documentai: Added advanced_ocr_options field in OcrConfig (45c70e3)
documentai: Added EvaluationReference to evaluation.proto (#7290) (4623db8)
documentai: Added field_mask field in DocumentOutputConfig.GcsOutputConfig in document_io.proto (2a0b1ae)
documentai: Added font_family to document.proto feat: added ImageQualityScores message to document.proto feat: added PropertyMetadata and EntityTypeMetadata to document_schema.proto (9c5d6c8)
documentai: Added TrainProcessorVersion, EvaluateProcessorVersion, GetEvaluation, and ListEvaluations v1beta3 APIs feat: added evaluation.proto feat: added document_schema field in ProcessorVersion processor.proto feat: added image_quality_scores field in Document.Page in document.proto feat: added font_family field in Document.Style in document.proto (ac0c5c2)
documentai: Exposed GetProcessorType to v1 (447afdd)
documentai: Exposed GetProcessorType to v1beta3 (447afdd)
documentai: Rewrite signatures in terms of new location (3c4b2b3)
documentai: Added advanced_ocr_options field in OcrConfig (45c70e3)
documentai: Added EvaluationReference to evaluation.proto (#7290) (4623db8)
documentai: Added field_mask field in DocumentOutputConfig.GcsOutputConfig in document_io.proto (2a0b1ae)
documentai: Added font_family to document.proto feat: added ImageQualityScores message to document.proto feat: added PropertyMetadata and EntityTypeMetadata to document_schema.proto (9c5d6c8)
documentai: Added TrainProcessorVersion, EvaluateProcessorVersion, GetEvaluation, and ListEvaluations v1beta3 APIs feat: added evaluation.proto feat: added document_schema field in ProcessorVersion processor.proto feat: added image_quality_scores field in Document.Page in document.proto feat: added font_family field in Document.Style in document.proto (ac0c5c2)
documentai: Exposed GetProcessorType to v1 (447afdd)
documentai: Exposed GetProcessorType to v1beta3 (447afdd)
documentai: Rewrite signatures in terms of new location (3c4b2b3)
documentai: Rewrite signatures in terms of new types for betas (9f303f9)
Removes the openpgp.VerifyDetachedSignatureAndSaltedHash function and the packet.SaltedHashSpecifier as they are no longer required. They were introduced for verifying the headers in cleartext messages. However, in the latest crypto-refresh specification, cleartext message headers were dropped.
Feature: This release adds a new feature for Amazon CloudWatch Internet Monitor that enables customers to deliver internet measurements to Amazon S3 buckets as well as CloudWatch Logs.
Feature: In this release, you can now chose between soft delete and hard delete when calling the DeleteRecord API, so you have more flexibility when it comes to managing online store data.
Feature: Amazon EC2 Auto Scaling now supports Elastic Load Balancing traffic sources with the AttachTrafficSources, DetachTrafficSources, and DescribeTrafficSources APIs. This release also introduces a new activity status, "WaitingForConnectionDraining", for VPC Lattice to the DescribeScalingActivities API.
Feature: This release adds support for HDD EBS volume types and io2 Block Express. We are also adding support for 61 new instance types and instances that have non consecutive runtime.
Feature: Adding a field to the replication configuration APIs to support the auto replicate new disks feature. We also deprecated RetryDataReplication.
Feature: This release adds support for Tunnel Endpoint Lifecycle control, a new feature that provides Site-to-Site VPN customers with better visibility and control of their VPN tunnel maintenance updates.
Feature: Updated DescribeCluster and ListClusters API responses to include ErrorDetail that specifies error code, programmatically accessible error data,and an error message. ErrorDetail provides the underlying reason for cluster failure and recommends actions to simplify troubleshooting of EMR clusters.
Feature: This release adds support for AWS Glue Data Quality, which helps you evaluate and monitor the quality of your data and includes the API for creating, deleting, or updating data quality rulesets, runs and evaluations.
Feature: Amazon SageMaker geospatial capabilities now supports server-side encryption with customer managed KMS key and SageMaker notebooks with a SageMaker geospatial image in a Amazon SageMaker Domain with VPC only mode.
secrets/ssh: removal of the deprecated dynamic keys mode. When any remaining dynamic key leases expire, an error stating secret is unsupported by this backend will be thrown by the lease manager. [GH-18874]
CHANGES:
auth/alicloud: require the role field on login [GH-19005]
auth/approle: Add maximum length of 4096 for approle role_names, as this value results in HMAC calculation [GH-17768]
auth: Returns invalid credentials for ldap, userpass and approle when wrong credentials are provided for existent users.
This will only be used internally for implementing user lockout. [GH-17104]
core: Bump Go version to 1.20.1.
core: Vault version has been moved out of sdk and into main vault module.
Plugins using sdk/useragent.String must instead use sdk/useragent.PluginString. [GH-14229]
logging: Removed legacy environment variable for log format ('LOGXI_FORMAT'), should use 'VAULT_LOG_FORMAT' instead [GH-17822]
plugins: Mounts can no longer be pinned to a specific builtin version. Mounts previously pinned to a specific builtin version will now automatically upgrade to the latest builtin version, and may now be overridden if an unversioned plugin of the same name and type is registered. Mounts using plugin versions without builtin in their metadata remain unaffected. [GH-18051]
plugins: GET /database/config/:name endpoint now returns an additional plugin_version field in the response data. [GH-16982]
plugins: GET /sys/auth/:path/tune and GET /sys/mounts/:path/tune endpoints may now return an additional plugin_version field in the response data if set. [GH-17167]
plugins: GET for /sys/auth, /sys/auth/:path, /sys/mounts, and /sys/mounts/:path paths now return additional plugin_version, running_plugin_version and running_sha256 fields in the response data for each mount. [GH-17167]
sdk: Remove version package, make useragent.String versionless. [GH-19068]
secrets/aws: do not create leases for non-renewable/non-revocable STS credentials to reduce storage calls [GH-15869]
secrets/gcpkms: Updated plugin from v0.13.0 to v0.14.0 [GH-19063]
sys/internal/inspect: Turns of this endpoint by default. A SIGHUP can now be used to reload the configs and turns this endpoint on.
Azure Auth Managed Identities: Allow any Azure resource that supports managed identities to authenticate with Vault [GH-19077]
Azure Auth Rotate Root: Add support for rotate root in Azure Auth engine [GH-19077]
Event System (Alpha): Vault has a new opt-in experimental event system. Not yet suitable for production use. Events are currently only generated on writes to the KV secrets engine, but external plugins can also be updated to start generating events. [GH-19194]
GCP Secrets Impersonated Account Support: Add support for GCP service account impersonation, allowing callers to generate a GCP access token without requiring Vault to store or retrieve a GCP service account key for each role. [GH-19018]
Kubernetes Secrets Engine UI: Kubernetes is now available in the UI as a supported secrets engine. [GH-17893]
New PKI UI: Add beta support for new and improved PKI UI [GH-18842]
PKI Cross-Cluster Revocations: Revocation information can now be
synchronized across primary and performance replica clusters offering
a unified CRL/OCSP view of revocations across cluster boundaries. [GH-19196]
Server UDS Listener: Adding listener to Vault server to serve http request via unix domain socket [GH-18227]
Transit managed keys: The transit secrets engine now supports configuring and using managed keys
User Lockout: Adds support to configure the user-lockout behaviour for failed logins to prevent
brute force attacks for userpass, approle and ldap auth methods. [GH-19230]
VMSS Flex Authentication: Adds support for Virtual Machine Scale Set Flex Authentication [GH-19077]
Namespaces (enterprise): Added the ability to allow access to secrets and more to be shared across namespaces that do not share a namespace hierarchy. Using the new sys/config/group-policy-application API, policies can be configured to apply outside of namespace hierarchy, allowing this kind of cross-namespace sharing.
OpenAPI-based Go & .NET Client Libraries (Beta): We have now made available two new OpenAPI-based Go & .NET Client libraries (beta). You can use them to perform various secret management operations easily from your applications.
IMPROVEMENTS:
Redis ElastiCache DB Engine: Renamed configuration parameters for disambiguation; old parameters still supported for compatibility. [GH-18752]
secrets/ssh: removal of the deprecated dynamic keys mode. When any remaining dynamic key leases expire, an error stating secret is unsupported by this backend will be thrown by the lease manager. [GH-18874]
auth/approle: When using the Vault and Vault Enterprise (Vault) approle auth method, any authenticated user with access to the /auth/approle/role/:role_name/secret-id-accessor/destroy endpoint can destroy the secret ID of any other role by providing the secret ID accessor. This vulnerability, CVE-2023-24999 has been fixed in Vault 1.13.0, 1.12.4, 1.11.8, 1.10.11 and above. [HSEC-2023-07]
CHANGES:
auth/alicloud: require the role field on login [GH-19005]
auth/approle: Add maximum length of 4096 for approle role_names, as this value results in HMAC calculation [GH-17768]
auth: Returns invalid credentials for ldap, userpass and approle when wrong credentials are provided for existent users.
This will only be used internally for implementing user lockout. [GH-17104]
core: Bump Go version to 1.20.1.
core: Vault version has been moved out of sdk and into main vault module.
Plugins using sdk/useragent.String must instead use sdk/useragent.PluginString. [GH-14229]
logging: Removed legacy environment variable for log format ('LOGXI_FORMAT'), should use 'VAULT_LOG_FORMAT' instead [GH-17822]
plugins: Mounts can no longer be pinned to a specific builtin version. Mounts previously pinned to a specific builtin version will now automatically upgrade to the latest builtin version, and may now be overridden if an unversioned plugin of the same name and type is registered. Mounts using plugin versions without builtin in their metadata remain unaffected. [GH-18051]
plugins: GET /database/config/:name endpoint now returns an additional plugin_version field in the response data. [GH-16982]
plugins: GET /sys/auth/:path/tune and GET /sys/mounts/:path/tune endpoints may now return an additional plugin_version field in the response data if set. [GH-17167]
plugins: GET for /sys/auth, /sys/auth/:path, /sys/mounts, and /sys/mounts/:path paths now return additional plugin_version, running_plugin_version and running_sha256 fields in the response data for each mount. [GH-17167]
sdk: Remove version package, make useragent.String versionless. [GH-19068]
secrets/aws: do not create leases for non-renewable/non-revocable STS credentials to reduce storage calls [GH-15869]
secrets/gcpkms: Updated plugin from v0.13.0 to v0.14.0 [GH-19063]
sys/internal/inspect: Turns of this endpoint by default. A SIGHUP can now be used to reload the configs and turns this endpoint on.
User lockout: Ignore repeated bad credentials from the same user for a configured period of time. Enabled by default.
Azure Auth Managed Identities: Allow any Azure resource that supports managed identities to authenticate with Vault [GH-19077]
Azure Auth Rotate Root: Add support for rotate root in Azure Auth engine [GH-19077]
Event System (Alpha): Vault has a new opt-in experimental event system. Not yet suitable for production use. Events are currently only generated on writes to the KV secrets engine, but external plugins can also be updated to start generating events. [GH-19194]
GCP Secrets Impersonated Account Support: Add support for GCP service account impersonation, allowing callers to generate a GCP access token without requiring Vault to store or retrieve a GCP service account key for each role. [GH-19018]
Kubernetes Secrets Engine UI: Kubernetes is now available in the UI as a supported secrets engine. [GH-17893]
New PKI UI: Add beta support for new and improved PKI UI [GH-18842]
PKI Cross-Cluster Revocations: Revocation information can now be
synchronized across primary and performance replica clusters offering
a unified CRL/OCSP view of revocations across cluster boundaries. [GH-19196]
Server UDS Listener: Adding listener to Vault server to serve http request via unix domain socket [GH-18227]
Transit managed keys: The transit secrets engine now supports configuring and using managed keys
User Lockout: Adds support to configure the user-lockout behaviour for failed logins to prevent
brute force attacks for userpass, approle and ldap auth methods. [GH-19230]
VMSS Flex Authentication: Adds support for Virtual Machine Scale Set Flex Authentication [GH-19077]
Namespaces (enterprise): Added the ability to allow access to secrets and more to be shared across namespaces that do not share a namespace hierarchy. Using the new sys/config/group-policy-application API, policies can be configured to apply outside of namespace hierarchy, allowing this kind of cross-namespace sharing.
OpenAPI-based Go & .NET Client Libraries (Beta): We have now made available two new [OpenAPI-based Go] & [OpenAPI-based .NET] Client libraries (beta). You can use them to perform various secret management operations easily from your applications.
Bumps the go group with 10 updates in the / directory:
1.15.7
1.16.0
1.9.2
1.11.1
1.5.1
1.5.2
1.1.0-alpha.0-proton
1.1.0-alpha.2
1.25.0
1.26.1
1.27.0
1.27.13
1.16.0
1.16.17
1.28.1
1.31.1
1.12.0
1.13.0
1.22.14
1.22.15
Updates
cloud.google.com/go/kms
from 1.15.7 to 1.16.0Release notes
Sourced from cloud.google.com/go/kms's releases.
Changelog
Sourced from cloud.google.com/go/kms's changelog.
... (truncated)
Commits
9c45da0
chore: release main (#10086)9dd3e23
chore(main): release datastore 1.17.0 (#10122)fbd0576
chore(internal/postprocessor): add ai to individuallyReleasedModules (#10131)97eb0f5
feat(maps): new clients (#10129)ca989bf
chore(asset): update copyright year (#10126)37220bd
chore(all): update deps (#10116)ae63f6a
chore: freeze opentelemetry-operations-go/exporter/trace at v1.22.0 (#10124)729b06d
chore(main): release auth 0.4.0 (#10100)d861a42
chore(maps/routeoptimization): add config to generate apiv1 (#10123)3e25053
chore(edgenetwork): update copyright year in protos (#10103)Updates
cloud.google.com/go/storage
from 1.38.0 to 1.39.1Commits
71dc4c6
chore(main): release storage 1.39.1 (#9524)ae7dc65
chore(apphub): add config to generate apiv1 (#9550)50fcc6e
chore(main): release bigtable 1.22.0 (#9551)74dcd1f
chore(securitycenter): add config to generate apiv2 (#9549)3f4d7c2
chore(cloudcontrolspartner): add config to generate apiv1 (#9548)48614ab
chore(bigtable): release 1.22.0 (#9547)511d9b2
fix(vertexai): clarify Client.GenerativeModel documentation (#9533)f0a2781
chore: re-drop weak refs to parent modules and tag (#9545)bdf2f17
chore(main): release auth 0.1.1 (#8920)9b97ce7
feat(spanner/spansql): support Table rename & Table synonym (#9275)Updates
github.com/Azure/azure-sdk-for-go/sdk/azcore
from 1.9.2 to 1.11.1Release notes
Sourced from github.com/Azure/azure-sdk-for-go/sdk/azcore's releases.
Commits
76e5495
Prep azcore@v1.11.1 for release (#22680)2650473
Increment package version after release of messaging/azeventhubs (#22677)51ef615
runtime.Poller.Result won't be done on non-terminal error (#22675)aef7678
Increment package version after release of messaging/azservicebus (#22678)a67b4de
Increment package version after release of messaging/eventgrid/azeventgrid (#...e978d51
[azopenai] Updating doc comments based on feedback from an issue, as well as ...4116d5d
Don't consider 408 as terminal failure for Location poller (#22674)e036aea
Sync eng/common directory with azure-sdk-tools for PR 7989 (#22673)53f73ad
Sync eng/common directory with azure-sdk-tools for PR 7988 (#22672)9e78ee2
[azeventgrid] Prepping for first GA of the Event Grid Basic package. (#22667)Updates
github.com/Azure/azure-sdk-for-go/sdk/azidentity
from 1.5.1 to 1.5.2Release notes
Sourced from github.com/Azure/azure-sdk-for-go/sdk/azidentity's releases.
Commits
299ebfe
Prepare internal for release (#22339)d00123d
Update packages (#22338)0a332e3
Fix issue in Verify-Link.ps1 after PS 7.4 update (#22336)c8ae7ed
Sync eng/common directory with azure-sdk-tools for PR 7615 (#22335)9ae828c
Replace ErrAuthenticationRequired with AuthenticationRequiredError (#22317)7c50f09
[Release] sdk/resourcemanager/springappdiscovery/armspringappdiscovery/0.1.0 ...b36de61
Added spec location verification to the release pipeline (#22301)00f2b8b
Go SDK for Azure Web PubSub Data plane (#21929)0aa2409
Sync eng/common directory with azure-sdk-tools for PR 7585 (#22312)572ba1f
JSON marshaling helpers will preserve Content-Type (#22309)Updates
github.com/ProtonMail/go-crypto
from 1.1.0-alpha.0-proton to 1.1.0-alpha.2Release notes
Sourced from github.com/ProtonMail/go-crypto's releases.
Commits
9d2beb2
Remove VerifyDetachedSignatureAndSaltedHash and SaltedHashSpecifier (#196)Updates
github.com/aws/aws-sdk-go-v2
from 1.25.0 to 1.26.1Commits
0fde27c
Release 2024-03-2957e0d95
Regenerated Clientse114db5
Update SDK's smithy-go dependency to v1.20.2f456f07
Update endpoints model96b431a
Update API model6a694c7
dep: upgrade to smithy 1.47.0 (#2587)973665b
Release 2024-03-288b24e40
Regenerated Clients8788e04
Update endpoints model0480396
Update API modelUpdates
github.com/aws/aws-sdk-go-v2/config
from 1.27.0 to 1.27.13Commits
0805b74
Release 2024-05-108ba0718
Regenerated Clients566a901
Update endpoints model765a6d2
Update API model0ac88f6
do NOT serialize empty lists in ec2query (#2630)0457ec5
Merge pull request #2638 from aws/feat-remove-honeycodea8dc075
add changelog9a47278
remove honeycode from v2343ec35
drop x/net runtime dependency which was only used for testing (#2637)1c71d2f
Release 2024-05-09Updates
github.com/aws/aws-sdk-go-v2/credentials
from 1.17.0 to 1.17.13Commits
0805b74
Release 2024-05-108ba0718
Regenerated Clients566a901
Update endpoints model765a6d2
Update API model0ac88f6
do NOT serialize empty lists in ec2query (#2630)0457ec5
Merge pull request #2638 from aws/feat-remove-honeycodea8dc075
add changelog9a47278
remove honeycode from v2343ec35
drop x/net runtime dependency which was only used for testing (#2637)1c71d2f
Release 2024-05-09Updates
github.com/aws/aws-sdk-go-v2/feature/s3/manager
from 1.16.0 to 1.16.17Commits
d47c319
Release 2022-08-31d0933de
Regenerated Clients988edc8
Update SDK's smithy-go dependency to v1.13.1d6e0100
Update API modelf8a5aa2
Release 2022-08-308072564
Regenerated Clients9f60590
Update endpoints model8874a3e
Update API modeld1091d0
Release 2022-08-29a1140b1
Regenerated ClientsUpdates
github.com/aws/aws-sdk-go-v2/service/kms
from 1.28.1 to 1.31.1Changelog
Sourced from github.com/aws/aws-sdk-go-v2/service/kms's changelog.
... (truncated)
Commits
b40e677
Release 2023-03-3196ef350
Regenerated Clients27b40fd
Update endpoints model688fa29
Update API model342f3b4
Release 2023-03-3034e534d
Regenerated Clients96c5cdb
Update endpoints model53f050e
Update API modelcec179c
Release 2023-03-297340532
Regenerated ClientsUpdates
github.com/aws/aws-sdk-go-v2/service/s3
from 1.49.0 to 1.53.2Commits
e7dfd72
Release 2024-05-08316c7cd
Regenerated Clientsba18a1e
Update API model31c2861
fix: improve Go doc formatter (#2636)7a87a62
add missing changelog (#2635)8cc2bc3
Release 2024-05-0736b4e92
Regenerated Clients9e70bfa
Update API model7a654f5
dep: bump x/net to 0.23.0 (#2631)eff2620
Release 2024-05-06Updates
github.com/aws/aws-sdk-go-v2/service/sts
from 1.27.0 to 1.28.7Commits
e155bb7
Release 2023-10-069d342ba
Regenerated Clients1df9914
Update SDK's smithy-go dependency to v1.15.032ada3a
Update API model12ba4ac
Release 2023-10-05be8a8e0
Regenerated Clientsdc38adb
Update endpoints modela52086e
Update API model1ed22c1
Release 2023-10-04e007bcd
Regenerated ClientsUpdates
github.com/golang/protobuf
from 1.5.3 to 1.5.4Release notes
Sourced from github.com/golang/protobuf's releases.
Commits
75de7c0
Merge pull request #1597 from golang/updatedescb7697bb
all: update descriptor.proto to latest versionUpdates
github.com/hashicorp/vault/api
from 1.12.0 to 1.13.0Release notes
Sourced from github.com/hashicorp/vault/api's releases.
... (truncated)
Changelog
Sourced from github.com/hashicorp/vault/api's changelog.
... (truncated)
Commits
a4cf0dc
Remove rc1 prerelease tag. (#19417)0a42f2a
backport of commit 9bb8321a5bf5b26beae865eb6290bd17aabc159f (#19409)75f1ea2
backport of commit eb70bfdc5bfb0dd4c47326e1933b94bd93602c56 (#19407)20e201b
backport of commit da31528fdc0d9b043a21b1676694eecfaef130db (#19405)7383b52
backport of commit 52bbf65... _Description has been truncated_