build(deps): bump github.com/openfga/openfga from 1.5.7 to 1.5.8

[dependabot]

Bumps github.com/openfga/openfga from 1.5.7 to 1.5.8.

Release notes

Sourced from github.com/openfga/openfga's releases.

v1.5.8

Added

• Performance improvements for Check API:
  • introduce an optimization when the input request relation is pointing to a computed relation #1793
  • batch calls that compute membership checks and start processing them earlier #1804
• Logging number of cache hits for each subproblem of each authorization model for Check API calls. Enabled with the OPENFGA_CHECK_TRACKER_ENABLED flag. #1785
• Aliases for issuers and subject validation in OIDC AuthN mode using OPENFGA_AUTHN_OIDC_ISSUER_ALIASES and OPENFGA_AUTHN_OIDC_SUBJECTS respectively #1784 Thanks @​Code2Life!
• Dispatch Throttling for our ListUsers API. This can be enabled using OPENFGA_LIST_USERS_DISPATCH_THROTTLING_ENABLED and the env variables below. #1658
  • OPENFGA_LIST_USERS_DISPATCH_THROTTLING_THRESHOLD - The number of dispatches allowed before throttling is triggered
  • OPENFGA_LIST_USERS_DISPATCH_THROTTLING_MAX_THRESHOLD - The maximum number of dispatches allowed before the request is rejected
  • OPENFGA_LIST_USERS_DISPATCH_THROTTLING_FREQUENCY - The frequency at which the deprioritized throttling queue is processed
• Support sending contextual tuples in the Write Assertions API. #1821

Fixed

• address "expected exactly one terminal relation for fast path, received {num}" error during Check for models with type restrictions with and without a condition or with multiple conditions. #1814

Changelog

Sourced from github.com/openfga/openfga's changelog.

[1.5.8] - 2024-08-07

Full changelog

Added

• Performance improvements for Check API:
  • introduce an optimization when the input request relation is pointing to a computed relation #1793
  • batch calls that compute membership checks and start processing them earlier #1804
• Logging number of cache hits for each subproblem of each authorization model for Check API calls. Enabled with the OPENFGA_CHECK_TRACKER_ENABLED flag. #1785
• Aliases for issuers and subject validation in OIDC AuthN mode using OPENFGA_AUTHN_OIDC_ISSUER_ALIASES and OPENFGA_AUTHN_OIDC_SUBJECTS respectively #1784 Thanks @​Code2Life!
• Dispatch Throttling for our ListUsers API. This can be enabled using OPENFGA_LIST_USERS_DISPATCH_THROTTLING_ENABLED and the env variables below. #1658
  • OPENFGA_LIST_USERS_DISPATCH_THROTTLING_THRESHOLD - The number of dispatches allowed before throttling is triggered
  • OPENFGA_LIST_USERS_DISPATCH_THROTTLING_MAX_THRESHOLD - The maximum number of dispatches allowed before the request is rejected
  • OPENFGA_LIST_USERS_DISPATCH_THROTTLING_FREQUENCY - The frequency at which the deprioritized throttling queue is processed
• Support sending contextual tuples in the Write Assertions API. #1821

Fixed

• address "expected exactly one terminal relation for fast path, received {num}" error during Check for models with type restrictions with and without a condition or with multiple conditions. #1814

Commits

• 496c72d add v1.5.8 release notes to CHANGELOG (#1822)
• 0779401 feat: support Contextual Tuples in Assertions API (#1821)
• 282e346 chore(deps): bump the dependencies group across 1 directory with 6 updates (#...
• 8dbdede fix: do not error if multiple terminal relations exist during fast-path (#1817)
• 3b8039d perf(Check): stream userset results (#1804)
• d31a27f chore: remove panics if typesystem missing in ctx (#1809)
• 37edd89 perf: reduce proto conversions (#1818)
• ffe46e1 fix: connected types consolidate type definitions with and without a conditio...
• 817293c feat: ListUsers dispatch throttling (#1658)
• fb78181 fix: proper nesting of spans in Check API if computed usersets (#1815)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[stacklok-cloud-staging]

Minder Vulnerability Report ✅

Minder analyzed this PR and found no vulnerable dependencies.

Vulnerability scan of 1ff25568:

• 🐞 vulnerable packages: 0
• 🛠 fixes available for: 0

[coveralls]

coverage: 54.411% (+0.009%) from 54.402%
when pulling 1ff2556 on dependabot/go_modules/github.com/openfga/openfga-1.5.8
into 082572d on main.