feat: Add Access Control Policy #2337

shahzadlone · 2024-02-23T03:15:38Z

🚫 Not Ready For Review (High-Level Feedback Welcomed) 🚫

Relevant issue(s)

Resolves #TBD

Description

There are some pieces of the puzzle missing, PR is opened upon request for high-level feedback only:

Signatures (That branch will merge here and likely will merge some of it's commits in a separate PR).
Some CLI Implementations (add policy)
Testing Combinations with other features
Test persistence with DB restart.
Remove logging from acp package to outside where the functions are called.
Enable In-Memory ACP Support
- Remove In-Memory Hack
Some other todos / history re-writes
Resolve sourcehub vulnerbility

Tasks

I made sure the code is well commented, particularly hard-to-understand areas.
I made sure the repository-held documentation is changed accordingly.
I made sure the pull request title adheres to the conventional commit style (the subset used in the project can be found in tools/configs/chglog/config.yml).
I made sure to discuss its limitations such as threats to validity, vulnerability to mistake and misuse, robustness to invalidation of assumptions, resource requirements, ...

How has this been tested?

Describe all types of tests

Specify the platform(s) on which this was tested:

Manjaro WSL2

## Relevant issue(s) Resolves sourcenetwork#1711 ## Description Returns errors from typeJoinOne instead of ignoring them.

…ork#1715) ## Relevant issue(s) Resolves sourcenetwork#1714 ## Description Discard index and subscription implicit transactions. I'm not sure if this was causing any problems, but they should be discarded.

…twork#1718) ## Relevant issue(s) Resolves sourcenetwork#1717 ## Description Removes collection names param from testUtils.ExecuteTestCase and instead figures stuff out from the test actions. It has irked me for a while that we had to declare this, and it is only going to keep getting harder and harder to remove it as we add more tests. I have a preference to use simple string stuff instead of any ast magic for this, as we'd be using the production code under test to test itself, and it is a bit heavy going for now. If the basic string stuff becomes a hassle we can switch over to ast stuff or similar without too much trouble at a later date.

…rk#1713) ## Relevant issue(s) Resolves sourcenetwork#1636 and sourcenetwork#1637 ## Description With this change the calculation of stats for fetching documents is moved to fetcher. This was necessary because each call to `fetcher.FetchNext...` could potentially perform multiple doc fetches. But scanNode (previously responsible for this) would just increment by 1. Moreover, scanNode would incorrectly count end of fetching (returned nil doc) as 1 as well. Also this fix introduces another (probably more important) metric `fieldFetches` which better indicates the execution cost because it much closer correlates with number of IO operations, as eace document's field is stored in a separate KV pair.

## Relevant issue(s) Resolves sourcenetwork#1722 ## Description Switches lens migrations to use wazero runtime. Avoids static-library/windows issues.

…k#1729) ## Relevant issue(s) Resolves sourcenetwork#1727 ## Description - Remove extra docker build file. - Remove libwasmer dep. - Ensure docker file is valid on every PR. - Disable multiplexing http to pass the rust dependency building.

Actions taken to cut release: - ran `go mod tidy` - regenerated in-repo docs (CLI and manpages) - bump BSL license parameters - update changelog

Release v0.6.0

…#1725) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.56.2 to 1.57.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's releases</a>.</em></p> <blockquote> <h2>Release 1.57.0</h2> <h1>API Changes</h1> <ul> <li>resolver: remove deprecated <code>Target.Scheme</code> and <code>Target.Authority</code>. Use <code>URL.Scheme</code> and <code>URL.Host</code> instead, respectively (<a href="https://redirect.github.com/grpc/grpc-go/issues/6363">#6363</a>)</li> </ul> <h1>Behavior Changes</h1> <ul> <li>client: percent-encode the default authority for the channel (<a href="https://redirect.github.com/grpc/grpc-go/issues/6428">#6428</a>)</li> <li>xds: require EDS service name to be set in a CDS cluster with an 'xdstp' resource name (gRFC A47) (<a href="https://redirect.github.com/grpc/grpc-go/issues/6438">#6438</a>)</li> </ul> <h1>New Features</h1> <ul> <li>reflection: support the v1 reflection service and update <code>Register</code> to register both v1alpha and v1 (<a href="https://redirect.github.com/grpc/grpc-go/issues/6329">#6329</a>)</li> <li>xds: add support for string matcher in RBAC header matching (<a href="https://redirect.github.com/grpc/grpc-go/issues/6419">#6419</a>)</li> <li>alts: add support for <code>GRPC_ALTS_MAX_CONCURRENT_HANDSHAKES</code> env var (<a href="https://redirect.github.com/grpc/grpc-go/issues/6267">#6267</a>)</li> <li>balancer/weightedroundrobin: de-experimentalize name of LB policy (<a href="https://redirect.github.com/grpc/grpc-go/issues/6477">#6477</a>)</li> </ul> <h1>Bug Fixes</h1> <ul> <li>status: <code>status.FromError</code> now returns an error with <code>codes.Unknown</code> when the error implements the <code>GRPCStatus()</code> method, and calling <code>GRPCStatus()</code> returns <code>nil</code> (<a href="https://redirect.github.com/grpc/grpc-go/issues/6374">#6374</a>) <ul> <li>Special Thanks: <a href="https://github.com/atollena"><code>@atollena</code></a></li> </ul> </li> <li>server: fix bug preventing TCP user timeout from being set on the connection when TLS is used (<a href="https://redirect.github.com/grpc/grpc-go/issues/6321">#6321</a>) <ul> <li>Special Thanks: <a href="https://github.com/tobotg"><code>@tobotg</code></a></li> </ul> </li> <li>client: eliminate connection churn during an address update that differs only in balancer attributes (<a href="https://redirect.github.com/grpc/grpc-go/issues/6439">#6439</a>)</li> <li>clusterresolver: handle EDS nacks, resource-not-found errors, and DNS Resolver errors correctly (<a href="https://redirect.github.com/grpc/grpc-go/issues/6436">#6436</a>, <a href="https://redirect.github.com/grpc/grpc-go/issues/6461">#6461</a>)</li> <li>xds/ringhash: cache connectivity state of subchannels inside picker to avoid rare races (<a href="https://redirect.github.com/grpc/grpc-go/issues/6351">#6351</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/grpc/grpc-go/commit/87bf02ad24f6cc071d2553eb5d62332194bba1fe"><code>87bf02a</code></a> Change version to 1.57.0 (<a href="https://redirect.github.com/grpc/grpc-go/issues/6448">#6448</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/6b64be9784958b37d2b1d7618b37a7f8a824654b"><code>6b64be9</code></a> resolver/weighted_round_robin: remove experimental suffix from name</li> <li><a href="https://github.com/grpc/grpc-go/commit/9489082068eb8cade6ea4f943ac83a205e0e382b"><code>9489082</code></a> github: replace deprecated command with environment file (<a href="https://redirect.github.com/grpc/grpc-go/issues/6417">#6417</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/d1868a539b5acb10daceeeb4fcbc6a8dedc7a532"><code>d1868a5</code></a> clusterresolver: add logs for dns discovery mechanism error cases (<a href="https://redirect.github.com/grpc/grpc-go/issues/6444">#6444</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/8e9c8f8e7133eb7ed64438837636dae2c5d92ce6"><code>8e9c8f8</code></a> grpc: do not use balancer attributes during address comparison (<a href="https://redirect.github.com/grpc/grpc-go/issues/6439">#6439</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/db32c5bfeb563e7ce6661b37d6a55688cbeb4a20"><code>db32c5b</code></a> Fix preloader mode in benchmarks (<a href="https://redirect.github.com/grpc/grpc-go/issues/6359">#6359</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/f0280f9d3d2f3fbe45de1ab5873a19ec678c74c8"><code>f0280f9</code></a> xds: require EDS service name in new-style CDS clusters (gRFC A47) (<a href="https://redirect.github.com/grpc/grpc-go/issues/6438">#6438</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/bf5b7aecd53ba679d72d43bbf61dee40633f6344"><code>bf5b7ae</code></a> clusterresolver: handle EDS nacks and resource-not-found errors correctly (<a href="https://redirect.github.com/grpc/grpc-go/issues/6">#6</a>...</li> <li><a href="https://github.com/grpc/grpc-go/commit/fc0aa4689cd434c21cd4cbbbe9ef5af842ccb326"><code>fc0aa46</code></a> client: encode the authority by default (<a href="https://redirect.github.com/grpc/grpc-go/issues/6428">#6428</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/11feb0a9afd844fd2ab1f18dca02ad6a344b21bf"><code>11feb0a</code></a> resolver: delete Target.Scheme and Target.Authority (<a href="https://redirect.github.com/grpc/grpc-go/issues/6363">#6363</a>)</li> <li>Additional commits viewable in <a href="https://github.com/grpc/grpc-go/compare/v1.56.2...v1.57.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/grpc&package-manager=go_modules&previous-version=1.56.2&new-version=1.57.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…ourcenetwork#1724) Bumps [github.com/libp2p/go-libp2p-kad-dht](https://github.com/libp2p/go-libp2p-kad-dht) from 0.24.2 to 0.24.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/libp2p/go-libp2p-kad-dht/releases">github.com/libp2p/go-libp2p-kad-dht's releases</a>.</em></p> <blockquote> <h2>v0.24.3</h2> <h2>What's Changed</h2> <ul> <li>filter local addresses (for WAN) and localhost addresses (for LAN) by <a href="https://github.com/marten-seemann"><code>@marten-seemann</code></a> in <a href="https://redirect.github.com/libp2p/go-libp2p-kad-dht/pull/839">libp2p/go-libp2p-kad-dht#839</a></li> <li>fix: don't add unresponsive DHT servers to the Routing Table by <a href="https://github.com/guillaumemichel"><code>@guillaumemichel</code></a> in <a href="https://redirect.github.com/libp2p/go-libp2p-kad-dht/pull/820">libp2p/go-libp2p-kad-dht#820</a></li> <li>Release v0.24.0 by <a href="https://github.com/Jorropo"><code>@Jorropo</code></a> in <a href="https://redirect.github.com/libp2p/go-libp2p-kad-dht/pull/844">libp2p/go-libp2p-kad-dht#844</a></li> <li>fix: issues discovered in kubo v0.21.0-rc1 by <a href="https://github.com/Jorropo"><code>@Jorropo</code></a> in <a href="https://redirect.github.com/libp2p/go-libp2p-kad-dht/pull/851">libp2p/go-libp2p-kad-dht#851</a></li> <li>Release v0.24.2 by <a href="https://github.com/Jorropo"><code>@Jorropo</code></a> in <a href="https://redirect.github.com/libp2p/go-libp2p-kad-dht/pull/853">libp2p/go-libp2p-kad-dht#853</a></li> <li>tracing: fix DHT keys as string attribute not being valid utf-8 by <a href="https://github.com/MichaelMure"><code>@MichaelMure</code></a> in <a href="https://redirect.github.com/libp2p/go-libp2p-kad-dht/pull/859">libp2p/go-libp2p-kad-dht#859</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/libp2p/go-libp2p-kad-dht/compare/v0.24.2...v0.24.3">https://github.com/libp2p/go-libp2p-kad-dht/compare/v0.24.2...v0.24.3</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/libp2p/go-libp2p-kad-dht/commit/fa4953c2a65454a0cf8f217ad07799fdeeae8e6f"><code>fa4953c</code></a> Merge pull request <a href="https://redirect.github.com/libp2p/go-libp2p-kad-dht/issues/859">#859</a> from MichaelMure/fix-tracing</li> <li><a href="https://github.com/libp2p/go-libp2p-kad-dht/commit/43b05814674e796cabc87a491bc9250fbdfcceae"><code>43b0581</code></a> chore: release v0.24.3</li> <li><a href="https://github.com/libp2p/go-libp2p-kad-dht/commit/a6403ab8eacbffe33ce48b0c3f709db78ce65853"><code>a6403ab</code></a> tracing: fix DHT keys as string attribute not being valid utf-8</li> <li><a href="https://github.com/libp2p/go-libp2p-kad-dht/commit/ee95d1ab03c47aab03218e18d07483f51e7787e4"><code>ee95d1a</code></a> chore: Update .github/workflows/stale.yml [skip ci]</li> <li><a href="https://github.com/libp2p/go-libp2p-kad-dht/commit/978cb74f5fdf846e09d5769bb4dfb9f962135c38"><code>978cb74</code></a> merge: fix: issues discovered in kubo v0.21.0-rc2 (<a href="https://redirect.github.com/libp2p/go-libp2p-kad-dht/issues/853">#853</a>)</li> <li><a href="https://github.com/libp2p/go-libp2p-kad-dht/commit/a497df16a4d174ffaf5844e3b4de8cc6f607da18"><code>a497df1</code></a> merge: fix: issues discovered in kubo v0.21.0-rc1 (<a href="https://redirect.github.com/libp2p/go-libp2p-kad-dht/issues/851">#851</a>)</li> <li><a href="https://github.com/libp2p/go-libp2p-kad-dht/commit/3c568a77f585fbd1c0d8655c405b11061756b7d3"><code>3c568a7</code></a> chore: Update .github/workflows/stale.yml [skip ci]</li> <li><a href="https://github.com/libp2p/go-libp2p-kad-dht/commit/866fc8cc5603d68094fddade1cca99ccd7043e5a"><code>866fc8c</code></a> Merge pull request <a href="https://redirect.github.com/libp2p/go-libp2p-kad-dht/issues/844">#844</a> from libp2p/release-v0.24.0</li> <li><a href="https://github.com/libp2p/go-libp2p-kad-dht/commit/8c9fdff8f831db4794583f3bc1261cd5fdd26962"><code>8c9fdff</code></a> fix: don't add unresponsive DHT servers to the Routing Table (<a href="https://redirect.github.com/libp2p/go-libp2p-kad-dht/issues/820">#820</a>)</li> <li><a href="https://github.com/libp2p/go-libp2p-kad-dht/commit/8d07d5783f78062aac9e3fb96d3eab1ab7fe6ad0"><code>8d07d57</code></a> Merge pull request <a href="https://redirect.github.com/libp2p/go-libp2p-kad-dht/issues/839">#839</a> from libp2p/addr-filter</li> <li>Additional commits viewable in <a href="https://github.com/libp2p/go-libp2p-kad-dht/compare/v0.24.2...v0.24.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/libp2p/go-libp2p-kad-dht&package-manager=go_modules&previous-version=0.24.2&new-version=0.24.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…work#1739) ## Relevant issue(s) Resolves sourcenetwork#1735 ## Description - Setup the new and faster mocking configuration. - Call the configuration from `Makefile`. - Removes old mocks. - Adds new mocks (biggest difference is file names and removal of mockery version string from the header).

## Relevant issue(s) Resolves sourcenetwork#1591 ## Description Allows documents synced from P2P to migrate (up) by storing the correct schema version id in the datastore on sync.

…k#1721) ## Relevant issue(s) Resolves sourcenetwork#1719 ## Description Enables downgrading of documents via Lens inverses. Inverse migrations are optional.

## Relevant issue(s) Resolves sourcenetwork#1702 ## Description This PR updates the Badger version to v4. It includes a temporary fix to our badger `os.Exit` issue that is costing us time when managing PRs. This should be reverted or properly fixed before releasing v0.7.

) Bumps [github.com/ipfs/boxo](https://github.com/ipfs/boxo) from 0.10.2 to 0.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/ipfs/boxo/releases">github.com/ipfs/boxo's releases</a>.</em></p> <blockquote> <h2>v0.11.0</h2> <h3>Added</h3> <ul> <li>✨ The gateway now supports the optional <code>order</code> and <code>dups</code> CAR parameters from <a href="https://redirect.github.com/ipfs/specs/pull/412">IPIP-412</a>. <ul> <li>The <code>BlocksBackend</code> only implements <code>order=dfs</code> (Depth-First Search) ordering, which was already the default behavior.</li> <li>If a request specifies no <code>dups</code>, response with <code>dups=n</code> is returned, which was already the default behavior.</li> <li>If a request explicitly specifies a CAR <code>order</code> other than <code>dfs</code>, it will result in an error.</li> <li>The only change to the default behavior on CAR responses is that we follow IPIP-412 and make <code>order=dfs;dups=n</code> explicit in the returned <code>Content-Type</code> HTTP header.</li> </ul> </li> <li>✨ While the call signature remains the same, the blocks that Bitswap returns can now be cast to <a href="https://github.com/ipfs/boxo/blob/HEAD/bitswap/client/traceability/block.go">traceability.Block</a>, which will additionally tell you where the Block came from and how long it took to fetch. This helps consumers of Bitswap collect better metrics on Bitswap behavior.</li> </ul> <h3>Changed</h3> <ul> <li>🛠 The <code>ipns</code> package has been refactored. <ul> <li>You should no longer use the direct Protobuf version of the IPNS Record. Instead, we have a shiny new <code>ipns.Record</code> type that wraps all the required functionality to work the best as possible with IPNS v2 Records. Please check the <a href="https://pkg.go.dev/github.com/ipfs/boxo/ipns">documentation</a> for more information, and follow <a href="https://redirect.github.com/ipfs/specs/issues/376">ipfs/specs#376</a> for related IPIP.</li> <li>There is no change to IPNS Records produced by <code>boxo/ipns</code>, it still produces both V1 and V2 signatures by default, it is still backward-compatible.</li> </ul> </li> </ul> <h3>Removed</h3> <ul> <li>🛠 <code>ipld/car</code> has been removed. Please use <a href="https://github.com/ipld/go-car">ipld/go-car</a> instead. More information regarding this decision can be found in <a href="https://redirect.github.com/ipfs/boxo/issues/218">issue 218</a>.</li> </ul> <h3>Fixed</h3> <ul> <li>Removed mentions of unused ARC algorithm (<a href="https://redirect.github.com/ipfs/boxo/issues/366#issuecomment-1597253540">#336</a>)</li> <li>Handle <code>_redirects</code> file when <code>If-None-Match</code> header is present (<a href="https://redirect.github.com/ipfs/boxo/pull/412">#412</a>)</li> </ul> <h3>Security</h3> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/ipfs/boxo/blob/main/CHANGELOG.md">github.com/ipfs/boxo's changelog</a>.</em></p> <blockquote> <h2>[v0.11.0]</h2> <h3>Added</h3> <ul> <li>✨ The gateway now supports the optional <code>order</code> and <code>dups</code> CAR parameters from <a href="https://redirect.github.com/ipfs/specs/pull/412">IPIP-412</a>. <ul> <li>The <code>BlocksBackend</code> only implements <code>order=dfs</code> (Depth-First Search) ordering, which was already the default behavior.</li> <li>If a request specifies no <code>dups</code>, response with <code>dups=n</code> is returned, which was already the default behavior.</li> <li>If a request explicitly specifies a CAR <code>order</code> other than <code>dfs</code>, it will result in an error.</li> <li>The only change to the default behavior on CAR responses is that we follow IPIP-412 and make <code>order=dfs;dups=n</code> explicit in the returned <code>Content-Type</code> HTTP header.</li> </ul> </li> <li>✨ While the call signature remains the same, the blocks that Bitswap returns can now be cast to <a href="https://github.com/ipfs/boxo/blob/main/bitswap/client/traceability/block.go">traceability.Block</a>, which will additionally tell you where the Block came from and how long it took to fetch. This helps consumers of Bitswap collect better metrics on Bitswap behavior.</li> </ul> <h3>Changed</h3> <ul> <li>🛠 The <code>ipns</code> package has been refactored. <ul> <li>You should no longer use the direct Protobuf version of the IPNS Record. Instead, we have a shiny new <code>ipns.Record</code> type that wraps all the required functionality to work the best as possible with IPNS v2 Records. Please check the <a href="https://pkg.go.dev/github.com/ipfs/boxo/ipns">documentation</a> for more information, and follow <a href="https://redirect.github.com/ipfs/specs/issues/376">ipfs/specs#376</a> for related IPIP.</li> <li>There is no change to IPNS Records produced by <code>boxo/ipns</code>, it still produces both V1 and V2 signatures by default, it is still backward-compatible.</li> </ul> </li> </ul> <h3>Removed</h3> <ul> <li>🛠 <code>ipld/car</code> has been removed. Please use <a href="https://github.com/ipld/go-car">ipld/go-car</a> instead. More information regarding this decision can be found in <a href="https://redirect.github.com/ipfs/boxo/issues/218">issue 218</a>.</li> </ul> <h3>Fixed</h3> <ul> <li>Removed mentions of unused ARC algorithm (<a href="https://redirect.github.com/ipfs/boxo/issues/366#issuecomment-1597253540">#336</a>)</li> <li>Handle <code>_redirects</code> file when <code>If-None-Match</code> header is present (<a href="https://redirect.github.com/ipfs/boxo/pull/412">#412</a>)</li> </ul> <h3>Security</h3> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ipfs/boxo/commit/77fb8285deba399b45e282655447b341adac0c83"><code>77fb828</code></a> Merge pull request <a href="https://redirect.github.com/ipfs/boxo/issues/417">#417</a> from ipfs/release-v0.11.0</li> <li><a href="https://github.com/ipfs/boxo/commit/7c4111d4c2984b8a17ae4b025c0072f31797eaf0"><code>7c4111d</code></a> chore: release v0.11.0</li> <li><a href="https://github.com/ipfs/boxo/commit/fe8f90ed6a69c0b0656f122a503e9f01e0e0cf3c"><code>fe8f90e</code></a> changelog: create v0.11.0 section</li> <li><a href="https://github.com/ipfs/boxo/commit/5ba947bb2bc2db41808a5ffbbcb63822c573691d"><code>5ba947b</code></a> bitswap/client: add basic traceable blocks (<a href="https://redirect.github.com/ipfs/boxo/issues/308">#308</a>)</li> <li><a href="https://github.com/ipfs/boxo/commit/1f5df74ba66a6f42bce56c6b7b9b8bf322c1a4ba"><code>1f5df74</code></a> fix: handle _redirects for If-None-Match headers (<a href="https://redirect.github.com/ipfs/boxo/issues/412">#412</a>)</li> <li><a href="https://github.com/ipfs/boxo/commit/f6b448b4263acc7e7a39942fa24e5ada1b09a408"><code>f6b448b</code></a> feat(gateway): support for order=, dups= parameters from IPIP-412 (<a href="https://redirect.github.com/ipfs/boxo/issues/370">#370</a>)</li> <li><a href="https://github.com/ipfs/boxo/commit/4b29eb020c6860da7b60b501003a68334aa6961f"><code>4b29eb0</code></a> docs: fix changelog entries (<a href="https://redirect.github.com/ipfs/boxo/issues/414">#414</a>)</li> <li><a href="https://github.com/ipfs/boxo/commit/cfad09d7156efa2f09822d620cacb2423d884067"><code>cfad09d</code></a> ci: add changelog update checker workflow (<a href="https://redirect.github.com/ipfs/boxo/issues/398">#398</a>)</li> <li><a href="https://github.com/ipfs/boxo/commit/0c3bdb00ba835808fd9c116def531225dda023bb"><code>0c3bdb0</code></a> docs(blockstore): clarify AllKeysChan (<a href="https://redirect.github.com/ipfs/boxo/issues/363">#363</a>)</li> <li><a href="https://github.com/ipfs/boxo/commit/85b7e0a1490888ca53d190897c0f6af9685c764b"><code>85b7e0a</code></a> docs(readme): new logo and header (<a href="https://redirect.github.com/ipfs/boxo/issues/405">#405</a>)</li> <li>Additional commits viewable in <a href="https://github.com/ipfs/boxo/compare/v0.10.2...v0.11.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/ipfs/boxo&package-manager=go_modules&previous-version=0.10.2&new-version=0.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…ork#1743) ## Relevant issue(s) Resolves # ## Description - Help combine `dependabot` PRs. - Can combine based on sub selecters. ## How has this been tested? Since this is a manual trigger, in order to test this we need to merge this I think.

…1744) ✅ This PR was created by the Combine PRs action by combining the following PRs: sourcenetwork#1734 bot: Bump @typescript-eslint/eslint-plugin from 5.59.11 to 6.2.0 in /playground sourcenetwork#1733 bot: Bump typescript from 5.1.3 to 5.1.6 in /playground sourcenetwork#1731 bot: Bump eslint from 8.45.0 to 8.46.0 in /playground ⚠️ The following PRs were left out due to merge conflicts: sourcenetwork#1732 bot: Bump vite from 4.3.9 to 4.4.7 in /playground --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Fred Carle <fredcarle@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Shahzad Lone <shahzadlone@gmail.com>

…1730) Bumps [graphiql](https://github.com/graphql/graphiql/tree/HEAD/packages/graphiql) from 3.0.4 to 3.0.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/graphql/graphiql/releases">graphiql's releases</a>.</em></p> <blockquote> <h2>graphiql@3.0.5</h2> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/graphql/graphiql/pull/3371">#3371</a> <a href="https://github.com/graphql/graphiql/commit/2348641c07748691c478ac5f67032b7e9081f9cb"><code>2348641c</code></a> Thanks <a href="https://github.com/acao"><code>@acao</code></a>! - Solves <a href="https://github.com/graphql/graphiql/tree/HEAD/packages/graphiql/issues/2825">#2825</a>, an old bug where new tabs were created on every refresh</p> <p>the bug occurred when:</p> <ol> <li><code>shouldPersistHeaders</code> is not set to true</li> <li><code>headers</code> or <code>defaultHeaders</code> are provided as props</li> <li>the user refreshes the browser</li> </ol> </li> <li> <p>Updated dependencies [<a href="https://github.com/graphql/graphiql/commit/2348641c07748691c478ac5f67032b7e9081f9cb"><code>2348641c</code></a>]:</p> <ul> <li><code>@graphiql/react</code><a href="https://github.com/0"><code>@0</code></a>.19.3</li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/graphql/graphiql/blob/main/packages/graphiql/CHANGELOG.md">graphiql's changelog</a>.</em></p> <blockquote> <h2>3.0.5</h2> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/graphql/graphiql/pull/3371">#3371</a> <a href="https://github.com/graphql/graphiql/commit/2348641c07748691c478ac5f67032b7e9081f9cb"><code>2348641c</code></a> Thanks <a href="https://github.com/acao"><code>@acao</code></a>! - Solves <a href="https://github.com/graphql/graphiql/tree/HEAD/packages/graphiql/issues/2825">#2825</a>, an old bug where new tabs were created on every refresh</p> <p>the bug occurred when:</p> <ol> <li><code>shouldPersistHeaders</code> is not set to true</li> <li><code>headers</code> or <code>defaultHeaders</code> are provided as props</li> <li>the user refreshes the browser</li> </ol> </li> <li> <p>Updated dependencies [<a href="https://github.com/graphql/graphiql/commit/2348641c07748691c478ac5f67032b7e9081f9cb"><code>2348641c</code></a>]:</p> <ul> <li><code>@graphiql/react</code><a href="https://github.com/0"><code>@0</code></a>.19.3</li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/graphql/graphiql/commit/9049e79ff7531f34e4d2ddbcbc7fed7a444760fc"><code>9049e79</code></a> Version Packages</li> <li><a href="https://github.com/graphql/graphiql/commit/4c93b8f55bef3da303a42147034adbdaf372beff"><code>4c93b8f</code></a> leverage github actions cache for stepped job workflow (<a href="https://github.com/graphql/graphiql/tree/HEAD/packages/graphiql/issues/3365">#3365</a>)</li> <li>See full diff in <a href="https://github.com/graphql/graphiql/commits/graphiql@3.0.5/packages/graphiql">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=graphiql&package-manager=npm_and_yarn&previous-version=3.0.4&new-version=3.0.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

## Relevant issue(s) Resolves sourcenetwork#1589 ## Description Simplifies the fetcher interface, removing 2 of the 3 FetchFoo functions. As well as making it simpler, this also means that all (one) of the functions have to behave in the same way (e.g. deleted doc support).

## Relevant issue(s) Resolves sourcenetwork#1649 sourcenetwork#1592 ## Description Improves the way migrations handle transactions, as well as fixing a couple of concurrency issues: - Adds locks around the various registry properties, these maps can be accessed concurrently and need to be protected. - Removes the transaction continuity issue in the client.LenRegistry interface, where db.LensRegistry() returns an object that does not respect the transactionality of the parent store, and takes `txn`s as input parameters to some of its functions. It does this by following the same pattern as `db.db`. (sourcenetwork#1649) - Fixes the bugs in the lens package where migrations set were not visible/accessible until after commit. They are now visible within the transaction scope. (sourcenetwork#1592) It still does not provide transaction snapshot isolation, I see that issue as relatively high effort low reward at the moment.

✅ This PR was created by the Combine PRs action by combining the following PRs: sourcenetwork#1760 bot: Bump golang.org/x/crypto from 0.11.0 to 0.12.0 sourcenetwork#1755 bot: Bump vite from 4.4.8 to 4.4.9 in /playground sourcenetwork#1754 bot: Bump @typescript-eslint/parser from 5.62.0 to 6.2.1 in /playground sourcenetwork#1753 bot: Bump react-hook-form from 7.45.2 to 7.45.4 in /playground ⚠️ The following PRs were left out due to merge conflicts: sourcenetwork#1759 bot: Bump go.uber.org/zap from 1.24.0 to 1.25.0 sourcenetwork#1758 bot: Bump golang.org/x/net from 0.12.0 to 0.14.0 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

## Relevant issue(s) Resolves sourcenetwork#1747 ## Description Adds support for adding of relational fields to existing schema. It does not add any syntax magic to make this easy, but it does validate that the provided values are valid (this is pretty much all it does). Any magic that we add to make the UX tolerable will need to respect these rules anyway, so no time lost there. Similar to other aspects of the schema migration work, this also does not seek to tidy up the `client.DescriptionFoo` objects, but it does hope to expose and promote that cleanup in the future. Syntax sugar and `client.DescriptionFoo` cleanup can/will be done later. Some hopefully within this release.

## Relevant issue(s) Resolves sourcenetwork#1769 ## Description Require secondary id field for one-ones. Simple silly bug caused by developer misunderstanding. Simple fix.

## Relevant issue(s) Resolves sourcenetwork#1659 Resolves sourcenetwork#1378 ## Description This PR adds an Akash deployment template to DefraDB `tools/cloud/akash`. Akash deployment URI: http://0i8se95qgletbeq16atqulhhc8.ingress.midwesternwireless.com/api/v0 ## Tasks - [x] I made sure the code is well commented, particularly hard-to-understand areas. - [x] I made sure the repository-held documentation is changed accordingly. - [x] I made sure the pull request title adheres to the conventional commit style (the subset used in the project can be found in [tools/configs/chglog/config.yml](tools/configs/chglog/config.yml)). - [x] I made sure to discuss its limitations such as threats to validity, vulnerability to mistake and misuse, robustness to invalidation of assumptions, resource requirements, ... ## How has this been tested? Manual deployment via Cloudmos. Specify the platform(s) on which this was tested: N/A

## Relevant issue(s) Resolves sourcenetwork#1779 ## Description This PR updates go-libp2p to 0.29.1

…etwork#1777) ## Relevant issue(s) Resolves sourcenetwork#1771 ## Description Adds support for PatchSchema relational field `Kind` substitution, and the auto setting of the `Schema` property.

…rk#1788) ## Relevant issue(s) Resolves sourcenetwork#1786 ## Description Unifies collection.save and collection.applyMerge field logic, leaving us with one function through which all document mutations take place. Also fixes the slightly broken logic for determining whether a field was a foreign relation or not (relying on the field name ending in `_id` is not good enough). Also expands the value types that `client.Document` can handle. This is however not the goal of this PR, and they are undocumented (or poorly documented) and likely still incomplete. Another work item can target this area at some other point in time.

Note: There were some nasty merge conflicts when rebased the config refactor stuff, might be worth it to keep an eye, incase something got missed or merged incorrectly.

pre-merge.

Should make easier to dynamically switch on and off acp and make DB access the documents accoridng to that state.

"collection" was in multiple places so needed to make a variable so renamed the COLLECTION to COLLECTION_ID as it seems better and then used COLLECTION for the string var that linter was complaining about.

shahzadlone · 2024-02-23T17:41:57Z

I force push some updated refs, which ended up closing the PR, I am not sure that happened. Ah the history is messed up I will fix soon.

shahzadlone · 2024-02-23T19:38:44Z

Wont allow me to re-open, I am not sure if this is a bug with github or something is off.

New PR: #2338

dependabot bot and others added 30 commits July 26, 2023 06:41

fix: Return errors from typeJoinOne (sourcenetwork#1716)

44550a5

## Relevant issue(s) Resolves sourcenetwork#1711 ## Description Returns errors from typeJoinOne instead of ignoring them.

fix: Discard index and subscription implicit transactions (sourcenetw…

e402366

…ork#1715) ## Relevant issue(s) Resolves sourcenetwork#1714 ## Description Discard index and subscription implicit transactions. I'm not sure if this was causing any problems, but they should be discarded.

feat(i): Switch migrations to use wazero runtime (sourcenetwork#1723)

6dae818

## Relevant issue(s) Resolves sourcenetwork#1722 ## Description Switches lens migrations to use wazero runtime. Avoids static-library/windows issues.

Release 0.6.0

e4dcd86

Actions taken to cut release: - ran `go mod tidy` - regenerated in-repo docs (CLI and manpages) - bump BSL license parameters - update changelog

Merge pull request sourcenetwork#1728 from sourcenetwork/release/0.6.0

9a85d87

Release v0.6.0

fix(i): Allow documents synced from P2P to migrate (sourcenetwork#1720)

53ea58c

## Relevant issue(s) Resolves sourcenetwork#1591 ## Description Allows documents synced from P2P to migrate (up) by storing the correct schema version id in the datastore on sync.

feat: Enable downgrading of documents via Lens inverses (sourcenetwor…

a5fe908

…k#1721) ## Relevant issue(s) Resolves sourcenetwork#1719 ## Description Enables downgrading of documents via Lens inverses. Inverse migrations are optional.

fix(i): Require secondary id field for one-ones (sourcenetwork#1770)

db282f8

## Relevant issue(s) Resolves sourcenetwork#1769 ## Description Require secondary id field for one-ones. Simple silly bug caused by developer misunderstanding. Simple fix.

chore(i): Update go-libp2p to 0.29.2 (sourcenetwork#1780)

de49009

## Relevant issue(s) Resolves sourcenetwork#1779 ## Description This PR updates go-libp2p to 0.29.1

bot: Combined PRs (sourcenetwork#1778)

77169c6

feat: Support PatchSchema relational field kind substitution (sourcen…

10fccdd

…etwork#1777) ## Relevant issue(s) Resolves sourcenetwork#1771 ## Description Adds support for PatchSchema relational field `Kind` substitution, and the auto setting of the `Schema` property.

shahzadlone added 25 commits February 23, 2024 12:17

PR(WIP): Start using permissioned access

316dd8c

Note: There were some nasty merge conflicts when rebased the config refactor stuff, might be worth it to keep an eye, incase something got missed or merged incorrectly.

PR(DEPS): Mod tidy

09dd570

PR(WIP): Add policy testing framework working

585ebf8

PR(RENAME): testutils -> testUtils

936e944

PR(TEMP-DROP): Temp fix to make tests work for me. will drop this

b024284

pre-merge.

PR(WIP): Add policy description

f135dde

PR(WIP): Add a simple test

e70de8b

PR: Close acp module.

de58e61

PR: Lint fix

de5121c

PR: Fix odd line split

b58652c

PR(WIP): Store Policy Key and Register ACP Object

5985024

PR(WIP): Register document according to dicussion.

87e0add

Should make easier to dynamically switch on and off acp and make DB access the documents accoridng to that state.

PR(DOC): Document use of DB with acp module.

53c9570

PR(WIP): More sensible fetcher

babe8e9

PR(WIP): Add acp to fetcher (permissioned fetcher)

e785ce8

PR(MOCKS): Update fetcher mocks and index test

6cd86af

PR(UNRELATED): Resolve "collection" linter error

636f8d6

"collection" was in multiple places so needed to make a variable so renamed the COLLECTION to COLLECTION_ID as it seems better and then used COLLECTION for the string var that linter was complaining about.

PR(FETCH): Check signatured & non-signatured done

98836b1

PR: Add DefraPolicyInterface (DPI) permission type

ab3128c

PR: Rename and split to permission package

77ae818

PR(WRITE-PERM): Add ACP checks on writes/mutations

1bbe4ec

PR(TEST): Test Adding Policy to DefraDB

2648a7d

PR(RESOLVE-MERGE): Header clashes with rebase

78d684b

PR(RESOLVE-MERGE): Config refactor clashes

ba07486

PR(TEST): Test Permissioned Schema Reject/Accept

8dcedea

shahzadlone closed this Feb 23, 2024

shahzadlone force-pushed the lone/acp-sourcehub-module branch from bdc1f8c to 8dcedea Compare February 23, 2024 17:37

shahzadlone mentioned this pull request Feb 23, 2024

feat: Add Access Control Policy #2338

Merged

19 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: Add Access Control Policy #2337

feat: Add Access Control Policy #2337

shahzadlone commented Feb 23, 2024 •

edited

Loading

shahzadlone commented Feb 23, 2024 •

edited

Loading

shahzadlone commented Feb 23, 2024 •

edited

Loading

feat: Add Access Control Policy #2337

feat: Add Access Control Policy #2337

Conversation

shahzadlone commented Feb 23, 2024 • edited Loading

🚫 Not Ready For Review (High-Level Feedback Welcomed) 🚫

Relevant issue(s)

Description

Tasks

How has this been tested?

shahzadlone commented Feb 23, 2024 • edited Loading

shahzadlone commented Feb 23, 2024 • edited Loading

shahzadlone commented Feb 23, 2024 •

edited

Loading

shahzadlone commented Feb 23, 2024 •

edited

Loading

shahzadlone commented Feb 23, 2024 •

edited

Loading