build(deps): bump github.com/openfga/openfga from 1.7.0 to 1.8.2

[dependabot]

Bumps github.com/openfga/openfga from 1.7.0 to 1.8.2.

Release notes

Sourced from github.com/openfga/openfga's releases.

v1.8.2

Added

• Add metrics cachecontroller_find_changes_and_invalidate_histogram on latency for cache controller in finding changes and invalidating. #2135
• Improve Check performance when cache controller is enabled by invalidating iterator and sub-problem cache asynchronously when read changes API indicates there are recent writes/deletes for the store. #2124
• Improve check cache key generation performance via strings.Builder #2161.

Fixed

• Labels of metrics that went past the max histogram bucket are now labelled "+Inf" instead of ">max". #2146
• Prevent possible data races by waiting for in-flight cached iterator goroutines during server shutdown #2145
• Correct incorrect check result returned when using experimental flag enable-check-optimizations and model has intersection or exclusion within a TTU or Userset. #2157

Full changelog

v1.8.1

Added

• New flag OPENFGA_CHECK_ITERATOR_TTL. Please see the flag description (./openfga run --help) for more details. #2082
• New flag OPENFGA_CHECK_CACHE_LIMIT. Please see the flag description (./openfga run --help) for more details. #2082
• Improve Check performance for TTU relationships that include set operations. Enable via experimental flag enable-check-optimizations. #2075
• Add a field in log entries when authz calls were made. #2130
• Add Duration to ResolveCheckResponseMetadata for use in metrics. #2139
• Add check_duration_ms metric to server package to enable measurement of check across different API methods. #2139
• Added deduplication logic to BatchCheck API. #2102

Changed

• OIDC token validation will now exclusively throw error code 1004 for invalid tokens. #1999

Removed

• Begin deprecation process for flag OPENFGA_CHECK_QUERY_CACHE_LIMIT, in favor of OPENFGA_CHECK_CACHE_LIMIT. #2082
• Removed flags with the OPENFGA_DISPATCH_THROTTLING_* name. #2083

Fixed

• Improve Check performance in the case that the query involves types that cannot be reached from the source. Enable via experimental flag enable-check-optimizations. #2104
• Fix regression introduced in #2091: error message for invalid Writes. #2110
• Ensure /read and /list-objects respect the received Consistency values #2113
• Fix access-control to always return unauthorized errors, and add logging for authorization failures 2129

Full changelog

v1.8.0

Added

• Added start_time parameter to ReadChanges API to allow filtering by specific time #2020
• Added support for Contextual Tuples in the Expand API. #2045
• Added a flag OPENFGA_CONTEXT_PROPAGATION_TO_DATASTORE to control propagation of a request's context to the datastore. #1838
• Added OTEL measurement for access control store check latency and write latency due to authorization #2069
• Added BatchCheck API which allows multiple check operations to be performed in a single request. It requires a unique correlation_id associated with each individual check to map each result to its associated tuple. For more details, see batch check docs #2039.

Performance

• Improve Check performance in the case that the query involves resolving nested userset with type bound public access. Enable via experimental flag enable-check-optimizations. #2063

... (truncated)

Changelog

Sourced from github.com/openfga/openfga's changelog.

[1.8.2] - 2024-12-13

Full changelog

Added

• Add metrics cachecontroller_find_changes_and_invalidate_histogram on latency for cache controller in finding changes and invalidating. #2135
• Improve Check performance when cache controller is enabled by invalidating iterator and sub-problem cache asynchronously when read changes API indicates there are recent writes/deletes for the store. #2124
• Improve check cache key generation performance via strings.Builder #2161.

Fixed

• Labels of metrics that went past the max histogram bucket are now labelled "+Inf" instead of ">max". #2146
• Prevent possible data races by waiting for in-flight cached iterator goroutines during server shutdown #2145
• Correct incorrect check result returned when using experimental flag enable-check-optimizations and model has intersection or exclusion within a TTU or Userset. #2157

[1.8.1] - 2024-12-05

Full changelog

Added

• New flag OPENFGA_CHECK_ITERATOR_TTL. Please see the flag description (./openfga run --help) for more details. #2082
• New flag OPENFGA_CHECK_CACHE_LIMIT. Please see the flag description (./openfga run --help) for more details. #2082
• Improve Check performance for TTU relationships that include set operations. Enable via experimental flag enable-check-optimizations. #2075
• Improve Check performance for Userset relationships that include set operations. Enable via experimental flag enable-check-optimizations. #2140
• Add a field in log entries when authz calls were made. #2130
• Add Duration to ResolveCheckResponseMetadata for use in metrics. #2139
• Add check_duration_ms metric to server package to enable measurement of check across different API methods. #2139
• Added deduplication logic to BatchCheck API. #2102

Changed

• OIDC token validation will now exclusively throw error code 1004 for invalid tokens. #1999

Removed

• Begin deprecation process for flag OPENFGA_CHECK_QUERY_CACHE_LIMIT, in favor of OPENFGA_CHECK_CACHE_LIMIT. #2082
• Removed flags with the OPENFGA_DISPATCH_THROTTLING_* name. #2083

Fixed

• Improve Check performance in the case that the query involves types that cannot be reached from the source. Enable via experimental flag enable-check-optimizations. #2104
• Fix regression introduced in #2091: error message for invalid Writes. #2110
• Ensure /read and /list-objects respect the received Consistency values #2113
• Fix access-control to always return unauthorized errors, and add logging for authorization failures 2129
• Fix composition of database decorators to fix some performance issues. #2126

[1.8.0] - 2024-11-08

Full changelog

Added

• Added start_time parameter to ReadChanges API to allow filtering by specific time #2020
• Added support for Contextual Tuples in the Expand API. #2045
• Added a flag OPENFGA_CONTEXT_PROPAGATION_TO_DATASTORE to control propagation of a request's context to the datastore. #1838
• Added OTEL measurement for access control store check latency and write latency due to authorization #2069
• Added BatchCheck API which allows multiple check operations to be performed in a single request. It requires a unique correlation_id associated with each individual check to map each result to its associated tuple.

... (truncated)

Commits

• 2c188cd docs: bump changelog in prep for 1.8.2 (#2166)
• 642e0e3 chore: bump proto definitions for batch check API fix (#2165)
• 001950e chore(deps): bump the dependencies group across 1 directory with 8 updates (#...
• 10b591c chore(deps): bump the dependencies group across 1 directory with 8 updates (#...
• ac23d46 chore(deps): bump golang.org/x/crypto from 0.29.0 to 0.31.0 (#2162)
• ccc06b5 perf: use strings.builder when generating check cache key (#2161)
• ebbf2d4 refactor: resolution depth in Check API (#2159)
• c9bea07 perf: cache controller async invalidation (#2124)
• ac7df57 fix: enforce order by object id for ReadStartingWithUser (#2158)
• 5bd446f fix: fastpath v2 tuples not iterated correctly for intersection and exclusion...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)