News Alerts
09/05/2023, 3:00 PMNews Alerts
09/06/2023, 10:04 AMNews Alerts
09/06/2023, 11:02 AMNews Alerts
09/06/2023, 2:02 PMGitHub
09/13/2023, 8:04 AM.cerbos.yaml
as conventional name for config file (#1755)
• 5dce9a9 enhancement(helm): Add ability to set clusterIP (#1707)
• 3fbd95e enhancement(helm): Allow an image digest to be provided instead of a tag (#1735)
• 1f6ba2c enhancement: Better error messages from compile command (#1750)
• e2c7af0 enhancement: Clean-up store resources (#1749)
• 4e7d22c enhancement: Compile and run tests from an archive (#1721)
• 6582c70 enhancement: Configurable time skew for JWT validation (#1790)
• 1130d12 enhancement: Configuration to disable API explorer (#1767)
• 4d5d0c5 enhancement: Relax naming conventions for resource kinds, principals and roles (#1762)
Bug fixes
• 0b7a189 fix(docs): Typo in Calling Cerbos (#1726)
• 6b09c62 fix(planner): Lambda body can be a field selection (#1720)
• 91a0d48 fix: Evict policies from cache after disable or enable (#1711)
• a29a992 fix: Ignore invalid expressions (#1799)
• 7bfa52a fix: Normalize Git store subdirectory config to handle leading ./
correctly (#1774)
Documentation
• c7c5f37 docs(sdk): Update SDK examples (#1731)
• 34f6859 docs: Add testdata schema URLs (#1779)
• eaaed3d docs: Caveats of sharing a DB with multiple instances (#1743)
• a8ad220 docs: Fix typo in 03_calling-cerbos.adoc (#1714)
• b606512 docs: Remove deprecated endpoint/rpc (#1734)
• 4fbbe36 docs: Stop building docs for older versions (#1716)
• a2cf9c9 docs: Update examples for handling expressions beginning with quote (#1739)
Chores
• 4a690fd chore(ci): Always run upload-test-times
after test
(#1756)
• 2b7c99b chore(ci): Create PRs for Homebrew formula updates (#1704)
• 98de402 chore(ci): Debug logging for server tests (#1791)
• 711844a chore(ci): Increase timeout for client tests (#1793)
• bc1a4d5 chore(ci): Publish prerelease images tagged by commit hash (#1736)
• 5691a1b chore(ci): Split snapshots job (#1796)
• 2479397 chore(ci): Switch to Coveralls (#1751)
• b3c81ff chore(ci): Upload test coverage from snapshot builds (#1764)
• fdf5f2e chore(ci): Use experimental 'loopvar' released with Go 1.21 (#1738)
• 3738d7c chore(deps): Bump github.com/cyphar/filepath-securejoin from 0.2.3 to 0.2.4 in /tools (#1788)
• e7aff6e chore(deps): Downgrade pterm to v0.12.66 (#1787)
• 81122c6 chore(deps): Update actions/checkout action to v4 (#1795)
• 0959bda chore(deps): Update bufbuild/buf-setup-action action to v1.25.0 (#1709)
• e4410ce chore(deps): Update bufbuild/buf-setup-action action to v1.25.1 (<https://github.com/cerbos/cerbos/pu…
cerbos/cerbosGitHub
10/31/2023, 8:08 AMruntime.effectiveDerivedRoles
available in CEL expressions (#1778)
• 111c4a3 feat: Reload certificates when they change on disk (#1841)
Enhancements
• d4c39c9 enhancement(api): Separate Go module for API definitions (#1801)
• 0d63f1e enhancement(api): Use toolchain to manage Go version used (#1804)
• 56f7683 enhancement(helm): Add support for defining topology spread constraints (#1821)
• c8af11b enhancement(security)!: Configure gRPC max concurrent streams (#1853)
• 055e476 enhancement: Allow parsing JWTs with legacy keysets (#1823)
• 0624962 enhancement: Deprecate client package (#1815)
• 7123a67 enhancement: Expose Index interface from private (#1847)
• 21315fe enhancement: Expose private Check API (#1843)
• 90bd6cd enhancement: Lenient scope search in tests (#1838)
• dff2dcc enhancement: Migrate to protovalidate (#1800)
Bug fixes
• d135222 fix(docs): Correct link to resources test fixture schema (#1829)
• c6a158a fix(test): Fix resource kind in test (#1813)
Documentation
• 25ba555 docs: Remove unstable warning from Admin API (#1835)
• 85e4eac docs: Update Neovim yamlls configuration section (#1824)
Chores
• ff152ce chore(deps): Bump github.com/docker/docker from 24.0.6+incompatible to 24.0.7+incompatible (#1856)
• 12dc45a chore(deps): Bump github.com/docker/docker from 24.0.6+incompatible to 24.0.7+incompatible in /tools (#1855)
• 4edc6d6 chore(deps): Bump golang.org/x/net from 0.15.0 to 0.17.0 in /api/genpb (#1830)
• e494600 chore(deps): Bump golang.org/x/net from 0.15.0 to 0.17.0 in /tools (#1831)
• ab81d8e chore(deps): Bump golang.org/x/net from 0.16.0 to 0.17.0 (#1833)
• f134903 chore(deps): Bump google.golang.org/grpc from 1.58.0 to 1.58.3 in /tools (#1848)
• 0707972 chore(deps): Update actions/checkout action to v4 (#1806)
• 01a6016 chore(deps): Update amannn/action-semantic-pull-request action to v5.3.0 (#1819)
• 58d2969 chore(deps): Update bufbuild/buf-lint-action action to v1.1.0 (#1840)
• ce03553 chore(deps): Update bufbuild/buf-setup-action action to v1.27.0 (#1827)
• 42e6e61 chore(deps): Update bufbuild/buf-setup-action action to v1.27.1 (#1844)
• 8fb0092 chore(deps): Update bufbuild/buf-setup-action action to v1.27.2 (#1851)
• ecb6b49 chore(deps): Update github actions deps to v3 (major) (#1807)
• f74ecf8 chore(deps): Update go deps (#1805)
• bba5a64 chore(deps): Update go deps (#1816)
• d2affcb chore(deps): Update go deps (#1818)
• e8aa142 chore(deps): Update go deps (#1826)
• 49bfbe0 chore(deps): Update go deps (#1839)
• 1295185 chore(deps): Update go deps (#1845)
• 5f6b938 chore(deps): Update go deps (#1852)
• 81f2745 chore(deps): Update goreleaser/goreleaser-action action to v5 (#1808)
• 4512ca7 chore(docs): Add link to Laravel SDK (#1810)
• <https://git…
cerbos/cerbosGitHub
11/30/2023, 8:51 AM--skip-publish
flag (#1893)
• 9fe252a chore(deps): Bump github.com/sigstore/cosign/v2 from 2.0.3-0.20230523133326-0544abd8fc8a to 2.2.1 in /tools (#1869)
• da82249 chore(deps): Bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.45.0 to 0.46.0 (#1871)
• e028281 chore(deps): Update amannn/action-semantic-pull-request action to v5.4.0 (#1862)
• fd30cac chore(deps): Update bufbuild/buf-setup-action action to v1.28.0 (#1873)
• 72f67c3 chore(deps): Update github actions deps (#1884)
• ebb56d2 chore(deps): Update go deps (#1863)
• 4662108 chore(deps): Update go deps (#1874)
• d51d9c9 chore(deps): Update go deps (#1885)
• 23de714 chore(deps): Update go deps (#1888)
• fef22d1 chore(release): Prepare release 0.32.0
• 8f52e1e chore(test): Fix Kafka integration tests (#1878)
• 7a72711 chore(version): Bump version to 0.32.0
• 761a3dc chore: Access to check options from custom checkers (#1861)
• 16f081b chore: Add pre-cache API to TestFixtureGetter (#1866)
• cf21eb0 chore: Add tests to check fixture loading from testdata (#1877)
• eba4b3f chore: Allow LoadTestFixture to continue on error (#1859)
• d51f597 chore: Enable Otel interceptor for grpc-gateway client (#1892)
• 3dc5ff8 chore: Fix legacy OTLP exporter initialization (#1891)
• 7dd5d0c chore: Simplify residual expression (#1876)
• 77e836e chore: Upgrade to CEL 0.18 (#1860)
cerbos/cerbosGitHub
01/16/2024, 8:53 AMUser-Agent
header aliasing (#1941)
Documentation
• 2db232f chore: Revert "docs: Fix image URLs (#1943)" (#1951)
• cfa36ef docs: Add policy variable examples (#1940)
• 5072b93 docs: Fix image URLs (#1943)
• 4194f6e docs: Fix incorrect policy rule in tutorial (#1930)
• 7affa69 docs: Remove older versions (#1942)
Chores
• b40cf5a chore(deps): Bump github.com/cloudflare/circl from 1.3.3 to 1.3.7 (#1935)
• 015f51a chore(deps): Bump github.com/cloudflare/circl from 1.3.5 to 1.3.7 in /tools (#1936)
• d9d22e5 chore(deps): Bump github.com/go-git/go-git/v5 from 5.7.0 to 5.11.0 in /tools (#1925)
• d871844 chore(deps): Bump golang.org/x/crypto from 0.15.0 to 0.17.0 in /tools (#1916)
• 002b035 chore(deps): Downgrade github.com/chigopher/pathlib (#1924)
• e7d6014 chore(deps): Tidy dependencies (#1899)
• 24acf48 chore(deps): Tidy dependencies (#1907)
• 7c43413 chore(deps): Update actions/setup-go action to v5 (#1906)
• 7f098db chore(deps): Update github actions deps to v3 (major) (#1915)
• 5d2264b chore(deps): Update github actions deps to v4 (major) (#1923)
• 852cfff chore(deps): Update go deps (#1896)
• 6a5f22b chore(deps): Update go deps (#1905)
• a939aa0 chore(deps): Update go deps (#1914)
• d79fa22 chore(deps): Update go deps (#1922)
• 73e1971 chore(deps): Update go deps (#1928)
• ca453c7 chore(deps): Update go deps (#1933)
• e128d4a chore(deps): Update go deps (#1950)
• 288e33c chore(deps): Update google-github-actions/auth action to v2 (#1897)
• 39b39be chore(deps): Update google-github-actions/setup-gcloud action to v2 (#1929)
• 9c6b6d9 chore(deps): Update module golang.org/x/crypto to v0.17.0 [security] (#1917)
• a45ddc2 chore(docs): Readme updat…
cerbos/cerbosRohit Ghumare
01/29/2024, 10:00 AMExtend Policy Decision Point (PDP) with centralized authorization
cerbie Cerbos is excited to announce their public beta launch for Cerbos Hub and two new features to simplify the lives of developers and teams when managing their authorizations! -> Sign up for a free Cerbos Hub account
💥 New feature #1
Embeddable authorization policies via WebAssembly
• Cerbos Hub also provides an embeddable version of the policies that allow for taking authorization decisions on-device, at edge, and in environments where it is not possible to run a service.
• The Cerbos Hub CI/CD pipeline will produce bundles, keeping them in sync with your policies on every change.
• The access to be facilitated in applications will be via the Cerbos SDKs. And they handle auth checks without needing a roundtrip to the backend service.
🚀 Check out the documentation for more 🚀
💥 New feature #2
Write and test policies in the Cerbos Hub's IDE Collaborative Playground
• For those who are familiar with Cerbos’ open source product, Cerbos PDP, the Cerbos Playground is going to be a familiar concept.
• It is an interactive space where users can write, test, and simulate Cerbos policies in real time.
• Cerbos Hub now has a full-featured collaborative IDE - Cerbos Hub Playground, to develop, iterate, and test policy.
• It comes with instant feedback on changes, It comes with an automated test runner, it integrates into your git-based workflow, Play with the capabilities of Cerbos without any setup or installation with included sample policies.
🚀 Read the documentation for more 🚀
📃Resources📃
• Cerbos Hub - Start for free
• Cerbos Hub documentation
• Join our Slack Community to be in the know of the latest developments
• We want to help build or review your first policy. Book a 30-minute free workshop
• Cerbos PDP is open source. Feel free to browse or contribute, and don't forget to drop a star ⭐
💡️Note: I am here to assist you. Feel free to contact me anytime with questions or concerns at #helpRohit Ghumare
01/31/2024, 9:00 AMMaintaining roles, permissions, and authorization policies within your JavaScript front-end and full-stack apps creates technical debt and security vulnerabilities. What if you need to replicate those same policies in an additional Express.js or Next.js app? Do you build and maintain separate codebases, creating an even more significant threat?
👋 Join @Alex Olivier (Cerbos), Cerbos Chief Product Officer, and Wesley, presenter of the popular ByteGrad Youtube channel, as they demonstrate how easy it is to author permissions and policy changes using Cerbos and deploy those changes without changing any other code.
🔗 Join here to register for the webinar 🚀
🤯 In this 45-minute session, you will learn to:
• Set up a free policy repository on Cerbos Hub and define roles and permissions for your app.
• Instantly synchronize policy changes across your entire app portfolio - front-end React and Next.js apps, mobile, APIs, and back-end Node.js services.
• Use WASM libraries to operate and synchronize access control on front-end frameworks like React, across any cloud providers, and in serverless functions and architectures.
We'll also have live Q&A, so bring your questions! 🎙️
Rohit Ghumare
02/05/2024, 9:00 AMSimplify Access Control in Your Apps with Cerbos Hub & Eliminate Months of Coding
We’ll also have live Q&A, so bring your questions!
🔗 Join here to register for the webinar
`Speakers`:
@Alex Olivier (Cerbos), Chief Product Officer
Alex Olivier is the CPO and Co-founder at Cerbos. He has designed enterprise solutions from the ground up as an engineer, tech lead, and product manager, always with an eye on the developer experience. At Microsoft, Qubit, and many startups, he designed platforms that helped teams move faster at scale, focusing on core components like authorization, data management, and security.
Wesley, Founder @ByteGrad
Wesley is the driving force behind the popular ByteGrad YouTube channel that demystifies programming for developers at every experience level, with over 85k subscribers and 1 million total views. Wesley has also authored popular courses such as "Professional React & Next.js," further solidifying his reputation as a leading voice for the developer community.
Click here👇
🔗 Join here to register for the webinarGitHub
02/20/2024, 9:17 AMAnna Paykina
02/27/2024, 10:40 AMAnna Paykina
03/04/2024, 10:31 AMRohit Ghumare
03/11/2024, 9:00 AMCerbos
and cerbosctl
are now available as npm packages! 🚀
Gone are the days of managing Docker containers for your authorization needs. With Cerbos directly accessible via npm
, you can effortlessly integrate it into your projects with a simple ``npx cerbos`` command or by adding it as a script in your package.json
.
What’s in it for you?
• 🛠️ Smooth integration into your workflows.
• 🧾 Verifiable package integrity, giving you peace of mind about the code you use.
• 🔒 Enhanced supply-chain security, making your development process safer than ever.
This is more than just a release; it’s a step forward in secure and transparent software development. Head over to npm
to see the new provenance tick and get your hands on the latest from Cerbos.
🔗 Cerbos on npm
Keep building amazing things, with trust and security right at your codebase. 🛡️💻Rohit Ghumare
03/14/2024, 9:00 AMbooth #E32
where we're set to showcase how Cerbos is simplifying authorization for developers.
🔐 Tired of wading through complex permission layers? We've got you covered. With Cerbos, embrace a world where managing permissions is easy, so you can focus on what you do best: building great software.
Don't miss the chance to:
• Get a firsthand look at our innovative approach to authorization.
• Meet the minds behind Cerbos and learn how we can help streamline your security protocols.
• Discover tips and tricks to implement fine-grained, context-aware permissions with ease.
We can't wait to meet you there and explore how Cerbos can simplify and secure your development life. See you at booth #E32!Rohit Ghumare
03/28/2024, 7:15 PMCerbos community
! 🎉
Great news! The ebook from Flagsmith that @Alex Olivier (Cerbos), our CPO, contributed to is officially out! 🚀📚 It's packed with insights into modern development practices in banking, and we're thrilled to be a part of it.
We'd love your support in spreading the word! If you could like and share our posts on LinkedIn and Twitter, it would mean the world to us:
• LinkedIn: Modern Development Practices in Banking
• Twitter: Check out the ebook feat. Alex Olivier
For those keen to dive in, we've attached the ebook PDF here for your convenience. 📖
Don't miss out on exploring this valuable resource: Download the ebook
Huge thanks to Flagsmith for collaborating on this initiative. 🙏
Let's keep pushing the boundaries of what's possible in banking development together!GitHub
04/09/2024, 7:45 AMAnna Paykina
04/11/2024, 10:34 AMRohit Ghumare
04/15/2024, 8:00 AMHeidi Hokanson
04/17/2024, 1:03 PMRohit Ghumare
04/19/2024, 10:03 AM2,500 stars
on GitHub for Cerbos! This is a huge milestone for us and it couldn’t have been possible without the hard work and dedication of everyone in this community. Thank you all for your contributions, support, and for believing in the power of open-source.
Let’s take a moment to celebrate our collective achievement and set our sights on even bigger goals. 🌟🚀
Here’s to many more stars and successes in our future! Feel free to share the news and let everyone know about our amazing community!Rohit Ghumare
04/23/2024, 8:00 AMNew Podcast Episode Alert in The Scripting Den!
🌟
Hey everyone! 🚀 Dive into the latest episode of "*The Scripting Den*" podcast, where @Alex Olivier (Cerbos), Co-Founder and CPO of Cerbos, shares invaluable insights on the evolution of security as products transition from MVP to mature offerings.
What to Expect:
• Strategies on enhancing security during the scaling phase.
• Tips on selecting the right tools to save resources and focus on innovation.
• Understanding the importance of scalability and user feedback in product development.
•
This episode is a treasure trove for developers, product managers, and tech entrepreneurs focused on refining their product post-MVP. Don't miss out on these expert strategies to ensure your product is secure, scalable, and set up for success!
🎧 Listen to the full episode here for a deeper understanding: The Scripting Den Podcast.
Happy listening, and let’s discuss our thoughts here! What did you find most valuable? 💭Anna Paykina
04/30/2024, 10:26 AMHeidi Hokanson
04/30/2024, 6:27 PMHeidi Hokanson
05/02/2024, 12:57 PMAnna Paykina
05/03/2024, 10:27 AMAnna Paykina
05/08/2024, 2:41 PMGitHub
05/09/2024, 8:08 AMEFFECT_DENY
in test failure details (#2117)
• 68fcdfa fix: Kafka TLS using system CA (#2120)
• 61addb0 fix: Mark tests with missing expectations as errored (#2116)
• 0c755f2 fix: Stop blocking Kafka audit publishing when an outage occurs (#2122)
Documentation
• b022d25 docs: Add documentation for Dagger Cerbos module (#2106)
• 31897e0 docs: Document Hub features (#2133)
• 1a04715 docs: Document how to verify cosign signatures (#2094)
Chores
• 36d3681 chore(ci): Check results of npm package tests (#2098)
• 82f774d chore(ci): Fix E2E tests combining the host address with extra colon (#2114)
• 55b6826 chore(ci): Remove unmaintained Netlify action (#2093)
• c95f50f chore(ci): Update storage type for Jaeger chart (#2096)
• 2001128 chore(deps): Bump github.com/docker/docker from 26.0.0+incompatible to 26.0.2+incompatible in /tools (#2108)
• f74f372 chore(deps): Bump github.com/sigstore/cosign/v2 from 2.2.1 to 2.2.4 in /tools (#2097)
• e2b73f0 chore(deps): Bump golang.org/x/net from 0.21.0 to 0.23.0 in /api/genpb (#2110)
• 5ac1c32 chore(deps): Update github actions deps (#2125)
• e7d828a chore(deps): Update go deps (#2099)
• 5f96e64 chore(deps): Update go deps (#2111)
• a40093a chore(deps): Update go deps (#2124)
• 38c0f24 chore(deps): Update go deps (#2135)
• 236ab29 chore(deps): Update go deps (#2139)
• 56a29ba chore(deps): Update go deps to v2 (major) (#2138)
• 394cfa0 chore(deps): Update golangci/golangci-lint-action action to v5 (#2127)
• 70db704 chore(deps): Update golangci/golangci-lint-action action to v5.3.0 (#2136)
• c862740 chore(deps): Update node.js deps (#2100)
• cd4894a chore(deps): Update node.js deps (#2126)
• 4e40af6 chore(deps): Update node.js deps (#2137)
• 603d0ef chore(deps): Update pnpm to v9.0.5 (#2112)
• 8f7af37 chore(deps): Update to go1.22.3 (#2143)
• a5d835b chore(deps): Use latest Cerbos SDK (#2140)
• d797ebb chore(docs): Update cloud-platforms.adoc (#2109)
• 531e896 chore(release): Add 0.35.1 release notes (#2090)
• 80e10c1 …
cerbos/cerbosRohit Ghumare
05/09/2024, 9:46 AMGitOps for application authorization
. 🚀
👉 Main Takeaways:
• Simplify Authorization: Move from complex code to straightforward, versionable policies.
• Enhanced Scalability: Enjoy the benefits of a stateless, scalable architecture perfect for cloud-native setups.
• Security and Compliance: With centralised audit logs, every decision can be tracked for better compliance and monitoring.
🎥 For those who missed it, you can watch the full demo here to see how these strategies can streamline your development workflow and enhance security measures.
💬 Please share your thoughts or how you might apply these GitOps principles in your projects! Let’s get the conversation going! 🌐