------------------------------------------------- - -The ``Oso.clear()`` method in oso's language libraries has been removed. -To clear rules from the Polar knowledge base, use the new ``clear_rules()`` -(or ``clearRules()``) method, which clears rules but leaves registered classes -and constants in place. - -To migrate, replace calls to ``Oso.clear()`` with either ``Oso.clear_rules()`` or -``Oso.clearRules()``, depending on the library you are using. -It is no longer necessary to re-register classes/constants after clearing. - -Method signature for ``Oso.register_constant()`` updated --------------------------------------------------------- - -The parameters were swapped to mirror the signature of -``Oso.register_class()``. - -Select Ruby methods now return ``self`` to enable method chaining ------------------------------------------------------------------ - -- ``Oso#clear_rules`` -- ``Oso#load_file`` -- ``Oso#load_str`` -- ``Oso#register_class`` -- ``Oso#register_constant`` - -Custom constructors no longer supported in the Java, Python, or Ruby libraries ------------------------------------------------------------------------------- +Breaking change 1 +----------------- -For the Java, Python, and Ruby libraries, custom constructors are a relic. They -were useful for translating keyword args into positional args before oso -supported supplying positional args when constructing an instance via Polar's -:ref:`new operator `. They were also useful for specifying a -``find_or_create``-style class method as a constructor, but that's been -superseded by the introduction of calling methods directly on registered -constants, including classes. +- summary of breaking change -To migrate, replace usage of a custom constructor with an equivalent class -method. - -Note that custom constructors are still supported for the Rust library since -specifying a static ``new`` method for a type is nothing more than a -convention. +Link to migration guide New features ============ -List filtering in ``django-oso`` (preview) -------------------------------------------- - -oso can now respond to some queries with a set of constraints instead of a -yes or no decision. In the ``django-oso`` library, the -:py:meth:`django_oso.auth.authorize_model` function and -:py:class:`django_oso.models.AuthorizedModel` class have been added to use this -functionality to authorize a **collection** of objects. Instead of fetching all -objects and evaluating a query, the relevant authorization constraints will be -pushed down to the ORM and applied to a Django ``QuerySet``. - -This feature makes implementing list endpoints with authorization more -performant, since authorization does not need to be applied after fetching data. - -**This feature is currently in preview.** +Feature 1 +--------- +- summary +- of +- user facing changes -.. todo:: Link to blog post - +Link to relevant documentation section Other bugs & improvements ========================= -- Language libraries that haven't yet implemented operations on application - instances (Java, Node.js, Ruby, Rust) now throw a uniform error type. - -Improvements to the debugger ----------------------------- - -- Changes to the way stepping is implemented: - - ``step`` steps by query instead of goal. - - ``over`` and ``out`` are now implemented using a stack that tracks query - parents. -- New ``goal`` command to step by goal (the way ``step`` used to work). -- New ``stack`` command to show all parent queries of the current one. -- ``query n`` command can take an integer argument ``n`` to inspect the query - at the nth level of the stack. +- bulleted list +- improvements +- of smaller +- potentially with doc links diff --git a/docs/changelogs/vTEMPLATE.rst b/docs/changelogs/vTEMPLATE.rst index 12ed0091a7..cec412fda0 100644 --- a/docs/changelogs/vTEMPLATE.rst +++ b/docs/changelogs/vTEMPLATE.rst @@ -20,7 +20,6 @@ Breaking change 1 Link to migration guide - New features ============ @@ -33,7 +32,6 @@ Feature 1 Link to relevant documentation section - Other bugs & improvements ========================= diff --git a/docs/conf.py b/docs/conf.py index e0110653a7..87b3858ad0 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -38,8 +38,8 @@ project = "oso" copyright = "2020 Oso Security, Inc" author = "oso" -version = "0.6" -release = "0.6.0" +version = "0.7" +release = "0.7.0" # -- General configuration --------------------------------------------------- diff --git a/docs/download.rst b/docs/download.rst index b141898dd7..58373571e3 100644 --- a/docs/download.rst +++ b/docs/download.rst @@ -203,6 +203,7 @@ Releases :maxdepth: 1 :caption: See below for release notes: + v0.7.0 v0.6.0 v0.5.2 v0.5.1 diff --git a/docs/spelling_allowed_words.txt b/docs/spelling_allowed_words.txt index 522039c785..8c5e2cb58e 100644 --- a/docs/spelling_allowed_words.txt +++ b/docs/spelling_allowed_words.txt @@ -60,6 +60,7 @@ arity NaN constructable precommit +args ## Product names sqlite @@ -102,4 +103,4 @@ vec toml enums proc -io \ No newline at end of file +io diff --git a/languages/java/oso/pom.xml b/languages/java/oso/pom.xml index a376948518..80d2b9be5e 100644 --- a/languages/java/oso/pom.xml +++ b/languages/java/oso/pom.xml @@ -12,7 +12,7 @@ com.osohq oso - 0.6.0 + 0.7.0 diff --git a/languages/js/package.json b/languages/js/package.json index 5d813cf33a..14e002142e 100644 --- a/languages/js/package.json +++ b/languages/js/package.json @@ -1,6 +1,6 @@ { "name": "oso", - "version": "0.6.0", + "version": "0.7.0", "description": "oso authorization library.", "main": "dist/src/index.js", "bin": "bin/repl.js", diff --git a/languages/python/django-oso/django_oso/__init__.py b/languages/python/django-oso/django_oso/__init__.py index e1422c75f0..6f942c27d9 100644 --- a/languages/python/django-oso/django_oso/__init__.py +++ b/languages/python/django-oso/django_oso/__init__.py @@ -2,6 +2,6 @@ from .oso import Oso -__version__ = "0.2.0" +__version__ = "0.3.0" default_app_config = "django_oso.apps.DjangoOsoConfig" diff --git a/languages/python/django-oso/requirements.txt b/languages/python/django-oso/requirements.txt index e598ca22d7..4665dfb067 100644 --- a/languages/python/django-oso/requirements.txt +++ b/languages/python/django-oso/requirements.txt @@ -1,2 +1,2 @@ -oso~=0.6.0 +oso~=0.7.0 django~=3.0 diff --git a/languages/python/flask-oso/flask_oso/__init__.py b/languages/python/flask-oso/flask_oso/__init__.py index 895481aa43..e58657f07f 100644 --- a/languages/python/flask-oso/flask_oso/__init__.py +++ b/languages/python/flask-oso/flask_oso/__init__.py @@ -1,4 +1,4 @@ -__version__ = "0.3.0" +__version__ = "0.4.0" from .flask_oso import FlaskOso from .decorators import authorize, skip_authorization diff --git a/languages/python/flask-oso/requirements.txt b/languages/python/flask-oso/requirements.txt index d9530a8503..5e954b18c1 100644 --- a/languages/python/flask-oso/requirements.txt +++ b/languages/python/flask-oso/requirements.txt @@ -1,2 +1,2 @@ -oso~=0.6.0 +oso~=0.7.0 flask>=0.12.0 diff --git a/languages/python/oso/oso/oso.py b/languages/python/oso/oso/oso.py index 299604402f..1a53ce6e40 100644 --- a/languages/python/oso/oso/oso.py +++ b/languages/python/oso/oso/oso.py @@ -1,6 +1,6 @@ """Core oso functionality""" -__version__ = "0.6.0" +__version__ = "0.7.0" from pathlib import Path import os diff --git a/languages/ruby/Gemfile.lock b/languages/ruby/Gemfile.lock index ade98b59ac..23148f7fdd 100644 --- a/languages/ruby/Gemfile.lock +++ b/languages/ruby/Gemfile.lock @@ -1,7 +1,7 @@ PATH remote: . specs: - oso-oso (0.6.0) + oso-oso (0.7.0) ffi (~> 1.0) GEM diff --git a/languages/ruby/lib/oso/version.rb b/languages/ruby/lib/oso/version.rb index d87f391adb..3a6e62386d 100644 --- a/languages/ruby/lib/oso/version.rb +++ b/languages/ruby/lib/oso/version.rb @@ -1,5 +1,5 @@ # frozen_string_literal: true module Oso - VERSION = '0.6.0' + VERSION = '0.7.0' end diff --git a/languages/rust/oso/Cargo.toml b/languages/rust/oso/Cargo.toml index b77942ce67..cb947c415a 100644 --- a/languages/rust/oso/Cargo.toml +++ b/languages/rust/oso/Cargo.toml @@ -29,7 +29,7 @@ required-features = ["anyhow"] [dependencies] impl-trait-for-tuples = { git = "https://github.com/bkchr/impl-trait-for-tuples", rev = "c6781ff" } maplit = "1.0.2" -polar-core = { path = "../../../polar-core", version = "=0.6.0" } +polar-core = { path = "../../../polar-core", version = "=0.7.0" } oso-derive = { path = "../oso-derive", version = "=0.6.0-alpha", optional = true } thiserror = "1.0.21" tracing = { version = "0.1.21", features = ["log"] } diff --git a/polar-c-api/Cargo.toml b/polar-c-api/Cargo.toml index 75b5c8fc98..72157e7f4a 100644 --- a/polar-c-api/Cargo.toml +++ b/polar-c-api/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "polar-c-api" -version = "0.6.0" +version = "0.7.0" authors = ["Oso Security, Inc. "] edition = "2018" @@ -10,7 +10,7 @@ crate-type = ["lib", "staticlib", "cdylib"] bench = false [dependencies] -polar-core = { path = "../polar-core", version = "0.6.0" } +polar-core = { path = "../polar-core", version = "0.7.0" } serde = { version = "1.0.116", features = ["derive", "rc"] } serde_json = "1.0.58" diff --git a/polar-core/Cargo.toml b/polar-core/Cargo.toml index c318347595..bc8b422a1b 100644 --- a/polar-core/Cargo.toml +++ b/polar-core/Cargo.toml @@ -5,7 +5,7 @@ authors = ["Oso Security, Inc. "] license = "Apache-2.0" homepage = "https://github.com/osohq/oso" -version = "0.6.0" +version = "0.7.0" edition = "2018" diff --git a/polar-wasm-api/Cargo.toml b/polar-wasm-api/Cargo.toml index 853ac879e7..650f016368 100644 --- a/polar-wasm-api/Cargo.toml +++ b/polar-wasm-api/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "polar-wasm-api" -version = "0.6.0" +version = "0.7.0" authors = ["Oso Security, Inc. "] edition = "2018" @@ -11,7 +11,7 @@ bench = false [dependencies] console_error_panic_hook = "0.1.6" js-sys = "0.3.45" -polar-core = { path = "../polar-core", version="0.6.0"} +polar-core = { path = "../polar-core", version="0.7.0"} serde = { version = "1.0.116", features = ["rc"] } serde_json = "1.0.58" serde-wasm-bindgen = "0.1.3"