oso v0.7.0 is out! Some highlights of the release include:
- List filtering in django-oso (Preview) - List endpoints require authorizing a collection of objects before returning them to the user. Sometimes, a "yes" or "no" decision from the policy is impractical because it requires authorizing each object individually, after retrieving them from a data store. The django-oso library now supports directly returning authorized objects by using the policy to generate a set of QuerySet filters to apply. This is significantly more efficient than authorizing each object individually. In this release, we're sharing an early preview of this feature. Learn more.
- Debugger step-up. We've made a number of improvements to the debugger – e.g., to the goal and stack commands – in response to user feedback to give developers new ways to debug and navigate their policies.
And a number of bug fixes, including:
- Ruby methods return self make it possible to chain methods together
- Language libraries that haven't yet implemented operations on application instances (Java, Node.js, Ruby, Rust) now throw a uniform error type.
- And plenty more.
For more details, read the changelog.
As always, if you have technical questions or feedback, join us on Slack or open an issue.