In this release, we've made significant enhancements to SpiceDB's schema management, moved closer to general availability of the Query Planner, and made improvements to our Python and Go clients.
Large permission schemas can now be split across multiple files. The new use import and use partial keywords let you define pieces of your schema in separate files and compose them together — the same way you'd organize any other large codebase.
This affects the full development workflow: SpiceDB, the VS Code extension, and the zed CLI all support composable schemas as of this release cycle.
Note: if you're using composable schemas, the root file must declare use import before any import statements, and use partial before any partial declarations.
The experimental query planner (enabled via --experimental-query-plan) received substantial work over this period. In v1.49.2, it gained recursive direction strategies and a canonicalization framework for query plan outlines. In v1.50.0, it expanded to cover LookupResources and LookupSubjects endpoints, added in-memory statistics for informing optimizations, and can now prune branches during Check requests that cannot possibly lead to the expected subject type — reducing unnecessary work.
This is still experimental and not recommended for production, but it's meaningfully closer to general availability.
SpiceDB now correctly parses version information from CockroachDB 26.1 clusters. If you're planning to upgrade your CRDB cluster to 26.1, SpiceDB v1.49.2 or later is required.
zed CLIzed validate now works with composable (multi-file) schemas. If your schema uses import or partial, zed validate can now validate it correctly — including resolving imports and checking the composed result.
This requires declaring use import at the top of your root schema file before any import statements, and use partial before any partial declarations.
DownloadPermissionSetsResponse now includes a timestamp field, making it easier to reason about the freshness of permission set snapshots in applications that use this API.
protovalidate was moved from a required dependency to an optional/dev dependency, reducing installation footprint for users who don't need schema validation tooling.
A new example was added showing how to build an agentic Retrieval-Augmented Generation (RAG) system with authorization enforced by SpiceDB. This covers a practical pattern for teams building AI applications that need to ensure users only retrieve documents they're permitted to see.