v4.3.1

Release 4.3.1, available on crates.io

Cedar Language Version: 4.2

Fixed

• Disable doc generation for feature protobufs, unblocking that for other features (#1434)

v4.3.0

Release 4.3.0, available on crates.io

Cedar Language Version: 4.2

Added

• Implemented RFC 62 (extended has operator) (#1327, resolving #1329)
• Implemented RFC 80 (datetime extension) as an experimental feature under flag datetime (#1276, #1415)
• Added new .isEmpty() operator on sets (#1358, resolving #1356)
• Implemented RFC 48 (schema annotations) (#1316)
• Implemented RFC 74 (entity manifests and slicing) behind the experimental entity-manifest flag (#1239)
• Added protobuf schemas and (de)serialization behind the experimental protobufs flag (#1277, #1345)
• New Entity::new_with_tags() and Entity::tag() functions (#1402, resolving #1374)
• Added Request::context and Context::get methods to allow easy extraction of values from the context by key (#1318)
• For the partial-eval experimental feature, added PartialResponse::reauthorize_with_bindings to accept substitutions from an iterator and deprecated PartialResponse::reauthorize (#1387)
• For the partial-eval experimental feature, added RequestBuild::unknown_principal_with_type and RequestBuild::unknown_resource_with_type methods, allowing an unknown principal or resource to be constrained to a certain entity type (#1391)
• Added Clone implementations for more types (#1324)

Changed

• Stopped emitting warnings for identifiers containing certain printable ASCII
  characters (e.g., / and :) (#1336, resolving #621)

Fixed

• Attach source code to certain errors so that miette::Reports derived from these errors are self-contained (#1351, resolving #977 and #1335)

v4.2.2

Release 4.2.2, available on crates.io.

Changed

• The error associated with parsing a non-existent extension function additionally
  includes a suggestion based on available extension functions (#1280, resolving #332).
• The error associated with parsing a non-existent extension method additionally
  includes a suggestion based on available extension methods (#1289, resolving #246).
• Improved entity validation speed, particularly for large schemas with many
  actions (#1290 and #1296, resolving #1285)

Fixed

• Some misleading parser errors for JSON schema with mistakes in nested attribute definitions (#1270, resolving #417)
• Cedar schema printer now correctly prints entity tags (#1304)

v4.2.1

Release 4.2.1, available on crates.io

Changelog

• Fixes a minor issue preventing docs from building on docs.rs

v4.2.0

Release 4.2.0, available on crates.io.

Cedar Language version: 4.1

Added

• Added sub_entity_literals API (#1233).
• Added level validation RFC 76 as an experimental feature.
• Annotations without explicit values. It is now possible to write an annotation @my_annotation as
  short-hand for @my_annotation("") (#1231, resolving #1031).
• Stabilized RFC 82, removing
  the experimental entity-tags feature flag. That functionality is now available
  without the feature flag.

Changed

• The validator provides a more specific hint when an action ID cannot be found
  and the same action ID with Action:: has been defined (#1258, resolving #166)

v4.1.0

Release 4.1.0, available on crates.io.

Added

• Added get_entity_literals API (#1149).
• Implemented RFC 82, adding
  entity tags to the Cedar language under experimental flag entity-tags (#1204, #1207, #1213, #1218)
• Added public APIs to get language and SDK version numbers (#1219).

Fixed

• The formatter will now consistently add a trailing newline. (resolving #1217)

v3.4.1

Release 3.4.1, available on crates.io

Fixed

• The schema format conversion method SchemaFragment::to_cedarschema will now
  return a name collision error when trying to convert a schema where any
  namespaced type name collides with an unqualified type. This avoids a
  situation where format conversion could change the target of an entity type
  reference. (#1212, resolving #1063) This does not change what schema are
  accepted by the parsing functions for either format.

Full Changelog: v3.4.0...v3.4.1

v4.0.0

Added

• Additional functionality to the JSON FFI including parsing utilities (#1079)
  and conversion between the Cedar and JSON formats (#1087)
• (*) Schema JSON syntax now accepts a type EntityOrCommon representing a
  typename that can resolve to either an entity or common type, matching the
  behavior of typenames written in the human-readable (Cedar) syntax. (#1060, as
  part of resolving #579)

Changed

• (*) Implemented RFC 70.
  In both the Cedar and JSON schema syntaxes, it is now illegal to define the
  same entity name, common type name, or action name in both the empty namespace
  and a nonempty namespace.
• (*) Implemented RFC 52.
  Names containing __cedar (e.g., __cedar, A::__cedar, __cedar::A, and
  A::__cedar::B) are now invalid. (#969)
• The API around Request::new has changed to remove the Options
  around the entity type arguments. See RFC 55.
• Replaced uses of "natural", "human", "human-readable", and "custom" with "Cedar" (#1114).
  APIs with these names are changed accordingly. E.g., Schema::from_str_natural to Schema::from_cedarschema_str.
  Moreover, the FromStr implementations of Schema and SchemaFragment
  now parse strings in the Cedar schema format. Use Schema::from_json_str and SchemaFragment::from_json_str
  to parse strings in the JSON schema format.
• Significantly reworked all public-facing error types to address some issues
  and improve consistency. See issue #745.
• Finalized the ffi module and cedar-wasm crate which were preview-released
  in 3.2.0. This involved API breaking changes in both. See #757 and #854.
• (*) Changed policy validation to reject comparisons and conditionals between
  record types that differ in whether an attribute is required or optional. (#769)
• (*) Improved consistency between JSON and Cedar schema formats. Both now
  forbid using Bool, Boolean, Entity, Extension, Long, Record, Set,
  and String as common type names. (#1150, resolving #1139)
• Changed the FFI to error on typos or unexpected fields in the input JSON (#1041)
• Changed Policy::parse and Template::parse to accept an Option<PolicyId>
  instead of Option<String> to set the policy id (#1055, resolving #1049)
• PolicySet::template_annotation now returns Option<&str> as opposed to
  Option<String> in the previous version (#1131, resolving #1116)
• Moved <PolicyId as FromStr>::Err to Infallible (#588, resolving #551)
• Removed unnecessary lifetimes from some validation related structs (#715)
• Marked errors/warnings related to parsing and validation as non_exhaustive,
  allowing future variants to be added without a breaking change. (#1137, #1169)

Removed

• (*) Removed unspecified entity type. See RFC 55.
• Removed integration testing harness from the cedar-policy crate. It is now
  in an internal crate, allowing us to make semver incompatible changes. (#857)
• Removed the (deprecated) frontend module in favor of the new ffi module
  introduced in 3.2.0. See #757.
• Removed ParseErrors::errors_as_strings. Callers should consider examining
  the rich data provided by miette::Diagnostic, for instance .help() and
  labels(). Callers can continue using the same behavior by calling
  .iter().map(ToString::to_string). (#882, resolving #543)
• Removed ParseError::primary_source_span. Callers should use the location
  information provided by miette::Diagnostic via .labels() and
  .source_code() instead. (#908)
• Removed Display impl for EntityId in favor of explicit .escaped() and
  .as_ref() for escaped and unescaped representations (respectively) of the
  EntityId; see note there (#921, resolving #884)

Fixed

• (*) JSON format Cedar schemas will now fail to parse if they reference an unknown
  extension type. This was already an error for human-readable schema syntax. (#890, resolving #875)
• (*) Schemas can now reference entity and common types defined in the empty namespace,
  even in contexts occurring in a non-empty namespace. (#1060, resolving #579)

v3.4.0

Added

• Convenience methods num_of_policies() and num_of_templates() to see how
  many policies and templates a policy set has (#1180)
• Entity is now Hash. The hash implementation compares the hash of
  the entity UID (#1186)

Fixed

• (*) Entities::from_entities() will now correctly reject record
  attributes with superfluous attributes. (#1177, resolving #1176)

v2.5.0

Added

• Convenience methods num_of_policies() and num_of_templates() to see how many policies and templates a policy set has (#1180)