Permify Changelog

Get the latest updates from our Discord community!

JANUARY, 2024 ❄️

At the beginning of 2024, we primarily focused on enhancing our core by working on logging, fixing and enhancing error codes in several services, improving query performance through PostgreSQL index optimization, and more.

Here are some notable changes from January:

Improvements on Logging

  • Context relation errors will now only be logged in debug mode.
  • Added unary and stream server interceptors to the logging configuration, enabling detailed start-end logs for GRPC calls, including timestamps, method details, and execution times

Fix & Enhancement in Error Codes

We have fixed an issue with 4xx and 5xx errors. Now, errors like schema not found should result in: 400-level errors

Enhanced Request Deduplication

Implemented a singleflight proxy to improve request deduplication, enhancing efficiency by reducing redundant processing. Currently working on the detailed benchmark for this.

Performance Optimization: PostgreSQL Index Enhancements

We've just optimized indexes in our Postgres database and significantly improved the query speeds.

A notable query execution time saw a decrease from 2.9 ms to just 0.060 ms in 10k rows 🚀

Added Helm Charts for Kubernetes Deployment

We’ve added Helm Charts for deploying and managing Permify in Kubernetes environments. Now you can seamlessly manage and deploy Permify in your Kubernetes environment with pre-configured resources.

See installation guideline on our docs.

Refactor on Circuit Breaker

Refactored circuit breaking functionality by switching from Hystrix package to Gobreaker.

NOVEMBER, 2023 🍂

We've introduced several improvements and new features this month, including streamlined authorization data synchronization, enhanced security for distributed cache usage, improved Yaml Validation files, and more!

Here are some highlights from November:

Data Bundles - Streamline Data Sync

Ensuring that authorization data remains in sync with the business model is an important practice when using Permify.

Prior to Data Bundles, it was the responsibility of the services (such as WriteData API) to model how relations are created and deleted when actions occur on resources.

With the Data Bundles, you be able to bundle and model the creation and deletion of relations and attributes when specific actions occur on resources in your applications.We believe this functionality will streamline managing authorization data as well as managing this in a central place increase visibility around certain actions/triggers that end up with data creation.

See how Data Bundles work in our docs: Bundle Service

Flexible Input Formats for Schema in Testing Validation File

Expand the schema field to accept input as a simple string text representing either a URL or a file path load external schema.

With this improvement you can define the schema in the YAML file in one of two ways:See the details on: Defining Schema in Validation File

Authentication for Consistent Hashring

We’ve implemented our existing authentication methods (Pre Shared Keys & OIDC) for consistent hashing, thereby enhancing security in the permify instances’s interpolation.

Check out the Github Pull Request for details

Implement slog Logging in Postgres

Enhance our logging mechanism within internal/storage/postgres by utilizing 'slog,' a feature in the new version of Go.

Playground Improvement

We have changed our playground interface and returned to the bird's-eye view.
  • Visualization of the schema now can be accessed from the tab above the schema.
  • Improve the editor on the enforcement section in order to make scenario creation smother.
  • Separate the relation and attribute creation. You can easily create relations and attributes using an analog click-and-fill form.

OCTOBER, 2023 🎃

This month, we made some improvements to Regex patterns in api endpoints, worked on a consistent hashring to enhance the current Distributed Cache Mechanism, included an AST converter in the schema, and fixed some bugs while making enhancements to the core.

Here are some notable changes from October:

Improvements on Distributed Cache Mechanism

  • Updated Consistent Hashring configuration and usage. Here is an example configuration option for it from our configuration YAML file,
  • Implement consistent hashring balancer with go-grpc. This gives ability to create a load balancer policy when providing DNS or Kubernetes addresses. This enhancement not only boosts performance but also eliminates the need for a separate service for user-specific service discovery.

Regex Enhancements in APIs' Validation

String Validation: ^[a-zA-Z_]{1,64}$"

  • Contain only uppercase letters (A-Z), lowercase letters (a-z), and underscores (_).
  • Have a length between 1 and 128 characters.
  • Alternatively, the ID can be a single asterisk ().

ID Validation: ^([a-zA-Z0-9_\\\\-@\\\\.:+]{1,128}|\\\\*)$

  • Contain only uppercase letters (A-Z), lowercase letters (a-z), and underscores (_).
  • Have a length between 1 and 128 characters.
  • Alternatively, the ID can be a single asterisk ().

Added Permify Schema to JSON converter

By utilizing the command: permify ast {path of your schema validation file}, you can effortlessly convert your model into an Abstract Syntax Tree (AST) representation.

The conversion to AST provides a structured representation of your model, making it easier to navigate, modify, and analyze. This process ensures that your model is syntactically correct and can be processed by other tools without issues.

General Enhancements on Logging


This month, we released ABAC (Attribute-Based Access Control) support, added examples of use cases, updated docs and tools accordingly, and continued to work on the infrastructure and dev experience.

Here is a brief overview of the updates in September:

Released ABAC (Attribute-Based Access Control) Support

We have released ABAC (Attribute-Based Access Control) support for our open-source, introducing several new features, including:

  • The ability to define attributes and rules (functions that allow you to check specific mostly dynamic conditions) when creating a schema.
  • Addition of new datastore interfaces designed specifically to store attributes.
  • Re-designed the check engine algorithm for attribute computation.
  • Implementation of mass filters for attributes and improved error handling mechanisms to enhance visibility and user experience.

UI & Functionality Improvements on Playground

  • Added ABAC variables; rules and attributes to Visualizer.
  • Adjusted the height of it for better visibility and user experience.
  • Introduced a new schema reader for defining cache keys type. Rule calls now always initiate from the invoker (that's for caching rule calls with specific entity).

Added Coverage Configuration (coverage.yml)

Introduced a GitHub Action that activates on pushand pull_request events. Utilizes ubuntu-latest runner with Go 1.20 setup. Checks out the project code and manages dependencies. Executes unit tests and gathers code coverage. Reports coverage metrics to Coveralls.

Improvements on Lookup Services

  • Unified lookup services to read the schema only once per request for efficiency.
  • Introduced a new cache mechanism within the lookup: Schema Map. It serves as a cache to store and keep track of schema versions, ensuring efficient and speedy retrievals.

Notable Enhancements On Core

  • Renamed conflicting proto messages to avoid clashes with native types.
  • Implemented checkDirectCall for recursive invokes. Rule calls now always initiate from the invoker (that's for caching rule calls with specific entity).
  • Enhanced array data type handling, with the addition of array types to engines and new attribute helpers.