chore(release): v0.7.12

[SoulPancake]

Description

What problem is being solved?

How is it being solved?

What changes are made to solve it?

References

closes #653

Review Checklist

• I have clicked on "allow edits by maintainers".
• I have added documentation for new/changed functionality in this PR or in a PR to openfga.dev [Provide a link to any relevant PRs in the references section above]
• The correct base branch is being used, if not main
• I have added tests to validate that the change in functionality is working as expected

Summary by CodeRabbit

• Chores
  • Updated changelog documentation for version 0.7.12 with dependency updates noted.

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: d00b531a-7775-4a57-a4ce-a71ae5976034

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

Walkthrough

Updated CHANGELOG.md by adding release version 0.7.12 dated 2026-03-23 with dependency update notes and updated comparison links for versions 0.7.12, 0.7.11, and 0.7.10.

Changes

Cohort / File(s)	Summary
Changelog Update CHANGELOG.md	Added new release entry for version 0.7.12 with maintenance section noting dependency updates; updated GitHub comparison links for version navigation.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• release: v0.7.4 #563: Both PRs update CHANGELOG.md release entries and adjust compare/anchor links by introducing a new version entry.
• release: v0.7.6 #596: Both PRs make analogous edits to CHANGELOG.md by adding a new release entry and updating comparison links for a version bump.

Suggested reviewers

• rhamzeh
• ewanharris

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Title check	✅ Passed	The PR title 'chore(release): v0.7.12' directly aligns with the changeset, which updates CHANGELOG.md with a new release entry for version 0.7.12.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch release/v0.7.12

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

Adds the v0.7.12 release entry to the changelog for the OpenFGA CLI repository.

Changes:

• Added a new 0.7.12 changelog section dated 2026-03-23.
• Added the [0.7.12] GitHub compare link reference.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

CHANGELOG.md (1)

12-13: Consider adding more specific details about dependency updates.

The changelog entry states "dependency updates" but doesn't specify which dependencies were updated, their new versions, or the reason for the updates (e.g., security fixes, new features, bug fixes). More specific information would help users understand the impact of this release.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@CHANGELOG.md` around lines 12 - 13, Update the "Maintenance: - dependency
updates" changelog entry to list each updated dependency and its new version and
a short reason; replace the vague line "dependency updates" with explicit
bullets like the package name (e.g., react, express, lodash), the bumped
version, and a one‑sentence rationale (security fix, bugfix, compatibility,
performance) and include links or PR/issue numbers where applicable so readers
can trace the changes; keep the existing changelog format and tone when editing
the "Maintenance" section.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@CHANGELOG.md`:
- Line 390: Update the "[Unreleased]" comparison link that currently reads
"https://github.com/openfga/cli/compare/v0.7.9...HEAD" to use the new release
tag "v0.7.12" instead of "v0.7.9"; locate the line containing the literal
"[Unreleased]: https://github.com/openfga/cli/compare/v0.7.9...HEAD" in
CHANGELOG.md and replace the version segment so it becomes "[Unreleased]:
https://github.com/openfga/cli/compare/v0.7.12...HEAD".

---

Nitpick comments:
In `@CHANGELOG.md`:
- Around line 12-13: Update the "Maintenance: - dependency updates" changelog
entry to list each updated dependency and its new version and a short reason;
replace the vague line "dependency updates" with explicit bullets like the
package name (e.g., react, express, lodash), the bumped version, and a
one‑sentence rationale (security fix, bugfix, compatibility, performance) and
include links or PR/issue numbers where applicable so readers can trace the
changes; keep the existing changelog format and tone when editing the
"Maintenance" section.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 21192d65-d5fb-44f1-9938-129adcc61ddb

📥 Commits

Reviewing files that changed from the base of the PR and between bc99265 and b951548.

📒 Files selected for processing (1)

• CHANGELOG.md

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	github.com/​openfga/​openfga@​v1.12.1 ⏵ v1.13.0	-2
	github.com/​openfga/​api/​proto@​v0.0.0-20260122164422-25e22cb1875b ⏵ v0.0.0-20260319214821-f153694bfc20	-2

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		License policy violation: golang github.com/openfga/openfga under MPL-2.0 License: MPL-2.0 - the applicable license policy does not allow this license (4) (NOTICE) License: MPL-2.0 - the applicable license policy does not allow this license (4) (NOTICE) From: go.mod → golang/github.com/openfga/openfga@v1.13.0 ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore golang/github.com/openfga/openfga@v1.13.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report