morningconsult / docker-credential-vault-login

Automatically gets docker credentials from Hashicorp Vault
Apache License 2.0
77 stars 11 forks source link

chore(deps): bump github.com/hashicorp/vault from 1.10.0 to 1.10.1 #85

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps github.com/hashicorp/vault from 1.10.0 to 1.10.1.

Changelog

Sourced from github.com/hashicorp/vault's changelog.

1.10.1

April 22, 2022

CHANGES:

  • core: A request that fails path validation due to relative path check will now be responded to with a 400 rather than 500. [GH-14328]
  • core: Bump Go version to 1.17.9. [GH-15044]

IMPROVEMENTS:

  • agent: Upgrade hashicorp/consul-template version for sprig template functions and improved writeTo function [GH-15092]
  • auth: enforce a rate limit for TOTP passcode validation attempts [GH-14864]
  • cli/vault: warn when policy name contains upper-case letter [GH-14670]
  • cockroachdb: add high-availability support [GH-12965]
  • sentinel (enterprise): Upgrade sentinel to v0.18.5 to avoid potential naming collisions in the remote installer

BUG FIXES:

  • Fixed panic when adding or modifying a Duo MFA Method in Enterprise
  • agent: Fix log level mismatch between ERR and ERROR [GH-14424]
  • api/sys/raft: Update RaftSnapshotRestore to use net/http client allowing bodies larger than allocated memory to be streamed [GH-14269]
  • api: Respect increment value in grace period calculations in LifetimeWatcher [GH-14836]
  • auth/approle: Add maximum length for input values that result in SHA56 HMAC calculation [GH-14746]
  • auth: forward requests subject to login MFA from perfStandby to Active node [GH-15009]
  • cassandra: Update gocql Cassandra client to fix "no hosts available in the pool" error [GH-14973]
  • cli: Fix panic caused by parsing key=value fields whose value is a single backslash [GH-14523]
  • core (enterprise): Allow local alias create RPCs to persist alias metadata [GH-changelog:_2747]
  • core/managed-keys (enterprise): Allow PKCS#11 managed keys to use 0 as a slot number
  • core/metrics: Fix incorrect table size metric for local mounts [GH-14755]
  • core: Fix panic caused by parsing JSON integers for fields defined as comma-delimited integers [GH-15072]
  • core: Fix panic caused by parsing JSON integers for fields defined as comma-delimited strings [GH-14522]
  • core: Fix panic caused by parsing policies with empty slice values. [GH-14501]
  • core: Fix panic for help request URL paths without /v1/ prefix [GH-14704]
  • core: fixing excessive unix file permissions [GH-14791]
  • core: fixing excessive unix file permissions on dir, files and archive created by vault debug command [GH-14846]
  • core: report unused or redundant keys in server configuration [GH-14752]
  • core: time.After() used in a select statement can lead to memory leak [GH-14814]
  • raft: Ensure initialMmapSize is set to 0 on Windows [GH-14977]
  • replication (enterprise): fix panic due to missing entity during invalidation of local aliases. [GH-14622]
  • secrets/database: Ensure that a connection_url password is redacted in all cases. [GH-14744]
  • secrets/pki: Fix handling of "any" key type with default zero signature bits value. [GH-14875]
  • secrets/pki: Fixed bug where larger SHA-2 hashes were truncated with shorter ECDSA CA certificates [GH-14943]
  • ui: Fix Generated Token's Policies helpText to clarify that comma separated values are not excepted in this field. [GH-15046]
  • ui: Fixes edit auth method capabilities issue [GH-14966]
  • ui: Fixes issue logging in with OIDC from a listed auth mounts tab [GH-14916]
  • ui: fix search-select component showing blank selections when editing group member entity [GH-15058]
  • ui: masked values no longer give away length or location of special characters [GH-15025]
Commits
  • e452e9b Backport of Upgrade hashicorp/consul-template dependency into release/1.10.x ...
  • 37b2a3f backport of commit 57eba1d02bdf789cc0238de8ea63998a26c9bcee (#15087)
  • 474e38e Backport of fix TypeCommaIntSlice panic caused by json.Number input into rele...
  • 594d1e8 backport of commit 57cd7a41723342273f9abe595a7fa32de4729ddc (#15076)
  • 8346131 Backport of Fix edit capabilities call in auth method into release/1.10.x (#1...
  • 6927659 Backport of Custom tooltip for Generated Token Policies form field on auth me...
  • c704956 Backport of Respect increment value in grace period calculations (api/Lifetim...
  • c5d663f Backport of UI: fix blank selection on search select field into release/1.10....
  • 221cc89 Backport 1.10.1: UI Masked inputs always look the same when value is hidden (...
  • 94d056c VAULT-5422: Add rate limit for TOTP passcode attempts (#14864) (#15049)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)