search

philips-labs / dct-notary-admin

To manage Docker Content Trust and Notary certificates
MIT License
12 stars 1 forks source link

Bump github.com/hashicorp/vault/api from 1.9.2 to 1.11.0 #792

Closed dependabot[bot] closed 9 months ago

dependabot[bot] commented 9 months ago

Bumps github.com/hashicorp/vault/api from 1.9.2 to 1.11.0.

Release notes

Sourced from github.com/hashicorp/vault/api's releases.

v1.11.0

1.11.0

Unreleased

CHANGES:

  • auth/aws: Add RoleSession to DisplayName when using assumeRole for authentication [GH-14954]
  • auth: Remove support for legacy MFA (https://www.vaultproject.io/docs/v1.10.x/auth/mfa) [GH-14869]
  • core: A request that fails path validation due to relative path check will now be responded to with a 400 rather than 500. [GH-14328]
  • core: Bump Go version to 1.17.9. [GH-go-ver-1110]
  • licensing (enterprise): Remove support for stored licenses and associated sys/license and sys/license/signed endpoints in favor of autoloaded licenses.
  • replication (enterprise): The /sys/replication/performance/primary/mount-filter endpoint has been removed. Please use Paths Filter instead.
  • ui: Upgrade Ember to version 3.28 [GH-14763]

FEATURES:

  • Non-Disruptive Intermediate/Root Certificate Rotation: This allows import, generation and configuration of any number of keys and/or issuers within a PKI mount, providing operators the ability to rotate certificates in place without affecting existing client configurations. [GH-15277]
  • api/command: Global -output-policy flag to determine minimum required policy HCL for a given operation [GH-14899]
  • nomad: Bootstrap Nomad ACL system if no token is provided [GH-12451]
  • storage/dynamodb: Added AWS_DYNAMODB_REGION environment variable. [GH-15054]

IMPROVEMENTS:

  • agent/auto-auth: Add min_backoff to the method stanza for configuring initial backoff duration. [GH-15204]
  • agent: Update consult-template to v0.29.0 [GH-15293]
  • agent: Upgrade hashicorp/consul-template version for sprig template functions and improved writeTo function [GH-15092]
  • api: Add ability to pass certificate as PEM bytes to api.Client. [GH-14753]
  • api: Add context-aware functions to vault/api for each API wrapper function. [GH-14388]
  • api: Added MFALogin() for handling MFA flow when using login helpers. [GH-14900]
  • api: If the parameters supplied over the API payload are ignored due to not being what the endpoints were expecting, or if the parameters supplied get replaced by the values in the endpoint's path itself, warnings will be added to the non-empty responses listing all the ignored and replaced parameters. [GH-14962]
  • api: Provide a helper method WithNamespace to create a cloned client with a new NS [GH-14963]
  • api: Use the context passed to the api/auth Login helpers. [GH-14775]
  • auth/okta: Add support for Google provider TOTP type in the Okta auth method [GH-14985]
  • auth: enforce a rate limit for TOTP passcode validation attempts [GH-14864]
  • cli/debug: added support for retrieving metrics from DR clusters if unauthenticated_metrics_access is enabled [GH-15316]
  • cli/vault: warn when policy name contains upper-case letter [GH-14670]
  • cli: Alternative flag-based syntax for KV to mitigate confusion from automatically appended /data [GH-14807]
  • cockroachdb: add high-availability support [GH-12965]
  • core (enterprise): Include termination_time in sys/license/status response
  • core (enterprise): Include termination time in license inspect command output
  • core : check uid and permissions of config dir, config file, plugin dir and plugin binaries [GH-14817]
  • core,transit: Allow callers to choose random byte source including entropy augmentation sources for the sys/tools/random and transit/random endpoints. [GH-15213]

... (truncated)

Changelog

Sourced from github.com/hashicorp/vault/api's changelog.

1.11.0

Unreleased

CHANGES:

  • auth/aws: Add RoleSession to DisplayName when using assumeRole for authentication [GH-14954]
  • auth: Remove support for legacy MFA (https://www.vaultproject.io/docs/v1.10.x/auth/mfa) [GH-14869]
  • core: A request that fails path validation due to relative path check will now be responded to with a 400 rather than 500. [GH-14328]
  • core: Bump Go version to 1.17.9. [GH-go-ver-1110]
  • licensing (enterprise): Remove support for stored licenses and associated sys/license and sys/license/signed endpoints in favor of autoloaded licenses.
  • replication (enterprise): The /sys/replication/performance/primary/mount-filter endpoint has been removed. Please use Paths Filter instead.
  • ui: Upgrade Ember to version 3.28 [GH-14763]

FEATURES:

  • Non-Disruptive Intermediate/Root Certificate Rotation: This allows import, generation and configuration of any number of keys and/or issuers within a PKI mount, providing operators the ability to rotate certificates in place without affecting existing client configurations. [GH-15277]
  • api/command: Global -output-policy flag to determine minimum required policy HCL for a given operation [GH-14899]
  • nomad: Bootstrap Nomad ACL system if no token is provided [GH-12451]
  • storage/dynamodb: Added AWS_DYNAMODB_REGION environment variable. [GH-15054]

IMPROVEMENTS:

  • agent/auto-auth: Add min_backoff to the method stanza for configuring initial backoff duration. [GH-15204]
  • agent: Update consult-template to v0.29.0 [GH-15293]
  • agent: Upgrade hashicorp/consul-template version for sprig template functions and improved writeTo function [GH-15092]
  • api: Add ability to pass certificate as PEM bytes to api.Client. [GH-14753]
  • api: Add context-aware functions to vault/api for each API wrapper function. [GH-14388]
  • api: Added MFALogin() for handling MFA flow when using login helpers. [GH-14900]
  • api: If the parameters supplied over the API payload are ignored due to not being what the endpoints were expecting, or if the parameters supplied get replaced by the values in the endpoint's path itself, warnings will be added to the non-empty responses listing all the ignored and replaced parameters. [GH-14962]
  • api: Provide a helper method WithNamespace to create a cloned client with a new NS [GH-14963]
  • api: Use the context passed to the api/auth Login helpers. [GH-14775]
  • auth/okta: Add support for Google provider TOTP type in the Okta auth method [GH-14985]
  • auth: enforce a rate limit for TOTP passcode validation attempts [GH-14864]
  • cli/debug: added support for retrieving metrics from DR clusters if unauthenticated_metrics_access is enabled [GH-15316]
  • cli/vault: warn when policy name contains upper-case letter [GH-14670]
  • cli: Alternative flag-based syntax for KV to mitigate confusion from automatically appended /data [GH-14807]
  • cockroachdb: add high-availability support [GH-12965]
  • core (enterprise): Include termination_time in sys/license/status response
  • core (enterprise): Include termination time in license inspect command output
  • core : check uid and permissions of config dir, config file, plugin dir and plugin binaries [GH-14817]
  • core,transit: Allow callers to choose random byte source including entropy augmentation sources for the sys/tools/random and transit/random endpoints. [GH-15213]
  • core/activity: Order month data in ascending order of timestamps [GH-15259]

... (truncated)

Commits
  • ea296cc Backport PKI Intermediate Revocation bug fix and test improvements (#16054)
  • d4bf262 backport of commit b0cbc03f00ec19b5bebb2eb5078d8512e2281b1d (#16050)
  • 76b1768 backport of commit 2a69947b3b9f267b15a7c1e64c853d4eeb9846a7 (#16045)
  • 46e0ecc backport of commit 3d01a88e614547a821062ca57957b07a1e6bc557 (#16041)
  • 5f8a2cf Backport PR for 16007 (#16030)
  • 87df46e backport of commit c09ae6ac5e90adc8c1a42b54a905877eb60c18ad (#16027)
  • de6a5c3 backport of commit a58c6ecd9f0d4a148e81af0783d5ecc2f79b31f1 (#16022)
  • 81c4cc5 backport of commit 93eaf3c86019443a3d89891430ef0126667c3bfc (#16014)
  • c52c917 backport of commit e74c45abbd5414819276106d1150205845b608c0 (#16006)
  • 46c19d0 Use new -mount syntax for all KV subcommands in 1.11 docs (#16002) (#16004)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 9 months ago

Superseded by #799.