We value your privacy

This website or its third-party tools process personal data. You can opt out of the sale of your personal information by clicking on the “Do Not Sell or Share My Personal Information” link.

Opt-out Preferences

We use third-party cookies that help us analyze how you use this website, store your preferences, and provide the content and advertisements that are relevant to you. However, you can opt out of these cookies by checking "Do Not Sell or Share My Personal Information" and clicking the "Save My Preferences" button. Once you opt out, you can opt in again at any time by unchecking "Do Not Sell or Share My Personal Information" and clicking the "Save My Preferences" button.

Do Not Sell or Share My Personal Information
Powered by Cookieyes logo

Cerbos v0.9.1

This is a quick patch release to fix an issue that was discovered in config parsing. The bcrypt hashes of admin API credentials can contain $ characters which cause the config loader to treat the subsequent set of characters as the name of an environment variable. We now require the passwordHash to be a bcrypt hash that has been base64 encoded. Please note that this is a breaking change. If you have a config file with server.adminAPI.adminCredentials.passwordHash set, encode it with base64 to work with this version of Cerbos.

Highlights

If you have policy tests intermingled with your policies, the cerbos compile command will now automatically run those tests. Use the --skip-tests flag to switch off this behaviour.

Changelog

Bug Fixes

  • Base64 encode password hashes in config file (#406)

Features

  • Run tests by default in cerbos compile sub command (#392)

Documentation

  • Add README to Helm chart (#404)

  • Determine app-version from component (#397)

  • Validating and testing policies with GitLab CI (#394)

Chores

  • Add .idea to .gitignore (#405)

  • Add tests for admin credentials config (#407)

  • Bump github.com/aws/aws-sdk-go from 1.41.6 to 1.41.11 (#401)

  • Bump github.com/envoyproxy/protoc-gen-validate from 0.6.1 to 0.6.2 (#390)

  • Bump github.com/lestrrat-go/jwx from 1.2.7 to 1.2.8 (#391)

  • Bump github.com/tidwall/gjson from 1.9.1 to 1.10.2 (#398)

  • Bump version to 0.10.0

  • Fix dependabot workflow committing issue (#400)

  • Publish Helm charts to download.cerbos.dev and OCI registry (#403)

  • Remove GoReleaser mod stanza (#389)

  • Run make commands to generate NOTICE after dependabot PRs (#395)

Other

  • Add contents write permission to Dependabot workflow (#402)