Bump github.com/hashicorp/vault/api from 1.2.0 to 1.3.0 #42

Merged
dependabot[bot] merged 1 commits from dependabot/go_modules/github.com/hashicorp/vault/api-1.3.0 into master 2021-10-29 14:53:01 +03:00
dependabot[bot] commented 2021-10-29 11:27:24 +03:00 (Migrated from github.com)

Bumps github.com/hashicorp/vault/api from 1.2.0 to 1.3.0.

Changelog

Sourced from github.com/hashicorp/vault/api's changelog.

1.9.0

Unreleased

CHANGES:

  • ui: replaces Vault's use of elazarl/go-bindata-assetfs in building the UI with Go's native Embed package [GH-11208]

FEATURES:

  • Key Management Secrets Engine (Enterprise): Adds support for distributing and managing keys in GCP Cloud KMS. [GH-2158]
  • auth/kubernetes: Add ability to configure entity alias names based on the serviceaccount's namespace and name. #110 #112 [GH-12633]
  • auth/token: Add allowed_policies_glob and disallowed_policies_glob fields to token roles to allow glob matching of policies [GH-7277]
  • core: adds custom_metadata field for aliases [GH-12502]
  • secrets/kv: Add ability to specify version-agnostic custom key metadata [GH-12218]
  • ui: Add custom metadata to KV secret engine and metadata to config [GH-12169]
  • ui: Creates new StatText component [GH-12295]
  • ui: client count monthly view [GH-12554]
  • ui: creates bar chart component for displaying client count data by namespace [GH-12437]

IMPROVEMENTS:

  • agent/template: add support for new 'writeToFile' template function [GH-12505]
  • auth/approle: expose secret_id_accessor as WrappedAccessor when creating wrapped secret-id. [GH-12425]
  • auth/okta: Send x-forwarded-for in Okta Push Factor request [GH-12320]
  • core/token: Return the token_no_default_policy config on token role read if set [GH-12565]
  • core: Update github.com/ulikunitz/xz to fix security vulnerability GHSA-25xm-hr59-7c27. [GH-12253]
  • core: Upgrade github.com/gogo/protobuf [GH-12255]
  • core: observe the client counts broken down by namespace for partial month client count [GH-12393]
  • identity: fix issue where Cache-Control header causes stampede of requests for JWKS keys [GH-12414]
  • pki: adds signature_bits field to customize signature algorithm on CAs and certs signed by Vault [GH-11245]
  • plugin: update the couchbase gocb version in the couchbase plugin [GH-12483]
  • replication (enterprise): Add merkle.flushDirty.num_pages_outstanding metric which specifies number of outstanding dirty pages that were not flushed. [GH-2093]
  • secrets/aws: Add conditional template that allows custom usernames for both STS and IAM cases [GH-12185]
  • secrets/pki: Allow signing of self-issued certs with a different signature algorithm. [GH-12514]
  • secrets/pki: Use entropy augmentation when available when generating root and intermediate CA key material. [GH-12559]
  • secrets/ssh: Use entropy augmentation when available for generation of the signing key. [GH-12560]
  • serviceregistration: add external-source: "vault" metadata value for Consul registration. [GH-12163]
  • storage/raft: Best-effort handling of cancelled contexts. [GH-12162]
  • ui: Add creation time to KV 2 version history and version view [GH-12663]
  • ui: namespace search in client count views [GH-12577]
  • ui: updated client tracking config view [GH-12422]

BUG FIXES:

  • agent: Avoid possible unexpected fault address panic when using persistent cache. [GH-12534]
  • api: Fixes storage APIs returning incorrect error when parsing responses [GH-12338]
  • auth/aws: Fix ec2 auth on instances that have a cert in their PKCS7 signature [GH-12519]
  • auth/aws: Fixes ec2 login no longer supporting DSA signature verification [GH-12340]
  • auth/jwt: Fixes OIDC auth from the Vault UI when using form_post as the oidc_response_mode. [GH-12265]

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.2.0 to 1.3.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/hashicorp/vault/blob/main/CHANGELOG.md">github.com/hashicorp/vault/api's changelog</a>.</em></p> <blockquote> <h2>1.9.0</h2> <h3>Unreleased</h3> <p>CHANGES:</p> <ul> <li>ui: replaces Vault's use of elazarl/go-bindata-assetfs in building the UI with Go's native Embed package [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/11208">GH-11208</a>]</li> </ul> <p>FEATURES:</p> <ul> <li><strong>Key Management Secrets Engine (Enterprise)</strong>: Adds support for distributing and managing keys in GCP Cloud KMS. [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/2158">GH-2158</a>]</li> <li>auth/kubernetes: Add ability to configure entity alias names based on the serviceaccount's namespace and name. <a href="https://github-redirect.dependabot.com/hashicorp/vault-plugin-auth-kubernetes/pull/110">#110</a> <a href="https://github-redirect.dependabot.com/hashicorp/vault-plugin-auth-kubernetes/pull/112">#112</a> [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12633">GH-12633</a>]</li> <li>auth/token: Add <code>allowed_policies_glob</code> and <code>disallowed_policies_glob</code> fields to token roles to allow glob matching of policies [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/7277">GH-7277</a>]</li> <li>core: adds custom_metadata field for aliases [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12502">GH-12502</a>]</li> <li>secrets/kv: Add ability to specify version-agnostic custom key metadata [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12218">GH-12218</a>]</li> <li>ui: Add custom metadata to KV secret engine and metadata to config [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12169">GH-12169</a>]</li> <li>ui: Creates new StatText component [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12295">GH-12295</a>]</li> <li>ui: client count monthly view [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12554">GH-12554</a>]</li> <li>ui: creates bar chart component for displaying client count data by namespace [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12437">GH-12437</a>]</li> </ul> <p>IMPROVEMENTS:</p> <ul> <li>agent/template: add support for new 'writeToFile' template function [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12505">GH-12505</a>]</li> <li>auth/approle: expose secret_id_accessor as WrappedAccessor when creating wrapped secret-id. [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12425">GH-12425</a>]</li> <li>auth/okta: Send x-forwarded-for in Okta Push Factor request [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12320">GH-12320</a>]</li> <li>core/token: Return the token_no_default_policy config on token role read if set [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12565">GH-12565</a>]</li> <li>core: Update github.com/ulikunitz/xz to fix security vulnerability GHSA-25xm-hr59-7c27. [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12253">GH-12253</a>]</li> <li>core: Upgrade github.com/gogo/protobuf [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12255">GH-12255</a>]</li> <li>core: observe the client counts broken down by namespace for partial month client count [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12393">GH-12393</a>]</li> <li>identity: fix issue where Cache-Control header causes stampede of requests for JWKS keys [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12414">GH-12414</a>]</li> <li>pki: adds signature_bits field to customize signature algorithm on CAs and certs signed by Vault [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/11245">GH-11245</a>]</li> <li>plugin: update the couchbase gocb version in the couchbase plugin [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12483">GH-12483</a>]</li> <li>replication (enterprise): Add merkle.flushDirty.num_pages_outstanding metric which specifies number of outstanding dirty pages that were not flushed. [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/2093">GH-2093</a>]</li> <li>secrets/aws: Add conditional template that allows custom usernames for both STS and IAM cases [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12185">GH-12185</a>]</li> <li>secrets/pki: Allow signing of self-issued certs with a different signature algorithm. [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12514">GH-12514</a>]</li> <li>secrets/pki: Use entropy augmentation when available when generating root and intermediate CA key material. [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12559">GH-12559</a>]</li> <li>secrets/ssh: Use entropy augmentation when available for generation of the signing key. [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12560">GH-12560</a>]</li> <li>serviceregistration: add <code>external-source: &quot;vault&quot;</code> metadata value for Consul registration. [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12163">GH-12163</a>]</li> <li>storage/raft: Best-effort handling of cancelled contexts. [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12162">GH-12162</a>]</li> <li>ui: Add creation time to KV 2 version history and version view [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12663">GH-12663</a>]</li> <li>ui: namespace search in client count views [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12577">GH-12577</a>]</li> <li>ui: updated client tracking config view [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12422">GH-12422</a>]</li> </ul> <p>BUG FIXES:</p> <ul> <li>agent: Avoid possible <code>unexpected fault address</code> panic when using persistent cache. [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12534">GH-12534</a>]</li> <li>api: Fixes storage APIs returning incorrect error when parsing responses [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12338">GH-12338</a>]</li> <li>auth/aws: Fix ec2 auth on instances that have a cert in their PKCS7 signature [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12519">GH-12519</a>]</li> <li>auth/aws: Fixes ec2 login no longer supporting DSA signature verification [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12340">GH-12340</a>]</li> <li>auth/jwt: Fixes OIDC auth from the Vault UI when using <code>form_post</code> as the <code>oidc_response_mode</code>. [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/12265">GH-12265</a>]</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/hashicorp/vault/commit/0f5c835d1cf91c00d01cb29a0048732d91357afa"><code>0f5c835</code></a> release: stage v1.3.0</li> <li><a href="https://github.com/hashicorp/vault/commit/75612d43e996a7f7c268c5e43a96616467f05387"><code>75612d4</code></a> Merge branch 'master' into release/1.3.x</li> <li><a href="https://github.com/hashicorp/vault/commit/279596ac80d2dbbef51f87e5805415ba3f7b034d"><code>279596a</code></a> Update GCP secrets plugin (<a href="https://github-redirect.dependabot.com/hashicorp/vault/issues/7869">#7869</a>)</li> <li><a href="https://github.com/hashicorp/vault/commit/eac55bae1142f7786b2ed880d3e2051584fe331b"><code>eac55ba</code></a> Reindex docs (<a href="https://github-redirect.dependabot.com/hashicorp/vault/issues/7868">#7868</a>)</li> <li><a href="https://github.com/hashicorp/vault/commit/45eb7961851f5a6254ff31b5018c2e5acaa34a60"><code>45eb796</code></a> Improve telemetry docs (<a href="https://github-redirect.dependabot.com/hashicorp/vault/issues/7762">#7762</a>)</li> <li><a href="https://github.com/hashicorp/vault/commit/ec62abb9514323c2de5768adb0cdabc9fa108588"><code>ec62abb</code></a> Update how Vault Agent configures Consul Templates internal logger (<a href="https://github-redirect.dependabot.com/hashicorp/vault/issues/7822">#7822</a>)</li> <li><a href="https://github.com/hashicorp/vault/commit/977c65f7300f6ae5e510bb871dbf59bb94df8f58"><code>977c65f</code></a> Fix token counters test (<a href="https://github-redirect.dependabot.com/hashicorp/vault/issues/7867">#7867</a>)</li> <li><a href="https://github.com/hashicorp/vault/commit/dc1c9c7db1a78155bc09ae22c3fc291d38c0f38f"><code>dc1c9c7</code></a> Fix indefinitely hanging agent test (<a href="https://github-redirect.dependabot.com/hashicorp/vault/issues/7866">#7866</a>)</li> <li><a href="https://github.com/hashicorp/vault/commit/8f1e9dff5d475a6eb6822fbea013a22443347f27"><code>8f1e9df</code></a> Backport OSS changes from enterprise (<a href="https://github-redirect.dependabot.com/hashicorp/vault/issues/7864">#7864</a>)</li> <li><a href="https://github.com/hashicorp/vault/commit/559a00ff16e4f5b0e675764cd241df96ec0ff3a5"><code>559a00f</code></a> ci: increase no-output timeout</li> <li>Additional commits viewable in <a href="https://github.com/hashicorp/vault/compare/v1.2.0...v1.3.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/hashicorp/vault/api&package-manager=go_modules&previous-version=1.2.0&new-version=1.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
vtolstov (Migrated from github.com) approved these changes 2021-10-29 11:27:42 +03:00
Sign in to join this conversation.
No reviewers
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: unistack-org/micro-config-vault#42
No description provided.