v1.0.1

Discover the new features, logic changes, bug fixes, breaking changes, and known issues and limitations in Piiano Vault release v1.0.1.

New features

• Built-in types now support Normalization according to the Normalization of Built-in Data Types.
• Custom types can now have Javascript normalization functions.
• Vault now supports a new BLOB data type for small files.
• A new .token transformation was added to all built-in types that transform a property to its token.
• Optimization to tokenization API
• The Detokenize operation can now return the token metadata using the include_metadata option.
• Officially supported Postgres version is now 14.5
• The pvault CLI now passes a trace ID header to the Vault. This trace ID can be viewed when running the CLI with the --verbose flag.
• Improved logs error message when using bad ARN for AWS KMS
• Improved logs messages for the database connection issues
  • Preserve the original issue returned from the database (bad credentials, etc.)
  • Debug log for each connection attempt
• Database connection retry mechanism now stops early for bad credentials errors.
• The pvault-migrate CLI now works with Vault versions.
• New CLI options to facilitate the management of the object and token lifecycle: pvault object archive, pvault object restore, pvault token archive, and pvault token restore
• Documentation improvements

Bug fixes

• Fix a bug where large collections can't be deleted.
• Fix an issue where Get License API didn't work when the license expired.
• Fix an issue that prevented the use of a self-signed TLS certificate.
• Fix an issue where default values for scope and reversible properties of the Tokenize operation weren't applied.
• Not-encrypted property of type INTEGER supports the range of int32 instead of int64

Breaking changes

• Renamed the id parameter from type array to ids.
• Renamed the object_id parameter from type array to object_ids.
• Renamed the tag parameter from type array to tags.
• Renamed the token_id parameter from type array to token_ids.
• Renamed the ttl query param to expiration_secs.
• Get Cluster Info API Worker model has modified_at property was renamed to generation_checked_at.
• GC configuration options grace_period_days was renamed to retention_period_days.
• The config ttl section was renamed to expiration when used in TOML. Accordingly, the following environment variables were renamed:
  • PVAULT_TTL_TOKENS was renamed to PVAULT_EXPIRATION_TOKENS.
  • PVAULT_TTL_ASSOCIATED_OBJECTS was renamed to PVAULT_EXPIRATION_ASSOCIATED_OBJECTS.
  • PVAULT_TTL_UNASSOCIATED_OBJECTS was renamed to PVAULT_EXPIRATION_UNASSOCIATED_OBJECTS.
• Delete Object and Delete Token operations now always perform a deletion like the hard_delete option in previous versions.
  • The hard_delete option is now removed.
  • "Soft deletion" is now called "archiving" and is now performed with the Update Object and Update Token operations by modifying the expiration time.
  • In queries, the deleted option was renamed to archived
• The following OpenAPI changes affect only SDKs that are generated from the OpenAPI:
  • get-objects operation renamed to list-objects.
  • get-all-collections operation renamed to list-collections.
  • list-property-types operation renamed to list-data-types.
  • Schema Definitions names renamed models..
• The template collection credit_card renamed to credit_cards.
• Read control operations are now permitted also when the license is expired.
• pvault-migrate CLI now works with Vault versions rather than the internal migration numbers.

Known issues and limitations

• Queries can only match untransformed properties (properties with transformations, such as ssn.mask, are not matched).
• No pagination is provided for the tokens API operations Search tokens and Detokenize tokens.
• No pagination is provided for the List objects API operation when retrieving a list of objects using IDs. When requesting a number of objects which exceeds the page size, an error is returned.