build(deps): bump github.com/hashicorp/vault from 1.12.0 to 1.12.5

dependabot[bot] commented 1 year ago

Bumps github.com/hashicorp/vault from 1.12.0 to 1.12.5.

Release notes

Sourced from github.com/hashicorp/vault's releases.

v1.12.5

1.12.5

March 29, 2023

IMPROVEMENTS:

auth/github: Allow for an optional Github auth token environment variable to make authenticated requests when fetching org id website/docs: Add docs for VAULT_AUTH_CONFIG_GITHUB_TOKEN environment variable when writing Github config [GH-19244]

core: Allow overriding gRPC connect timeout via VAULT_GRPC_MIN_CONNECT_TIMEOUT. This is an env var rather than a config setting because we don't expect this to ever be needed. It's being added as a last-ditch option in case all else fails for some replication issues we may not have fully reproduced. [GH-19676]

core: validate name identifiers in mssql physical storage backend prior use [GH-19591]

BUG FIXES:

cli: Fix vault read handling to return raw data as secret.Data when there is no top-level data object from api response. [GH-17913]

core (enterprise): Attempt to reconnect to a PKCS#11 HSM if we retrieve a CKR_FUNCTION_FAILED error.

core: Fixed issue with remounting mounts that have a non-trailing space in the 'to' or 'from' paths. [GH-19585]

kmip (enterprise): Do not require attribute Cryptographic Usage Mask when registering Secret Data managed objects.

kmip (enterprise): Fix a problem forwarding some requests to the active node.

openapi: Fix logic for labeling unauthenticated/sudo paths. [GH-19600]

secrets/ldap: Invalidates WAL entry for static role if password_policy has changed. [GH-19641]

secrets/transform (enterprise): Fix persistence problem with rotated tokenization key versions

ui: fixes issue navigating back a level using the breadcrumb from secret metadata view [GH-19703]

ui: pass encodeBase64 param to HMAC transit-key-actions. [GH-19429]

ui: use URLSearchParams interface to capture namespace param from SSOs (ex. ADFS) with decoded state param in callback url [GH-19460]

v1.12.4

1.12.4

March 01, 2023

CHANGES:

core: Bump Go version to 1.19.6.

IMPROVEMENTS:

secrets/database: Adds error message requiring password on root crednetial rotation. [GH-19103]

ui: remove wizard [GH-19220]

BUG FIXES:

auth/approle: Add nil check for the secret ID entry when deleting via secret id accessor preventing cross role secret id deletion [GH-19186]

core (enterprise): Fix panic when using invalid accessor for control-group request

core (enterprise): Fix perf standby WAL streaming silently failures when replication setup happens at a bad time.

core: Prevent panics in sys/leases/lookup, sys/leases/revoke, and sys/leases/renew endpoints if provided lease_id is null [GH-18951]

license (enterprise): Fix bug where license would update even if the license didn't change.

replication (enterprise): Fix bug where reloading external plugin on a secondary would break replication.

secrets/ad: Fix bug where config couldn't be updated unless binddn/bindpass were included in the update. [GH-18207]

secrets/pki: Revert fix for PR 18938 [GH-19037]

... (truncated)

Changelog

Sourced from github.com/hashicorp/vault's changelog.

1.12.5

March 29, 2023

IMPROVEMENTS:

auth/github: Allow for an optional Github auth token environment variable to make authenticated requests when fetching org id website/docs: Add docs for VAULT_AUTH_CONFIG_GITHUB_TOKEN environment variable when writing Github config [GH-19244]

core: Allow overriding gRPC connect timeout via VAULT_GRPC_MIN_CONNECT_TIMEOUT. This is an env var rather than a config setting because we don't expect this to ever be needed. It's being added as a last-ditch option in case all else fails for some replication issues we may not have fully reproduced. [GH-19676]

core: validate name identifiers in mssql physical storage backend prior use [GH-19591]

BUG FIXES:

cli: Fix vault read handling to return raw data as secret.Data when there is no top-level data object from api response. [GH-17913]

core (enterprise): Attempt to reconnect to a PKCS#11 HSM if we retrieve a CKR_FUNCTION_FAILED error.

core: Fixed issue with remounting mounts that have a non-trailing space in the 'to' or 'from' paths. [GH-19585]

kmip (enterprise): Do not require attribute Cryptographic Usage Mask when registering Secret Data managed objects.

kmip (enterprise): Fix a problem forwarding some requests to the active node.

openapi: Fix logic for labeling unauthenticated/sudo paths. [GH-19600]

secrets/ldap: Invalidates WAL entry for static role if password_policy has changed. [GH-19641]

secrets/transform (enterprise): Fix persistence problem with rotated tokenization key versions

ui: fixes issue navigating back a level using the breadcrumb from secret metadata view [GH-19703]

ui: pass encodeBase64 param to HMAC transit-key-actions. [GH-19429]

ui: use URLSearchParams interface to capture namespace param from SSOs (ex. ADFS) with decoded state param in callback url [GH-19460]

1.12.4

March 01, 2023

CHANGES:

core: Bump Go version to 1.19.6.

IMPROVEMENTS:

secrets/database: Adds error message requiring password on root crednetial rotation. [GH-19103]

ui: remove wizard [GH-19220]

BUG FIXES:

auth/approle: Add nil check for the secret ID entry when deleting via secret id accessor preventing cross role secret id deletion [GH-19186]

core (enterprise): Fix panic when using invalid accessor for control-group request

core (enterprise): Fix perf standby WAL streaming silently failures when replication setup happens at a bad time.

core: Prevent panics in sys/leases/lookup, sys/leases/revoke, and sys/leases/renew endpoints if provided lease_id is null [GH-18951]

license (enterprise): Fix bug where license would update even if the license didn't change.

replication (enterprise): Fix bug where reloading external plugin on a secondary would break replication.

secrets/ad: Fix bug where config couldn't be updated unless binddn/bindpass were included in the update. [GH-18207]

secrets/pki: Revert fix for PR 18938 [GH-19037]

server/config: Use file.Stat when checking file permissions when VAULT_ENABLE_FILE_PERMISSIONS_CHECK is enabled [GH-19311]

ui (enterprise): Fix cancel button from transform engine role creation page [GH-19135]

... (truncated)

Commits

acc381a backport of commit 85c3eab989de0c90d82b0cb39cabb79fb3911943 (#19715)
0e9bdec Backport of Add tests for PKI endpoint authentication via OpenAPI into releas...
e0eb7b1 backport of commit 0c69cf10488c1b36ea112a98a2ea156e7eec8d74 (#19708)
63a1d8d Backport of Allow overriding gRPC's connection timeout with VAULT_GRPC_MIN_CO...
c15aab1 Regression bug fix OIDC namespace (#19460) (#19695)
0db296b Backport of openapi: Fix logic for labeling unauthenticated/sudo paths into r...
9dee5d2 backport of commit fd422cb49aff414da258d3ab3bfc193840c577c3 (#19638)
79f227b backport of commit e9d6dbce23d5cca2afbccf656a5056d226580149 (#19651)
41f627b Update deregister.mdx (#19573) (#19646)
03b17cd secrets/ldap: upgrades plugin to v0.9.1 (#19641)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/openservicemesh/osm/network/alerts).

jaellio commented 1 year ago

@dependabot rebase

codecov-commenter commented 1 year ago

Codecov Report

Merging #5301 (f115577) into main (6b3646a) will not change coverage. The diff coverage is n/a.

:mega: This organization is not using Codecov’s GitHub App Integration. We recommend you install it so Codecov can continue to function properly for your repositories. Learn more

@@           Coverage Diff           @@
##             main    #5301   +/-   ##
=======================================
  Coverage   69.52%   69.52%           
=======================================
  Files         197      197           
  Lines       16071    16071           
=======================================
  Hits        11174    11174           
  Misses       4840     4840           
  Partials       57       57

Flag	Coverage Δ
unittests	`69.52% <ø> (ø)`

Flags with carried forward coverage won't be shown. Click here to find out more.

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

jaellio commented 1 year ago

@dependabot rebase

openservicemesh / osm

build(deps): bump github.com/hashicorp/vault from 1.12.0 to 1.12.5 #5301

v1.12.5

1.12.5

March 29, 2023

v1.12.4

1.12.4

March 01, 2023

1.12.5

March 29, 2023

1.12.4

March 01, 2023

Codecov Report