1
2
3
4
5
6
7
8
9
2
3
4
5
6
7
8
9
Features
SpiceDB is the most scalable and consistent Google Zanzibar-inspired database for storing and computing permissions data—use it to build global-scale fine grained authorization services.
Expressive APIs
Expressive gRPC and HTTP/JSON APIs for powering authorization logic in your client applications.
Distributed Graph
Distributed, parallel graph engine faithful to the architecture described in Google’s Zanzibar paper.
Prevents New Enemies
A flexible consistency model configurable per-request that includes resistance to the New Enemy Problem.
Configuration Language
Intuitive authorization configuration language — SpiceDB Schema — with CI/CD integrations for validation & testing.
Pluggable Storage
Support for in-memory, Spanner, CockroachDB, PostgreSQL, and MySQL relationship storage.
Deep Observability
Deep observability with Prometheus metrics, pprof profiles, structured logging, and OpenTelemetry tracing.
Release Notes
Added
- feat(query planner): add recursive direction strategies, and fix IS BFS (https://github.com/authzed/spicedb/pull/2891)
- feat(query planner): introduce query plan outlines and canonicalization (https://github.com/authzed/spicedb/pull/2901)
- Schema v2: introduces support for PostOrder traversal in walk.go (https://github.com/authzed/spicedb/pull/2761) and improve PostOrder walker cycle detection (https://github.com/authzed/spicedb/pull/2902)
Changed
- Begin deprecation of library "github.com/dlmiddlecote/sqlstats" (https://github.com/authzed/spicedb/pull/2904). NOTE: in a future release, MySQL metrics will change.
- Add support for imports and partials to the schemadsl package that drives the LSP and development server (https://github.com/authzed/spicedb/pull/2919).
DatastoreTester.Newnow takes atesting.TBas its first argument, allowing per-test cleanup in datastore test suites (https://github.com/authzed/spicedb/pull/2925).- Added support for CRDB 26.1 by fixing how version information is read from the cluster
Fixed
- enforce graceful shutdown on serve and serve-testing (https://github.com/authzed/spicedb/pull/2888)
- Spanner metrics regression (https://github.com/authzed/spicedb/pull/2329)
- improve streaming dispatch logging and observability (https://github.com/authzed/spicedb/pull/2915)
What's Changed
- fix: enforce graceful shutdown on
serveandserve-testingby @miparnisari in https://github.com/authzed/spicedb/pull/2888 - feat: add recursive direction strategies, and fix IS BFS by @barakmich in https://github.com/authzed/spicedb/pull/2891
- chore: rename all iterators to a consistent pattern by @barakmich in https://github.com/authzed/spicedb/pull/2896
- chore: fix flake in parser tests by @tstirrat15 in https://github.com/authzed/spicedb/pull/2897
- chore: remove addSubIterator and make iterators less mutable by @barakmich in https://github.com/authzed/spicedb/pull/2898
- test: use synctest in some CRDB pool retry tests by @ivanauth in https://github.com/authzed/spicedb/pull/2754
- test: fix race condition in TestRecursiveCheckStrategies by @vroldanbet in https://github.com/authzed/spicedb/pull/2893
- feat: introduce support for schema PostOrder traversal by @vroldanbet in https://github.com/authzed/spicedb/pull/2761
- fix(schemav2): improve PostOrder walker cycle detection by @vroldanbet in https://github.com/authzed/spicedb/pull/2902
- chore: update grafana dashboard and docker-compose setup by @miparnisari in https://github.com/authzed/spicedb/pull/2899
- test: add tests for health check service by @ecordell in https://github.com/authzed/spicedb/pull/2468
- chore: add postgres docker-compose setup by @miparnisari in https://github.com/authzed/spicedb/pull/2903
- chore: add partial support to schemadsl by @tstirrat15 in https://github.com/authzed/spicedb/pull/2895
- style: run new go fix with modernizers by @jzelinskie in https://github.com/authzed/spicedb/pull/2906
- chore(deps): bump filippo.io/edwards25519 from 1.1.0 to 1.1.1 by @dependabot[bot] in https://github.com/authzed/spicedb/pull/2908
- chore(breaking): refactor typesystem by @miparnisari in https://github.com/authzed/spicedb/pull/2876
- chore: add docker-compose for mysql and begin deprecating go_sql_* by @miparnisari in https://github.com/authzed/spicedb/pull/2904
- chore: more lint fixes by @tstirrat15 in https://github.com/authzed/spicedb/pull/2909
- chore: lint PR titles by @tstirrat15 in https://github.com/authzed/spicedb/pull/2911
- chore: bump otel for CVE fix by @barakmich in https://github.com/authzed/spicedb/pull/2913
- fix: spanner metrics regression by @vroldanbet in https://github.com/authzed/spicedb/pull/2329
- test: fixup synctest usage in crdbpool by @tstirrat15 in https://github.com/authzed/spicedb/pull/2910
- refactor: introduce datalayer abstraction, remove intermediate interfaces by @josephschorr in https://github.com/authzed/spicedb/pull/2912
- fix(cluster): improve streaming dispatch logging and observability by @vroldanbet in https://github.com/authzed/spicedb/pull/2915
- feat: introduce query plan outlines and canonicalization by @barakmich in https://github.com/authzed/spicedb/pull/2901
- ci: enforce changelog by @miparnisari in https://github.com/authzed/spicedb/pull/2764
- ci: unpin github actions related to go by @miparnisari in https://github.com/authzed/spicedb/pull/2448
- refactor: remove dead code by @miparnisari in https://github.com/authzed/spicedb/pull/2922
- chore: followup for canonical outlines by @barakmich in https://github.com/authzed/spicedb/pull/2920
- test: reduce flakiness of RegisterRelationshipCountersInParallelTest by @tstirrat15 in https://github.com/authzed/spicedb/pull/2820
- chore(query): replace UUIDs with canonical keys and add observers by @barakmich in https://github.com/authzed/spicedb/pull/2923
- feat: Implement use import by @tstirrat15 in https://github.com/authzed/spicedb/pull/2919
- chore(datastore): Change the DatastoreTester interface to take a testing.TB by @jakedt in https://github.com/authzed/spicedb/pull/2925
- chore: add cockroachdb 26.1 to the matrix and modify version parsing by @tstirrat15 in https://github.com/authzed/spicedb/pull/2907
Full Changelog: https://github.com/authzed/spicedb/compare/v1.49.1...v1.49.2
Docker Images
This release is available at authzed/spicedb:v1.49.2, quay.io/authzed/spicedb:v1.49.2, ghcr.io/authzed/spicedb:v1.49.2
Don’t reinvent the wheel
Integrate against AuthZed’s globally available authorization service in minutes.
Complete Ecosystem
SpiceDB Tooling
Everything you need to deploy, manage, and integrate SpiceDB.
SpiceDB Operator
Optimize your Day 1 and Day 2 operations the our official Kubernetes SpiceDB Operator.
kubectl create spicedbcluster
Create, manage, and scale SpiceDB clusters with a single Kubernetes resource.
Zero-Downtime Datastore Migrations
Run painless migrations regardless of your backing datastore or SpiceDB version.
Automated Update Channels
Configure clusters to follow release channels and automatically roll out updates.
SpiceDB Docs
Learn Key Concepts
Define a Permissions Schema
Define types of objects, how those objects relate to one another, and the permissions that can be computed from those relationships.
Integrate Your Applications
Integrate with your application using official and community supported client libraries or make requests to the HTTP API endpoint.
Test and Deploy
Use provided tooling to develop and validate schema changes. Use the built-in testing server to run real API calls against test data.
Define Authorization
as Schema
Design tailored authorization systems by defining relationships, permissions based on those relationships, and bits of policy called Caveats.
Try for Yourself 👇
Get started now
Join 1000s of users building delightful, secure application experiences.