licensing (enterprise): Remove support for stored licenses and associated sys/license and sys/license/signed
endpoints in favor of autoloaded licenses.
replication (enterprise): The /sys/replication/performance/primary/mount-filter endpoint has been removed. Please use Paths Filter instead.
Non-Disruptive Intermediate/Root Certificate Rotation: This allows
import, generation and configuration of any number of keys and/or issuers
within a PKI mount, providing operators the ability to rotate certificates
in place without affecting existing client configurations. [GH-15277]
api/command: Global -output-policy flag to determine minimum required policy HCL for a given operation [GH-14899]
nomad: Bootstrap Nomad ACL system if no token is provided [GH-12451]
agent/auto-auth: Add min_backoff to the method stanza for configuring initial backoff duration. [GH-15204]
agent: Update consult-template to v0.29.0 [GH-15293]
agent: Upgrade hashicorp/consul-template version for sprig template functions and improved writeTo function [GH-15092]
api: Add ability to pass certificate as PEM bytes to api.Client. [GH-14753]
api: Add context-aware functions to vault/api for each API wrapper function. [GH-14388]
api: Added MFALogin() for handling MFA flow when using login helpers. [GH-14900]
api: If the parameters supplied over the API payload are ignored due to not
being what the endpoints were expecting, or if the parameters supplied get
replaced by the values in the endpoint's path itself, warnings will be added to
the non-empty responses listing all the ignored and replaced parameters. [GH-14962]
api: Provide a helper method WithNamespace to create a cloned client with a new NS [GH-14963]
api: Use the context passed to the api/auth Login helpers. [GH-14775]
auth/okta: Add support for Google provider TOTP type in the Okta auth method [GH-14985]
auth/kerberos: add add_group_aliases config to include LDAP groups in Vault group aliases [GH-16890]
auth/kerberos: add remove_instance_name parameter to the login CLI and the
Kerberos config in Vault. This removes any instance names found in the keytab
service principal name. [GH-16594]
identity/oidc: Adds the client_secret_post token endpoint authentication method. [GH-16598]
storage/gcs: Add documentation explaining how to configure the gcs backend using environment variables instead of options in the configuration stanza [GH-14455]
BUG FIXES:
api: Fixed erroneous warnings of unrecognized parameters when unwrapping data. [GH-16794]
auth/gcp: Fixes the ability to reset the configuration's credentials to use application default credentials. [GH-16523]
auth/kerberos: Maintain headers set by the client [GH-16636]
command/debug: fix bug where monitor was not honoring configured duration [GH-16834]
core/license (enterprise): Always remove stored license and allow unseal to complete when license cleanup fails
database/elasticsearch: Fixes a bug in boolean parsing for initialize [GH-16526]
identity/oidc: Change the state parameter of the Authorization Endpoint to optional. [GH-16599]
identity/oidc: Detect invalid redirect_uri values sooner in validation of the
Authorization Endpoint. [GH-16601]
identity/oidc: Fixes validation of the request and request_uri parameters. [GH-16600]
plugin/secrets/auth: Fix a bug with aliased backends such as aws-ec2 or generic [GH-16673]
secrets/database: Fix a bug where the secret engine would queue up a lot of WAL deletes during startup. [GH-16686]
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot]
commented
2 years ago
Bumps github.com/hashicorp/vault from 1.8.2 to 1.11.3.
Release notes
Sourced from github.com/hashicorp/vault's releases.
... (truncated)
Changelog
Sourced from github.com/hashicorp/vault's changelog.
... (truncated)
Commits
17250b2Backport of UI/OIDC auth bug for hcp namespace flag into release/1.11.x (#16908)5d856cebackport of commit 7ad1559489258a5f508fcb36bc379c9de57e636f (#16906)f18e791backport of commit b23763fa8d8dac0b8c0593357df905c6c1efcc13 (#16904)563482dbackport of commit 82fde6f864d2e9e30238bbcf19f869553c3b09b0 (#16899)87ac56bauth/kerberos: add config to include ldap groups in group alias (#16890) (#16...be83be7backport of commit 247a019be0ace89bfa3cdc54c0294829bf390ef0 (#16884)c961a77backport of commit bd8d762732e00db48413ed522aeb6dc511e5ba89 (#16878)4c2b5abbackport of commit fa77835870c647d1f60a0ec03f24bbe041448489 (#16876)c10ccf1backport of commit a222dbfd2954bf2f41e27fb96f4d9be2347504f7 (#16852)20d1660backport of commit 0de67d5b0400d776211fe16c34d510064ff36c94 (#16868)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)