chore(deps): bump the dependencies group with 2 updates

[dependabot]

Bumps the dependencies group with 2 updates: github.com/openfga/openfga and github.com/spf13/viper.

Updates github.com/openfga/openfga from 1.3.2 to 1.3.3

Release notes

Sourced from github.com/openfga/openfga's releases.

v1.3.3

Added

• Configurable size limit for Authorization Models (#1032)

  We've introduced a new size limit for authorization models, providing a consistent behavior across datastores, which defaults to 256KB. This can be configured by using the --max-authorization-model-size-in-bytes flag.

Fixed

• Reduce use of GOB in encoded cache key (#1029)

Changed

• Persist Authorization Models serialized protobuf in the database (#1028)

  In the next series of releases will progressively introduce changes via code and database migrations that will allow authorization models to be stored in a single database row.

  See here for more details.

Changelog

Sourced from github.com/openfga/openfga's changelog.

[1.3.3] - 2023-10-04

Full changelog

Added

• Configurable size limit for Authorization Models (#1032)

  We've introduced a new size limit for authorization models, provided a consistent behavior across datastores, which defaults to 256KB. This can be configured by using the --max-authorization-model-size-in-bytes flag.

Fixed

• Reduce use of GOB in encoded cache key (#1029)

Changed

• Move standalone server config defaults (#1036)

• Persist Authorization Models serialized protobuf in the database (#1028)

  In the next series of releases will progressively introduce changes via code and database migrations that will allow authorization models to be stored in a single database row.

  See here for more details.

Commits

• 2b04c25 docs(release): add v1.3.3 release notes (#1043)
• 311f641 refactor: move server config defaults (#1036)
• 3b4f654 feat: limit size in bytes of authz models (#1032)
• 40845db chore(deps): bump the dependencies group with 1 update (#1037)
• ff582d0 feat: persist authz model serialized protobuf (#1028)
• a75d6a2 feat: reduce use of GOB in encoded cache key (#1029)
• 8dc2ed6 chore: enable additional linters (#1017)
• a123b6e fix: remove unused variable (#1027)
• See full diff in compare view

Updates github.com/spf13/viper from 1.16.0 to 1.17.0

Release notes

Sourced from github.com/spf13/viper's releases.

v1.17.0

Major changes

Highlighting some of the changes for better visibility.

Please share your feedback in the Discussion forum. Thanks! ❤️

Minimum Go version: 1.19

Viper now requires Go 1.19

This change ensures we can stay up to date with modern practices and dependencies.

log/slog support [BREAKING]

Viper v1.11.0 added an experimental Logger interface to allow custom implementations (besides jwalterweatherman).

In addition, it also exposed an experimental WithLogger function allowing to set a custom logger.

This release deprecates that interface in favor of log/slog released in Go 1.21.

[!WARNING] WithLogger accepts an *slog.Logger from now on.

To preserve backwards compatibility with older Go versions, prior to Go 1.21 Viper accepts a *golang.org/x/exp/slog.Logger.

The experimental flag is removed.

New finder implementation [BREAKING]

As of this release, Viper uses a new library to look for files, called locafero.

The new library is better covered by tests and has been built from scratch as a general purpose file finder library.

The implementation is experimental and is hidden behind a finder build tag.

[!WARNING] The io/fs based implementation (that used to be hidden behind a finder build tag) has been removed.

What's Changed

Exciting New Features 🎉

• Add NATS support by @​hooksie1 in spf13/viper#1590
• Add slog support by @​sagikazarmark in spf13/viper#1627

Enhancements 🚀

• chore: add local development environment using nix by @​sagikazarmark in spf13/viper#1572
• feat: add func GetEnvPrefix by @​baruchiro in spf13/viper#1565
• Improve dev env by @​sagikazarmark in spf13/viper#1575
• fix: code optimization by @​testwill in spf13/viper#1557
• test: remove not needed testutil.Setenv by @​alexandear in spf13/viper#1610
• new finder library based on afero by @​sagikazarmark in spf13/viper#1625

... (truncated)

Commits

• f62f86a refactor: make use of strings.Cut
• 94632fa chore: Use pip3 explicitly to install yamllint
• 3f6cadc chore: Fix copy-paste error for yamllint target
• 287507c docs: add set subset KV example
• f1cb226 chore(deps): update crypt
• c292b55 test: refactor asserts
• 3d006fe refactor: replace interface{} with any
• 8a6dc5d build(deps): bump github/codeql-action from 2.21.8 to 2.21.9
• 96c5c00 chore: remove deprecated build tags
• 44911d2 build(deps): bump github/codeql-action from 2.21.7 to 2.21.8
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions