New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Prepare Release v0.46.2 #5453
Prepare Release v0.46.2 #5453
Conversation
Fixes CVE-2022-41717: > net/http: limit canonical header cache by bytes, not entries https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU Signed-off-by: Stephan Renatus <stephan.renatus@gmail.com>
…cy-agent#5450) Before, we'd end up formatting ps["foo"] = "bar" { true } as ps.foo = "bar" { true } and older OPA version know how to parse the former, but not the latter. Fixes open-policy-agent#5449. Also includes: * format: pass internal options via struct; because adding a third (in some cases fifth) boolean argument just didn't seem right. Signed-off-by: Stephan Renatus <stephan.renatus@gmail.com>
✅ Deploy Preview for openpolicyagent ready!
To edit notification comments on pull requests, go to your Netlify site settings. |
Funky stuff going on in the PR checks here 😓 |
Signed-off-by: Stephan Renatus <stephan.renatus@gmail.com>
…t#5365) Fixing recent failures we've had with the other action. Signed-off-by: Stephan Renatus <stephan.renatus@gmail.com>
Signed-off-by: Stephan Renatus <stephan.renatus@gmail.com>
cef44ef
to
040c8e5
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not very familiar with format (yet!) but I can see that the fmtOpts
comment and tests make sense to me. ✅ to the go version change too.
Looks good to me!
This is a bug fix release addressing two issues: one security issue, and one bug
related to formatting backwards-compatibility.
Golang security fix CVE-2022-41717
Since we advise against running an OPA service exposed to the general public of the
internet, potential attackers would be limited to people that are already capable of
sending direct requests to the OPA service.
opa fmt
and backwards compatibility (#5449)In v0.46.1, it was possible that
opa fmt
would format a rule in such a way that:This backwards incompatibility wasn't intended, and has now been fixed.