Backstage

English | 한국어 | 中文版 | Français

What is Backstage?

Backstage is an open source framework for building developer portals. Powered by a centralized software catalog, Backstage restores order to your microservices and infrastructure and enables your product teams to ship high-quality code quickly without compromising autonomy.

Backstage unifies all your infrastructure tooling, services, and documentation to create a streamlined development environment from end to end.

Out of the box, Backstage includes:

• Backstage Software Catalog for managing all your software such as microservices, libraries, data pipelines, websites, and ML models
• Backstage Software Templates for quickly spinning up new projects and standardizing your tooling with your organization’s best practices
• Backstage TechDocs for making it easy to create, maintain, find, and use technical documentation, using a "docs like code" approach
• Plus, a growing ecosystem of open source plugins that further expand Backstage’s customizability and functionality

Backstage was created by Spotify but is now hosted by the Cloud Native Computing Foundation (CNCF) as an Incubation level project. For more information, see the announcement.

Project roadmap

For information about the detailed project roadmap including delivered milestones, see the Roadmap.

Getting Started

To start using Backstage, see the Getting Started documentation.

Documentation

The documentation of Backstage includes:

• Main documentation
• Software Catalog
• Architecture (Decisions)
• Designing for Backstage
• Storybook - UI components

Community

To engage with our community, you can use the following resources:

• Discord chatroom - Get support or discuss the project
• Contributing to Backstage - Start here if you want to contribute
• RFCs - Help shape the technical direction
• FAQ - Frequently Asked Questions
• Code of Conduct - This is how we roll
• Adopters - Companies already using Backstage
• Blog - Announcements and updates
• Newsletter - Subscribe to our email newsletter
• Backstage Community Sessions - Join monthly meetups and explore Backstage community
• Give us a star ⭐️ - If you are using Backstage or think it is an interesting project, we would love a star ❤️

Governance

See the GOVERNANCE.md document in the backstage/community repository.

License

Copyright 2020-2025 © The Backstage Authors. All rights reserved. The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see our Trademark Usage page: https://www.linuxfoundation.org/trademark-usage

Licensed under the Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0

Security

Please report sensitive security issues using Spotify's bug-bounty program rather than GitHub.

For further details, see our complete security release process.

@backstage/plugin-permission-node

0.10.4

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.6.7
  • @backstage/backend-plugin-api@1.4.3

0.10.4-next.0

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.6.7-next.0
  • @backstage/backend-plugin-api@1.4.3-next.0

0.10.3

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.6.6
  • @backstage/backend-plugin-api@1.4.2

0.10.3-next.0

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.6.6-next.0
  • @backstage/backend-plugin-api@1.4.2-next.0
  • @backstage/config@1.3.3
  • @backstage/errors@1.2.7
  • @backstage/plugin-permission-common@0.9.1

0.10.2

Patch Changes

• 3507fcd: Just some more circular dep cleanup
• Updated dependencies
  • @backstage/config@1.3.3
  • @backstage/plugin-permission-common@0.9.1
  • @backstage/backend-plugin-api@1.4.1
  • @backstage/plugin-auth-node@0.6.5

0.10.2-next.0

Patch Changes

• 3507fcd: Just some more circular dep cleanup
• Updated dependencies
  • @backstage/config@1.3.3-next.0
  • @backstage/plugin-permission-common@0.9.1-next.0
  • @backstage/backend-plugin-api@1.4.1-next.0
  • @backstage/plugin-auth-node@0.6.5-next.0

0.10.1

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.6.4
  • @backstage/backend-plugin-api@1.4.0
  • @backstage/config@1.3.2
  • @backstage/errors@1.2.7
  • @backstage/plugin-permission-common@0.9.0

0.10.1-next.1

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.6.4-next.1
  • @backstage/backend-plugin-api@1.4.0-next.1
  • @backstage/config@1.3.2
  • @backstage/errors@1.2.7
  • @backstage/plugin-permission-common@0.9.0

0.10.1-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-plugin-api@1.4.0-next.0
  • @backstage/plugin-auth-node@0.6.4-next.0

0.10.0

Minor Changes

• 4da2965: Fixed an issue causing the PermissionClient to exhaust the request body size limit too quickly when making many requests.

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.6.3
  • @backstage/backend-plugin-api@1.3.1
  • @backstage/plugin-permission-common@0.9.0
  • @backstage/config@1.3.2
  • @backstage/errors@1.2.7

0.10.0-next.2

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.6.3-next.2
  • @backstage/backend-plugin-api@1.3.1-next.2
  • @backstage/config@1.3.2
  • @backstage/errors@1.2.7
  • @backstage/plugin-permission-common@0.9.0-next.0

0.10.0-next.1

Minor Changes

• 4da2965: Fixed an issue causing the PermissionClient to exhaust the request body size limit too quickly when making many requests.

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.6.3-next.1
  • @backstage/backend-plugin-api@1.3.1-next.1
  • @backstage/plugin-permission-common@0.9.0-next.0
  • @backstage/config@1.3.2
  • @backstage/errors@1.2.7

0.9.2-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-plugin-api@1.3.1-next.0
  • @backstage/plugin-auth-node@0.6.3-next.0
  • @backstage/config@1.3.2
  • @backstage/errors@1.2.7
  • @backstage/plugin-permission-common@0.8.4

0.9.1

Patch Changes

• Updated dependencies
  • @backstage/backend-plugin-api@1.3.0
  • @backstage/plugin-auth-node@0.6.2
  • @backstage/config@1.3.2
  • @backstage/errors@1.2.7
  • @backstage/plugin-permission-common@0.8.4

0.9.0

Minor Changes

• 22ace13: BREAKING The ServerPermissionClient can no longer be instantiated with a tokenManager and must instead be instantiated with an auth service. If you are still on the legacy backend system, use createLegacyAuthAdapters() from @backstage/backend-common to create a compatible auth service.

Patch Changes

• 728e3e1: Improved type inference when passing a PermissionResourceRef to createPermissionRule.
• 876f2e1: Deprecated createPermissionIntegrationRouter and related types, which has been replaced by PermissionRegistryService. For more information, including how to migrate existing plugins, see the service docs.
• Updated dependencies
  • @backstage/plugin-auth-node@0.6.1
  • @backstage/backend-plugin-api@1.2.1
  • @backstage/config@1.3.2
  • @backstage/errors@1.2.7
  • @backstage/plugin-permission-common@0.8.4

0.8.9-next.1

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.6.1-next.1
  • @backstage/backend-plugin-api@1.2.1-next.1
  • @backstage/config@1.3.2
  • @backstage/errors@1.2.7
  • @backstage/plugin-permission-common@0.8.4

0.8.9-next.0

Patch Changes

• 728e3e1: Improved type inference when passing a PermissionResourceRef to createPermissionRule.
• Updated dependencies
  • @backstage/plugin-auth-node@0.6.1-next.0
  • @backstage/backend-plugin-api@1.2.1-next.0

0.8.8

Patch Changes

• 049d5d4: The returned router from createPermissionIntegrationRouter is now mutable, allowing for permissions and resources to be added after creation of the router.
• b71f634: Added a new PermissionRuleset type that encapsulates a lookup function for permission rules, which can be created by the new PermissionsRegistryService via the getPermissionRuleset method. The createConditionTransformer and createConditionAuthorizer functions have been adapted to receive these accessors as arguments, with their older counterparts being deprecated.
• a9621de: Added a new createPermissionResourceRef utility that encapsulates the constants and types related to a permission resource types. The createConditionExports and createPermissionRule functions have also been adapted to accept these references as arguments, deprecating their older counterparts.
• Updated dependencies
  • @backstage/backend-plugin-api@1.2.0
  • @backstage/plugin-auth-node@0.6.0
  • @backstage/config@1.3.2
  • @backstage/errors@1.2.7
  • @backstage/plugin-permission-common@0.8.4

0.8.8-next.2

Patch Changes

• b71f634: Added a new PermissionRuleset type that encapsulates a lookup function for permission rules, which can be created by the new PermissionsRegistryService via the getPermissionRuleset method. The createConditionTransformer and createConditionAuthorizer functions have been adapted to receive these accessors as arguments, with their older counterparts being deprecated.
• a9621de: Added a new createPermissionResourceRef utility that encapsulates the constants and types related to a permission resource types. The createConditionExports and createPermissionRule functions have also been adapted to accept these references as arguments, deprecating their older counterparts.
• Updated dependencies
  • @backstage/backend-plugin-api@1.2.0-next.2
  • @backstage/plugin-auth-node@0.6.0-next.2
  • @backstage/config@1.3.2
  • @backstage/errors@1.2.7
  • @backstage/plugin-permission-common@0.8.4

0.8.8-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-plugin-api@1.2.0-next.1
  • @backstage/plugin-auth-node@0.6.0-next.1
  • @backstage/config@1.3.2
  • @backstage/errors@1.2.7
  • @backstage/plugin-permission-common@0.8.4

0.8.8-next.0

Patch Changes

• 049d5d4: The returned router from createPermissionIntegrationRouter is now mutable, allowing for permissions and resources to be added after creation of the router.
• Updated dependencies
  • @backstage/backend-plugin-api@1.2.0-next.0
  • @backstage/config@1.3.2
  • @backstage/errors@1.2.7
  • @backstage/plugin-auth-node@0.5.7-next.0
  • @backstage/plugin-permission-common@0.8.4

0.8.7

Patch Changes

• d9d62ef: Remove some internal usages of the backend-common package
• Updated dependencies
  • @backstage/plugin-auth-node@0.5.6
  • @backstage/backend-plugin-api@1.1.1
  • @backstage/config@1.3.2
  • @backstage/errors@1.2.7
  • @backstage/plugin-permission-common@0.8.4

0.8.7-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-plugin-api@1.1.1-next.1
  • @backstage/config@1.3.2-next.0
  • @backstage/errors@1.2.7-next.0
  • @backstage/plugin-auth-node@0.5.6-next.1
  • @backstage/plugin-permission-common@0.8.4-next.0

0.8.7-next.0

Patch Changes

• d9d62ef: Remove some internal usages of the backend-common package
• Updated dependencies
  • @backstage/plugin-auth-node@0.5.6-next.0
  • @backstage/backend-plugin-api@1.1.1-next.0
  • @backstage/config@1.3.1
  • @backstage/errors@1.2.6
  • @backstage/plugin-permission-common@0.8.3

0.8.6

Patch Changes

• b149e2a: The createPermissionIntegrationRouter function now detects and prevents the exposure of duplicate permissions.
• Updated dependencies
  • @backstage/plugin-auth-node@0.5.5
  • @backstage/backend-plugin-api@1.1.0
  • @backstage/errors@1.2.6
  • @backstage/config@1.3.1
  • @backstage/plugin-permission-common@0.8.3

0.8.6-next.2

Patch Changes

• b149e2a: The createPermissionIntegrationRouter function now detects and prevents the exposure of duplicate permissions.
• Updated dependencies
  • @backstage/backend-plugin-api@1.1.0-next.2
  • @backstage/errors@1.2.6-next.0
  • @backstage/plugin-auth-node@0.5.5-next.2
  • @backstage/config@1.3.1-next.0
  • @backstage/plugin-permission-common@0.8.3-next.0

0.8.6-next.1

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.5.5-next.1
  • @backstage/backend-plugin-api@1.1.0-next.1
  • @backstage/config@1.3.0
  • @backstage/errors@1.2.5
  • @backstage/plugin-permission-common@0.8.2

0.8.6-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-plugin-api@1.0.3-next.0
  • @backstage/plugin-auth-node@0.5.5-next.0
  • @backstage/config@1.3.0
  • @backstage/errors@1.2.5
  • @backstage/plugin-permission-common@0.8.2

0.8.5

Patch Changes

• Updated dependencies
  • @backstage/config@1.3.0
  • @backstage/plugin-auth-node@0.5.4
  • @backstage/backend-plugin-api@1.0.2
  • @backstage/plugin-permission-common@0.8.2
  • @backstage/errors@1.2.5

0.8.5-next.2

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.5.4-next.2
  • @backstage/backend-plugin-api@1.0.2-next.2
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-permission-common@0.8.1

0.8.5-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-plugin-api@1.0.2-next.1
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-auth-node@0.5.4-next.1
  • @backstage/plugin-permission-common@0.8.1

0.8.5-next.0

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.5.4-next.0
  • @backstage/backend-plugin-api@1.0.2-next.0
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-permission-common@0.8.1

0.8.4

Patch Changes

• 094eaa3: Remove references to in-repo backend-common
• Updated dependencies
  • @backstage/plugin-auth-node@0.5.3
  • @backstage/backend-plugin-api@1.0.1
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-permission-common@0.8.1

0.8.4-next.1

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.5.3-next.1
  • @backstage/backend-plugin-api@1.0.1-next.1
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-permission-common@0.8.1

0.8.4-next.0

Patch Changes

• 094eaa3: Remove references to in-repo backend-common
• Updated dependencies
  • @backstage/plugin-auth-node@0.5.3-next.0
  • @backstage/backend-plugin-api@1.0.1-next.0
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-permission-common@0.8.1

0.8.3

Patch Changes

• 19ff127: Internal refactor to remove dependencies on the identity and token manager services, which have been removed. Public APIs no longer require the identity service or token manager to be provided.
• c2b63ab: Updated dependency supertest to ^7.0.0.
• Updated dependencies
  • @backstage/backend-common@0.25.0
  • @backstage/backend-plugin-api@1.0.0
  • @backstage/plugin-auth-node@0.5.2
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-permission-common@0.8.1

0.8.3-next.2

Patch Changes

• c2b63ab: Updated dependency supertest to ^7.0.0.
• Updated dependencies
  • @backstage/backend-common@0.25.0-next.2
  • @backstage/plugin-auth-node@0.5.2-next.2
  • @backstage/backend-plugin-api@1.0.0-next.2
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-permission-common@0.8.1

0.8.3-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.25.0-next.1
  • @backstage/plugin-auth-node@0.5.2-next.1
  • @backstage/backend-plugin-api@0.9.0-next.1
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-permission-common@0.8.1

0.8.3-next.0

Patch Changes

• 19ff127: Internal refactor to remove dependencies on the identity and token manager services, which have been removed. Public APIs no longer require the identity service or token manager to be provided.
• Updated dependencies
  • @backstage/backend-plugin-api@0.9.0-next.0
  • @backstage/backend-common@0.25.0-next.0
  • @backstage/plugin-auth-node@0.5.2-next.0
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-permission-common@0.8.1

0.8.1

Patch Changes

• df784fe: The MetadataResponse type has been moved to @backstage/plugin-permission-common to match the recent move of MetadataResponseSerializedRule, and should be imported from there going forward. To avoid an immediate breaking change, this type is still re-exported from this package, but is marked as deprecated and will be removed in a future release.
• 5cd9878: The MetadataResponseSerializedRule type has been moved to @backstage/plugin-permission-common, and should be imported from there going forward. To avoid an immediate breaking change, this type is still re-exported from this package, but is marked as deprecated and will be removed in a future release.
• Updated dependencies
  • @backstage/backend-plugin-api@0.8.0
  • @backstage/backend-common@0.24.0
  • @backstage/plugin-permission-common@0.8.1
  • @backstage/plugin-auth-node@0.5.0
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4

0.8.1-next.3

Patch Changes

• Updated dependencies
  • @backstage/backend-plugin-api@0.8.0-next.3
  • @backstage/backend-common@0.23.4-next.3
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-auth-node@0.5.0-next.3
  • @backstage/plugin-permission-common@0.8.1-next.1

0.8.1-next.2

Patch Changes

• df784fe: The MetadataResponse type has been moved to @backstage/plugin-permission-common to match the recent move of MetadataResponseSerializedRule, and should be imported from there going forward. To avoid an immediate breaking change, this type is still re-exported from this package, but is marked as deprecated and will be removed in a future release.
• Updated dependencies
  • @backstage/backend-plugin-api@0.8.0-next.2
  • @backstage/plugin-permission-common@0.8.1-next.1
  • @backstage/backend-common@0.23.4-next.2
  • @backstage/plugin-auth-node@0.5.0-next.2
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4

0.8.1-next.1

Patch Changes

• 5cd9878: The MetadataResponseSerializedRule type has been moved to @backstage/plugin-permission-common, and should be imported from there going forward. To avoid an immediate breaking change, this type is still re-exported from this package, but is marked as deprecated and will be removed in a future release.
• Updated dependencies
  • @backstage/plugin-permission-common@0.8.1-next.0
  • @backstage/backend-plugin-api@0.7.1-next.1
  • @backstage/backend-common@0.23.4-next.1
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-auth-node@0.4.18-next.1

0.8.1-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.23.4-next.0
  • @backstage/backend-plugin-api@0.7.1-next.0
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-auth-node@0.4.18-next.0
  • @backstage/plugin-permission-common@0.8.0

0.8.0

Minor Changes

• 36f91e8: BREAKING: Updated the ServerPermissionClient to match the new PermissionsService interface, where the deprecated token option has been removed and the options are now required.

Patch Changes

• ed10fd2: The PermissionPolicy interface has been updated to align with the recent changes to the Backstage auth system. The second argument to the handle method is now of the new PolicyQueryUser type. This type maintains the old fields from the BackstageIdentityResponse, which are now all deprecated. Instead, two new fields have been added, which allows access to the same information:

  • credentials - A BackstageCredentials object, which is useful for making requests to other services on behalf of the user as part of evaluating the policy. This replaces the deprecated token field. See the Auth Service documentation for information about how to create a token using these credentials.
  • info - A BackstageUserInfo object, which contains the same information as the deprecated identity, except for the type field that was redundant.

  Most existing policies can be updated by replacing the BackstageIdentityResponse type with PolicyQueryUser, which is exported from @backstage/plugin-permission-node, as well as replacing any occurrences of user?.identity with user?.info.

• 28b2cfb: Fix invalid cross-reference in API Reference docs

• Updated dependencies
  • @backstage/backend-plugin-api@0.7.0
  • @backstage/backend-common@0.23.3
  • @backstage/plugin-permission-common@0.8.0
  • @backstage/plugin-auth-node@0.4.17
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4

0.7.33-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.23.3-next.1
  • @backstage/backend-plugin-api@0.6.22-next.1
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-auth-node@0.4.17-next.1
  • @backstage/plugin-permission-common@0.7.14

0.7.32-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-plugin-api@0.6.21-next.0
  • @backstage/backend-common@0.23.2-next.0
  • @backstage/plugin-auth-node@0.4.16-next.0
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-permission-common@0.7.14

0.7.30

Patch Changes

• 9e63318: Ensure that service token access restrictions, when present, are taken into account
• d44a20a: Added additional plugin metadata to package.json.
• c7b0dd1: Import tokenManager definition from @backstage/backend-plugin-api
• Updated dependencies
  • @backstage/backend-common@0.23.0
  • @backstage/backend-plugin-api@0.6.19
  • @backstage/plugin-auth-node@0.4.14
  • @backstage/plugin-permission-common@0.7.14
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4

0.7.30-next.3

Patch Changes

• d44a20a: Added additional plugin metadata to package.json.
• Updated dependencies
  • @backstage/backend-plugin-api@0.6.19-next.3
  • @backstage/plugin-auth-node@0.4.14-next.3
  • @backstage/plugin-permission-common@0.7.14-next.0
  • @backstage/backend-common@0.23.0-next.3
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4

0.7.30-next.2

Patch Changes

• c7b0dd1: Import tokenManager definition from @backstage/backend-plugin-api
• Updated dependencies
  • @backstage/backend-plugin-api@0.6.19-next.2
  • @backstage/backend-common@0.23.0-next.2
  • @backstage/plugin-auth-node@0.4.14-next.2
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-permission-common@0.7.13

0.7.30-next.1

Patch Changes

• 9e63318: Ensure that service token access restrictions, when present, are taken into account
• Updated dependencies
  • @backstage/backend-plugin-api@0.6.19-next.1
  • @backstage/backend-common@0.23.0-next.1
  • @backstage/plugin-auth-node@0.4.14-next.1

0.7.30-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.22.1-next.0
  • @backstage/backend-plugin-api@0.6.19-next.0
  • @backstage/plugin-auth-node@0.4.14-next.0
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-permission-common@0.7.13

0.7.29

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.22.0
  • @backstage/backend-plugin-api@0.6.18
  • @backstage/plugin-auth-node@0.4.13

0.7.29-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.22.0-next.1
  • @backstage/plugin-auth-node@0.4.13-next.1
  • @backstage/backend-plugin-api@0.6.18-next.1

0.7.29-next.0

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.4.13-next.0
  • @backstage/backend-common@0.21.8-next.0
  • @backstage/backend-plugin-api@0.6.18-next.0
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-permission-common@0.7.13

0.7.28

Patch Changes

• 29fa05b: Fixed an issue causing ServerPermissionClient to generate an invalid token for authorizing permissions against the permission backend.
• Updated dependencies
  • @backstage/backend-common@0.21.7
  • @backstage/backend-plugin-api@0.6.17
  • @backstage/plugin-auth-node@0.4.12
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-permission-common@0.7.13

0.7.28-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.21.7-next.1
  • @backstage/backend-plugin-api@0.6.17-next.1
  • @backstage/plugin-auth-node@0.4.12-next.1
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-permission-common@0.7.13

0.7.28-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.21.7-next.0
  • @backstage/backend-plugin-api@0.6.17-next.0
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-auth-node@0.4.12-next.0
  • @backstage/plugin-permission-common@0.7.13

0.7.27

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.4.11
  • @backstage/backend-common@0.21.6
  • @backstage/backend-plugin-api@0.6.16
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-permission-common@0.7.13

0.7.26

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.21.5
  • @backstage/plugin-auth-node@0.4.10
  • @backstage/backend-plugin-api@0.6.15
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/plugin-permission-common@0.7.13

0.7.25

Patch Changes

• 0502d82: The ServerPermissionClient has been migrated to implement the PermissionsService interface, now accepting the new BackstageCredentials object in addition to the token option, which is now deprecated. It now also optionally depends on the new AuthService.
• Updated dependencies
  • @backstage/backend-common@0.21.4
  • @backstage/plugin-auth-node@0.4.9
  • @backstage/config@1.2.0
  • @backstage/errors@1.2.4
  • @backstage/backend-plugin-api@0.6.14
  • @backstage/plugin-permission-common@0.7.13

0.7.25-next.2

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.21.4-next.2
  • @backstage/plugin-auth-node@0.4.9-next.2
  • @backstage/backend-plugin-api@0.6.14-next.2
  • @backstage/config@1.2.0-next.1
  • @backstage/errors@1.2.4-next.0
  • @backstage/plugin-permission-common@0.7.13-next.1

0.7.25-next.1

Patch Changes

• Updated dependencies
  • @backstage/config@1.2.0-next.1
  • @backstage/backend-common@0.21.4-next.1
  • @backstage/backend-plugin-api@0.6.14-next.1
  • @backstage/plugin-auth-node@0.4.9-next.1
  • @backstage/plugin-permission-common@0.7.13-next.1
  • @backstage/errors@1.2.4-next.0

0.7.24-next.0

Patch Changes

• 0502d82: The ServerPermissionClient has been migrated to implement the PermissionsService interface, now accepting the new BackstageCredentials object in addition to the token option, which is now deprecated. It now also optionally depends on the new AuthService.
• Updated dependencies
  • @backstage/backend-common@0.21.3-next.0
  • @backstage/plugin-auth-node@0.4.8-next.0
  • @backstage/errors@1.2.4-next.0
  • @backstage/backend-plugin-api@0.6.13-next.0
  • @backstage/plugin-permission-common@0.7.13-next.0
  • @backstage/config@1.1.2-next.0

0.7.21

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.21.0
  • @backstage/plugin-auth-node@0.4.4
  • @backstage/backend-plugin-api@0.6.10
  • @backstage/config@1.1.1
  • @backstage/errors@1.2.3
  • @backstage/plugin-permission-common@0.7.12

0.7.21-next.3

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.21.0-next.3
  • @backstage/plugin-auth-node@0.4.4-next.3
  • @backstage/backend-plugin-api@0.6.10-next.3
  • @backstage/config@1.1.1
  • @backstage/errors@1.2.3
  • @backstage/plugin-permission-common@0.7.12

0.7.21-next.2

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.21.0-next.2
  • @backstage/backend-plugin-api@0.6.10-next.2
  • @backstage/plugin-auth-node@0.4.4-next.2
  • @backstage/config@1.1.1
  • @backstage/errors@1.2.3
  • @backstage/plugin-permission-common@0.7.12

0.7.21-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-plugin-api@0.6.10-next.1
  • @backstage/backend-common@0.21.0-next.1
  • @backstage/config@1.1.1
  • @backstage/errors@1.2.3
  • @backstage/plugin-auth-node@0.4.4-next.1
  • @backstage/plugin-permission-common@0.7.12

0.7.21-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.21.0-next.0
  • @backstage/plugin-auth-node@0.4.4-next.0
  • @backstage/backend-plugin-api@0.6.10-next.0
  • @backstage/config@1.1.1
  • @backstage/errors@1.2.3
  • @backstage/plugin-permission-common@0.7.12

0.7.20

Patch Changes

• b1acd9b: Updated README
• Updated dependencies
  • @backstage/backend-common@0.20.1
  • @backstage/backend-plugin-api@0.6.9
  • @backstage/plugin-permission-common@0.7.12
  • @backstage/plugin-auth-node@0.4.3
  • @backstage/config@1.1.1
  • @backstage/errors@1.2.3

0.7.20-next.2

Patch Changes

• Updated dependencies
  • @backstage/backend-plugin-api@0.6.9-next.2
  • @backstage/backend-common@0.20.1-next.2
  • @backstage/plugin-auth-node@0.4.3-next.2

0.7.20-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.20.1-next.1
  • @backstage/config@1.1.1
  • @backstage/plugin-auth-node@0.4.3-next.1
  • @backstage/backend-plugin-api@0.6.9-next.1
  • @backstage/errors@1.2.3
  • @backstage/plugin-permission-common@0.7.11

0.7.20-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.20.1-next.0
  • @backstage/backend-plugin-api@0.6.9-next.0
  • @backstage/config@1.1.1
  • @backstage/errors@1.2.3
  • @backstage/plugin-auth-node@0.4.3-next.0
  • @backstage/plugin-permission-common@0.7.11

0.7.19

Patch Changes

• 0cbb03b: Fixing regular expression ReDoS with zod packages. Upgrading to latest. ref: https://security.snyk.io/vuln/SNYK-JS-ZOD-5925617
• Updated dependencies
  • @backstage/backend-common@0.20.0
  • @backstage/plugin-auth-node@0.4.2
  • @backstage/plugin-permission-common@0.7.11
  • @backstage/backend-plugin-api@0.6.8
  • @backstage/config@1.1.1
  • @backstage/errors@1.2.3

0.7.19-next.3

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.20.0-next.3
  • @backstage/backend-plugin-api@0.6.8-next.3
  • @backstage/config@1.1.1
  • @backstage/errors@1.2.3
  • @backstage/plugin-auth-node@0.4.2-next.3
  • @backstage/plugin-permission-common@0.7.10

0.7.19-next.2

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.20.0-next.2
  • @backstage/plugin-auth-node@0.4.2-next.2
  • @backstage/backend-plugin-api@0.6.8-next.2
  • @backstage/config@1.1.1
  • @backstage/errors@1.2.3
  • @backstage/plugin-permission-common@0.7.10

0.7.19-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.20.0-next.1
  • @backstage/backend-plugin-api@0.6.8-next.1
  • @backstage/config@1.1.1
  • @backstage/errors@1.2.3
  • @backstage/plugin-auth-node@0.4.2-next.1
  • @backstage/plugin-permission-common@0.7.10

0.7.19-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.20.0-next.0
  • @backstage/plugin-auth-node@0.4.2-next.0
  • @backstage/backend-plugin-api@0.6.8-next.0
  • @backstage/config@1.1.1
  • @backstage/errors@1.2.3
  • @backstage/plugin-permission-common@0.7.10

0.7.18

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.19.9
  • @backstage/backend-plugin-api@0.6.7
  • @backstage/plugin-permission-common@0.7.10
  • @backstage/config@1.1.1
  • @backstage/errors@1.2.3
  • @backstage/plugin-auth-node@0.4.1

0.7.18-next.2

Patch Changes

• Updated dependencies
  • @backstage/backend-plugin-api@0.6.7-next.2
  • @backstage/backend-common@0.19.9-next.2
  • @backstage/plugin-auth-node@0.4.1-next.2

0.7.18-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.19.9-next.1
  • @backstage/plugin-auth-node@0.4.1-next.1
  • @backstage/backend-plugin-api@0.6.7-next.1
  • @backstage/config@1.1.1
  • @backstage/errors@1.2.3
  • @backstage/plugin-permission-common@0.7.9

0.7.18-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.19.9-next.0
  • @backstage/backend-plugin-api@0.6.7-next.0
  • @backstage/config@1.1.1
  • @backstage/errors@1.2.3
  • @backstage/plugin-auth-node@0.4.1-next.0
  • @backstage/plugin-permission-common@0.7.9

0.7.17

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.19.8
  • @backstage/plugin-auth-node@0.4.0
  • @backstage/errors@1.2.3
  • @backstage/backend-plugin-api@0.6.6
  • @backstage/config@1.1.1
  • @backstage/plugin-permission-common@0.7.9

0.7.17-next.2

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.19.8-next.2
  • @backstage/plugin-auth-node@0.4.0-next.2
  • @backstage/errors@1.2.3-next.0
  • @backstage/backend-plugin-api@0.6.6-next.2
  • @backstage/config@1.1.1-next.0
  • @backstage/plugin-permission-common@0.7.9-next.0

0.7.16-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.19.7-next.1
  • @backstage/backend-plugin-api@0.6.5-next.1
  • @backstage/plugin-auth-node@0.3.2-next.1
  • @backstage/config@1.1.0
  • @backstage/errors@1.2.2
  • @backstage/plugin-permission-common@0.7.8

0.7.16-next.0

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.3.2-next.0
  • @backstage/backend-common@0.19.7-next.0
  • @backstage/config@1.1.0
  • @backstage/backend-plugin-api@0.6.5-next.0
  • @backstage/errors@1.2.2
  • @backstage/plugin-permission-common@0.7.8

0.7.14

Patch Changes

• a8a614ba0d07: Minor package.json update.
• Updated dependencies
  • @backstage/backend-common@0.19.5
  • @backstage/plugin-auth-node@0.3.0
  • @backstage/config@1.1.0
  • @backstage/errors@1.2.2
  • @backstage/plugin-permission-common@0.7.8
  • @backstage/backend-plugin-api@0.6.3

0.7.14-next.3

Patch Changes

• a8a614ba0d07: Minor package.json update.
• Updated dependencies
  • @backstage/config@1.1.0-next.2
  • @backstage/errors@1.2.2-next.0
  • @backstage/plugin-permission-common@0.7.8-next.2
  • @backstage/backend-plugin-api@0.6.3-next.3
  • @backstage/backend-common@0.19.5-next.3
  • @backstage/plugin-auth-node@0.3.0-next.3

0.7.14-next.2

Patch Changes

• Updated dependencies
  • @backstage/config@1.1.0-next.1
  • @backstage/backend-common@0.19.5-next.2
  • @backstage/plugin-auth-node@0.3.0-next.2
  • @backstage/backend-plugin-api@0.6.3-next.2
  • @backstage/plugin-permission-common@0.7.8-next.1
  • @backstage/errors@1.2.1

0.7.14-next.1

Patch Changes

• Updated dependencies
  • @backstage/config@1.1.0-next.0
  • @backstage/backend-common@0.19.5-next.1
  • @backstage/backend-plugin-api@0.6.3-next.1
  • @backstage/plugin-auth-node@0.3.0-next.1
  • @backstage/plugin-permission-common@0.7.8-next.0
  • @backstage/errors@1.2.1

0.7.13-next.0

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.3.0-next.0
  • @backstage/backend-common@0.19.4-next.0
  • @backstage/backend-plugin-api@0.6.2-next.0
  • @backstage/config@1.0.8
  • @backstage/errors@1.2.1
  • @backstage/plugin-permission-common@0.7.7

0.7.11

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.19.2
  • @backstage/backend-plugin-api@0.6.0
  • @backstage/plugin-auth-node@0.2.17
  • @backstage/config@1.0.8
  • @backstage/errors@1.2.1
  • @backstage/plugin-permission-common@0.7.7

0.7.11-next.2

Patch Changes

• Updated dependencies
  • @backstage/backend-plugin-api@0.6.0-next.2
  • @backstage/backend-common@0.19.2-next.2
  • @backstage/plugin-auth-node@0.2.17-next.2

0.7.11-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.19.2-next.1
  • @backstage/plugin-auth-node@0.2.17-next.1
  • @backstage/backend-plugin-api@0.6.0-next.1
  • @backstage/config@1.0.8
  • @backstage/errors@1.2.1
  • @backstage/plugin-permission-common@0.7.7

0.7.11-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.19.2-next.0
  • @backstage/backend-plugin-api@0.5.5-next.0
  • @backstage/config@1.0.8
  • @backstage/errors@1.2.1
  • @backstage/plugin-auth-node@0.2.17-next.0
  • @backstage/plugin-permission-common@0.7.7

0.7.10

Patch Changes

• Updated dependencies
  • @backstage/errors@1.2.1
  • @backstage/backend-common@0.19.1
  • @backstage/backend-plugin-api@0.5.4
  • @backstage/config@1.0.8
  • @backstage/plugin-auth-node@0.2.16
  • @backstage/plugin-permission-common@0.7.7

0.7.10-next.0

Patch Changes

• Updated dependencies
  • @backstage/errors@1.2.1-next.0
  • @backstage/backend-common@0.19.1-next.0
  • @backstage/backend-plugin-api@0.5.4-next.0
  • @backstage/config@1.0.8
  • @backstage/plugin-auth-node@0.2.16-next.0
  • @backstage/plugin-permission-common@0.7.7-next.0

0.7.9

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.19.0
  • @backstage/errors@1.2.0
  • @backstage/backend-plugin-api@0.5.3
  • @backstage/plugin-auth-node@0.2.15
  • @backstage/config@1.0.8
  • @backstage/plugin-permission-common@0.7.6

0.7.9-next.2

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.19.0-next.2
  • @backstage/backend-plugin-api@0.5.3-next.2
  • @backstage/config@1.0.7
  • @backstage/errors@1.2.0-next.0
  • @backstage/plugin-auth-node@0.2.15-next.2
  • @backstage/plugin-permission-common@0.7.6-next.0

0.7.9-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.19.0-next.1
  • @backstage/errors@1.2.0-next.0
  • @backstage/backend-plugin-api@0.5.3-next.1
  • @backstage/plugin-auth-node@0.2.15-next.1
  • @backstage/plugin-permission-common@0.7.6-next.0
  • @backstage/config@1.0.7

0.7.9-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.18.6-next.0
  • @backstage/config@1.0.7
  • @backstage/backend-plugin-api@0.5.3-next.0
  • @backstage/errors@1.1.5
  • @backstage/plugin-auth-node@0.2.15-next.0
  • @backstage/plugin-permission-common@0.7.5

0.7.8

Patch Changes

• a788e715cfc: createPermissionIntegrationRouter now accepts rules and permissions for multiple resource types. Example:

  createPermissionIntegrationRouter({
    resources: [
      {
        resourceType: 'resourceType-1',
        permissions: permissionsResourceType1,
        rules: rulesResourceType1,
      },
      {
        resourceType: 'resourceType-2',
        permissions: permissionsResourceType2,
        rules: rulesResourceType2,
      },
    ],
  });

• Updated dependencies

  • @backstage/backend-common@0.18.5
  • @backstage/plugin-auth-node@0.2.14
  • @backstage/backend-plugin-api@0.5.2
  • @backstage/config@1.0.7
  • @backstage/errors@1.1.5
  • @backstage/plugin-permission-common@0.7.5

0.7.8-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.18.5-next.1
  • @backstage/plugin-auth-node@0.2.14-next.1
  • @backstage/backend-plugin-api@0.5.2-next.1
  • @backstage/config@1.0.7

0.7.8-next.0

Patch Changes

• a788e715cfc: createPermissionIntegrationRouter now accepts rules and permissions for multiple resource types. Example:

  createPermissionIntegrationRouter({
    resources: [
      {
        resourceType: 'resourceType-1',
        permissions: permissionsResourceType1,
        rules: rulesResourceType1,
      },
      {
        resourceType: 'resourceType-2',
        permissions: permissionsResourceType2,
        rules: rulesResourceType2,
      },
    ],
  });

• Updated dependencies

  • @backstage/backend-common@0.18.5-next.0
  • @backstage/plugin-auth-node@0.2.14-next.0
  • @backstage/backend-plugin-api@0.5.2-next.0
  • @backstage/config@1.0.7
  • @backstage/errors@1.1.5
  • @backstage/plugin-permission-common@0.7.5

0.7.7

Patch Changes

• 788f0f5a152: Introduced alpha export of the policyExtensionPoint for use in the new backend system.
• 71fd0966d10: Added createConditionAuthorizer utility function, which takes some permission conditions and returns a function that returns a definitive authorization result given a decision and a resource.
• 1e4f5e91b8e: Bump zod and zod-to-json-schema dependencies.
• Updated dependencies
  • @backstage/backend-common@0.18.4
  • @backstage/plugin-permission-common@0.7.5
  • @backstage/plugin-auth-node@0.2.13
  • @backstage/backend-plugin-api@0.5.1
  • @backstage/config@1.0.7
  • @backstage/errors@1.1.5

0.7.7-next.2

Patch Changes

• 788f0f5a152: Introduced alpha export of the policyExtensionPoint for use in the new backend system.
• Updated dependencies
  • @backstage/backend-common@0.18.4-next.2
  • @backstage/backend-plugin-api@0.5.1-next.2
  • @backstage/config@1.0.7
  • @backstage/errors@1.1.5
  • @backstage/plugin-auth-node@0.2.13-next.2
  • @backstage/plugin-permission-common@0.7.5-next.0

0.7.7-next.1

Patch Changes

• 71fd0966d10: Added createConditionAuthorizer utility function, which takes some permission conditions and returns a function that returns a definitive authorization result given a decision and a resource.
• 1e4f5e91b8e: Bump zod and zod-to-json-schema dependencies.
• Updated dependencies
  • @backstage/plugin-permission-common@0.7.5-next.0
  • @backstage/backend-common@0.18.4-next.1
  • @backstage/config@1.0.7
  • @backstage/errors@1.1.5
  • @backstage/plugin-auth-node@0.2.13-next.1

0.7.7-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.18.4-next.0
  • @backstage/config@1.0.7
  • @backstage/errors@1.1.5
  • @backstage/plugin-auth-node@0.2.13-next.0
  • @backstage/plugin-permission-common@0.7.4

0.7.6

Patch Changes

• 27a103ca07b: Changed the createPermissionIntegrationRouter API to allow getResources, resourceType and rules to be optional
• 37e9215c793: Update the service-to-service auth docs URL in error message.
• 52b0022dab7: Updated dependency msw to ^1.0.0.
• Updated dependencies
  • @backstage/plugin-auth-node@0.2.12
  • @backstage/backend-common@0.18.3
  • @backstage/errors@1.1.5
  • @backstage/plugin-permission-common@0.7.4
  • @backstage/config@1.0.7

0.7.6-next.2

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.2.12-next.2
  • @backstage/backend-common@0.18.3-next.2
  • @backstage/config@1.0.7-next.0

0.7.6-next.1

Patch Changes

• 27a103ca07b: Changed the createPermissionIntegrationRouter API to allow getResources, resourceType and rules to be optional
• 37e9215c793: Update the service-to-service auth docs URL in error message.
• 52b0022dab7: Updated dependency msw to ^1.0.0.
• Updated dependencies
  • @backstage/errors@1.1.5-next.0
  • @backstage/backend-common@0.18.3-next.1
  • @backstage/plugin-auth-node@0.2.12-next.1
  • @backstage/plugin-permission-common@0.7.4-next.0
  • @backstage/config@1.0.7-next.0

0.7.6-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.18.3-next.0
  • @backstage/config@1.0.6
  • @backstage/errors@1.1.4
  • @backstage/plugin-auth-node@0.2.12-next.0
  • @backstage/plugin-permission-common@0.7.3

0.7.5

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.18.2
  • @backstage/config@1.0.6
  • @backstage/errors@1.1.4
  • @backstage/plugin-auth-node@0.2.11
  • @backstage/plugin-permission-common@0.7.3

0.7.5-next.2

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.18.2-next.2
  • @backstage/plugin-auth-node@0.2.11-next.2
  • @backstage/config@1.0.6
  • @backstage/errors@1.1.4
  • @backstage/plugin-permission-common@0.7.3

0.7.5-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.18.2-next.1
  • @backstage/config@1.0.6
  • @backstage/errors@1.1.4
  • @backstage/plugin-auth-node@0.2.11-next.1
  • @backstage/plugin-permission-common@0.7.3

0.7.5-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.18.2-next.0
  • @backstage/plugin-auth-node@0.2.11-next.0

0.7.3

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.18.0
  • @backstage/config@1.0.6
  • @backstage/errors@1.1.4
  • @backstage/plugin-auth-node@0.2.9
  • @backstage/plugin-permission-common@0.7.3

0.7.3-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.18.0-next.1
  • @backstage/plugin-auth-node@0.2.9-next.1
  • @backstage/config@1.0.6-next.0
  • @backstage/errors@1.1.4
  • @backstage/plugin-permission-common@0.7.3-next.0

0.7.3-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.18.0-next.0
  • @backstage/config@1.0.6-next.0
  • @backstage/errors@1.1.4
  • @backstage/plugin-auth-node@0.2.9-next.0
  • @backstage/plugin-permission-common@0.7.3-next.0

0.7.2

Patch Changes

• b05dcd5530: Move the zod dependency to a version that does not collide with other libraries
• 3280711113: Updated dependency msw to ^0.49.0.
• Updated dependencies
  • @backstage/backend-common@0.17.0
  • @backstage/plugin-permission-common@0.7.2
  • @backstage/errors@1.1.4
  • @backstage/plugin-auth-node@0.2.8
  • @backstage/config@1.0.5

0.7.2-next.3

Patch Changes

• b05dcd5530: Move the zod dependency to a version that does not collide with other libraries
• Updated dependencies
  • @backstage/plugin-permission-common@0.7.2-next.2
  • @backstage/backend-common@0.17.0-next.3
  • @backstage/config@1.0.5-next.1
  • @backstage/errors@1.1.4-next.1
  • @backstage/plugin-auth-node@0.2.8-next.3

0.7.2-next.2

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.17.0-next.2
  • @backstage/plugin-auth-node@0.2.8-next.2
  • @backstage/config@1.0.5-next.1
  • @backstage/errors@1.1.4-next.1
  • @backstage/plugin-permission-common@0.7.2-next.1

0.7.2-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.17.0-next.1
  • @backstage/plugin-auth-node@0.2.8-next.1
  • @backstage/config@1.0.5-next.1
  • @backstage/errors@1.1.4-next.1
  • @backstage/plugin-permission-common@0.7.2-next.1

0.7.2-next.0

Patch Changes

• 3280711113: Updated dependency msw to ^0.49.0.
• Updated dependencies
  • @backstage/backend-common@0.16.1-next.0
  • @backstage/plugin-auth-node@0.2.8-next.0
  • @backstage/plugin-permission-common@0.7.2-next.0
  • @backstage/config@1.0.5-next.0
  • @backstage/errors@1.1.4-next.0

0.7.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.16.0
  • @backstage/plugin-auth-node@0.2.7
  • @backstage/plugin-permission-common@0.7.1
  • @backstage/config@1.0.4
  • @backstage/errors@1.1.3

0.7.1-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.16.0-next.1
  • @backstage/plugin-auth-node@0.2.7-next.1
  • @backstage/config@1.0.4-next.0
  • @backstage/errors@1.1.3-next.0
  • @backstage/plugin-permission-common@0.7.1-next.0

0.7.1-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.16.0-next.0
  • @backstage/plugin-auth-node@0.2.7-next.0
  • @backstage/plugin-permission-common@0.7.1-next.0
  • @backstage/config@1.0.4-next.0
  • @backstage/errors@1.1.3-next.0

0.7.0

Minor Changes

• 46b4a72cee: BREAKING: When defining permission rules, it's now necessary to provide a ZodSchema that specifies the parameters the rule expects. This has been added to help better describe the parameters in the response of the metadata endpoint and to validate the parameters before a rule is executed.

  To help with this, we have also made a change to the API of permission rules. Before, the permission rules toQuery and apply signature expected parameters to be separate arguments, like so...

  createPermissionRule({
    apply: (resource, foo, bar) => true,
    toQuery: (foo, bar) => {},
  });

  The API has now changed to expect the parameters as a single object

  createPermissionRule({
    paramSchema: z.object({
      foo: z.string().describe('Foo value to match'),
      bar: z.string().describe('Bar value to match'),
    }),
    apply: (resource, { foo, bar }) => true,
    toQuery: ({ foo, bar }) => {},
  });

  One final change made is to limit the possible values for a parameter to primitives and arrays of primitives.

Patch Changes

• 9335ad115e: Exported types for the .metadata endpoint of the permission router
• Updated dependencies
  • @backstage/backend-common@0.15.2
  • @backstage/plugin-auth-node@0.2.6
  • @backstage/plugin-permission-common@0.7.0
  • @backstage/config@1.0.3
  • @backstage/errors@1.1.2

0.7.0-next.2

Minor Changes

• 46b4a72cee: BREAKING: When defining permission rules, it's now necessary to provide a ZodSchema that specifies the parameters the rule expects. This has been added to help better describe the parameters in the response of the metadata endpoint and to validate the parameters before a rule is executed.

  To help with this, we have also made a change to the API of permission rules. Before, the permission rules toQuery and apply signature expected parameters to be separate arguments, like so...

  createPermissionRule({
    apply: (resource, foo, bar) => true,
    toQuery: (foo, bar) => {},
  });

  The API has now changed to expect the parameters as a single object

  createPermissionRule({
    paramSchema: z.object({
      foo: z.string().describe('Foo value to match'),
      bar: z.string().describe('Bar value to match'),
    }),
    apply: (resource, { foo, bar }) => true,
    toQuery: ({ foo, bar }) => {},
  });

  One final change made is to limit the possible values for a parameter to primitives and arrays of primitives.

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.15.2-next.2
  • @backstage/plugin-permission-common@0.7.0-next.2
  • @backstage/plugin-auth-node@0.2.6-next.2
  • @backstage/config@1.0.3-next.2
  • @backstage/errors@1.1.2-next.2

0.6.6-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.15.2-next.1
  • @backstage/config@1.0.3-next.1
  • @backstage/errors@1.1.2-next.1
  • @backstage/plugin-auth-node@0.2.6-next.1
  • @backstage/plugin-permission-common@0.6.5-next.1

0.6.6-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.15.2-next.0
  • @backstage/plugin-auth-node@0.2.6-next.0
  • @backstage/config@1.0.3-next.0
  • @backstage/errors@1.1.2-next.0
  • @backstage/plugin-permission-common@0.6.5-next.0

0.6.5

Patch Changes

• 9212439d15: Minor update to tests
• 667d917488: Updated dependency msw to ^0.47.0.
• 87ec2ba4d6: Updated dependency msw to ^0.46.0.
• bf5e9030eb: Updated dependency msw to ^0.45.0.
• Updated dependencies
  • @backstage/backend-common@0.15.1
  • @backstage/plugin-auth-node@0.2.5
  • @backstage/config@1.0.2
  • @backstage/errors@1.1.1
  • @backstage/plugin-permission-common@0.6.4

0.6.5-next.3

Patch Changes

• Updated dependencies
  • @backstage/config@1.0.2-next.0
  • @backstage/errors@1.1.1-next.0
  • @backstage/plugin-permission-common@0.6.4-next.2
  • @backstage/backend-common@0.15.1-next.3
  • @backstage/plugin-auth-node@0.2.5-next.3

0.6.5-next.2

Patch Changes

• 667d917488: Updated dependency msw to ^0.47.0.
• 87ec2ba4d6: Updated dependency msw to ^0.46.0.
• Updated dependencies
  • @backstage/backend-common@0.15.1-next.2
  • @backstage/plugin-auth-node@0.2.5-next.2
  • @backstage/plugin-permission-common@0.6.4-next.1

0.6.5-next.1

Patch Changes

• 9212439d15: Minor update to tests
• Updated dependencies
  • @backstage/plugin-auth-node@0.2.5-next.1
  • @backstage/backend-common@0.15.1-next.1

0.6.5-next.0

Patch Changes

• bf5e9030eb: Updated dependency msw to ^0.45.0.
• Updated dependencies
  • @backstage/backend-common@0.15.1-next.0
  • @backstage/plugin-auth-node@0.2.5-next.0
  • @backstage/plugin-permission-common@0.6.4-next.0

0.6.4

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.15.0
  • @backstage/plugin-auth-node@0.2.4

0.6.4-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.15.0-next.0
  • @backstage/plugin-auth-node@0.2.4-next.0

0.6.3

Patch Changes

• a70869e775: Updated dependency msw to ^0.43.0.
• 8006d0f9bf: Updated dependency msw to ^0.44.0.
• Updated dependencies
  • @backstage/backend-common@0.14.1
  • @backstage/plugin-auth-node@0.2.3
  • @backstage/plugin-permission-common@0.6.3
  • @backstage/errors@1.1.0

0.6.3-next.2

Patch Changes

• a70869e775: Updated dependency msw to ^0.43.0.
• Updated dependencies
  • @backstage/backend-common@0.14.1-next.3
  • @backstage/plugin-auth-node@0.2.3-next.2
  • @backstage/plugin-permission-common@0.6.3-next.1

0.6.3-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.14.1-next.1
  • @backstage/errors@1.1.0-next.0
  • @backstage/plugin-auth-node@0.2.3-next.1
  • @backstage/plugin-permission-common@0.6.3-next.0

0.6.3-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.14.1-next.0
  • @backstage/plugin-auth-node@0.2.3-next.0

0.6.2

Patch Changes

• 58426f9c0f: Added a new endpoint for aggregating permission metadata from a plugin backend: /.well-known/backstage/permissions/metadata

  By default, the metadata endpoint will return information about the permission rules supported by the plugin. Plugin authors can also provide an optional permissions parameter to createPermissionIntegrationRouter. If provided, these Permission objects will be included in the metadata returned by this endpoint. The permissions parameter will eventually be required in a future breaking change.

• 8f7b1835df: Updated dependency msw to ^0.41.0.

• Updated dependencies
  • @backstage/backend-common@0.14.0
  • @backstage/plugin-auth-node@0.2.2
  • @backstage/plugin-permission-common@0.6.2

0.6.2-next.2

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.14.0-next.2
  • @backstage/plugin-auth-node@0.2.2-next.2

0.6.2-next.1

Patch Changes

• 8f7b1835df: Updated dependency msw to ^0.41.0.
• Updated dependencies
  • @backstage/backend-common@0.13.6-next.1
  • @backstage/plugin-auth-node@0.2.2-next.1
  • @backstage/plugin-permission-common@0.6.2-next.0

0.6.2-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.13.6-next.0
  • @backstage/plugin-auth-node@0.2.2-next.0

0.6.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.13.3
  • @backstage/config@1.0.1
  • @backstage/plugin-auth-node@0.2.1
  • @backstage/plugin-permission-common@0.6.1

0.6.1-next.1

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.13.3-next.2
  • @backstage/config@1.0.1-next.0
  • @backstage/plugin-auth-node@0.2.1-next.1
  • @backstage/plugin-permission-common@0.6.1-next.0

0.6.1-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.13.3-next.0
  • @backstage/plugin-auth-node@0.2.1-next.0

0.6.0

Minor Changes

• 8012ac46a0: BREAKING: Stronger typing in PermissionPolicy 🎉.

  Previously, it was entirely the responsibility of the PermissionPolicy author to only return CONDITIONAL decisions for permissions that are associated with a resource, and to return the correct kind of PermissionCondition instances inside the decision. Now, the policy authoring helpers provided in this package now ensure that the decision and permission match.

  For policy authors: rename and adjust api of createConditionExports. Previously, the function returned a factory for creating conditional decisions named createPolicyDecision, which had a couple of drawbacks:

  1. The function always creates a conditional policy decision, but this was not reflected in the name.
  2. Conditional decisions should only ever be returned from PermissionPolicy#handle for resource permissions, but there was nothing in the API that encoded this constraint.

  This change addresses the drawbacks above by making the following changes for policy authors:

  • The createPolicyDecision method has been renamed to createConditionalDecision.
  • Along with conditions, the method now accepts a permission, which must be a ResourcePermission. This is expected to be the handled permission in PermissionPolicy#handle, whose type must first be narrowed using methods like isPermission and isResourcePermission:

  class TestPermissionPolicy implements PermissionPolicy {
    async handle(
      request: PolicyQuery<Permission>,
      _user?: BackstageIdentityResponse,
    ): Promise<PolicyDecision> {
      if (
        // Narrow type of `request.permission` to `ResourcePermission<'catalog-entity'>
        isResourcePermission(request.permission, RESOURCE_TYPE_CATALOG_ENTITY)
      ) {
        return createCatalogConditionalDecision(
          request.permission,
          catalogConditions.isEntityOwner(
            _user?.identity.ownershipEntityRefs ?? [],
          ),
        );
      }
  
      return {
        result: AuthorizeResult.ALLOW,
      };

  BREAKING: when creating PermissionRules, provide a resourceType.

  export const isEntityOwner = createCatalogPermissionRule({
    name: 'IS_ENTITY_OWNER',
    description: 'Allow entities owned by the current user',
  +  resourceType: RESOURCE_TYPE_CATALOG_ENTITY,
    apply: (resource: Entity, claims: string[]) => {
      if (!resource.relations) {
        return false;
      }
  
      return resource.relations
        .filter(relation => relation.type === RELATION_OWNED_BY)
        .some(relation => claims.includes(relation.targetRef));
    },
    toQuery: (claims: string[]) => ({
      key: 'relations.ownedBy',
      values: claims,
    }),
  });

• c98d271466: BREAKING:

  • Rename PolicyAuthorizeQuery to PolicyQuery
  • Remove PolicyDecision, DefinitivePolicyDecision, and ConditionalPolicyDecision. These types are now exported from @backstage/plugin-permission-common

• 322b69e46a: BREAKING: ServerPermissionClient now implements PermissionEvaluator, which moves out the capabilities for evaluating conditional decisions from authorize() to authorizeConditional() method.

Patch Changes

• 90754d4fa9: Removed strict validation from PermissionCriteria schemas to support backward-compatible changes.
• 8012ac46a0: Fix signature of permission rule in test suites
• Updated dependencies
  • @backstage/plugin-permission-common@0.6.0
  • @backstage/plugin-auth-node@0.2.0
  • @backstage/backend-common@0.13.2

0.6.0-next.2

Minor Changes

• 322b69e46a: BREAKING: ServerPermissionClient now implements PermissionEvaluator, which moves out the capabilities for evaluating conditional decisions from authorize() to authorizeConditional() method.

Patch Changes

• Updated dependencies
  • @backstage/plugin-permission-common@0.6.0-next.1
  • @backstage/backend-common@0.13.2-next.2

0.6.0-next.1

Minor Changes

• 8012ac46a0: BREAKING: Stronger typing in PermissionPolicy 🎉.

  Previously, it was entirely the responsibility of the PermissionPolicy author to only return CONDITIONAL decisions for permissions that are associated with a resource, and to return the correct kind of PermissionCondition instances inside the decision. Now, the policy authoring helpers provided in this package now ensure that the decision and permission match.

  For policy authors: rename and adjust api of createConditionExports. Previously, the function returned a factory for creating conditional decisions named createPolicyDecision, which had a couple of drawbacks:

  1. The function always creates a conditional policy decision, but this was not reflected in the name.
  2. Conditional decisions should only ever be returned from PermissionPolicy#handle for resource permissions, but there was nothing in the API that encoded this constraint.

  This change addresses the drawbacks above by making the following changes for policy authors:

  • The createPolicyDecision method has been renamed to createConditionalDecision.
  • Along with conditions, the method now accepts a permission, which must be a ResourcePermission. This is expected to be the handled permission in PermissionPolicy#handle, whose type must first be narrowed using methods like isPermission and isResourcePermission:

  class TestPermissionPolicy implements PermissionPolicy {
    async handle(
      request: PolicyQuery<Permission>,
      _user?: BackstageIdentityResponse,
    ): Promise<PolicyDecision> {
      if (
        // Narrow type of `request.permission` to `ResourcePermission<'catalog-entity'>
        isResourcePermission(request.permission, RESOURCE_TYPE_CATALOG_ENTITY)
      ) {
        return createCatalogConditionalDecision(
          request.permission,
          catalogConditions.isEntityOwner(
            _user?.identity.ownershipEntityRefs ?? [],
          ),
        );
      }
  
      return {
        result: AuthorizeResult.ALLOW,
      };

  BREAKING: when creating PermissionRules, provide a resourceType.

  export const isEntityOwner = createCatalogPermissionRule({
    name: 'IS_ENTITY_OWNER',
    description: 'Allow entities owned by the current user',
  +  resourceType: RESOURCE_TYPE_CATALOG_ENTITY,
    apply: (resource: Entity, claims: string[]) => {
      if (!resource.relations) {
        return false;
      }
  
      return resource.relations
        .filter(relation => relation.type === RELATION_OWNED_BY)
        .some(relation => claims.includes(relation.targetRef));
    },
    toQuery: (claims: string[]) => ({
      key: 'relations.ownedBy',
      values: claims,
    }),
  });

• c98d271466: BREAKING:

  • Rename PolicyAuthorizeQuery to PolicyQuery
  • Remove PolicyDecision, DefinitivePolicyDecision, and ConditionalPolicyDecision. These types are now exported from @backstage/plugin-permission-common

Patch Changes

• 8012ac46a0: Fix signature of permission rule in test suites
• Updated dependencies
  • @backstage/plugin-permission-common@0.6.0-next.0
  • @backstage/backend-common@0.13.2-next.1

0.5.6-next.0

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-node@0.2.0-next.0
  • @backstage/backend-common@0.13.2-next.0

0.5.5

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.13.1
  • @backstage/config@1.0.0
  • @backstage/errors@1.0.0
  • @backstage/plugin-permission-common@0.5.3
  • @backstage/plugin-auth-node@0.1.6

0.5.4

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.13.0
  • @backstage/plugin-auth-node@0.1.5

0.5.4-next.0

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.13.0-next.0
  • @backstage/plugin-auth-node@0.1.5-next.0

0.5.3

Patch Changes

• 580f4e1df8: Export some utility functions for parsing PermissionCriteria

  isAndCriteria, isOrCriteria, isNotCriteria are now exported.

• Updated dependencies

  • @backstage/backend-common@0.12.0
  • @backstage/plugin-permission-common@0.5.2
  • @backstage/plugin-auth-node@0.1.4

0.5.2

Patch Changes

• 0816f8237a: Improved error message shown when permissions are enabled without backend-to-backend authentication.
• Updated dependencies
  • @backstage/backend-common@0.11.0
  • @backstage/plugin-auth-node@0.1.3

0.5.1

Patch Changes

• Fix for the previous release with missing type declarations.
• Updated dependencies
  • @backstage/backend-common@0.10.9
  • @backstage/config@0.1.15
  • @backstage/errors@0.2.2
  • @backstage/plugin-auth-node@0.1.2
  • @backstage/plugin-permission-common@0.5.1

0.5.0

Minor Changes

• 8c646beb24: BREAKING PermissionCriteria now requires at least one condition in anyOf and allOf arrays. This addresses some ambiguous behavior outlined in #9280.

Patch Changes

• c77c5c7eb6: Added backstage.role to package.json
• Updated dependencies
  • @backstage/backend-common@0.10.8
  • @backstage/errors@0.2.1
  • @backstage/plugin-auth-node@0.1.1
  • @backstage/plugin-permission-common@0.5.0
  • @backstage/config@0.1.14

0.4.3

Patch Changes

• Updated dependencies
  • @backstage/backend-common@0.10.7
  • @backstage/plugin-auth-node@0.1.0

0.4.3-next.0

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-backend@0.10.0-next.0
  • @backstage/backend-common@0.10.7-next.0

0.4.2

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-backend@0.9.0
  • @backstage/backend-common@0.10.6

0.4.2-next.1

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-backend@0.9.0-next.1
  • @backstage/backend-common@0.10.6-next.0

0.4.2-next.0

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-backend@0.9.0-next.0

0.4.1

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-backend@0.8.0
  • @backstage/backend-common@0.10.5

0.4.0

Minor Changes

• 0ae4f4cc82: BREAKING: PolicyAuthorizeRequest type has been renamed to PolicyAuthorizeQuery. BREAKING: Update to use renamed request and response types from @backstage/plugin-permission-common.

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-backend@0.7.0
  • @backstage/plugin-permission-common@0.4.0
  • @backstage/backend-common@0.10.4
  • @backstage/config@0.1.13

0.4.0-next.0

Minor Changes

• 0ae4f4cc82: BREAKING: PolicyAuthorizeRequest type has been renamed to PolicyAuthorizeQuery. BREAKING: Update to use renamed request and response types from @backstage/plugin-permission-common.

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-backend@0.7.0-next.0
  • @backstage/plugin-permission-common@0.4.0-next.0
  • @backstage/backend-common@0.10.4-next.0
  • @backstage/config@0.1.13-next.0

0.3.0

Minor Changes

• 419ca637c0: Optimizations to the integration between the permission backend and plugin-backends using createPermissionIntegrationRouter:

  • The permission backend already supported batched requests to authorize, but would make calls to plugin backend to apply conditions serially. Now, after applying the policy for each authorization request, the permission backend makes a single batched /apply-conditions request to each plugin backend referenced in policy decisions.
  • The getResource method accepted by createPermissionIntegrationRouter has been replaced with getResources, to allow consumers to make batch requests to upstream data stores. When /apply-conditions is called with a batch of requests, all required resources are requested in a single invocation of getResources.

  Plugin owners consuming createPermissionIntegrationRouter should replace the getResource method in the options with a getResources method, accepting an array of resourceRefs, and returning an array of the corresponding resources.

Patch Changes

• 9db1b86f32: Add helpers for creating PermissionRules with inferred types
• Updated dependencies
  • @backstage/config@0.1.12
  • @backstage/backend-common@0.10.3
  • @backstage/plugin-auth-backend@0.6.2
  • @backstage/errors@0.2.0
  • @backstage/plugin-permission-common@0.3.1

0.2.3

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-backend@0.6.0
  • @backstage/backend-common@0.10.1

0.2.2

Patch Changes

• 2f8a9b665f: Add ServerPermissionClient, which implements PermissionAuthorizer from @backstage/plugin-permission-common. This implementation skips authorization entirely when the supplied token is a valid backend-to-backend token, thereby allowing backend-to-backend systems to communicate without authorization.

  The ServerPermissionClient should always be used over the standard PermissionClient in plugin backends.

• Updated dependencies

  • @backstage/backend-common@0.10.0
  • @backstage/plugin-auth-backend@0.5.2
  • @backstage/plugin-permission-common@0.3.0

0.2.1

Patch Changes

• dcd1a0c3f4: Minor improvement to the API reports, by not unpacking arguments directly

• a036b65c2f: Updated to use the new BackstageIdentityResponse type from @backstage/plugin-auth-backend.

  The BackstageIdentityResponse type is backwards compatible with the BackstageIdentity, and provides an additional identity field with the claims of the user.

• Updated dependencies

  • @backstage/plugin-auth-backend@0.5.0

0.2.0

Minor Changes

• e7851efa9e: Rename and adjust permission policy return type to reduce nesting
• 450ca92330: Change route used for integration between the authorization framework and other plugin backends to use the /.well-known prefix.

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-backend@0.4.10

0.1.0

Minor Changes

• 44b46644d9: New package containing common permission and authorization utilities for backend plugins. For more information, see the authorization PRFC.

Patch Changes

• Updated dependencies
  • @backstage/plugin-auth-backend@0.4.9
  • @backstage/plugin-permission-common@0.2.0