Joseph Schorr

(Very rough) outline of tasks if `this` were to be added: - [x] Determine keyword to use. - [x] Ensure the keyword is not being used in any relation, type...

@gonzalad would it be sufficient to be able to check for the *same* permission on different object IDs, or do you need different object types + permissions as well?

@gonzalad Okay. Supporting batch checks of multiple objects for the *same* permission will be doable from an internal perspective after https://github.com/authzed/spicedb/pull/777 is merged; I suppose we could look into a...

@stanislavprokopov As @jonwhitty mentioned, embedding as a library does lose a significant amount of value. Would you be able to expand upon your use case for SpiceDB as a library?...

@stanislavprokopov Yeah, it is sort of supported already. In fact, the SpiceDB's developer API basically uses SpiceDB as a library, since it sets up and tears down the entire context...

@jzelinskie Yep, hence why the idea to discuss to the changes necessary to externalize to support the use cases, once we have a better idea of them

@stanislavprokopov You're not giving the correct revision (`AtRevision`) to the Check, so it is using a cache which wasn't yet updated. I should add I only pointed to the developer...

@cyphar True, but on the flip side blobs are uploaded before the manifests and descriptors are pushed. Quay has its own defined limits on blob sizes (configurable for our end...

@brendandburns, @stevvooe: Speaking just from the perspective of the registry, as @philips alluded to, we've considered the idea of "white labeling" via CNAME for some time. The original goal was...

@glyn Because it can still be used by bad actors as an attack, even without cyclic references; just generate a tree of depth 1 million.