v4.4.0

Release 4.4.0, available on crates.io

Cedar Language Version: 4.3

Added

• Stabilized RFC 76, removing the experimental level-validate feature flag. That functionality is now available without the feature flag. Stabilization comes with changes to fix bugs in the features. Level validation is now more permissive when checking if expressions (fixing #1507), and stricter when checking record literals and entity tag operations (fixing #1505 and #1503). (#1567)
• Implemented RFC 53 (enumerated entity types) (#1377)
• Stabilized RFC 80 (datetime extension), making datetime a default feature. (#1541)
• Added Entities::remove_entities() to remove Entitys from an Entities struct (#1453, resolving #701)
• Added PolicySet::merge() to merge a PolicySet into another PolicySet struct (#1476, resolving #610)
• Added to_cedar functions for PolicySet, Policy, and Template that render the policy in the Cedar syntax. These functions can be used to convert JSON formatted policies into the human-readable syntax (#1510, resolving #461)
• Added Validator::schema() to get a reference to the Schema even after it has been consumed to construct a Validator (#1524)
• Added Schema::request_envs() to get all of the RequestEnvs that are valid according to the schema. (This joins the existing Policy::get_valid_request_envs() and Template::get_valid_request_envs() that return the subset of request envs that are valid for a particular policy or template.) (#1547)
• Added EntityId::unescaped(), analogous to EntityId::escaped(). This is simply an alias for EntityId::as_ref() with the AsRef impl that produces &str. (#1555)
• Added PartialResponse::unknown_entities method (#1557)
• Added Entities::len and Entities::is_empty methods (#1562, resolving #1523)

Changed

• Changed Entities::add_entities and Entities::from_entities to ignore structurally equal entities with the same Entity UID.
• For protobufs experimental feature, a number of changes to the interface and the Protobuf format definitions, as we continue to iterate towards making this feature stable. (#1488, #1495, #1506, #1535)
• Bump MSRV to 1.81 (#1542)
• HierarchyNotRespected validation error is no longer returned (although the error variant remains, to avoid a breaking change). This means that in some edge cases, policies that previously failed to validate under strict validation will now pass validation, probably with an ImpossiblePolicy warning. (#1355, resolving #638)

v4.3.3

Release 4.3.3, available on crates.io

Changed

• Significant changes to the API for the experimental protobufs feature
  (#1452, #1467, others)

Fixed

• Fixed the experimental protobufs feature so that code depending on cedar-policy
  with this feature now successfully builds, even if that code is not part of the
  same Cargo workspace as cedar-policy, cedar-policy-core, etc (#1452).
• Fixed a bug in the experimental entity-manifest feature. If an entity appears as
  both a possible value for a scope variable and an entity literal, slicing
  using entity manifests will now correctly capture all necessary attributes (#1429).
• Fixed a bug in the experimental entity-manifest and level-validate
  features. These features failed to consider any attribute accesses occurring
  inside the guard of an if expression when guard expression had a singleton
  boolean type (#1462).

v4.3.2

Release 4.3.2, available on crates.io

Cedar Language Version: 4.2

Fixed

• Assume sufficient stack space when it cannot be determined (#1446, resolving #1443). Note that on platforms not supported by stacker (e.g., Wasm, Android), this means that large inputs may result in stack overflows and crashing the process. On all platforms supported by stacker (Linux, macOS, ...), Cedar will continue to return the graceful error RecursionLimit instead of crashing.

v4.3.1

Release 4.3.1, available on crates.io

Cedar Language Version: 4.2

Fixed

• Disable doc generation for feature protobufs, unblocking that for other features (#1434)

v4.3.0

Release 4.3.0, available on crates.io

Cedar Language Version: 4.2

Added

• Implemented RFC 62 (extended has operator) (#1327, resolving #1329)
• Implemented RFC 80 (datetime extension) as an experimental feature under flag datetime (#1276, #1415)
• Added new .isEmpty() operator on sets (#1358, resolving #1356)
• Implemented RFC 48 (schema annotations) (#1316)
• Implemented RFC 74 (entity manifests and slicing) behind the experimental entity-manifest flag (#1239)
• Added protobuf schemas and (de)serialization behind the experimental protobufs flag (#1277, #1345)
• New Entity::new_with_tags() and Entity::tag() functions (#1402, resolving #1374)
• Added Request::context and Context::get methods to allow easy extraction of values from the context by key (#1318)
• For the partial-eval experimental feature, added PartialResponse::reauthorize_with_bindings to accept substitutions from an iterator and deprecated PartialResponse::reauthorize (#1387)
• For the partial-eval experimental feature, added RequestBuild::unknown_principal_with_type and RequestBuild::unknown_resource_with_type methods, allowing an unknown principal or resource to be constrained to a certain entity type (#1391)
• Added Clone implementations for more types (#1324)

Changed

• Stopped emitting warnings for identifiers containing certain printable ASCII
  characters (e.g., / and :) (#1336, resolving #621)

Fixed

• Attach source code to certain errors so that miette::Reports derived from these errors are self-contained (#1351, resolving #977 and #1335)

v4.2.2

Release 4.2.2, available on crates.io.

Changed

• The error associated with parsing a non-existent extension function additionally
  includes a suggestion based on available extension functions (#1280, resolving #332).
• The error associated with parsing a non-existent extension method additionally
  includes a suggestion based on available extension methods (#1289, resolving #246).
• Improved entity validation speed, particularly for large schemas with many
  actions (#1290 and #1296, resolving #1285)

Fixed

• Some misleading parser errors for JSON schema with mistakes in nested attribute definitions (#1270, resolving #417)
• Cedar schema printer now correctly prints entity tags (#1304)

v4.2.1

Release 4.2.1, available on crates.io

Changelog

• Fixes a minor issue preventing docs from building on docs.rs

v4.2.0

Release 4.2.0, available on crates.io.

Cedar Language version: 4.1

Added

• Added sub_entity_literals API (#1233).
• Added level validation RFC 76 as an experimental feature.
• Annotations without explicit values. It is now possible to write an annotation @my_annotation as
  short-hand for @my_annotation("") (#1231, resolving #1031).
• Stabilized RFC 82, removing
  the experimental entity-tags feature flag. That functionality is now available
  without the feature flag.

Changed

• The validator provides a more specific hint when an action ID cannot be found
  and the same action ID with Action:: has been defined (#1258, resolving #166)

v4.1.0

Release 4.1.0, available on crates.io.

Added

• Added get_entity_literals API (#1149).
• Implemented RFC 82, adding
  entity tags to the Cedar language under experimental flag entity-tags (#1204, #1207, #1213, #1218)
• Added public APIs to get language and SDK version numbers (#1219).

Fixed

• The formatter will now consistently add a trailing newline. (resolving #1217)

v3.4.1

Release 3.4.1, available on crates.io

Fixed

• The schema format conversion method SchemaFragment::to_cedarschema will now
  return a name collision error when trying to convert a schema where any
  namespaced type name collides with an unqualified type. This avoids a
  situation where format conversion could change the target of an entity type
  reference. (#1212, resolving #1063) This does not change what schema are
  accepted by the parsing functions for either format.

Full Changelog: v3.4.0...v3.4.1