update deps

Signed-off-by: Dennis Buduev <dbuduev@users.noreply.github.com>

Author: dbuduev

pgx-adapter/adapter.go

@@ -8,7 +8,7 @@ import (
 	"fmt"
 	"strings"
 
-	responsev1 "github.com/cerbos/cerbos/api/genpb/cerbos/response/v1"
+	enginev1 "github.com/cerbos/cerbos/api/genpb/cerbos/engine/v1"
 	"github.com/iancoleman/strcase"
 )
 
@@ -31,13 +31,18 @@ var toSQLField = map[string]string{}
 
 var ErrExpressionExpected = errors.New("expected expression")
 
-type BuildPredicateType func(e *responsev1.ResourcesQueryPlanResponse_Expression_Operand_Expression) (where string, args []interface{}, err error)
+type filterOpExpression = enginev1.PlanResourcesFilter_Expression_Operand_Expression
+type filterOpValue = enginev1.PlanResourcesFilter_Expression_Operand_Value
+type filterOpVariable = enginev1.PlanResourcesFilter_Expression_Operand_Variable
+type filterOp = enginev1.PlanResourcesFilter_Expression_Operand
 
-func (t BuildPredicateType) BuildPredicate(e *responsev1.ResourcesQueryPlanResponse_Expression_Operand_Expression) (where string, args []interface{}, err error) {
+type BuildPredicateType func(e *filterOpExpression) (where string, args []interface{}, err error)
+
+func (t BuildPredicateType) BuildPredicate(e *filterOpExpression) (where string, args []interface{}, err error) {
 	return t(e)
 }
 
-func buildPredicateImpl(e *responsev1.ResourcesQueryPlanResponse_Expression_Operand_Expression, b *strings.Builder, args *[]interface{}) (err error) {
+func buildPredicateImpl(e *filterOpExpression, b *strings.Builder, args *[]interface{}) (err error) {
 	switch e.Expression.Operator {
 	case "or", "and":
 		b.WriteRune('(')
@@ -49,7 +54,7 @@ func buildPredicateImpl(e *responsev1.ResourcesQueryPlanResponse_Expression_Oper
 				b.WriteString(op)
 				b.WriteRune(' ')
 			}
-			if oe, ok := o.GetNode().(*responsev1.ResourcesQueryPlanResponse_Expression_Operand_Expression); ok {
+			if oe, ok := o.GetNode().(*filterOpExpression); ok {
 				err = buildPredicateImpl(oe, b, args)
 				if err != nil {
 					return err
@@ -64,7 +69,7 @@ func buildPredicateImpl(e *responsev1.ResourcesQueryPlanResponse_Expression_Oper
 		o := e.Expression.Operands[0]
 		b.WriteRune('(')
 		b.WriteString("NOT ")
-		if oe, ok := o.GetNode().(*responsev1.ResourcesQueryPlanResponse_Expression_Operand_Expression); ok {
+		if oe, ok := o.GetNode().(*filterOpExpression); ok {
 			err = buildPredicateImpl(oe, b, args)
 			if err != nil {
 				return err
@@ -84,16 +89,16 @@ func buildPredicateImpl(e *responsev1.ResourcesQueryPlanResponse_Expression_Oper
 		b.WriteRune('(')
 		for i, operand := range e.Expression.Operands {
 			switch eo := operand.Node.(type) {
-			case *responsev1.ResourcesQueryPlanResponse_Expression_Operand_Expression:
+			case *filterOpExpression:
 				err = buildPredicateImpl(eo, b, args)
 				if err != nil {
 					return err
 				}
-			case *responsev1.ResourcesQueryPlanResponse_Expression_Operand_Variable:
+			case *filterOpVariable:
 				b.WriteRune('"')
 				b.WriteString(getFieldName(eo.Variable))
 				b.WriteRune('"')
-			case *responsev1.ResourcesQueryPlanResponse_Expression_Operand_Value:
+			case *filterOpValue:
 				*args = append(*args, eo.Value.AsInterface())
 				b.WriteString(fmt.Sprintf("$%d", len(*args)))
 			}
@@ -109,7 +114,7 @@ func buildPredicateImpl(e *responsev1.ResourcesQueryPlanResponse_Expression_Oper
 	return nil
 }
 
-func BuildPredicate(e *responsev1.ResourcesQueryPlanResponse_Expression_Operand_Expression) (where string, args []interface{}, err error) {
+func BuildPredicate(e *filterOpExpression) (where string, args []interface{}, err error) {
 	if e == nil {
 		return "", nil, nil
 	}

pgx-adapter/adapter_test.go

@@ -16,8 +16,8 @@ import (
 	"testing"
 	"time"
 
-	responsev1 "github.com/cerbos/cerbos/api/genpb/cerbos/response/v1"
-	cerbos "github.com/cerbos/cerbos/client"
+	"github.com/cerbos/cerbos-sdk-go/cerbos"
+	enginev1 "github.com/cerbos/cerbos/api/genpb/cerbos/engine/v1"
 	"github.com/ghodss/yaml"
 	"github.com/jackc/pgx/v4"
 	"github.com/ory/dockertest/v3"
@@ -47,10 +47,10 @@ func Test_BuildPredicate(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.SQL, func(t *testing.T) {
 			is := require.New(t)
-			e := new(responsev1.ResourcesQueryPlanResponse_Expression_Operand)
+			e := new(enginev1.PlanResourcesFilter_Expression_Operand)
 			err := protojson.Unmarshal(tt.Input, e)
 			is.NoError(err)
-			q, args, err := BuildPredicate(e.Node.(*responsev1.ResourcesQueryPlanResponse_Expression_Operand_Expression))
+			q, args, err := BuildPredicate(e.Node.(*enginev1.PlanResourcesFilter_Expression_Operand_Expression))
 			is.NoError(err)
 			is.Equal(tt.SQL, q)
 			is.Equal(tt.Args, args)
@@ -74,7 +74,7 @@ func runCerbos(ctx context.Context, t *testing.T) string {
 
 	options := &dockertest.RunOptions{
 		Repository: "ghcr.io/cerbos/cerbos",
-		Tag:        "0.12.0",
+		Tag:        "0.47.0",
 		Cmd:        []string{"server", "--config=/config/conf.yaml"},
 		WorkingDir: srcDir,
 	}
@@ -197,7 +197,7 @@ func TestIntegration(t *testing.T) {
 				WithRoles(user.Role).
 				WithAttr("department", user.Department)
 
-			queryPlan, err := c.ResourcesQueryPlan(ctx, principal, cerbos.NewResource("contact", ""), "read")
+			queryPlan, err := c.PlanResources(ctx, principal, cerbos.NewResource("contact", ""), "read")
 			is.NoError(err)
 
 			filter := queryPlan.GetFilter()

pgx-adapter/db/db.go

@@ -10,7 +10,7 @@ import (
 	"errors"
 	"fmt"
 
-	responsev1 "github.com/cerbos/cerbos/api/genpb/cerbos/response/v1"
+	enginev1 "github.com/cerbos/cerbos/api/genpb/cerbos/engine/v1"
 	"github.com/georgysavva/scany/pgxscan"
 	"github.com/jackc/pgx/v4"
 )
@@ -19,7 +19,7 @@ import (
 var seed []byte
 
 type predicateBuilder interface {
-	BuildPredicate(e *responsev1.ResourcesQueryPlanResponse_Expression_Operand_Expression) (where string, args []interface{}, err error)
+	BuildPredicate(e *enginev1.PlanResourcesFilter_Expression_Operand_Expression) (where string, args []interface{}, err error)
 }
 
 type Client struct {
@@ -35,17 +35,17 @@ func (cli *Client) GetAllContacts(ctx context.Context) (res []*Contact, err erro
 	return res, nil
 }
 
-func (cli *Client) GetContacts(ctx context.Context, filter *responsev1.ResourcesQueryPlanResponse_Filter) (res []*Contact, err error) {
+func (cli *Client) GetContacts(ctx context.Context, filter *enginev1.PlanResourcesFilter) (res []*Contact, err error) {
 	if filter == nil {
 		return nil, errors.New("\"filter\" is nil")
 	}
 	switch filter.Kind {
-	case responsev1.ResourcesQueryPlanResponse_Filter_KIND_ALWAYS_DENIED:
+	case enginev1.PlanResourcesFilter_KIND_ALWAYS_DENIED:
 		return nil, nil
-	case responsev1.ResourcesQueryPlanResponse_Filter_KIND_ALWAYS_ALLOWED:
+	case enginev1.PlanResourcesFilter_KIND_ALWAYS_ALLOWED:
 		return cli.GetAllContacts(ctx)
-	case responsev1.ResourcesQueryPlanResponse_Filter_KIND_CONDITIONAL:
-		where, args, err := cli.predicateBuilder.BuildPredicate(filter.Condition.GetNode().(*responsev1.ResourcesQueryPlanResponse_Expression_Operand_Expression))
+	case enginev1.PlanResourcesFilter_KIND_CONDITIONAL:
+		where, args, err := cli.predicateBuilder.BuildPredicate(filter.Condition.GetNode().(*enginev1.PlanResourcesFilter_Expression_Operand_Expression))
 		if err != nil {
 			return nil, err
 		}

pgx-adapter/db/schema.sql

@@ -29,8 +29,11 @@ CREATE TABLE IF NOT EXISTS contacts (
     active BOOLEAN default false,
     marketing_opt_in BOOLEAN default false
 );
-
-CREATE USER cerbforce_user WITH PASSWORD 'cerb';
+DO $$
+BEGIN
+    CREATE USER cerbforce_user WITH PASSWORD 'cerb';
+EXCEPTION WHEN duplicate_object THEN
+END$$;
 GRANT CONNECT ON DATABASE postgres TO cerbforce_user;
 GRANT USAGE ON SCHEMA cerbforce TO cerbforce_user;
 GRANT SELECT,INSERT,UPDATE,DELETE ON cerbforce.users, cerbforce.companies, cerbforce.contacts TO cerbforce_user;

pgx-adapter/go.mod

@@ -1,76 +1,114 @@
 module github.com/cerbos/cerbos-go-adapters/pgx-adapter
 
-go 1.23.0
+go 1.24.4
 
 require (
-	github.com/cerbos/cerbos v0.12.0
-	github.com/fergusstrange/embedded-postgres v1.14.0
-	github.com/georgysavva/scany v0.3.0
+	github.com/cerbos/cerbos-sdk-go v0.3.13
+	github.com/cerbos/cerbos/api/genpb v0.47.0
+	github.com/fergusstrange/embedded-postgres v1.33.0
+	github.com/georgysavva/scany v1.2.3
 	github.com/ghodss/yaml v1.0.0
-	github.com/iancoleman/strcase v0.2.0
-	github.com/jackc/pgx/v4 v4.18.2
-	github.com/ory/dockertest/v3 v3.8.1
-	github.com/stretchr/testify v1.8.4
-	google.golang.org/protobuf v1.33.0
+	github.com/iancoleman/strcase v0.3.0
+	github.com/jackc/pgx/v4 v4.18.3
+	github.com/ory/dockertest/v3 v3.12.0
+	github.com/stretchr/testify v1.11.1
+	google.golang.org/protobuf v1.36.10
 )
 
 require (
-	github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
-	github.com/Microsoft/go-winio v0.5.2 // indirect
+	buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.36.10-20250912141014-52f32327d4b0.1 // indirect
+	buf.build/go/protovalidate v1.0.0 // indirect
+	cel.dev/expr v0.24.0 // indirect
+	connectrpc.com/connect v1.19.1 // indirect
+	connectrpc.com/otelconnect v0.8.0 // indirect
+	dario.cat/mergo v1.0.1 // indirect
+	filippo.io/age v1.2.1 // indirect
+	github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c // indirect
+	github.com/Microsoft/go-winio v0.6.2 // indirect
 	github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 // indirect
-	github.com/bluele/gcache v0.0.2 // indirect
-	github.com/cenkalti/backoff/v4 v4.1.2 // indirect
-	github.com/cespare/xxhash v1.1.0 // indirect
-	github.com/containerd/continuity v0.2.2 // indirect
-	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/docker/cli v20.10.12+incompatible // indirect
-	github.com/docker/docker v28.0.0+incompatible // indirect
-	github.com/docker/go-connections v0.4.0 // indirect
+	github.com/antlr4-go/antlr/v4 v4.13.1 // indirect
+	github.com/bits-and-blooms/bitset v1.24.0 // indirect
+	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
+	github.com/cerbos/cloud-api v0.1.62 // indirect
+	github.com/containerd/continuity v0.4.5 // indirect
+	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
+	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 // indirect
+	github.com/docker/cli v27.4.1+incompatible // indirect
+	github.com/docker/docker v28.3.3+incompatible // indirect
+	github.com/docker/go-connections v0.5.0 // indirect
 	github.com/docker/go-units v0.5.0 // indirect
-	github.com/envoyproxy/protoc-gen-validate v0.10.1 // indirect
-	github.com/gobwas/glob v0.2.3 // indirect
+	github.com/failsafe-go/failsafe-go v0.9.1 // indirect
+	github.com/go-logr/logr v1.4.3 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
+	github.com/go-sql-driver/mysql v1.9.3 // indirect
+	github.com/go-viper/mapstructure/v2 v2.4.0 // indirect
+	github.com/goccy/go-json v0.10.5 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
-	github.com/golang/protobuf v1.5.3 // indirect
-	github.com/google/go-cmp v0.6.0 // indirect
+	github.com/google/cel-go v0.26.1 // indirect
+	github.com/google/go-cmp v0.7.0 // indirect
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
-	github.com/google/uuid v1.3.0 // indirect
-	github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 // indirect
-	github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.2 // indirect
-	github.com/imdario/mergo v0.3.12 // indirect
+	github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.3.2 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3 // indirect
+	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
+	github.com/hashicorp/go-retryablehttp v0.7.8 // indirect
 	github.com/jackc/chunkreader/v2 v2.0.1 // indirect
 	github.com/jackc/pgconn v1.14.3 // indirect
 	github.com/jackc/pgio v1.0.0 // indirect
 	github.com/jackc/pgpassfile v1.0.0 // indirect
 	github.com/jackc/pgproto3/v2 v2.3.3 // indirect
-	github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a // indirect
-	github.com/jackc/pgtype v1.14.0 // indirect
+	github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
+	github.com/jackc/pgtype v1.14.4 // indirect
 	github.com/jackc/puddle v1.3.0 // indirect
-	github.com/jdxcode/netrc v0.0.0-20210204082910-926c7f70242a // indirect
-	github.com/kr/text v0.2.0 // indirect
-	github.com/lib/pq v1.10.4 // indirect
-	github.com/mitchellh/mapstructure v1.4.3 // indirect
+	github.com/jdx/go-netrc v1.0.0 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.11 // indirect
+	github.com/lestrrat-go/blackmagic v1.0.4 // indirect
+	github.com/lestrrat-go/dsig v1.0.0 // indirect
+	github.com/lestrrat-go/dsig-secp256k1 v1.0.0 // indirect
+	github.com/lestrrat-go/httpcc v1.0.1 // indirect
+	github.com/lestrrat-go/httprc/v3 v3.0.1 // indirect
+	github.com/lestrrat-go/jwx/v3 v3.0.12 // indirect
+	github.com/lestrrat-go/option v1.0.1 // indirect
+	github.com/lestrrat-go/option/v2 v2.0.0 // indirect
+	github.com/lib/pq v1.10.9 // indirect
+	github.com/minio/sha256-simd v1.0.1 // indirect
 	github.com/moby/docker-image-spec v1.3.1 // indirect
 	github.com/moby/sys/user v0.3.0 // indirect
-	github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6 // indirect
+	github.com/moby/term v0.5.2 // indirect
 	github.com/opencontainers/go-digest v1.0.0 // indirect
-	github.com/opencontainers/image-spec v1.0.2 // indirect
+	github.com/opencontainers/image-spec v1.1.1 // indirect
 	github.com/opencontainers/runc v1.2.8 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/planetscale/vtprotobuf v0.6.1-0.20250313105119-ba97887b0a25 // indirect
+	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
+	github.com/prometheus/client_golang v1.23.2 // indirect
+	github.com/prometheus/procfs v0.17.0 // indirect
+	github.com/rogpeppe/go-internal v1.14.1 // indirect
+	github.com/rs/xid v1.6.0 // indirect
+	github.com/segmentio/asm v1.2.1 // indirect
+	github.com/shopspring/decimal v1.4.0 // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
+	github.com/sourcegraph/conc v0.3.0 // indirect
+	github.com/stoewer/go-strcase v1.3.1 // indirect
+	github.com/valyala/fastjson v1.6.4 // indirect
 	github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
 	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
 	github.com/xeipuuv/gojsonschema v1.2.0 // indirect
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
-	go.uber.org/atomic v1.9.0 // indirect
-	go.uber.org/multierr v1.7.0 // indirect
-	go.uber.org/zap v1.20.0 // indirect
-	golang.org/x/crypto v0.36.0 // indirect
-	golang.org/x/net v0.38.0 // indirect
-	golang.org/x/sys v0.31.0 // indirect
-	golang.org/x/text v0.23.0 // indirect
-	google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 // indirect
-	google.golang.org/grpc v1.56.3 // indirect
+	go.opentelemetry.io/auto/sdk v1.1.0 // indirect
+	go.opentelemetry.io/otel v1.38.0 // indirect
+	go.opentelemetry.io/otel/metric v1.38.0 // indirect
+	go.opentelemetry.io/otel/sdk v1.38.0 // indirect
+	go.opentelemetry.io/otel/sdk/metric v1.38.0 // indirect
+	go.opentelemetry.io/otel/trace v1.38.0 // indirect
+	go.uber.org/multierr v1.11.0 // indirect
+	golang.org/x/crypto v0.43.0 // indirect
+	golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b // indirect
+	golang.org/x/net v0.46.0 // indirect
+	golang.org/x/sys v0.37.0 // indirect
+	golang.org/x/text v0.30.0 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20251014184007-4626949a642f // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20251007200510-49b9836ed3ff // indirect
+	google.golang.org/grpc v1.76.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )