Discover the new features, logic changes, bug fixes, breaking changes, and known issues and limitations in Piiano Vault release v1.2.0.
- A new crypto REST API endpoints and equivalent CLI command:
- These endpoints and CLI commands allow you to encrypt an object without storing it in the Vault, as well as decrypt and update an encrypted object. See Crypto API endpoints and CLI reference for more information.
- Tokens and hashes can now be created from an encrypted value that was previously encrypted using the Vault's encryption API endpoint.
- A new feature, custom data types, has been added to Vault.
- Custom data types are based on builtin types and may be used as the data type of a property in a collection, just like builtin types.
- Custom data types may optionally redefine the validator, normalizer and transformations of the type (these are called type functions).
- The Bundle REST API is implemented by a new endpoint at
/api/pvlt/1.0/ctl/bundles. See the Bundles API endpoints for more information.
- The existing endpoint at
/api/pvlt/1.0/ctl/typeshas been changed. It now implements the Data Type REST API which manages custom data types as well as builtin types. See the Data Types API endpoints and CLI reference for more information.
- Two new commands were added to the CLI. The
bundlecommand provides access to the Bundle REST API. The datatype command provides access to the Data Type REST API. See the bundle CLI reference for more information.
New IAM capabilities were added:
- Bundle management added
- Custom properties added
New installs include these capabilities in the IAM file loaded during startup. For existing installs, you must edit the IAM configuration manually and add these capabilities to the roles requiring them.
💡 The Admin role automatically includes all capabilities (including these new ones).
- Remove the
PVAULT_FEATURES_CUSTOM_TYPES_ENABLEenvironment variable. Custom types are now always enabled.
- Token update logic was improved to be faster and more efficient.
- Detokenization - improved SQL index for consistent performance.
- Fixed Sentry integration that caused Vault to have increased memory usage.
- Fixed a bug where Vault could not update a token that was created with the
- Fixed a bug where Vault could not add a new object if its cache wasn't up to date. Vault would now only use the cache to validate the object's schema, until updated.
- The existing endpoint at
/api/pvlt/1.0/ctl/typeshas been changed.
- The format of the type configuration file,
pvault.types.tomlhas been changed.
Known issues and limitations
- Queries can only match untransformed properties (properties with transformations, such as
ssn.mask, are not matched).
- No pagination is provided for the tokens API operations Search tokens and Detokenize tokens.
- No pagination is provided for the List objects API operation when retrieving a list of objects using IDs. When requesting a number of objects which exceeds the page size, an error is returned.
- You cannot derive custom data types from custom data types (only from builtins).