Skip to main content

v0.9.8 - Beta

Discover the new features, logic changes, bug fixes, breaking changes, and known issues and limitations in Piiano Vault release v0.9.8.

New features

  • New job to export metrics periodically as logs.
  • CLI collection listing command (pvault collection list) supports PVSchema output (--pvschema).
  • Detokenization API (detokenize) supports a new option to return the tokens metadata.
  • Support for custom PII types, with Javascript language validators and transformations.
  • New convenience CLI command pvault iam user-view to show all the capabilities and policies available for a specific user or for all users.
  • New convenience CLI command pvault iam resource view to show which users and associated reasons are able to access a specific resource.

Logic change

  • STRING data type max length is now configurable using PVAULT_DB_MAX_STRING_LENGTH (max length of 64 by default).
  • JSON output for all CLI commands (--json) matches the REST API response body.
  • CLI better handles empty results for a more readable table outputs.
  • Update default IAM configuration.
  • Cache is now enabled by default, with a 30 second refresh interval.

Bug fixes

  • Missing logging context fix.
  • CLI garbage collection command (pvault admin gc) no longer sends the reason query param.
  • Large integer values (int64) no longer loses precision for INTEGER data type.
  • When two resouces are conflicting (such as simultanious two object updates) will return 409 Conflict HTTP response status instead of 500.

Breaking changes

  • Added "required" fields to certain responses on the openapi.yaml file.
  • Some "id" input fields are restricted to be with "uuid" format on the openapi.yaml file.
  • Disallow running Vault in production mode with the default admin key.

Known issues and limitations

  • Queries can match properties only in their base form (properties without transformations, such as ssn.mask).
  • Some REST API calls do not receive error messages. However, these error messages are printed on the server-side. To view these error messages, use STDOUT or STDERR in Docker. See the Docker article View logs for a container or service for more information on accessing these logs.
  • TTL of an object does not affect owned objects, and those may outlive their owner.
  • Deletion of a collection will hard-delete its objects.
  • No pagination for tokens APIs: Get tokens metadata, Detokenization.
  • No pagination for "Get objects by IDs" API. When requesting a number of objects which exceeds the page size (see above), an error is returned.