Security
- Prevent cache poisoning. The dispatch Check cache key now incorporates check hints. See GHSA-4vrg-r928-h5vv
Added
- Query Planner: fast serialize/deserialize for query plans (#3122)
Changed
- Cache: switch to otter as the primary cache implementation (#3112)
- Server handles:
GRPCDialContextas a handle on the server used deprecated gRPC methods. We modernized it and renamed it toNewClient(#3147)
Fixed
- The watching schema cache (
--enable-experimental-watchable-schema-cache) no longer enters permanent fallback on transient watch errors. A new supervisor restarts the watch cycle with bounded exponential backoff and only treats caller-driven cancellation or unsupported-watch as terminal (#3134) - Watch consumers that request
WatchCheckpointsnow eventually observe every revision returned byWriteRelationshipsas a checkpoint. MemDB regressed this in #2578 for no-op writes and MySQL never emitted checkpoints at all prior to now. Both now emit a checkpoint at the new revision. (#3114) - When Query Planner evaluates a union, short-circuit if one of the branches yields a positive un-caveated result (#3120)
- DispatchQueryPlan previously did not try to use the singleflight middleware for check calls. (#3119)
- Fixed regression introduced in 1.53.0. Postgres
HeadRevisionno longer allocates a new transaction ID on every call (#3127) - Fixed regression introduced in 1.53.0 for MySQL migration scripts (#3129)
- Query Planner:
LookupSubjectsno longer returns a subject excluded from a wildcard (e.g.viewer:* - banned) when the exclusion feeds an intersection (experimental--experimental-query-plan ls) (#3136) - Tracing: When server is shutting down, flush traces. Also, elide the need for setting
OTEL_EXPORTER_OTLP_ENDPOINT. (#3108) - Fixed a LookupSubjects issue in the query planner around the handling of wildcards in compound permissions (#3140)
- MySQL: identifiers (object/subject IDs and relationship counter names) are now stored with a case-sensitive (binary) collation, matching the Postgres, CockroachDB, and Spanner datastores. Previously, identifiers differing only in letter case (e.g.
Fooandfoo) incorrectly collided in unique indexes and lookups. ⚠️ The migration rebuilds therelation_tupletable in place viaALTER TABLE, which can hold a metadata/table lock for a long time on large datasets — run the upgrade in a low-traffic window, or apply it with an online schema-change tool (e.g. gh-ost). (#3161) server.NewConfigWithOptionsAndDefaultsnow populatesConfigand its embedded structs with the same defaults as the CLI flags, fixing zero-value behavior when embedding SpiceDB as a library. (#3156)
What's Changed
- feat: add prometheus metrics for DispatchQueryPlan by @barakmich in #3109
- chore: bump grpc-health-probe by @miparnisari in #3111
- docs: fix changelog by @miparnisari in #3113
- fix: Watch checkpointing in memdb and mysql by @miparnisari in #3114
- chore: use otter as the primary cache implementation and get rid of alternative implementations by @tstirrat15 in #3112
- fix(QP): short-circuit unions where applicable by @miparnisari in #3121
- feat: registry for the iterators by @barakmich in #3118
- testing: add benchmarking to compare LocalExecutor vs DispatchExecutor by @barakmich in #3117
- fix: route query plan dispatch checks through singleflight by @barakmich in #3119
- chore: clarify --termination-log-path flag description by @ivanauth in #3126
- fix: postgres implementation of HeadRevision by @miparnisari in #3127
- feat: introduce a hand-written serialize/deserialize for iterators by @barakmich in #3122
- test: include migration scripts for coverage by @miparnisari in #3128
- fix: mysql migrations by @miparnisari in #3129
- refactor: carry schema hash inside ZedTokens by @josephschorr in #3125
- chore: bump go packages for cve by @miparnisari in #3132
- test: Improve code coverage of tests by @josephschorr in #3063
- fix(schemacache): supervisor recovers from transient watch errors by @vroldanbet in #3134
- otel: replace cobraotel with native lifecycle management by @Jdepp007004 in #3108
- refactor(schemacache): post-#3134 cleanup and race fix by @vroldanbet in #3138
- fix(query): respect wildcard ExcludedSubjects in LookupSubjects intersection by @matte1782 in #3136
- feat: use serialized plans in dispatch by @barakmich in #3130
- fix: three correctness bugs surfaced by GRPC consistency cross-check by @barakmich in #3140
- chore: use StopAllGoroutines for otter by @tstirrat15 in #3145
- chore(deps): bump github.com/quic-go/quic-go from 0.59.0 to 0.59.1 in /magefiles by @dependabot[bot] in #3153
- refactor: schema watching cache by @miparnisari in #3144
- chore: more spans in datastore proxies by @miparnisari in #3154
- chore: rework handles for gRPC tests by @tstirrat15 in #3147
- fix(mysql): store identifiers with a case-sensitive (binary) collation by @josephschorr in #3161
- docs(cache): clarify Cache interface semantics by @ivanauth in #3152
- refactor: remove global
cachesobject by @miparnisari in #3167 - fix: set library-friendly defaults on server Config by @ivanauth in #3156
- chore: add buffnet authority to connection by @tstirrat15 in #3168
- test: flaky TestLookupResources by @miparnisari in #3171
- test: address flake in HeadRevisionDoesNotConsumeXID by @tstirrat15 in #3163
- test: add more goleak checks by @miparnisari in #3175
- test(certtest): make TestCertRotation actually verify hot cert reload by @ivanauth in #3169
- chore: Changed AuthZed Cloud Link in readme by @sohanmaheshwar in #3177
- feat(datalayer): schema caching for write transactions by @ecordell in #3160
- chore: make crdb.Pool code unit-testable by @miparnisari in #3180
- fix: #3179 by @miparnisari in #3181
- fix(lsp): resolve hover on the right side of arrow expressions by @ivanauth in #3157
- refactor: create a new prometheus registry for every server by @miparnisari in #3170
New Contributors
- @Jdepp007004 made their first contribution in #3108
- @matte1782 made their first contribution in #3136
Full Changelog: v1.53.0...v1.54.0
Docker Images
This release is available at authzed/spicedb:v1.54.0, quay.io/authzed/spicedb:v1.54.0, ghcr.io/authzed/spicedb:v1.54.0
What's Changed
- feat: add prometheus metrics for DispatchQueryPlan by @barakmich in #3109
- chore: bump grpc-health-probe by @miparnisari in #3111
- docs: fix changelog by @miparnisari in #3113
- fix: Watch checkpointing in memdb and mysql by @miparnisari in #3114
- chore: use otter as the primary cache implementation and get rid of alternative implementations by @tstirrat15 in #3112
- fix(QP): short-circuit unions where applicable by @miparnisari in #3121
- feat: registry for the iterators by @barakmich in #3118
- testing: add benchmarking to compare LocalExecutor vs DispatchExecutor by @barakmich in #3117
- fix: route query plan dispatch checks through singleflight by @barakmich in #3119
- chore: clarify --termination-log-path flag description by @ivanauth in #3126
- fix: postgres implementation of HeadRevision by @miparnisari in #3127
- feat: introduce a hand-written serialize/deserialize for iterators by @barakmich in #3122
- test: include migration scripts for coverage by @miparnisari in #3128
- fix: mysql migrations by @miparnisari in #3129
- refactor: carry schema hash inside ZedTokens by @josephschorr in #3125
- chore: bump go packages for cve by @miparnisari in #3132
- test: Improve code coverage of tests by @josephschorr in #3063
- fix(schemacache): supervisor recovers from transient watch errors by @vroldanbet in #3134
- otel: replace cobraotel with native lifecycle management by @Jdepp007004 in #3108
- refactor(schemacache): post-#3134 cleanup and race fix by @vroldanbet in #3138
- fix(query): respect wildcard ExcludedSubjects in LookupSubjects intersection by @matte1782 in #3136
- feat: use serialized plans in dispatch by @barakmich in #3130
- fix: three correctness bugs surfaced by GRPC consistency cross-check by @barakmich in #3140
- chore: use StopAllGoroutines for otter by @tstirrat15 in #3145
- chore(deps): bump github.com/quic-go/quic-go from 0.59.0 to 0.59.1 in /magefiles by @dependabot[bot] in #3153
- refactor: schema watching cache by @miparnisari in #3144
- chore: more spans in datastore proxies by @miparnisari in #3154
- chore: rework handles for gRPC tests by @tstirrat15 in #3147
- fix(mysql): store identifiers with a case-sensitive (binary) collation by @josephschorr in #3161
- docs(cache): clarify Cache interface semantics by @ivanauth in #3152
- refactor: remove global
cachesobject by @miparnisari in #3167 - fix: set library-friendly defaults on server Config by @ivanauth in #3156
- chore: add buffnet authority to connection by @tstirrat15 in #3168
- test: flaky TestLookupResources by @miparnisari in #3171
- test: address flake in HeadRevisionDoesNotConsumeXID by @tstirrat15 in #3163
- test: add more goleak checks by @miparnisari in #3175
- test(certtest): make TestCertRotation actually verify hot cert reload by @ivanauth in #3169
- chore: Changed AuthZed Cloud Link in readme by @sohanmaheshwar in #3177
- feat(datalayer): schema caching for write transactions by @ecordell in #3160
- chore: make crdb.Pool code unit-testable by @miparnisari in #3180
- fix: #3179 by @miparnisari in #3181
- fix(lsp): resolve hover on the right side of arrow expressions by @ivanauth in #3157
- refactor: create a new prometheus registry for every server by @miparnisari in #3170
New Contributors
- @Jdepp007004 made their first contribution in #3108
- @matte1782 made their first contribution in #3136
Full Changelog: v1.53.0...v1.54.0
Docker Images
This release is available at authzed/spicedb:v1.54.0, quay.io/authzed/spicedb:v1.54.0, ghcr.io/authzed/spicedb:v1.54.0