Removes the openpgp.VerifyDetachedSignatureAndSaltedHash function and the packet.SaltedHashSpecifier as they are no longer required. They were introduced for verifying the headers in cleartext messages. However, in the latest crypto-refresh specification, cleartext message headers were dropped.
secrets/pki: Maintaining running count of certificates will be turned off by default.
To re-enable keeping these metrics available on the tidy status endpoint, enable
maintain_stored_certificate_counts on tidy-config, to also publish them to the
metrics consumer, enable publish_stored_certificate_count_metrics . [GH-18186]
CHANGES:
auth/alicloud: Updated plugin from v0.14.0 to v0.15.0 [GH-20758]
auth/azure: Updated plugin from v0.13.0 to v0.15.0 [GH-20816]
auth/centrify: Updated plugin from v0.14.0 to v0.15.1 [GH-20745]
auth/gcp: Updated plugin from v0.15.0 to v0.16.0 [GH-20725]
auth/jwt: Updated plugin from v0.15.0 to v0.16.0 [GH-20799]
auth/kubernetes: Update plugin to v0.16.0 [GH-20802]
core: Bump Go version to 1.20.5.
core: Remove feature toggle for SSCTs, i.e. the env var VAULT_DISABLE_SERVER_SIDE_CONSISTENT_TOKENS. [GH-20834]
core: Revert #19676 (VAULT_GRPC_MIN_CONNECT_TIMEOUT env var) as we decided it was unnecessary. [GH-20826]
database/couchbase: Updated plugin from v0.9.0 to v0.9.2 [GH-20764]
database/redis-elasticache: Updated plugin from v0.2.0 to v0.2.1 [GH-20751]
replication (enterprise): Add a new parameter for the update-primary API call
that allows for setting of the primary cluster addresses directly, instead of
via a token.
secrets/ad: Updated plugin from v0.10.1-0.20230329210417-0b2cdb26cf5d to v0.16.0 [GH-20750]
secrets/alicloud: Updated plugin from v0.5.4-beta1.0.20230330124709-3fcfc5914a22 to v0.15.0 [GH-20787]
secrets/aure: Updated plugin from v0.15.0 to v0.16.0 [GH-20777]
secrets/database/mongodbatlas: Updated plugin from v0.9.0 to v0.10.0 [GH-20882]
secrets/database/snowflake: Updated plugin from v0.7.0 to v0.8.0 [GH-20807]
secrets/gcp: Updated plugin from v0.15.0 to v0.16.0 [GH-20818]
secrets/keymgmt: Updated plugin to v0.9.1
secrets/kubernetes: Update plugin to v0.5.0 [GH-20802]
secrets/mongodbatlas: Updated plugin from v0.9.1 to v0.10.0 [GH-20742]
secrets/pki: Allow issuance of root CAs without AIA, when templated AIA information includes issuer_id. [GH-21209]
secrets/pki: Warning when issuing leafs from CSRs with basic constraints. In the future, issuance of non-CA leaf certs from CSRs with asserted IsCA Basic Constraints will be prohibited. [GH-20654]
FEATURES:
AWS Static Roles: The AWS Secrets Engine can manage static roles configured by users. [GH-20536]
Automated License Utilization Reporting: Added automated license
utilization reporting, which sends minimal product-license metering
data
to HashiCorp without requiring you to manually collect and report them.
Environment Variables through Vault Agent: Introducing a new process-supervisor mode for Vault Agent which allows injecting secrets as environment variables into a child process using a new env_template configuration stanza. The process-supervisor configuration can be generated with a new vault agent generate-config helper tool. [GH-20530]
MongoDB Atlas Database Secrets: Adds support for client certificate credentials [GH-20425]
MongoDB Atlas Database Secrets: Adds support for generating X.509 certificates on dynamic roles for user authentication [GH-20882]
NEW PKI Workflow in UI: Completes generally available rollout of new PKI UI that provides smoother mount configuration and a more guided user experience [GH-pki-ui-improvements]
ui: key-value v2 (kv-v2) diff viewer allowed HTML injection into the Vault web UI through key values. This vulnerability, CVE-2023-2121, is fixed in Vault 1.14.0, 1.13.3, 1.12.7, and 1.11.11. [HSEC-2023-17]
BREAKING CHANGES:
secrets/pki: Maintaining running count of certificates will be turned off by default.
To re-enable keeping these metrics available on the tidy status endpoint, enable
maintain_stored_certificate_counts on tidy-config, to also publish them to the
metrics consumer, enable publish_stored_certificate_count_metrics . [GH-18186]
CHANGES:
auth/alicloud: Updated plugin from v0.14.0 to v0.15.0 [GH-20758]
auth/azure: Updated plugin from v0.13.0 to v0.15.0 [GH-20816]
auth/centrify: Updated plugin from v0.14.0 to v0.15.1 [GH-20745]
auth/gcp: Updated plugin from v0.15.0 to v0.16.0 [GH-20725]
auth/jwt: Updated plugin from v0.15.0 to v0.16.0 [GH-20799]
auth/kubernetes: Update plugin to v0.16.0 [GH-20802]
core: Bump Go version to 1.20.5.
core: Remove feature toggle for SSCTs, i.e. the env var VAULT_DISABLE_SERVER_SIDE_CONSISTENT_TOKENS. [GH-20834]
core: Revert #19676 (VAULT_GRPC_MIN_CONNECT_TIMEOUT env var) as we decided it was unnecessary. [GH-20826]
database/couchbase: Updated plugin from v0.9.0 to v0.9.2 [GH-20764]
database/redis-elasticache: Updated plugin from v0.2.0 to v0.2.1 [GH-20751]
replication (enterprise): Add a new parameter for the update-primary API call
that allows for setting of the primary cluster addresses directly, instead of
via a token.
secrets/ad: Updated plugin from v0.10.1-0.20230329210417-0b2cdb26cf5d to v0.16.0 [GH-20750]
secrets/alicloud: Updated plugin from v0.5.4-beta1.0.20230330124709-3fcfc5914a22 to v0.15.0 [GH-20787]
secrets/aure: Updated plugin from v0.15.0 to v0.16.0 [GH-20777]
secrets/database/mongodbatlas: Updated plugin from v0.9.0 to v0.10.0 [GH-20882]
secrets/database/snowflake: Updated plugin from v0.7.0 to v0.8.0 [GH-20807]
secrets/gcp: Updated plugin from v0.15.0 to v0.16.0 [GH-20818]
secrets/keymgmt: Updated plugin to v0.9.1
secrets/kubernetes: Update plugin to v0.5.0 [GH-20802]
secrets/mongodbatlas: Updated plugin from v0.9.1 to v0.10.0 [GH-20742]
secrets/pki: Allow issuance of root CAs without AIA, when templated AIA information includes issuer_id. [GH-21209]
secrets/pki: Warning when issuing leafs from CSRs with basic constraints. In the future, issuance of non-CA leaf certs from CSRs with asserted IsCA Basic Constraints will be prohibited. [GH-20654]
FEATURES:
AWS Static Roles: The AWS Secrets Engine can manage static roles configured by users. [GH-20536]
Automated License Utilization Reporting: Added automated license
utilization reporting, which sends minimal product-license metering
data
to HashiCorp without requiring you to manually collect and report them.
Environment Variables through Vault Agent: Introducing a new process-supervisor mode for Vault Agent which allows injecting secrets as environment variables into a child process using a new env_template configuration stanza. The process-supervisor configuration can be generated with a new vault agent generate-config helper tool. [GH-20530]
... (truncated)
Commits
13a649f backport of commit f12c1285599a1519273bfa68472c598b1fd635bf (#21348)
dd62be3 backport of commit 3908ec9dc44352548e08f4c86f9ad76c255ce493 (#21331)
0fc55a2 backport of commit d76424cb53c730da5410ec55bff3274a01212843 (#21328)
7733b6a backport of commit 3347e5d56b363e58e7be556cfd0875a210c2a2ec (#21326)
1990a8c backport of commit 30aac443d0037852b0a5e4b50d59a9bedc5e4445 (#21324)
15631d2 backport of commit a1fdf105b3cc2e88483f3fca27729fa06bfbfa7f (#21312)
a14ff6e backport of commit 41f392c43ff4c9077deb1d1640349b8ba867d139 (#21307)
0610df0 backport of commit 042dd57811c900c9f6e2c85b5460d50560f79105 (#21295)
2fd24b1 backport of commit 8cc7be234ac34ff0f703ab092a7314ba9e65b277 (#21293)
9e85fef backport of commit c5549cdac681676ae52ea173d737ee1c5d1949a2 (#21272)
Bumps the go group with 11 updates in the / directory:
1.15.7
1.17.1
1.9.2
1.11.1
1.5.1
1.5.2
1.1.0-alpha.0-proton
1.1.0-alpha.2
1.25.0
1.27.0
1.27.0
1.27.16
1.16.0
1.16.21
1.28.1
1.32.1
1.16.0
1.17.0
1.12.0
1.14.0
1.22.14
1.22.15
Updates
cloud.google.com/go/kms
from 1.15.7 to 1.17.1Release notes
Sourced from cloud.google.com/go/kms's releases.
... (truncated)
Commits
7463789
chore: release main (#10225)532d8fb
fix(secretmanager): enable cloud.google.com/go/auth (#10248)1326df1
fix(kms): enable cloud.google.com/go/auth (#10246)70fec2b
chore: update gapic-generator-go to 0.43.0 (#10245)c52a473
test(storage): use control client for int test (#10239)a07781a
fix: add php_namespace (#10231)8fdf6db
chore(spanner): fix nil pointer (#10244)fd4cfc2
chore(spanner): regenerate proto files and fix tests (#10242)1fb0e64
fix(bigquery/storage/managedwriter): faster context failure on send (#10169)a495f8f
feat(security): new client(s) (#10224)Updates
cloud.google.com/go/storage
from 1.38.0 to 1.39.1Commits
71dc4c6
chore(main): release storage 1.39.1 (#9524)ae7dc65
chore(apphub): add config to generate apiv1 (#9550)50fcc6e
chore(main): release bigtable 1.22.0 (#9551)74dcd1f
chore(securitycenter): add config to generate apiv2 (#9549)3f4d7c2
chore(cloudcontrolspartner): add config to generate apiv1 (#9548)48614ab
chore(bigtable): release 1.22.0 (#9547)511d9b2
fix(vertexai): clarify Client.GenerativeModel documentation (#9533)f0a2781
chore: re-drop weak refs to parent modules and tag (#9545)bdf2f17
chore(main): release auth 0.1.1 (#8920)9b97ce7
feat(spanner/spansql): support Table rename & Table synonym (#9275)Updates
github.com/Azure/azure-sdk-for-go/sdk/azcore
from 1.9.2 to 1.11.1Release notes
Sourced from github.com/Azure/azure-sdk-for-go/sdk/azcore's releases.
Commits
76e5495
Prep azcore@v1.11.1 for release (#22680)2650473
Increment package version after release of messaging/azeventhubs (#22677)51ef615
runtime.Poller.Result won't be done on non-terminal error (#22675)aef7678
Increment package version after release of messaging/azservicebus (#22678)a67b4de
Increment package version after release of messaging/eventgrid/azeventgrid (#...e978d51
[azopenai] Updating doc comments based on feedback from an issue, as well as ...4116d5d
Don't consider 408 as terminal failure for Location poller (#22674)e036aea
Sync eng/common directory with azure-sdk-tools for PR 7989 (#22673)53f73ad
Sync eng/common directory with azure-sdk-tools for PR 7988 (#22672)9e78ee2
[azeventgrid] Prepping for first GA of the Event Grid Basic package. (#22667)Updates
github.com/Azure/azure-sdk-for-go/sdk/azidentity
from 1.5.1 to 1.5.2Release notes
Sourced from github.com/Azure/azure-sdk-for-go/sdk/azidentity's releases.
Commits
299ebfe
Prepare internal for release (#22339)d00123d
Update packages (#22338)0a332e3
Fix issue in Verify-Link.ps1 after PS 7.4 update (#22336)c8ae7ed
Sync eng/common directory with azure-sdk-tools for PR 7615 (#22335)9ae828c
Replace ErrAuthenticationRequired with AuthenticationRequiredError (#22317)7c50f09
[Release] sdk/resourcemanager/springappdiscovery/armspringappdiscovery/0.1.0 ...b36de61
Added spec location verification to the release pipeline (#22301)00f2b8b
Go SDK for Azure Web PubSub Data plane (#21929)0aa2409
Sync eng/common directory with azure-sdk-tools for PR 7585 (#22312)572ba1f
JSON marshaling helpers will preserve Content-Type (#22309)Updates
github.com/ProtonMail/go-crypto
from 1.1.0-alpha.0-proton to 1.1.0-alpha.2Release notes
Sourced from github.com/ProtonMail/go-crypto's releases.
Commits
9d2beb2
Remove VerifyDetachedSignatureAndSaltedHash and SaltedHashSpecifier (#196)Updates
github.com/aws/aws-sdk-go-v2
from 1.25.0 to 1.27.0Commits
728f21f
Release 2024-05-163dbd5ca
Regenerated Clientsc87adfd
Update endpoints modele209d02
Update API modelef4a9a0
internal: capture user-agent in metrics (#2644)c964dbd
Release 2024-05-15ce84395
Regenerated Clients8de9119
Update API model05fcf66
internal: true up internal metrics collection for post-SRA middleware (#2642)1148427
reformat signer/v4 package doc (#2640)Updates
github.com/aws/aws-sdk-go-v2/config
from 1.27.0 to 1.27.16Commits
8abec4c
Release 2024-05-2370e7095
Regenerated Clients0b2a340
Update partitions filec1eb2d9
Update endpoints model4c990d1
Update API modelc6c1626
s3: handle unrecognized values for Expires in responses (#2653)8209abb
Release 2024-05-2281ad168
Regenerated Clients5c92ae7
Update endpoints model6eeecd9
Update API modelUpdates
github.com/aws/aws-sdk-go-v2/credentials
from 1.17.0 to 1.17.16Commits
8abec4c
Release 2024-05-2370e7095
Regenerated Clients0b2a340
Update partitions filec1eb2d9
Update endpoints model4c990d1
Update API modelc6c1626
s3: handle unrecognized values for Expires in responses (#2653)8209abb
Release 2024-05-2281ad168
Regenerated Clients5c92ae7
Update endpoints model6eeecd9
Update API modelUpdates
github.com/aws/aws-sdk-go-v2/feature/s3/manager
from 1.16.0 to 1.16.21Commits
b08ae84
Release 2022-10-033176b00
Regenerated Clients4e7fe92
Update endpoints model8485699
Update API model9fa3861
Release 2022-09-30411f0f4
Regenerated Clients9279164
Update endpoints model000f6ac
Update API modele4f0cba
Release 2022-09-29bcf7080
Regenerated ClientsUpdates
github.com/aws/aws-sdk-go-v2/service/kms
from 1.28.1 to 1.32.1Commits
0966539
Release 2022-11-10aec7ab6
Regenerated Clientsd008171
Update endpoints model29d44eb
Update API model01cee3e
Release 2022-11-09a947341
Regenerated Clients7aa742a
Update API model89b64d9
Release 2022-11-08312cdea
Regenerated Clients8ee4708
Update endpoints modelUpdates
github.com/aws/aws-sdk-go-v2/service/s3
from 1.49.0 to 1.54.3Commits
8abec4c
Release 2024-05-2370e7095
Regenerated Clients0b2a340
Update partitions filec1eb2d9
Update endpoints model4c990d1
Update API modelc6c1626
s3: handle unrecognized values for Expires in responses (#2653)8209abb
Release 2024-05-2281ad168
Regenerated Clients5c92ae7
Update endpoints model6eeecd9
Update API modelUpdates
github.com/aws/aws-sdk-go-v2/service/sts
from 1.27.0 to 1.28.10Commits
b83b305
Release 2023-04-14cdcc36a
Regenerated Clients41e6ecf
Update endpoints model66426a6
Update API model34d00f4
Release 2023-04-1344686f2
Regenerated Clientsa748e72
Update endpoints model2402019
Update API model636b2e4
fix APIGW exports nullability exceptions (#2094)8d65580
Release 2023-04-12Updates
github.com/fatih/color
from 1.16.0 to 1.17.0Release notes
Sourced from github.com/fatih/color's releases.
Commits
b6598b1
Merge pull request #228 from klauspost/fix-println-issue-21800b1811
Fix multi-parameter println spacing04994a8
Merge pull request #224 from fatih/dependabot/go_modules/golang.org/x/sys-0.18.07526cad
Merge branch 'main' into dependabot/go_modules/golang.org/x/sys-0.18.08d058ca
Merge pull request #222 from fatih/ci-updates2ac809f
Bump golang.org/x/sys from 0.17.0 to 0.18.051a7bbf
ci: update Go and Staticcheck versions799c49c
Merge pull request #217 from fatih/dependabot/github_actions/actions/setup-go-5f8e0ec9
Merge branch 'main' into dependabot/github_actions/actions/setup-go-5298abd8
Merge pull request #221 from fatih/dependabot/go_modules/golang.org/x/sys-0.17.0Updates
github.com/golang/protobuf
from 1.5.3 to 1.5.4Release notes
Sourced from github.com/golang/protobuf's releases.
Commits
75de7c0
Merge pull request #1597 from golang/updatedescb7697bb
all: update descriptor.proto to latest versionUpdates
github.com/hashicorp/vault/api
from 1.12.0 to 1.14.0Release notes
Sourced from github.com/hashicorp/vault/api's releases.
... (truncated)
Changelog
Sourced from github.com/hashicorp/vault/api's changelog.
... (truncated)
Commits
13a649f
backport of commit f12c1285599a1519273bfa68472c598b1fd635bf (#21348)dd62be3
backport of commit 3908ec9dc44352548e08f4c86f9ad76c255ce493 (#21331)0fc55a2
backport of commit d76424cb53c730da5410ec55bff3274a01212843 (#21328)7733b6a
backport of commit 3347e5d56b363e58e7be556cfd0875a210c2a2ec (#21326)1990a8c
backport of commit 30aac443d0037852b0a5e4b50d59a9bedc5e4445 (#21324)15631d2
backport of commit a1fdf105b3cc2e88483f3fca27729fa06bfbfa7f (#21312)a14ff6e
backport of commit 41f392c43ff4c9077deb1d1640349b8ba867d139 (#21307)0610df0
backport of commit 042dd57811c900c9f6e2c85b5460d50560f79105 (#21295)2fd24b1
backport of commit 8cc7be234ac34ff0f703ab092a7314ba9e65b277 (#21293)9e85fef
backport of commit c5549cdac681676ae52ea173d737ee1c5d1949a2 (#21272)Updates
github.com/stretchr/testify
from 1.8.4 to 1.9.0Release notes
Sourced from github.com/stretchr/testify's releases.
... (truncated)
Commits
bb548d0
Merge pull request #1552 from stretchr/dependabot/go_modules/github.com/stret...814075f
build(deps): bump github.com/stretchr/objx from 0.5.1 to 0.5.2e045612
Merge pull request #1339 from bogdandrutu/uintptr5b6926d
Merge pull request #1385 from hslatman/not-implements9f97d67
Merge pull request #1550 from stretchr/release-notesbcb0d3f
Include the auto-release notes in releasesfb770f8
Merge pull request #1247 from ccoVeille/typos85d8bb6
fix typos in comments, tests and github templatese2741fa
Merge pull request@dependabot rebase
Looks like these dependencies are updatable in another way, so this is no longer needed.