v0.60.0
Runtime, Tooling, SDK
- OPA can be run in 1.0 compatibility mode by using the new
--v1-compatibleflag. When this mode is enabled, the current release of OPA will behave as OPAv1.0will eventually behave by default. This flag is currently supported on thebuild,check,fmt,evalandtestcommands (#6478) authored by @johanfylling - Extend the telemetry report to include the minimum compatible version of policies loaded into OPA (#6361) co-authored by @srenatus and @ashutosh-narkar
- server: Support fsnotify based reloading of certificate, key and CA cert pool when they change on disk (#5788) authored by @charlieegan3
- Add option on the unit test runner to surface builtin errors. This should help with debugging errors generated while running unit tests (#6489) authored by @jalseth
- Fix issue in
opa fmtwhere the assignment operator and term in the rule head of chain rules are removed from the re-written rule head (#6467) authored by @anderseknert - cmd/fmt: Replace dependency on
difftool with an external golang library function (#6284) authored by @colinjlacy
Topdown and Rego
- topdown/providers: Preserve user provided http headers in the
providers.aws.sign_reqbuiltin command (#6456) authored by @c2zwdjnlcg - rego: Allow custom builtin function registration to provide a description for the builtin (#6449) authored by @lcarva
- ast+cmd: Allow bundle to contain calls to unknown functions when inspected (#6457) authored by @johanfylling
Docs
- Add section on the changes proposed for a future OPA v1.0 and update Rego examples to be OPA v1.0 compliant(#6453) authored by @johanfylling
- Clarify behavior of the
sprintfbuiltin command when used with the%Tmarker (#6487) authored by @lcarva
Website + Ecosystem
- Ecosystem: Digger (#6464) authored by @anderseknert