Skip to content

Releases: open-policy-agent/opa

v0.4.2

10 Feb 19:02
Compare
Choose a tag to compare

Rego

This release changes the Rego syntax. The two main changes are:

  • Expressions are now separated by semicolons (instead of commas). When writing rules, the semicolons are optional.
  • Rules are no longer written in the form: head :- body. Instead they are written as head { body }.

Also:

  • Set, array, and object literals now support trailing commas.
  • To declare a set literal with one element, you must include a trailing comma, e.g., { foo, }.
  • Arithmetic and set operations can now be performed with infix notation, e.g., x = 2 + 1.
  • Sets can be referred to like objects and arrays now (#243). E.g., p[_].foo = 1 # check if element in has attr foo equal to 1.

Evaluation

This release changes the evaluation behaviour for packages. Previously, if a package contained no rules OR all of the rules were undefined when evaluated, a query against the package path would return undefined. As of v0.4.2 the query will return an empty object.

REST API

This release changes the Data API to return an HTTP 200 response if the document is undefined. The message body will contain an object without the result property.

Fixes

  • Allow sets to be treated like objects/arrays

Miscellaneous

  • Added high level API for Go users. See github.com/open-policy-agent/opa/rego package.
  • Improved expression String() function to handle infix operators better.
  • Added support for set intersection and union built-ins. See language docs.

v0.4.1

03 Feb 17:38
Compare
Choose a tag to compare

Rego

For more details on these changes see sections in How Do I Write Policies.

  • Added new default keyword. The default keyword can be used to provide a default value for rules with complete definitions.
  • Added new with keyword. The with keyword can be used to programmatically set the value of the input document inside policies.

Fixes

  • Fix input document definition in REPL (#231)
  • Fix reference evaluation bug (#238)

Miscellaneous

  • Add basic REST API authorization benchmark

v0.4.0

25 Jan 18:37
Compare
Choose a tag to compare

0.4.0

REST API changes

This release contains a few non-backwards compatible changes to the REST API:

  • The request document has been renamed to input. If you were calling the GET /data[/path]?request=value you should update to use POST requests (see below).
  • The API responses have been updated to return results embedded inside a wrapper object: {"result": value}. This will allow OPA to return unambiguous metadata in future (e.g., pagination, analysis, etc.) If you were previously consuming Data API GET responses, you should update your code to access the value under the "result" key of the response object.
  • The API models have been updated to use snake_case (#222). This would only affect you if you were previously consuming error responses or policy ASTs.

The Data API has been updated to support the POST requests. This is the recommended way of supplying query inputs.

Built-in Function changes

The built-in framework has been extended to support simplified built-in implementations:

  • Refactor topdown built-in functions (#205)

Fixes

  • Add cURL note to REST API docs (#211)
  • Fix empty request parameter parsing (#212)
  • Fix handling of missing input document (#227)
  • Improve floating point literal support (#215)
  • Improve module parsing errors (#213)
  • Fix ast.Number hash and equality
  • Fix parsing of escaped strings

Miscellaneous

  • Improve evaluation error messages

v0.3.1

23 Dec 00:32
Compare
Choose a tag to compare

Fixes

  • Fixed unsafe vars with built-in operator names bug (#206)
  • Fixed body to rule conversion bug (#202)
  • Improved request parameter handling (#201)

Miscellaneous

  • Improved release infrastructure

v0.3.0

20 Dec 18:48
Compare
Choose a tag to compare

The last major/minor release of 2016! Woohoo! This release contains a few
non-backwards compatible changes to the APIs.

Storage API changes

These changes simplify and clean up the storage.Store interface. This should
make it easier to implement custom stores in the future.

  • Update storage to support context.Context (#155)
  • Update underlying number representation (#154)
  • Updates to use new storage.Path type (#159)

The request Document

These changes update the language to align query arguments with state stored in
OPA. With these changes, OPA can readily analyze policies and determine
references that refer to state stored in OPA versus query arguments versus local
variables.

These changes also update how query arguments are provided via the REST API.

  • Updates to how query arguments are handled #197

topdown API changes

  • topdown.Context has been renamed to topdown.Topdown to avoid confusion with Golang's context.

Fixes

  • Add help topics to REPL (#172)
  • Fix error handling bug in Query API (#183)
  • Fix handling of prefixed paths with -w flag (#193)
  • Improve exit handling in REPL (#175)
  • Update parser support for = rules (#192)

Miscellaneous

  • Add Visual Studio and Atom plugins
  • Add lazy loading of modules during compilation
  • Fix bug in serialization of empty objects/arrays

v0.2.2

01 Dec 01:41
Compare
Choose a tag to compare

Fixes

  • Add YAML loading and refactor into separate file (#135)
  • Add command line flag to eval, print, and exit (#152)
  • Add compiler check for consistent rule types (#147)
  • Add set_diff built-in (#133)
  • Add simple 'show' command to print current module (#108)
  • Added examples to 'help' output in REPL (#151)
  • Check package declarations for conflicts (#137)
  • Deep copy modules in compiler (#158)
  • Fix evaluation of refs to set literals (#149)
  • Fix indexing usage for refs with intersecting vars (#153)
  • Fix output for references iterating sets (#148)
  • Fix parser handling of keywords in variable names (#178)
  • Improve file loading support (#163)
  • Remove conflict error for same key/value pairs (#165)
  • Support "data" query in REPL (#150)

Miscellaneous

  • Add new compiler harness for ad-hoc queries
  • Add tab completion of imports

v0.2.1

23 Nov 16:33
Compare
Choose a tag to compare

0.2.1

Improvements

  • Added support for non-ground global values
  • Added several new string manipulation built-ins
  • Added TextMate grammar file
  • Setup Docker image build and push to Docker Hub as part of CI

v0.2.0

07 Nov 20:56
Compare
Choose a tag to compare

Language

  • Set literals
  • Composite and reference values in Rule head
  • Complete Rule definitions containing variables
  • Builtins for regular expressions, string concatenation, casting to numbers

Compiler

  • Improved error reporting in parser and compiler

Evaluation

  • Iteration over base and virtual documents (in the same reference)
  • Query tracing and explanation support

Storage

  • Pluggable data storage support

Documentation

  • GoDoc strings with examples
  • REST API specification
  • Concise language reference

Performance

  • Per-query cache of virtual documents in topdown

And many other small improvements and fixes.

v0.1.0

14 Jul 19:47
Compare
Choose a tag to compare

Language

  • Basic value types: null, boolean, number, string, object, and array
  • Reference and variables types
  • Array comprehensions
  • Built-in functions for basic arithmetic and aggregation
  • Incremental and complete rule definitions
  • Negation and disjunction
  • Module system

Compiler

  • Reference resolver to support packages
  • Safety check to prevent recursive rules
  • Safety checks to ensure successful evaluation will bind all variables in head
    and body of rules

Evaluation

  • Initial top down query evaluation algorithm

Storage

  • Basic in-memory storage that exposes JSON Patch style API

Tooling

  • REPL that can be run to experiment with ad-hoc queries

APIs

  • Server mode supports HTTP APIs to manage policies, push and query documents, and execute ad-hoc queries.

Infrastructure

  • Basic build infrastructure to produce cross-platform builds, run
    style/lint/format checks, execute tests, static HTML site

Documentation

  • Introductions to policy, policy-enabling, and how OPA works
  • Language reference that serves as guide for new users
  • Tutorial that introduces users to the REPL
  • Tutorial that introduces users to policy-enabling with a Docker Authorization plugin