---
- branch: MAIN
  date: Sat May  4 19:41:45 UTC 2024
  files:
  - new: '1.45'
    old: '1.44'
    path: pkgsrc/devel/opa/Makefile
    pathrev: pkgsrc/devel/opa/Makefile@1.45
    type: modified
  - new: '1.21'
    old: '1.20'
    path: pkgsrc/devel/opa/distinfo
    pathrev: pkgsrc/devel/opa/distinfo@1.21
    type: modified
  - new: '1.21'
    old: '1.20'
    path: pkgsrc/devel/opa/go-modules.mk
    pathrev: pkgsrc/devel/opa/go-modules.mk@1.21
    type: modified
  id: 20240504T194145Z.81c866549acaf6cca1546832c81577060922a041
  log: |
    opa: Update to 0.64.1

    Changes:
    v0.64.1
    This is a bug fix release addressing the following issues:

    - plugins/discovery: Update comparison logic used in the discovery
      plugin for handling overrides. This fixes a panic that resulted from
      the comparison of uncomparable types

    v0.64.0
    This release contains a mix of features, a new builtin function
    `json.marshal_with_options()`, performance improvements, and bugfixes.

    ### Breaking Change

    #### Bootstrap configuration overrides Discovered configuration

    Previously if Discovery was enabled, other features like bundle
    downloading and status reporting could not be configured manually. The
    reason for this was to prevent OPAs being deployed that could not be
    controlled through discovery. It's possible that the system serving the
    discovered config is unaware of all options locally available in OPA.
    Hence, we relax the configuration check when discovery is enabled so
    that the bootstrap configuration can contain plugin configurations. In
    case of conflicts, the bootstrap configuration for plugins wins. These
    local configuration overrides from the bootstrap configuration are
    included in the Status API messages so that management systems can get
    visibility into the local overrides.

    In general, the bootstrap configuration overrides the discovered
    configuration. Previously this was not the case for all configuration
    fields. For example, if the discovered configuration changes the
    `labels` section, only labels that are additional compared to the
    bootstrap configuration are used, all other changes are ignored. This
    implies labels in the bootstrap configuration override those in the
    discovered configuration. But for fields such as `default_decision`,
    `default_authorization_decision`, `nd_builtin_cache`, the discovered
    configuration would override the bootstrap configuration. Now the
    behavior is more consistent for the entire configuration and helps to
    avoid accidental configuration errors.

    ### Add `rego_version` attribute to the bundle manifest

    A new global `rego_version` attribute is added to the bundle manifest,
    to inform the OPA runtime about what Rego version (`v0`/`v1`) to use
    while parsing/compiling contained Rego files. There is also a new
    `file_rego_versions` attribute which allows individual files to
    override the global Rego version specified by `rego_version`.

    When the version of the contained Rego is advertised by the bundle
    through this attribute, it is not required to run OPA with the
    `--v1-compatible` (or future `--v0-compatible`) flag in order to
    correctly parse, compile and evaluate the bundle's modules.

    A bundle's `rego_version` attribute takes precedence over any applied
    `--v1-compatible`/`--v0-compatible` flag.
    ([#6578](https://github.com/open-policy-agent/opa/issues/6578))
    authored by @johanfylling

    v0.63.0
    This release contains a mix of features, performance improvements, and
    bugfixes.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/devel/opa'
  unixtime: '1714851705'
  user: leot