search

openservicemesh / osm

Open Service Mesh (OSM) is a lightweight, extensible, cloud native service mesh that allows users to uniformly manage, secure, and get out-of-the-box observability features for highly dynamic microservice environments.
https://openservicemesh.io/
Apache License 2.0
2.59k stars 277 forks source link

build(deps): bump github.com/hashicorp/vault from 1.12.5 to 1.12.7 #5343

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps github.com/hashicorp/vault from 1.12.5 to 1.12.7.

Release notes

Sourced from github.com/hashicorp/vault's releases.

v1.12.7

1.12.7

June 08, 2023

CHANGES:

  • core: Bump Go version to 1.19.9.
  • core: Revert #19676 (VAULT_GRPC_MIN_CONNECT_TIMEOUT env var) as we decided it was unnecessary. [GH-20826]

IMPROVEMENTS:

  • audit: add a mount_point field to audit requests and response entries [GH-20411]
  • command/server: Add support for dumping pprof files to the filesystem via SIGUSR2 when VAULT_PPROF_WRITE_TO_FILE=true is set on the server. [GH-20609]
  • core: include namespace path in granting_policies block of audit log
  • openapi: Fix generated types for duration strings [GH-20841]
  • sdk/framework: Fix non-deterministic ordering of 'required' fields in OpenAPI spec [GH-20881]
  • secrets/pki: add subject key identifier to read key response [GH-20642]
  • ui: update TTL picker for consistency [GH-18114]

BUG FIXES:

  • api: Properly Handle nil identity_policies in Secret Data [GH-20636]
  • auth/ldap: Set default value for max_page_size properly [GH-20453]
  • cli: CLI should take days as a unit of time for ttl like flags [GH-20477]
  • cli: disable printing flags warnings messages for the ssh command [GH-20502]
  • core (enterprise): Fix log shipper buffer size overflow issue for 32 bit architecture.
  • core (enterprise): Fix logshipper buffer size to default to DefaultBufferSize only when reported system memory is zero.
  • core (enterprise): Remove MFA Enforcment configuration for namespace when deleting namespace
  • core: prevent panic on login after namespace is deleted that had mfa enforcement [GH-20375]
  • replication (enterprise): Fix a race condition with invalid tokens during WAL streaming that was causing Secondary clusters to be unable to connect to a Primary.
  • replication (enterprise): fix bug where secondary grpc connections would timeout when connecting to a primary host that no longer exists.
  • secrets/transform (enterprise): Fix a caching bug affecting secondary nodes after a tokenization key rotation
  • secrets/transit: Fix export of HMAC-only key, correctly exporting the key used for sign operations. For consumers of the previously incorrect key, use the plaintext export to retrieve these incorrect keys and import them as new versions. secrets/transit: Fix bug related to shorter dedicated HMAC key sizing. sdk/helper/keysutil: New HMAC type policies will have HMACKey equal to Key and be copied over on import. [GH-20864]
  • ui: Fixes issue unsealing cluster for seal types other than shamir [GH-20897]

v1.12.6

1.12.6

April 26, 2023

CHANGES:

  • core: Bump Go version to 1.19.8.

IMPROVEMENTS:

  • cli/namespace: Add detailed flag to output additional namespace information such as namespace IDs and custom metadata. [GH-20243]

... (truncated)

Changelog

Sourced from github.com/hashicorp/vault's changelog.

1.12.7

June 08, 2023

CHANGES:

  • core: Bump Go version to 1.19.9.
  • core: Revert #19676 (VAULT_GRPC_MIN_CONNECT_TIMEOUT env var) as we decided it was unnecessary. [GH-20826]

IMPROVEMENTS:

  • audit: add a mount_point field to audit requests and response entries [GH-20411]
  • command/server: Add support for dumping pprof files to the filesystem via SIGUSR2 when VAULT_PPROF_WRITE_TO_FILE=true is set on the server. [GH-20609]
  • core: include namespace path in granting_policies block of audit log
  • openapi: Fix generated types for duration strings [GH-20841]
  • sdk/framework: Fix non-deterministic ordering of 'required' fields in OpenAPI spec [GH-20881]
  • secrets/pki: add subject key identifier to read key response [GH-20642]
  • ui: update TTL picker for consistency [GH-18114]

BUG FIXES:

  • api: Properly Handle nil identity_policies in Secret Data [GH-20636]
  • auth/ldap: Set default value for max_page_size properly [GH-20453]
  • cli: CLI should take days as a unit of time for ttl like flags [GH-20477]
  • cli: disable printing flags warnings messages for the ssh command [GH-20502]
  • core (enterprise): Fix log shipper buffer size overflow issue for 32 bit architecture.
  • core (enterprise): Fix logshipper buffer size to default to DefaultBufferSize only when reported system memory is zero.
  • core (enterprise): Remove MFA Enforcment configuration for namespace when deleting namespace
  • core: prevent panic on login after namespace is deleted that had mfa enforcement [GH-20375]
  • replication (enterprise): Fix a race condition with invalid tokens during WAL streaming that was causing Secondary clusters to be unable to connect to a Primary.
  • replication (enterprise): fix bug where secondary grpc connections would timeout when connecting to a primary host that no longer exists.
  • secrets/transform (enterprise): Fix a caching bug affecting secondary nodes after a tokenization key rotation
  • secrets/transit: Fix export of HMAC-only key, correctly exporting the key used for sign operations. For consumers of the previously incorrect key, use the plaintext export to retrieve these incorrect keys and import them as new versions. secrets/transit: Fix bug related to shorter dedicated HMAC key sizing. sdk/helper/keysutil: New HMAC type policies will have HMACKey equal to Key and be copied over on import. [GH-20864]
  • ui: Fixes issue unsealing cluster for seal types other than shamir [GH-20897]

1.12.6

April 26, 2023

CHANGES:

  • core: Bump Go version to 1.19.8.

IMPROVEMENTS:

  • cli/namespace: Add detailed flag to output additional namespace information such as namespace IDs and custom metadata. [GH-20243]
  • core/activity: add an endpoint to write test activity log data, guarded by a build flag [GH-20019]
  • core: Add a raft sub-field to the storage and ha_storage details provided by the

... (truncated)

Commits
  • 54c7210 backport of commit b9f9f27e8e988c4f441f81df733fb0aa5c513290 (#21036)
  • b4dbbbe backport of commit 85128585837bcce2cf99f8e1f749c3a4aef204ca (#21030)
  • d62a6f0 backport of commit dbe41c4fee5ce88a1f7ce83a64cc3a78116ab1b3 (#21005)
  • 6c7ed26 backport of commit be4979dfbbe09a04d4fe1ca7a2a22418ba2468d0 (#21001)
  • 9951a88 backport of commit 2c9a75b0932a141bba3464a6830ed83a77b05129 (#20976)
  • d7e28db backport of commit 0115b5e43a41e757a533a828314c615456506eac (#20962)
  • e363a06 UI cluster unseal bug (#20897) (#20912)
  • 8254882 backport of commit e65d295c8809f4cc61b63bbc03293586c71c5483 (#20904)
  • b6d7758 backport of commit daf72aa42790144c3a0ca9c17bb19b1c5bce66c6 (#20900)
  • 3711e54 backport of commit dddbdbda36db25ddf33b4008494d777599eeb22d (#18948)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/openservicemesh/osm/network/alerts).
dependabot[bot] commented 1 year ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.