Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update all patch and minor #708

Merged
merged 1 commit into from
Sep 27, 2024
Merged

chore(deps): update all patch and minor #708

merged 1 commit into from
Sep 27, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Sep 27, 2024
edited
Loading

This PR contains the following updates:

Package Type Update Change Age Adoption Passing Confidence
actions/setup-go action digest cdcb360 -> 0a12ed9
alpine stage digest b89d9c9 -> beefdbd
busybox final digest 25e9fcb -> 9497578
cloud.google.com/go/kms require minor v1.18.1 -> v1.20.0 age adoption passing confidence
docker/login-action action digest 0d4c9c5 -> 9780b0c
docker/setup-buildx-action action digest d70bba7 -> 988b5a0
docker/setup-qemu-action action digest 6882732 -> 49b3bc8
github.com/aws/aws-sdk-go require minor v1.54.11 -> v1.55.5 age adoption passing confidence
github.com/hashicorp/vault/api require minor v1.14.0 -> v1.15.0 age adoption passing confidence
github.com/hashicorp/vault/sdk require minor v0.13.0 -> v0.14.0 age adoption passing confidence
github.com/urfave/cli/v2 require patch v2.27.2 -> v2.27.4 age adoption passing confidence
golang.org/x/crypto require minor v0.24.0 -> v0.27.0 age adoption passing confidence
google.golang.org/genproto require digest f6361c8 -> 9d4c2d2 age adoption passing confidence

Release Notes

aws/aws-sdk-go (github.com/aws/aws-sdk-go)

v1.55.5

Compare Source

===

Service Client Updates
  • service/appstream: Updates service API and documentation
    • Added support for Red Hat Enterprise Linux 8 on Amazon AppStream 2.0
  • service/autoscaling: Updates service API and documentation
    • Increase the length limit for VPCZoneIdentifier from 2047 to 5000
  • service/codepipeline: Updates service API, documentation, and paginators
    • AWS CodePipeline V2 type pipelines now support stage level conditions to enable development teams to safely release changes that meet quality and compliance requirements.
  • service/elasticache: Updates service documentation
    • Doc only update for changes to deletion API.
  • service/elasticloadbalancing: Updates service API
  • service/eventbridge: Updates service API
  • service/logs: Updates service API
    • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/models.lex.v2: Updates service API and documentation
  • service/rolesanywhere: Updates service API and documentation
  • service/tnb: Updates service API and documentation
  • service/workspaces: Updates service documentation
    • Removing multi-session as it isn't supported for pools

v1.55.4

Compare Source

===

Service Client Updates
  • service/elasticache: Updates service documentation
    • Renaming full service name as it appears in developer documentation.
  • service/memorydb: Updates service API and documentation

v1.55.3

Compare Source

===

Service Client Updates
  • service/application-autoscaling: Updates service API
  • service/application-signals: Updates service API and documentation
  • service/bedrock-runtime: Updates service API and documentation
  • service/codecommit: Updates service API and documentation
    • CreateRepository API now throws OperationNotAllowedException when the account has been restricted from creating a repository.
  • service/datazone: Updates service API and documentation
  • service/ec2: Updates service API and documentation
    • EC2 Fleet now supports using custom identifiers to reference Amazon Machine Images (AMI) in launch requests that are configured to choose from a diversified list of instance types.
  • service/ecr: Updates service API, documentation, paginators, and examples
    • API and documentation updates for Amazon ECR, adding support for creating, updating, describing and deleting ECR Repository Creation Template.
  • service/eks: Updates service API and documentation
  • service/elasticloadbalancingv2: Updates service API, documentation, and examples
  • service/network-firewall: Updates service API and documentation
  • service/outposts: Updates service API and documentation
  • service/states: Updates service API and documentation
    • This release adds support to customer managed KMS key encryption in AWS Step Functions.
SDK Bugs
  • Remove broken integration test.
    • Remove integration test broken by cloudsearch service.

v1.55.2

Compare Source

===

Service Client Updates
  • service/cleanrooms: Updates service API and documentation
  • service/dynamodb: Updates service API, documentation, waiters, paginators, and examples
    • DynamoDB doc only update for July
  • service/iotsitewise: Updates service API and documentation
  • service/mediapackagev2: Updates service API
  • service/medical-imaging: Updates service API and documentation
  • service/pinpoint-sms-voice-v2: Updates service API and documentation
SDK Bugs
  • Add missing bool error matching.
    • This enables waiters defined to match on presence/absence of errors.

v1.55.1

Compare Source

===

Service Client Updates
  • service/appsync: Updates service API and paginators
  • service/cleanrooms: Updates service API, documentation, and paginators
  • service/cleanroomsml: Updates service API, documentation, and waiters
  • service/connect: Updates service API and documentation
  • service/connect-contact-lens: Updates service API and documentation
  • service/datazone: Updates service API and documentation
  • service/entityresolution: Updates service API and documentation

v1.55.0

Compare Source

===

Service Client Updates
  • service/datazone: Updates service API, documentation, and paginators
  • service/ivs: Updates service API and documentation
  • service/redshift-serverless: Updates service API and documentation
SDK Features
  • service/mobile: Remove Mobile
    • This change removes the Mobile service, which has been deprecated.
SDK Bugs
  • Apply sensitive struct tag to lists/maps with sensitive members.
    • This change propagates existing sensitive protection to lists/maps.

v1.54.20

Compare Source

===

Service Client Updates
  • service/acm-pca: Updates service waiters
  • service/connect: Updates service API, documentation, and paginators
  • service/ec2: Updates service API and documentation
    • Amazon VPC IP Address Manager (IPAM) now supports Bring-Your-Own-IP (BYOIP) for IP addresses registered with any Internet Registry. This feature uses DNS TXT records to validate ownership of a public IP address range.
  • service/firehose: Updates service API and documentation
    • This release 1) Add configurable buffering hints for Snowflake as destination. 2) Add ReadFromTimestamp for MSK As Source. Firehose will start reading data from MSK Cluster using offset associated with this timestamp. 3) Gated public beta release to add Apache Iceberg tables as destination.
  • service/ivschat: Updates service API, documentation, and waiters
  • service/medialive: Updates service API and documentation
    • AWS Elemental MediaLive now supports the SRT protocol via the new SRT Caller input type.
  • service/rds: Updates service API, documentation, waiters, paginators, and examples
    • Updates Amazon RDS documentation to specify an eventual consistency model for DescribePendingMaintenanceActions.
  • service/sagemaker: Updates service API
    • SageMaker Training supports R5, T3 and R5D instances family. And SageMaker Processing supports G5 and R5D instances family.
  • service/secretsmanager: Updates service documentation
    • Doc only update for Secrets Manager
  • service/taxsettings: Updates service API
  • service/timestream-query: Updates service API and documentation
  • service/workspaces-thin-client: Updates service API and documentation

v1.54.19

Compare Source

===

Service Client Updates
  • service/acm-pca: Updates service API, documentation, waiters, and paginators
  • service/arc-zonal-shift: Updates service API and documentation
  • service/autoscaling: Adds new service
    • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/codebuild: Adds new service
    • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/dynamodb: Updates service API, documentation, waiters, paginators, and examples
    • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/globalaccelerator: Updates service API
  • service/pinpoint: Updates service API and documentation
    • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/quicksight: Updates service API and documentation
    • Vega ally control options and Support for Reviewed Answers in Topics
  • service/rds: Updates service API, documentation, waiters, paginators, and examples
    • Update path for CreateDBCluster resource identifier, and Add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/sns: Adds new service
    • Add v2 smoke tests and smithy smokeTests trait for SDK testing.

v1.54.18

Compare Source

===

Service Client Updates
  • service/batch: Updates service API and documentation
    • This feature allows AWS Batch Jobs with EKS container orchestration type to be run as Multi-Node Parallel Jobs.
  • service/bedrock: Updates service API and documentation
  • service/bedrock-agent: Updates service API, documentation, and paginators
  • service/bedrock-agent-runtime: Updates service API, documentation, and paginators
  • service/bedrock-runtime: Updates service API and documentation
  • service/ec2: Updates service API and documentation
    • Add parameters to enable provisioning IPAM BYOIPv4 space at a Local Zone Network Border Group level
  • service/glue: Updates service API and documentation
    • Add recipe step support for recipe node
  • service/groundstation: Updates service API and documentation
  • service/license-manager-linux-subscriptions: Updates service API, documentation, and paginators
  • service/mediaconnect: Updates service API and documentation

v1.54.17

Compare Source

===

Service Client Updates
  • service/datazone: Updates service API
  • service/fsx: Updates service API and documentation
  • service/opensearch: Updates service API and documentation
  • service/sagemaker: Updates service API, documentation, and paginators
    • This release 1/ enables optimization jobs that allows customers to perform Ahead-of-time compilation and quantization. 2/ allows customers to control access to Amazon Q integration in SageMaker Studio. 3/ enables AdditionalModelDataSources for CreateModel action.

v1.54.16

Compare Source

===

Service Client Updates
  • service/codedeploy: Updates service API
    • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/devicefarm: Updates service API
    • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/dms: Updates service API
    • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/elasticbeanstalk: Updates service API
    • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/email: Updates service API
    • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/es: Updates service API
    • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/firehose: Updates service API
    • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/gamelift: Updates service API
    • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/qapps: Updates service API, documentation, waiters, paginators, and examples
  • service/route53resolver: Updates service API

v1.54.15

Compare Source

===

Service Client Updates
  • service/acm: Updates service API and documentation
    • Documentation updates, including fixes for xml formatting, broken links, and ListCertificates description.
  • service/ecr: Updates service API
    • This release for Amazon ECR makes change to bring the SDK into sync with the API.
  • service/payment-cryptography-data: Updates service API and documentation
  • service/qbusiness: Updates service API and documentation

v1.54.14

Compare Source

===

Service Client Updates
  • service/application-autoscaling: Updates service documentation
  • service/directconnect: Updates service documentation
    • This update includes documentation for support of new native 400 GBps ports for Direct Connect.
  • service/organizations: Updates service API and documentation
    • Added a new reason under ConstraintViolationException in RegisterDelegatedAdministrator API to prevent registering suspended accounts as delegated administrator of a service.
  • service/rekognition: Updates service API and documentation
    • This release adds support for tagging projects and datasets with the CreateProject and CreateDataset APIs.
  • service/workspaces: Updates service API
    • Fix create workspace bundle RootStorage/UserStorage to accept non null values

v1.54.13

Compare Source

===

Service Client Updates
  • service/ec2: Updates service API and documentation
    • Documentation updates for Elastic Compute Cloud (EC2).
  • service/fms: Updates service API
  • service/s3: Updates service API, documentation, and examples
    • Added response overrides to Head Object requests.

v1.54.12

Compare Source

===

Service Client Updates
  • service/apigateway: Updates service API
    • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/cognito-identity: Updates service API
  • service/connect: Updates service API, documentation, and paginators
  • service/docdb: Updates service API
    • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/eks: Updates service API
  • service/payment-cryptography: Updates service API and documentation
  • service/payment-cryptography-data: Updates service API, documentation, and waiters
  • service/states: Updates service API
    • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/swf: Updates service API
    • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/wafv2: Updates service API and documentation
hashicorp/vault (github.com/hashicorp/vault/api)

v1.15.0

Compare Source

1.15.0

September 27, 2023

SECURITY:

  • secrets/transit: fix a regression that was honoring nonces provided in non-convergent modes during encryption. [GH-22852]

CHANGES:

  • auth/alicloud: Update plugin to v0.16.0 [GH-22646]
  • auth/azure: Update plugin to v0.16.0 [GH-22277]
  • auth/azure: Update plugin to v0.16.1 [GH-22795]
  • auth/azure: Update plugin to v0.16.2 [GH-23060]
  • auth/cf: Update plugin to v0.15.1 [GH-22758]
  • auth/gcp: Update plugin to v0.16.1 [GH-22612]
  • auth/jwt: Update plugin to v0.17.0 [GH-22678]
  • auth/kerberos: Update plugin to v0.10.1 [GH-22797]
  • auth/kubernetes: Update plugin to v0.17.0 [GH-22709]
  • auth/kubernetes: Update plugin to v0.17.1 [GH-22879]
  • auth/ldap: Normalize HTTP response codes when invalid credentials are provided [GH-21282]
  • auth/oci: Update plugin to v0.14.2 [GH-22805]
  • core (enterprise): Ensure Role Governing Policies are only applied down the namespace hierarchy
  • core/namespace (enterprise): Introduce the concept of high-privilege namespace (administrative namespace),
    which will have access to some system backend paths that were previously only accessible in the root namespace. [GH-21215]
  • core: Bump Go version to 1.21.1.
  • database/couchbase: Update plugin to v0.9.3 [GH-22854]
  • database/couchbase: Update plugin to v0.9.4 [GH-22871]
  • database/elasticsearch: Update plugin to v0.13.3 [GH-22696]
  • database/mongodbatlas: Update plugin to v0.10.1 [GH-22655]
  • database/redis-elasticache: Update plugin to v0.2.2 [GH-22584]
  • database/redis-elasticache: Update plugin to v0.2.3 [GH-22598]
  • database/redis: Update plugin to v0.2.2 [GH-22654]
  • database/snowflake: Update plugin to v0.9.0 [GH-22516]
  • events: Log level for processing an event dropped from info to debug. [GH-22997]
  • events: data_path will include full data path of secret, including name. [GH-22487]
  • replication (enterprise): Switch to non-deprecated gRPC field for resolver target host
  • sdk/logical/events: EventSender interface method is now SendEvent instead of Send. [GH-22487]
  • secrets/ad: Update plugin to v0.16.1 [GH-22856]
  • secrets/alicloud: Update plugin to v0.15.1 [GH-22533]
  • secrets/azure: Update plugin to v0.16.2 [GH-22799]
  • secrets/azure: Update plugin to v0.16.3 [GH-22824]
  • secrets/gcp: Update plugin to v0.17.0 [GH-22746]
  • secrets/gcpkms: Update plugin to v0.15.1 [GH-22757]
  • secrets/keymgmt: Update plugin to v0.9.3
  • secrets/kubernetes: Update plugin to v0.6.0 [GH-22823]
  • secrets/kv: Update plugin to v0.16.1 [GH-22716]
  • secrets/mongodbatlas: Update plugin to v0.10.1 [GH-22748]
  • secrets/openldap: Update plugin to v0.11.2 [GH-22734]
  • secrets/terraform: Update plugin to v0.7.3 [GH-22907]
  • secrets/transform (enterprise): Enforce a transformation role's max_ttl setting on encode requests, a warning will be returned if max_ttl was applied.
  • storage/aerospike: Aerospike storage shouldn't be used on 32-bit architectures and is now unsupported on them. [GH-20825]
  • telemetry: Replace vault.rollback.attempt.{MOUNT_POINT} and vault.route.rollback.{MOUNT_POINT} metrics with vault.rollback.attempt and vault.route.rollback metrics by default. Added a telemetry configuration add_mount_point_rollback_metrics which, when set to true, causes vault to emit the metrics with mount points in their names. [GH-22400]

FEATURES:

  • Certificate Issuance External Policy Service (CIEPS) (enterprise): Allow highly-customizable operator control of certificate validation and generation through the PKI Secrets Engine.
  • Copyable KV v2 paths in UI: KV v2 secret paths are copyable for use in CLI commands or API calls [GH-22551]
  • Dashboard UI: Dashboard is now available in the UI as the new landing page. [GH-21057]
  • Database Static Role Advanced TTL Management: Adds the ability to rotate
  • Event System: Add subscribe capability and subscribe_event_types to policies for events. [GH-22474]
    static roles on a defined schedule. [GH-22484]
  • GCP IAM Support: Adds support for IAM-based authentication to MySQL and PostgreSQL backends using Google Cloud SQL. [GH-22445]
  • Improved KV V2 UI: Updated and restructured secret engine for KV (version 2 only) [GH-22559]
  • Merkle Tree Corruption Detection (enterprise): Add a new endpoint to check merkle tree corruption.
  • Plugin Containers: Vault supports registering, managing, and running plugins inside a container on Linux. [GH-22712]
  • SAML Auth Method (enterprise): Enable users to authenticate with Vault using their identity in a SAML Identity Provider.
  • Seal High Availability Beta (enterprise): operators can try out configuring more than one automatic seal for resilience against seal provider outages. Not for production use at this time.
  • Secrets Sync (enterprise): Add the ability to synchronize KVv2 secret with external secrets manager solutions.
  • UI LDAP secrets engine: Add LDAP secrets engine to the UI. [GH-20790]

IMPROVEMENTS:

  • Bump github.com/hashicorp/go-plugin version v1.4.9 -> v1.4.10 [GH-20966]
  • api: add support for cloning a Client's tls.Config. [GH-21424]
  • api: adding a new api sys method for replication status [GH-20995]
  • audit: add core audit events experiment [GH-21628]
  • auth/aws: Added support for signed GET requests for authenticating to vault using the aws iam method. [GH-10961]
  • auth/azure: Add support for azure workload identity authentication (see issue
    #​18257). Update go-kms-wrapping dependency to include PR
    #​155     [GH-22994]
  • auth/azure: Added Azure API configurable retry options [GH-23059]
  • auth/cert: Adds support for requiring hexadecimal-encoded non-string certificate extension values [GH-21830]
  • auth/ldap: improved login speed by adding concurrency to LDAP token group searches [GH-22659]
  • auto-auth/azure: Added Azure Workload Identity Federation support to auto-auth (for Vault Agent and Vault Proxy). [GH-22264]
  • auto-auth: added support for LDAP auto-auth [GH-21641]
  • aws/auth: Adds a new config field use_sts_region_from_client which allows for using dynamic regional sts endpoints based on Authorization header when using IAM-based authentication. [GH-21960]
  • command/server: add -dev-tls-san flag to configure subject alternative names for the certificate generated when using -dev-tls. [GH-22657]
  • core (ent) : Add field that allows lease-count namespace quotas to be inherited by child namespaces.
  • core : Add field that allows rate-limit namespace quotas to be inherited by child namespaces. [GH-22452]
  • core/fips: Add RPM, DEB packages of FIPS 140-2 and HSM+FIPS 140-2 Vault Enterprise.
  • core/quotas: Add configuration to allow skipping of expensive role calculations [GH-22651]
  • core: Add a new periodic metric to track the number of available policies, vault.policy.configured.count. [GH-21010]
  • core: Fix OpenAPI representation and -output-policy recognition of some non-standard sudo paths [GH-21772]
  • core: Fix regexes for sys/raw/ and sys/leases/lookup/ to match prevailing conventions [GH-21760]
  • core: Log rollback manager failures during unmount, remount to prevent replication failures on secondary clusters. [GH-22235]
  • core: Use a worker pool for the rollback manager. Add new metrics for the rollback manager to track the queued tasks. [GH-22567]
  • core: add a listener configuration "chroot_namespace" that forces requests to use a namespace hierarchy [GH-22304]
  • core: add a listener configuration "chroot_namespace" that forces requests to use a namespace hierarchy
  • core: remove unnecessary *BarrierView field from backendEntry struct [GH-20933]
  • core: use Go stdlib functionalities instead of explicit byte/string conversions [GH-21854]
  • docs: Clarify when a entity is created [GH-22233]
  • eventbus: updated go-eventlogger library to allow removal of nodes referenced by pipelines (used for subscriptions) [GH-21623]
  • events: Allow subscriptions to multiple namespaces [GH-22540]
  • events: Enabled by default [GH-22815]
  • events: WebSocket subscriptions add support for boolean filter expressions [GH-22835]
  • framework: Make it an error for CreateOperation to be defined without an ExistenceCheck, thereby fixing misleading x-vault-createSupported in OpenAPI [GH-18492]
  • kmip (enterprise): Add namespace lock and unlock support [GH-21925]
  • openapi: Better mount points for kv-v1 and kv-v2 in openapi.json [GH-21563]
  • openapi: Fix generated types for duration strings [GH-20841]
  • openapi: Fix generation of correct fields in some rarer cases [GH-21942]
  • openapi: Fix response definitions for list operations [GH-21934]
  • openapi: List operations are now given first-class representation in the OpenAPI document, rather than sometimes being overlaid with a read operation at the same path [GH-21723]
  • plugins: Containerized plugins can be configured to still work when running with systemd's PrivateTmp=true setting. [GH-23215]
  • replication (enterprise): Avoid logging warning if request is forwarded from a performance standby and not a performance secondary
  • replication (enterprise): Make reindex less disruptive by allowing writes during the flush phase.
  • sdk/framework: Adds replication state helper for backends to check for read-only storage [GH-21743]
  • secrets/database: Improves error logging for static role rotations by including the database and role names. [GH-22253]
  • secrets/db: Remove the service_account_json parameter when reading DB connection details [GH-23256]
  • secrets/pki: Add a parameter to allow ExtKeyUsage field usage from a role within ACME. [GH-21702]
  • secrets/transform (enterprise): Switch to pgx PostgreSQL driver for better timeout handling
  • secrets/transit: Add support to create CSRs from keys in transit engine and import/export x509 certificates [GH-21081]
  • storage/dynamodb: Added three permit pool metrics for the DynamoDB backend, pending_permits, active_permits, and pool_size. [GH-21742]
  • storage/etcd: Make etcd parameter MaxCallSendMsgSize configurable [GH-12666]
  • storage/raft: Cap the minimum dead_server_last_contact_threshold to 1m. [GH-22040]
  • sys/metrics (enterprise): Adds a gauge metric that tracks whether enterprise builtin secret plugins are enabled. [GH-21681]
  • ui: Add API Explorer link to Sidebar, under Tools. [GH-21578]
  • ui: Add pagination to PKI roles, keys, issuers, and certificates list pages [GH-23193]
  • ui: Added allowed_domains_template field for CA type role in SSH engine [GH-23119]
  • ui: Adds mount configuration details to Kubernetes secrets engine configuration view [GH-22926]
  • ui: Adds tidy_revoked_certs to PKI tidy status page [GH-23232]
  • ui: Adds warning before downloading KV v2 secret values [GH-23260]
  • ui: Display minus icon for empty MaskedInput value. Show MaskedInput for KV secrets without values [GH-22039]
  • ui: JSON diff view available in "Create New Version" form for KV v2 [GH-22593]
  • ui: KV View Secret card will link to list view if input ends in "/" [GH-22502]
  • ui: Move access to KV V2 version diff view to toolbar in Version History [GH-23200]
  • ui: Update pki mount configuration details to match the new mount configuration details pattern [GH-23166]
  • ui: add example modal to policy form [GH-21583]
  • ui: adds allowed_user_ids field to create role form and user_ids to generate certificates form in pki [GH-22191]
  • ui: display CertificateCard instead of MaskedInput for certificates in PKI [GH-22160]
  • ui: enables create and update KV secret workflow when control group present [GH-22471]
  • ui: implement hashicorp design system alert component [GH-21375]
  • ui: update detail views that render ttl durations to display full unit instead of letter (i.e. 'days' instead of 'd') [GH-20697]
  • ui: update unseal and DR operation token flow components [GH-21871]
  • ui: upgrade Ember to 4.12 [GH-22122]

DEPRECATIONS:

  • auth/centrify: Centrify plugin is deprecated as of 1.15, slated for removal in 1.17 [GH-23050]

BUG FIXES:

  • activity (enterprise): Fix misattribution of entities to no or child namespace auth methods [GH-18809]
  • agent: Environment variable VAULT_CACERT_BYTES now works for Vault Agent templates. [GH-22322]
  • agent: Fix "generate-config" command documentation URL [GH-21466]
  • api/client: Fix deadlock in client.CloneWithHeaders when used alongside other client methods. [GH-22410]
  • api: Fix breakage with UNIX domain socket addresses introduced by newest Go versions as a security fix. [GH-22523]
  • audit: Prevent panic due to nil pointer receiver for audit header formatting. [GH-22694]
  • auth/azure: Fix intermittent 401s by preventing performance secondary clusters from rotating root credentials. [GH-21800]
  • auth/token, sys: Fix path-help being unavailable for some list-only endpoints [GH-18571]
  • auth/token: Fix parsing of auth/token/create fields to avoid incorrect warnings about ignored parameters [GH-18556]
  • awsutil: Update awsutil to v0.2.3 to fix a regression where Vault no longer
    respects AWS_ROLE_ARN, AWS_WEB_IDENTITY_TOKEN_FILE, and AWS_ROLE_SESSION_NAME. [GH-21951]
  • cli: Avoid printing "Success" message when -field flag is provided during a vault write. [GH-21546]
  • cli: Fix the CLI failing to return wrapping information for KV PUT and PATCH operations when format is set to table. [GH-22818]
  • core (enterprise): Fix sentinel policy check logic so that sentinel
    policies are not used when Sentinel feature isn't licensed.
  • core (enterprise): Remove MFA Configuration for namespace when deleting namespace
  • core/managed-keys (enterprise): Allow certain symmetric PKCS#11 managed key mechanisms (AES CBC with and without padding) to operate without an HMAC.
  • core/metrics: vault.raft_storage.bolt.write.time should be a counter not a summary [GH-22468]
  • core/quotas (enterprise): Fix a case where we were applying login roles to lease count quotas in a non-login context.
    Also fix a related potential deadlock. [GH-21110]
  • core/quotas: Only perform ResolveRoleOperation for role-based quotas and lease creation. [GH-22597]
  • core/quotas: Reduce overhead for role calculation when using cloud auth methods. [GH-22583]
  • core: Remove "expiration manager is nil on tokenstore" error log for unauth requests on DR secondary as they do not have expiration manager. [GH-22137]
  • core: All subloggers now reflect configured log level on reload. [GH-22038]
  • core: Fix bug where background thread to update locked user entries runs on DR secondaries. [GH-22355]
  • core: Fix readonly errors that could occur while loading mounts/auths during unseal [GH-22362]
  • core: Fixed an instance where incorrect route entries would get tainted. We now pre-calculate namespace specific paths to avoid this. [GH-21470]
  • core: Fixed issue with some durations not being properly parsed to include days. [GH-21357]
  • core: Fixes list password policy to include those with names containing / characters. [GH-23155]
  • core: fix race when updating a mount's route entry tainted status and incoming requests [GH-21640]
  • docs: fix wrong api path for ldap secrets cli-commands [GH-23225]
  • events: Ensure subscription resources are cleaned up on close. [GH-23042]
  • expiration: Fix a deadlock that could occur when a revocation failure happens while restoring leases on startup. [GH-22374]
  • identity/mfa: Fixes to OpenAPI representation and returned error codes for identity/mfa/method/* APIs [GH-20879]
  • identity: Remove caseSensitivityKey to prevent errors while loading groups which could result in missing groups in memDB when duplicates are found. [GH-20965]
  • license: Add autoloaded license path to the cache exempt list. This is to ensure the license changes on the active node is observed on the perfStandby node. [GH-22363]
  • openapi: Fix response schema for PKI Issue requests [GH-21449]
  • openapi: Fix schema definitions for PKI EAB APIs [GH-21458]
  • plugins: Containerized plugins can be run with mlock enabled. [GH-23215]
  • plugins: Fix instance where Vault could fail to kill broken/unresponsive plugins. [GH-22914]
  • plugins: Fix instance where broken/unresponsive plugins could cause Vault to hang. [GH-22914]
  • plugins: Runtime catalog returns 404 instead of 500 when reading a runtime that does not exist [GH-23171]
  • plugins: vault plugin runtime list can successfully list plugin runtimes with GET [GH-23171]
  • raft/autopilot: Add dr-token flag for raft autopilot cli commands [GH-21165]
  • replication (enterprise): Fix bug sync invalidate CoreReplicatedClusterInfoPath
  • replication (enterprise): Fix discovery of bad primary cluster addresses to be more reliable
  • replication (enterprise): Fix panic when update-primary was called on demoted clusters using update_primary_addrs
  • replication (enterprise): Fixing a bug by which the atomicity of a merkle diff result could be affected. This means it could be a source of a merkle-diff & sync process failing to switch into stream-wal mode afterwards.
  • replication (enterprise): Sort cluster addresses returned by echo requests, so that primary-addrs only gets persisted when the
    set of addrs changes.
  • replication (enterprise): update primary cluster address after DR failover
  • sdk/ldaputil: Properly escape user filters when using UPN domains
    sdk/ldaputil: use EscapeLDAPValue implementation from cap/ldap [GH-22249]
  • secrets/azure: Fix intermittent 401s by preventing performance secondary clusters from rotating root credentials. [GH-21631]
  • secrets/ldap: Fix bug causing schema and password_policy to be overwritten in config. [GH-22330]
  • secrets/pki: Fix bug with ACME tidy, 'unable to determine acme base folder path'. [GH-21870]
  • secrets/pki: Fix preserving acme_account_safety_buffer on config/auto-tidy. [GH-21870]
  • secrets/pki: Fix removal of issuers to clean up unreferenced CRLs. [GH-23007]
  • secrets/pki: Prevent deleted issuers from reappearing when migrating from a version 1 bundle to a version 2 bundle (versions including 1.13.0, 1.12.2, and 1.11.6); when managed keys were removed but referenced in the Vault 1.10 legacy CA bundle, this the error: no managed key found with uuid. [GH-21316]
  • secrets/pki: allowed_domains are now compared in a case-insensitive manner if they use glob patterns [GH-22126]
  • secrets/transform (enterprise): Batch items with repeated tokens in the tokenization decode api will now contain the decoded_value element
  • secrets/transform (enterprise): Fix nil panic when deleting a template with tokenization transformations present
  • secrets/transform (enterprise): Fix nil panic when encoding a tokenization transformation on a non-active node
  • secrets/transform (enterprise): Grab shared locks for various read operations, only escalating to write locks if work is required
  • secrets/transform (enterprise): Tidy operations will be re-scheduled at a minimum of every minute, not a maximum of every minute
  • secrets/transit: fix panic when providing non-PEM formatted public key for import [GH-22753]
  • serviceregistration: Fix bug where multiple nodes in a secondary cluster could be labelled active after updating the cluster's primary [GH-21642]
  • storage/consul: Consul service registration tags are now case-sensitive. [GH-6483]
  • storage/raft: Fix race where new follower joining can get pruned by dead server cleanup. [GH-20986]
  • ui (enterprise): Fix error message when generating SSH credential with control group [GH-23025]
  • ui: Adds missing values to details view after generating PKI certificate [GH-21635]
  • ui: Fix blank page or ghost secret when canceling KV secret create [GH-22541]
  • ui: Fix display for "Last Vault Rotation" timestamp for static database roles which was not rendering or copyable [GH-22519]
  • ui: Fix styling for username input when editing a user [GH-21771]
  • ui: Fix styling for viewing certificate in kubernetes configuration [GH-21968]
  • ui: Fix the issue where confirm delete dropdown is being cut off [GH-23066]
  • ui: Fixed an issue where editing an SSH role would clear default_critical_options and default_extension if left unchanged. [GH-21739]
  • ui: Fixed secrets, leases, and policies filter dropping focus after a single character [GH-21767]
  • ui: Fixes filter and search bug in secrets engines [GH-23123]
  • ui: Fixes form field label tooltip alignment [GH-22832]
  • ui: Fixes issue with certain navigational links incorrectly displaying in child namespaces [GH-21562]
  • ui: Fixes login screen display issue with Safari browser [GH-21582]
  • ui: Fixes problem displaying certificates issued with unsupported signature algorithms (i.e. ed25519) [GH-21926]
  • ui: Fixes styling of private key input when configuring an SSH key [GH-21531]
  • ui: Surface DOMException error when browser settings prevent localStorage. [GH-21503]
  • ui: correct doctype for index.html [GH-22153]
  • ui: don't exclude features present on license [GH-22855]
  • ui: fixes max_versions default for secret metadata unintentionally overriding kv engine defaults [GH-22394]
  • ui: fixes long namespace names overflow in the sidebar
  • ui: fixes model defaults overwriting input value when user tries to clear form input [GH-22458]
  • ui: fixes text readability issue in revoke token confirmation dialog [GH-22390]
urfave/cli (github.com/urfave/cli/v2)

v2.27.4

Compare Source

What's Changed

Full Changelog: urfave/cli@v2.27.3...v2.27.4

v2.27.3

Compare Source

What's Changed

New Contributors

Full Changelog: urfave/cli@v2.27.2...v2.27.3

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate Renovate
Copy link
Contributor Author

renovate bot commented Sep 27, 2024

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 25 additional dependencies were updated

Details:

Package Change
cloud.google.com/go v0.115.0 -> v0.115.1
cloud.google.com/go/auth v0.6.0 -> v0.9.3
cloud.google.com/go/auth/oauth2adapt v0.2.2 -> v0.2.4
cloud.google.com/go/compute/metadata v0.3.0 -> v0.5.0
cloud.google.com/go/iam v1.1.9 -> v1.2.1
cloud.google.com/go/longrunning v0.5.8 -> v0.6.1
github.com/go-logr/logr v1.4.1 -> v1.4.2
github.com/google/s2a-go v0.1.7 -> v0.1.8
github.com/googleapis/enterprise-certificate-proxy v0.3.2 -> v0.3.4
github.com/googleapis/gax-go/v2 v2.12.5 -> v2.13.0
github.com/hashicorp/go-retryablehttp v0.7.6 -> v0.7.7
github.com/xrash/smetrics v0.0.0-20240312152122-5f08fbb34913 -> v0.0.0-20240521201337-686a1a2994c1
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.49.0 -> v0.54.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 -> v0.54.0
go.opentelemetry.io/otel v1.24.0 -> v1.29.0
go.opentelemetry.io/otel/metric v1.24.0 -> v1.29.0
go.opentelemetry.io/otel/trace v1.24.0 -> v1.29.0
golang.org/x/net v0.26.0 -> v0.29.0
golang.org/x/oauth2 v0.21.0 -> v0.23.0
golang.org/x/sync v0.7.0 -> v0.8.0
golang.org/x/sys v0.21.0 -> v0.25.0
golang.org/x/text v0.16.0 -> v0.18.0
golang.org/x/time v0.5.0 -> v0.6.0
google.golang.org/api v0.186.0 -> v0.197.0
google.golang.org/genproto/googleapis/api v0.0.0-20240624140628-dc46fd24d27d -> v0.0.0-20240903143218-8af14fe29dc1

@coveralls
Copy link

Coverage Status

coverage: 46.573%. remained the same
when pulling 50bc61d on renovate/all-patch-and-minor
into af6fe4a on main.

@mvisonneau mvisonneau merged commit f23f670 into main Sep 27, 2024
5 checks passed
@renovate renovate bot deleted the renovate/all-patch-and-minor branch September 27, 2024 10:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@coveralls @mvisonneau