Skip to content

chore(deps): bump github.com/google/cel-go from 0.9.0 to 0.10.0 #144

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Zenithar merged 1 commit into from
Mar 8, 2022
Merged

chore(deps): bump github.com/google/cel-go from 0.9.0 to 0.10.0 #144

Zenithar merged 1 commit into from
Mar 8, 2022

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 8, 2022

Bumps github.com/google/cel-go from 0.9.0 to 0.10.0.

Release notes

Sourced from github.com/google/cel-go's releases.

Release v0.10.0

Features

Heterogeneous Runtime Equality

CEL currently only supports homogeneous equality via type-checking; however, where type inferences are limited, such as when working with JSON, the definition of runtime equality has been relaxed such that comparisons across type are permitted.

  • Protobuf equality uses the C++ MessageDifferencer::Equals behavior
  • Numeric equality treats all numeric types as though they occur on a single continuous number line
  • All other comparisons across type return false.

This change will shift a certain category of runtime errors into non-errors.

  • Support heterogeneous null comparisons #471
  • Implement heterogeneous null comparisons for list and map #472
  • Numeric in/equality and comparisons across numeric types #473
  • Updates to cel-go proto equality to mirror C++ MessageDifferencer #481
  • Heterogeneous equality #482
  • Cross-type numeric declarations with opt-in #484

Expression Cost Tracking

Static analysis tools for better evaluation cost estimation with options to track and enforce these limits during runtime evaluation. This work deprecates and will replace the interpreter.Coster interface for heuristic costing of expressions.

  • EstimateCost API #483
  • Estimate costs for list and string concatenation and conditionals #487
  • Runtime cost calculation with limits #494
  • Adjust cost estimates to account for logical op short circuiting #501

Additional Changes

  • Expose an option to track macro call replacements #470
  • Move ref.Val -> api.expr.Value converter to io.go #480
  • List append optimizations for comprehension loops (40x speed-up in filter, map) #491
  • Add join to strings ext library #495
  • Add option to compile regex constants at program creation time #497
  • Context Eval for interruptable evaluation #502

Fixes

  • Ensure macro calls are tracked efficiently in lists and call targets by #467
  • Update the operator map structure #466
  • Update the ANTLR tool version and update lexer token names for consistency #469
  • Fix the panic in the codelab solution #479

New Contributors

... (truncated)

Commits
  • 7200247 Add rudimentary parsing benchmark (#503)
  • a22969d Add runtime cost limit
  • 91cdb04 Add err checking to avoid panic
  • 9606b7d Switch to using an observer to track cost and track the needed state on a stack
  • 8724997 Add runtime cost tracking logic and tests
  • a76d433 Wire in basic cost tracker
  • c0b9d9c Context Eval replacement for supporting interruptable evaluation without a co...
  • d5bf968 Adjust cost estimates to account for logical op short circuiting and ternery ...
  • 2402c4e Add join to strings ext library (#495)
  • ef0e86f Add option to compile regex constants at program creation time (#497)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump github.com/google/cel-go from 0.9.0 to 0.10.0
3fc4a39 
Bumps [github.com/google/cel-go](https://github.com/google/cel-go) from 0.9.0 to 0.10.0.
- [Release notes](https://github.com/google/cel-go/releases)
- [Commits](google/cel-go@v0.9.0...v0.10.0)

---
updated-dependencies:
- dependency-name: github.com/google/cel-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from Zenithar as a code owner March 8, 2022 04:26
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Mar 8, 2022
@Zenithar Zenithar merged commit f5c6543 into main Mar 8, 2022
@Zenithar Zenithar deleted the dependabot/go_modules/github.com/google/cel-go-0.10.0 branch March 8, 2022 09:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Zenithar Zenithar Awaiting requested review from Zenithar

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Zenithar