Kamu

Added
- Increased test coverage of the code responsible for access checks
Changed
- Restructured responsibilities between core and dataset domains upon key dataset CRUD use cases:
- 8 use cases moved from `core` to `kamu-datasets` domain
- no longer using outbox for "Renamed" and "DependenciesUpdated" events in datasets,
these became internal aspect inside `kamu-datasets` domain
- simplified creation and commit result structures as they no longer transport new dependencies
- revised many integration tests:
- flow system no longer uses real datasets
- HTTP and GQL use real accounts and dataset entries
- Moved several account-related routines from `AuthenticationService` to `AccountService`,
the authentication services has focus only on JWT token and login flows
- Upgraded to `datafusion v45` (1063)
Fixed
- GQL metadata query now correctly returns dataset aliases for `SetTransform` event in multi-tenant mode
- Handle panic errors in `kamu inspect lineage -- browse` command
- Improved result messages for `kamu system diagnose` command

Added
- New `AccessTokenLifecycleMessage` outbox message which produced during access token creation
Changed
- `kamu pull` command now can be called with passing `<remote_repo>/<dataset_name>` arg
and pull url will be combined automatically

Fixed
- Private Datasets:
- Validation `SetTransform` event (input datasets): IDs are used for accessibility checks.
Aliases are used only to generate an error message.
- `OsoDatasetAuthorizer`: readiness to handle duplicates when filtering

Added
- GQL support to query and update email on the currently logged account
- Account registration sends `AccountLifecycleEvent` to `Outbox`
Changed
- Emails are mandatory for Kamu accounts now:
- predefined users need to specify an email in config
- predefined users are auto-synced at startup in case they existed before
- GitHub users are queried for primary verified email, even if it is not public
- migration code for the database existing users

Changed
- Private Datasets:
- GQL, `DatasetFlowRunsMut::trigger_flow()`: added check of input datasets for accessibility for `ExecuteTransform`
- GQL, `TransformInput::input_dataset()`: dataset may not be accessible
- GQL, `MetadataChainMut::commit_event`: added check of dataset inputs for availability for `SetTransform`
- HTTP: added access check for the dataset router (`DatasetAuthorizationMiddleware`), affected:
- `POST /{dataset}/ingest`
- `GET /{dataset}/metadata`
- `GET /{dataset}/tail`
- HTTP, `GET /datasets/{id}`: access check corrected
- HTTP: replaced access errors with not found errors
- CLI, `kamu pull`: replaced access errors with not found errors
- Continued work on use cases extracting:
- `ViewDatasetUseCase`
- `EditDatasetUseCase`
- `GetDatasetDownstreamDependenciesUseCaseImpl`
- `GetDatasetUpstreamDependenciesUseCaseImpl`

Added
- Reusable static database migrators