Sourced from github.com/open-policy-agent/opa's releases.

v1.5.1

This is a bug fix release addressing a regression to the walk built-in function, introduced in v1.5.0. See #7656 (authored by @​anderseknert reported by @​robmyersrobmyers)

v1.5.0

This release contains a mix of new features, performance improvements, and bugfixes. Among others:

• Support for AWS SSO credentials provider
• Support for signing client assertions with Azure Keyvault
• Faster object.get, walk and builtin-function evaluation
• Improved guardrails in the parser
• Improvements to decision logging

Modernized OPA Website (#7037)

The OPA website has been modernized with a new design and improved user experience.

The new site is based on Docusaurus and React which makes it easier to build live functionality and add non-documentation resources. This lays the groundwork for even more improvements in the future!

Documentation for older OPA versions are still available in the version archive.

Authored by @​charlieegan3

Runtime, Tooling, SDK

• ast: Only use JSON-escaped literal when needed in ref to string convertion (#7550) reported and authored by @​xubinzheng
• ast: Parser recursion depth guard (#7568) authored by @​thevilledev
• ast: Retaining SomeDecl Location field when compiler resolves refs (#7543) authored by @​johanfylling
• bundle: Setting default rego-version in bundle API (#7588) authored by @​johanfylling reported by @​xubinzheng
• perf: Improved "baseline" metrics of opa bench for trivial queries (#7580) authored by @​anderseknert
• plugins/decision: Don't drop adaptive uncompressed size limit on upload (#7562) authored by @​sspaink
• plugins/decision: Set config boundaries to upload_size_limit_bytes (#7563) (authored by @​sspaink)
• plugins/rest: Add support for AWS SSO credentials provider (#7527) authored by @​efiShtain
• plugins/rest: Support signing of client assertions with Azure Keyvault (#7462) reported and authored by @​Od1nB
• plugins/status: Support graceful shutdown timeout (#7576) authored by @​sspaink
• rego: Don't generate JSON values for wildcard/generated keys in result set (#7567) authored by @​anderseknert
• runtime: Don't override user set version commit and timestamp (#7471) reported by @​kastl-ars authored by @​sspaink

Planner, Topdown and Rego

• planner: Deal with var-for-function replacement in indirect calls (#5311) authored by @​srenatus
• topdown: Faster object.get built-in function (#7593) authored by @​anderseknert
• topdown: Faster walk built-in function (#7612) authored by @​anderseknert
• topdown: Improved default rule value inlining ( (#1418) authored by @​johanfylling
• topdown: Improved GraphQL error handling (#7622) reported and authored by @​robmyersrobmyers

Docs, Website, Ecosystem

• docs: Fix helm-kubernetes-quickstart bundle (#7606) reported and authored by @​nejec
• docs: Add Swift-OPA to the Ecosystem Page (#7610) authored by @​charlieegan3

... (truncated)

Sourced from github.com/open-policy-agent/opa's changelog.

1.5.1

This is a bug fix release addressing a regression to the walk built-in function, introduced in v1.5.0. See #7656 (authored by @​anderseknert reported by @​robmyersrobmyers)

1.5.0

This release contains a mix of new features, performance improvements, and bugfixes. Among others:

• Support for AWS SSO credentials provider
• Support for signing client assertions with Azure Keyvault
• Faster object.get, walk and builtin-function evaluation
• Improved guardrails in the parser
• Improvements to decision logging

Modernized OPA Website (#7037)

The OPA website has been modernized with a new design and improved user experience.

The new site is based on Docusaurus and React which makes it easier to build live functionality and add non-documentation resources. This lays the groundwork for even more improvements in the future!

Documentation for older OPA versions are still available in the version archive.

Authored by @​charlieegan3

Runtime, Tooling, SDK

• ast: Only use JSON-escaped literal when needed in ref to string convertion (#7550) reported and authored by @​xubinzheng
• ast: Parser recursion depth guard (#7568) authored by @​thevilledev
• ast: Retaining SomeDecl Location field when compiler resolves refs (#7543) authored by @​johanfylling
• bundle: Setting default rego-version in bundle API (#7588) authored by @​johanfylling reported by @​xubinzheng
• perf: Improved "baseline" metrics of opa bench for trivial queries (#7580) authored by @​anderseknert
• plugins/decision: Don't drop adaptive uncompressed size limit on upload (#7562) authored by @​sspaink
• plugins/decision: Set config boundaries to upload_size_limit_bytes (#7563) (authored by @​sspaink)
• plugins/rest: Add support for AWS SSO credentials provider (#7527) authored by @​efiShtain
• plugins/rest: Support signing of client assertions with Azure Keyvault (#7462) reported and authored by @​Od1nB
• plugins/status: Support graceful shutdown timeout (#7576) authored by @​sspaink
• rego: Don't generate JSON values for wildcard/generated keys in result set (#7567) authored by @​anderseknert
• runtime: Don't override user set version commit and timestamp (#7471) reported by @​kastl-ars authored by @​sspaink

Planner, Topdown and Rego

• planner: Deal with var-for-function replacement in indirect calls (#5311) authored by @​srenatus
• topdown: Faster object.get built-in function (#7593) authored by @​anderseknert
• topdown: Faster walk built-in function (#7612) authored by @​anderseknert
• topdown: Improved default rule value inlining ( (#1418) authored by @​johanfylling
• topdown: Improved GraphQL error handling (#7622) reported and authored by @​robmyersrobmyers

Docs, Website, Ecosystem

... (truncated)

• 5421c8e Update CHANGELOG.md
• 9acf8d1 Prepare v1.5.1 release
• a26322e Fix issue where path in walk would get mutated (#7657)
• b7d0a13 Prepare v1.5.0 release (#7642)
• 530579e test: Not modifying global recursion depth limit in parser tests init (#7641)
• 20fe70e perf: more interning (#7636)
• aa81e31 bundle: Setting default rego-version in bundle API (#7630)
• 707c43d docs: Add redirect for decision_logs type label (#7637)
• 370e626 ast: Parser recursion depth guard (#7568)
• 8a75563 docs: Update contribution documentation (#7639)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)