morningconsult / docker-credential-vault-login

Automatically gets docker credentials from Hashicorp Vault
Apache License 2.0
77 stars 11 forks source link

chore(deps): bump github.com/hashicorp/vault from 1.9.2 to 1.9.3 #78

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps github.com/hashicorp/vault from 1.9.2 to 1.9.3.

Release notes

Sourced from github.com/hashicorp/vault's releases.

v1.9.3

1.9.3

January 27, 2022

IMPROVEMENTS:

  • auth/kubernetes: Added support for dynamically reloading short-lived tokens for better Kubernetes 1.21+ compatibility [GH-13698]
  • auth/ldap: Add username to alias metadata [GH-13669]
  • core/identity: Support updating an alias' custom_metadata to be empty. [GH-13395]
  • core: Fixes code scanning alerts [GH-13667]
  • http (enterprise): Serve /sys/license/status endpoint within namespaces

BUG FIXES:

  • auth/oidc: Fixes OIDC auth from the Vault UI when using the implicit flow and form_post response mode. [GH-13492]
  • cli: Fix using kv patch with older server versions that don't support HTTP PATCH. [GH-13615]
  • core (enterprise): Workaround AWS CloudHSM v5 SDK issue not allowing read-only sessions
  • core/identity: Address a data race condition between local updates to aliases and invalidations [GH-13476]
  • core: add support for go-sockaddr templates in the top-level cluster_addr field [GH-13678]
  • identity/oidc: Check for a nil signing key on rotation to prevent panics. [GH-13716]
  • kmip (enterprise): Fix locate by name operations fail to find key after a rekey operation.
  • secrets/database/mssql: Accept a boolean for contained_db, rather than just a string. [GH-13469]
  • secrets/gcp: Fixes role bindings for BigQuery dataset resources. [GH-13548]
  • secrets/pki: Fix regression causing performance secondaries to forward certificate generation to the primary. [GH-13759]
  • storage/raft: On linux, use map_populate for bolt files to improve startup time. [GH-13573]
  • storage/raft: Units for bolt metrics now given in milliseconds instead of nanoseconds [GH-13749]
  • ui: Fixes breadcrumb bug for secrets navigation [GH-13604]
  • ui: Fixes issue saving KMIP role correctly [GH-13585]
Changelog

Sourced from github.com/hashicorp/vault's changelog.

1.9.3

January 27, 2022

IMPROVEMENTS:

  • auth/kubernetes: Added support for dynamically reloading short-lived tokens for better Kubernetes 1.21+ compatibility [GH-13698]
  • auth/ldap: Add username to alias metadata [GH-13669]
  • core/identity: Support updating an alias' custom_metadata to be empty. [GH-13395]
  • core: Fixes code scanning alerts [GH-13667]
  • http (enterprise): Serve /sys/license/status endpoint within namespaces

BUG FIXES:

  • auth/oidc: Fixes OIDC auth from the Vault UI when using the implicit flow and form_post response mode. [GH-13492]
  • cli: Fix using kv patch with older server versions that don't support HTTP PATCH. [GH-13615]
  • core (enterprise): Workaround AWS CloudHSM v5 SDK issue not allowing read-only sessions
  • core/identity: Address a data race condition between local updates to aliases and invalidations [GH-13476]
  • core: add support for go-sockaddr templates in the top-level cluster_addr field [GH-13678]
  • identity/oidc: Check for a nil signing key on rotation to prevent panics. [GH-13716]
  • kmip (enterprise): Fix locate by name operations fail to find key after a rekey operation.
  • secrets/database/mssql: Accept a boolean for contained_db, rather than just a string. [GH-13469]
  • secrets/gcp: Fixes role bindings for BigQuery dataset resources. [GH-13548]
  • secrets/pki: Fix regression causing performance secondaries to forward certificate generation to the primary. [GH-13759]
  • storage/raft: On linux, use map_populate for bolt files to improve startup time. [GH-13573]
  • storage/raft: Units for bolt metrics now given in milliseconds instead of nanoseconds [GH-13749]
  • ui: Fixes breadcrumb bug for secrets navigation [GH-13604]
  • ui: Fixes issue saving KMIP role correctly [GH-13585]
Commits
  • 7dbdd57 backport of commit 4beff4da01cfd88843166b265dd91c13d3008ed3 (#13731)
  • e2920c6 Backport of Raft/fix raft telemetry metric unit into release/1.9.x (#13760)
  • 8a66132 Backport of oidc: check for nil signing key on rotation into release/1.9.x (#...
  • 787dca3 Backport of Vault-3991 Code Scanning Alerts Changes into release/1.9.x (#13670)
  • b023098 Correct doc link for namespaces in API Explorer (#13747) (#13758)
  • 0bfd5f8 changelog
  • b462031 PKI - Allow performance secondaries to generate and store certificates locall...
  • 38c074a Backport of auth/kubernetes: support for dynamically reloading short-lived to...
  • b118c8a Fix secrets list breadcrumb (#13743)
  • 30bbd43 backport of commit bd784efce56d4b1db3ec29efa0c54db3426e9498 (#13742)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)