vault-plugin-secrets-gitlab icon indicating copy to clipboard operation
vault-plugin-secrets-gitlab copied to clipboard
verified publisher icon splunk

Bump github.com/hashicorp/vault/api from 1.5.0 to 1.9.2

Open dependabot[bot] opened this issue 2 years ago • 1 comments

Bumps github.com/hashicorp/vault/api from 1.5.0 to 1.9.2.

Release notes

Sourced from github.com/hashicorp/vault/api's releases.

v1.9.2

1.9.2

December 21, 2021

CHANGES:

  • go: Update go version to 1.17.5 [GH-13408]

IMPROVEMENTS:

  • auth/jwt: The Authorization Code flow makes use of the Proof Key for Code Exchange (PKCE) extension. [GH-13365]

BUG FIXES:

  • ui: Fix client count current month data not showing unless monthly history data exists [GH-13396]

v1.9.1

1.9.1

December 9, 2021

IMPROVEMENTS:

  • storage/aerospike: Upgrade aerospike-client-go to v5.6.0. [GH-12165]

BUG FIXES:

  • auth/approle: Fix regression where unset cidrlist is returned as nil instead of zero-length array. [GH-13235]
  • ha (enterprise): Prevents performance standby nodes from serving and caching stale data immediately after performance standby election completes
  • http:Fix /sys/monitor endpoint returning streaming not supported [GH-13200]
  • identity/oidc: Make the nonce parameter optional for the Authorization Endpoint of OIDC providers. [GH-13231]
  • identity: Fixes a panic in the OIDC key rotation due to a missing nil check. [GH-13298]
  • sdk/queue: move lock before length check to prevent panics. [GH-13146]
  • secrets/azure: Fixes service principal generation when assigning roles that have DataActions. [GH-13277]
  • secrets/pki: Recognize ed25519 when requesting a response in PKCS8 format [GH-13257]
  • storage/raft: Fix a panic when trying to store a key > 32KB in a transaction. [GH-13286]
  • storage/raft: Fix a panic when trying to write a key > 32KB [GH-13282]
  • ui: Do not show verify connection value on database connection config page [GH-13152]
  • ui: Fixes issue restoring raft storage snapshot [GH-13107]
  • ui: Fixes issue with OIDC auth workflow when using MetaMask Chrome extension [GH-13133]
  • ui: Fixes issue with automate secret deletion value not displaying initially if set in secret metadata edit view [GH-13177]
  • ui: Fixes issue with placeholder not displaying for automatically deleted secrets when deletion time has passed [GH-13166]
  • ui: Fixes node-forge error when parsing EC (elliptical curve) certs [GH-13238]

v1.9.0

1.9.0

November 17, 2021

CHANGES:

  • expiration: VAULT_16_REVOKE_PERMITPOOL environment variable has been removed. [GH-12888]

... (truncated)

Changelog

Sourced from github.com/hashicorp/vault/api's changelog.

1.9.2

December 21, 2021

CHANGES:

  • go: Update go version to 1.17.5 [GH-13408]

IMPROVEMENTS:

  • auth/jwt: The Authorization Code flow makes use of the Proof Key for Code Exchange (PKCE) extension. [GH-13365]

BUG FIXES:

  • ui: Fix client count current month data not showing unless monthly history data exists [GH-13396]

1.9.1

December 9, 2021

SECURITY:

  • storage/raft: Integrated Storage backend could be caused to crash by an authenticated user with write permissions to the KV secrets engine. This vulnerability, CVE-2021-45042, was fixed in Vault 1.7.7, 1.8.6, and 1.9.1.

IMPROVEMENTS:

  • storage/aerospike: Upgrade aerospike-client-go to v5.6.0. [GH-12165]

BUG FIXES:

  • auth/approle: Fix regression where unset cidrlist is returned as nil instead of zero-length array. [GH-13235]
  • ha (enterprise): Prevents performance standby nodes from serving and caching stale data immediately after performance standby election completes
  • http:Fix /sys/monitor endpoint returning streaming not supported [GH-13200]
  • identity/oidc: Make the nonce parameter optional for the Authorization Endpoint of OIDC providers. [GH-13231]
  • identity: Fixes a panic in the OIDC key rotation due to a missing nil check. [GH-13298]
  • sdk/queue: move lock before length check to prevent panics. [GH-13146]
  • secrets/azure: Fixes service principal generation when assigning roles that have DataActions. [GH-13277]
  • secrets/pki: Recognize ed25519 when requesting a response in PKCS8 format [GH-13257]
  • storage/raft: Fix a panic when trying to store a key > 32KB in a transaction. [GH-13286]
  • storage/raft: Fix a panic when trying to write a key > 32KB [GH-13282]
  • ui: Do not show verify connection value on database connection config page [GH-13152]
  • ui: Fixes issue restoring raft storage snapshot [GH-13107]
  • ui: Fixes issue with OIDC auth workflow when using MetaMask Chrome extension [GH-13133]
  • ui: Fixes issue with automate secret deletion value not displaying initially if set in secret metadata edit view [GH-13177]
  • ui: Fixes issue with placeholder not displaying for automatically deleted secrets when deletion time has passed [GH-13166]
  • ui: Fixes node-forge error when parsing EC (elliptical curve) certs [GH-13238]

1.9.0

November 17, 2021

CHANGES:

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] avatar May 29 '23 01:05 dependabot[bot]

Codecov Report

Merging #106 (92f2ad7) into main (f511134) will not change coverage. The diff coverage is n/a.

:exclamation: Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more.

@@           Coverage Diff           @@
##             main     #106   +/-   ##
=======================================
  Coverage   59.45%   59.45%           
=======================================
  Files          10       10           
  Lines         550      550           
=======================================
  Hits          327      327           
  Misses        195      195           
  Partials       28       28
Flag Coverage Δ
unittests 59.45% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

codecov-commenter avatar May 29 '23 01:05 codecov-commenter

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot[bot] avatar Jun 07 '24 20:06 dependabot[bot]