unistack-org/micro-config-vault
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases 27 Wiki Activity

Bump github.com/hashicorp/vault/api from 1.3.1 to 1.4.1 #62

Closed
dependabot[bot] wants to merge 1 commits from dependabot/go_modules/github.com/hashicorp/vault/api-1.4.1 into v3
pull from: dependabot/go_modules/github.com/hashicorp/vault/api-1.4.1
merge into: unistack-org:v3
Conversation 4 Commits 1 Files Changed 2 +5 -5
dependabot[bot] commented 2022-02-28 11:21:45 +03:00 (Migrated from github.com)
Copy Link

Bumps github.com/hashicorp/vault/api from 1.3.1 to 1.4.1.

Changelog

Sourced from github.com/hashicorp/vault/api's changelog.

1.4.1 (April 30th, 2020)

CHANGES:

  • auth/aws: The default set of metadata fields added in 1.4.1 has been changed to account_id and auth_type [GH-8783]
  • storage/raft: Disallow ha_storage to be specified if raft is set as the storage type. [GH-8707]

IMPROVEMENTS:

  • auth/aws: The set of metadata stored during login is now configurable [GH-8783]
  • auth/aws: Improve region selection to avoid errors seen if the account hasn't enabled some newer AWS regions [GH-8679]
  • auth/azure: Enable login from Azure VMs with user-assigned identities [GH-33]
  • auth/gcp: The set of metadata stored during login is now configurable [GH-92]
  • auth/gcp: The type of alias name used during login is now configurable [GH-95]
  • auth/ldap: Improve error messages during LDAP operation failures [GH-8740]
  • identity: Add a batch delete API for identity entities [GH-8785](hashicorp/vault#8785)
  • identity: Improve performance of logins when no group updates are needed [GH-8795](hashicorp/vault#8795)
  • metrics: Add vault.identity.num_entities metric [GH-8816](hashicorp/vault#8816)
  • secrets/kv: Allow delete-version-after to be reset to 0 via the CLI [GH-8635]
  • secrets/rabbitmq: Improve error handling and reporting [GH-8619]
  • ui: Provide One Time Password during Operation Token generation process [GH-8630](hashicorp/vault#8630)

BUG FIXES:

  • auth/okta: Fix MFA regression (introduced in GH-8143) from 1.4.0 [GH-8807]
  • auth/userpass: Fix upgrade value for token_bound_cidrs being ignored due to incorrect key provided [GH-8826]
  • config/seal: Fix segfault when seal block is removed [GH-8517]
  • core: Fix an issue where users attempting to build Vault could receive Go module checksum errors [GH-8770]
  • core: Fix blocked requests if a SIGHUP is issued during a long-running request has the state lock held. Also fixes deadlock that can happen if vault debug with the config target is ran during this time. [GH-8755]
  • core: Always rewrite the .vault-token file as part of a vault login to ensure permissions and ownership are set correctly [GH-8867]
  • database/mongodb: Fix context deadline error that may result due to retry attempts on failed commands [GH-8863]
  • http: Fix superflous call messages from the http package on logs caused by missing returns after respondError calls [GH-8796]
  • namespace (enterprise): Fix namespace listing to return key_info when a scoping namespace is also provided.
  • seal/gcpkms: Fix panic that could occur if all seal parameters were provided via environment variables [GH-8840]
  • storage/raft: Fix memory allocation and incorrect metadata tracking issues with snapshots [GH-8793]
  • storage/raft: Fix panic that could occur if disable_clustering was set to true on Raft storage cluster [GH-8784]
  • storage/raft: Handle errors returned from the API during snapshot operations [GH-8861]
  • sys/wrapping: Allow unwrapping of wrapping tokens which contain nil data [GH-8714]

1.4.0 (April 7th, 2020)

CHANGES:

  • cli: The raft configuration command has been renamed to list-peers to avoid confusion.

... (truncated)

Commits
  • b2b4ab9 release: stage v1.4.1
  • cb1f373 Merge branch 'release/1.4.x' into rel-1.4.1
  • b4bcaae Fix Makefile
  • 5f0fff3 Merge branch 'release/1.4.x' into rel-1.4.1
  • 51ac267 Makefile: add goimports to CI tools
  • a550fab update GO_VERSION to 1.13.10
  • 123e142 release: stage v1.4.1
  • 216a826 go mod vendor
  • cf1a1cd update go.mod to use sdk version 1.4.1
  • 29fce8f update sdk version to 1.4.1
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.3.1 to 1.4.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/hashicorp/vault/blob/main/CHANGELOG.md">github.com/hashicorp/vault/api's changelog</a>.</em></p> <blockquote> <h2>1.4.1 (April 30th, 2020)</h2> <p>CHANGES:</p> <ul> <li>auth/aws: The default set of metadata fields added in 1.4.1 has been changed to <code>account_id</code> and <code>auth_type</code> [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8783">GH-8783</a>]</li> <li>storage/raft: Disallow <code>ha_storage</code> to be specified if <code>raft</code> is set as the <code>storage</code> type. [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8707">GH-8707</a>]</li> </ul> <p>IMPROVEMENTS:</p> <ul> <li>auth/aws: The set of metadata stored during login is now configurable [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8783">GH-8783</a>]</li> <li>auth/aws: Improve region selection to avoid errors seen if the account hasn't enabled some newer AWS regions [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8679">GH-8679</a>]</li> <li>auth/azure: Enable login from Azure VMs with user-assigned identities [<a href="https://github-redirect.dependabot.com/hashicorp/vault-plugin-auth-azure/pull/33">GH-33</a>]</li> <li>auth/gcp: The set of metadata stored during login is now configurable [<a href="https://github-redirect.dependabot.com/hashicorp/vault-plugin-auth-gcp/pull/92">GH-92</a>]</li> <li>auth/gcp: The type of alias name used during login is now configurable [<a href="https://github-redirect.dependabot.com/hashicorp/vault-plugin-auth-gcp/pull/95">GH-95</a>]</li> <li>auth/ldap: Improve error messages during LDAP operation failures [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8740">GH-8740</a>]</li> <li>identity: Add a batch delete API for identity entities [<a href="https://github-redirect.dependabot.com/hashicorp/vault/issues/8785">GH-8785</a>](<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8785">hashicorp/vault#8785</a>)</li> <li>identity: Improve performance of logins when no group updates are needed [<a href="https://github-redirect.dependabot.com/hashicorp/vault/issues/8795">GH-8795</a>](<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8795">hashicorp/vault#8795</a>)</li> <li>metrics: Add <code>vault.identity.num_entities</code> metric [<a href="https://github-redirect.dependabot.com/hashicorp/vault/issues/8816">GH-8816</a>](<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8816">hashicorp/vault#8816</a>)</li> <li>secrets/kv: Allow <code>delete-version-after</code> to be reset to 0 via the CLI [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8635">GH-8635</a>]</li> <li>secrets/rabbitmq: Improve error handling and reporting [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8619">GH-8619</a>]</li> <li>ui: Provide One Time Password during Operation Token generation process [<a href="https://github-redirect.dependabot.com/hashicorp/vault/issues/8630">GH-8630</a>](<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8630">hashicorp/vault#8630</a>)</li> </ul> <p>BUG FIXES:</p> <ul> <li>auth/okta: Fix MFA regression (introduced in <a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8143">GH-8143</a>) from 1.4.0 [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8807">GH-8807</a>]</li> <li>auth/userpass: Fix upgrade value for <code>token_bound_cidrs</code> being ignored due to incorrect key provided [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8826/files">GH-8826</a>]</li> <li>config/seal: Fix segfault when seal block is removed [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8517">GH-8517</a>]</li> <li>core: Fix an issue where users attempting to build Vault could receive Go module checksum errors [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8770">GH-8770</a>]</li> <li>core: Fix blocked requests if a SIGHUP is issued during a long-running request has the state lock held. Also fixes deadlock that can happen if <code>vault debug</code> with the config target is ran during this time. [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8755">GH-8755</a>]</li> <li>core: Always rewrite the .vault-token file as part of a <code>vault login</code> to ensure permissions and ownership are set correctly [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8867">GH-8867</a>]</li> <li>database/mongodb: Fix context deadline error that may result due to retry attempts on failed commands [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8863">GH-8863</a>]</li> <li>http: Fix superflous call messages from the http package on logs caused by missing returns after <code>respondError</code> calls [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8796">GH-8796</a>]</li> <li>namespace (enterprise): Fix namespace listing to return <code>key_info</code> when a scoping namespace is also provided.</li> <li>seal/gcpkms: Fix panic that could occur if all seal parameters were provided via environment variables [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8840">GH-8840</a>]</li> <li>storage/raft: Fix memory allocation and incorrect metadata tracking issues with snapshots [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8793">GH-8793</a>]</li> <li>storage/raft: Fix panic that could occur if <code>disable_clustering</code> was set to true on Raft storage cluster [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8784">GH-8784</a>]</li> <li>storage/raft: Handle errors returned from the API during snapshot operations [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8861">GH-8861</a>]</li> <li>sys/wrapping: Allow unwrapping of wrapping tokens which contain nil data [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/8714">GH-8714</a>]</li> </ul> <h2>1.4.0 (April 7th, 2020)</h2> <p>CHANGES:</p> <ul> <li>cli: The raft configuration command has been renamed to list-peers to avoid confusion.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/hashicorp/vault/commit/b2b4ab9577e413b00d9b727e2c3f465561bd38bd"><code>b2b4ab9</code></a> release: stage v1.4.1</li> <li><a href="https://github.com/hashicorp/vault/commit/cb1f37322de8ba96fab84d2c2546fa29766deab5"><code>cb1f373</code></a> Merge branch 'release/1.4.x' into rel-1.4.1</li> <li><a href="https://github.com/hashicorp/vault/commit/b4bcaae2c75624522396fd62e278487c3a44c9f7"><code>b4bcaae</code></a> Fix Makefile</li> <li><a href="https://github.com/hashicorp/vault/commit/5f0fff3b0f856753ffa2d277f82c62025dc98381"><code>5f0fff3</code></a> Merge branch 'release/1.4.x' into rel-1.4.1</li> <li><a href="https://github.com/hashicorp/vault/commit/51ac267fb4e96eaba789aa5aa695d8f90375fd93"><code>51ac267</code></a> Makefile: add goimports to CI tools</li> <li><a href="https://github.com/hashicorp/vault/commit/a550fab37108dbfc41eb871b511ae5ee2d642e5a"><code>a550fab</code></a> update GO_VERSION to 1.13.10</li> <li><a href="https://github.com/hashicorp/vault/commit/123e14220c2da119c9c49066914eb062d6e01486"><code>123e142</code></a> release: stage v1.4.1</li> <li><a href="https://github.com/hashicorp/vault/commit/216a826781638cf440c5b64d1fbbe7f8bde04c8a"><code>216a826</code></a> go mod vendor</li> <li><a href="https://github.com/hashicorp/vault/commit/cf1a1cd96a7159be630081f0ee79f0ddb57a5f11"><code>cf1a1cd</code></a> update go.mod to use sdk version 1.4.1</li> <li><a href="https://github.com/hashicorp/vault/commit/29fce8f27ce405107d0786351455ea01c82b30fd"><code>29fce8f</code></a> update sdk version to 1.4.1</li> <li>Additional commits viewable in <a href="https://github.com/hashicorp/vault/compare/v1.3.1...v1.4.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/hashicorp/vault/api&package-manager=go_modules&previous-version=1.3.1&new-version=1.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
vtolstov (Migrated from github.com) reviewed 2022-02-28 11:22:03 +03:00
github-actions[bot] (Migrated from github.com) reviewed 2022-03-05 19:10:13 +03:00
github-actions[bot] (Migrated from github.com) approved these changes 2022-03-07 12:53:55 +03:00
dependabot[bot] commented 2022-03-07 13:49:50 +03:00 (Migrated from github.com)
Copy Link

Looks like github.com/hashicorp/vault/api is up-to-date now, so this is no longer needed.

Looks like github.com/hashicorp/vault/api is up-to-date now, so this is no longer needed.

Pull request closed

This pull request cannot be reopened because the branch was deleted.
Sign in to join this conversation.
Reviewers
No Reviewers
github-actions[bot]
Labels
Clear labels
Kind/Breaking
Breaking change that won't be backward compatible
Kind/Bug
Something is not working
Kind/Documentation
Documentation changes
Kind/Enhancement
Improve existing functionality
Kind/Feature
New functionality
Kind/Security
This is security issue
Kind/Testing
Issue or pull request related to testing
Priority
Critical
The priority is critical
Priority
High
The priority is high
Priority
Low
The priority is low
Priority
Medium
The priority is medium
Reviewed
Confirmed
Issue has been confirmed
Reviewed
Duplicate
This issue or pull request already exists
Reviewed
Invalid
Invalid issue
Reviewed
Won't Fix
This issue won't be fixed
Status
Abandoned
Somebody has started to work on this but abandoned work
Status
Blocked
Something is blocking this issue or pull request
Status
Need More Info
Feedback is required to reproduce issue or to continue work
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: unistack-org/micro-config-vault#62
No description provided.
Delete Branch "dependabot/go_modules/github.com/hashicorp/vault/api-1.4.1"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?