search

splunk / vault-plugin-secrets-artifactory

vault plugin for artifactory
Apache License 2.0
10 stars 5 forks source link

Bump github.com/hashicorp/vault/api from 1.2.0 to 1.3.0 #17

Closed dependabot[bot] closed 3 years ago

dependabot[bot] commented 3 years ago

Bumps github.com/hashicorp/vault/api from 1.2.0 to 1.3.0.

Changelog

Sourced from github.com/hashicorp/vault/api's changelog.

1.9.0

Unreleased

CHANGES:

  • ui: replaces Vault's use of elazarl/go-bindata-assetfs in building the UI with Go's native Embed package [GH-11208]

FEATURES:

  • Key Management Secrets Engine (Enterprise): Adds support for distributing and managing keys in GCP Cloud KMS. [GH-2158]
  • auth/kubernetes: Add ability to configure entity alias names based on the serviceaccount's namespace and name. #110 #112 [GH-12633]
  • auth/token: Add allowed_policies_glob and disallowed_policies_glob fields to token roles to allow glob matching of policies [GH-7277]
  • core: adds custom_metadata field for aliases [GH-12502]
  • secrets/kv: Add ability to specify version-agnostic custom key metadata [GH-12218]
  • ui: Add custom metadata to KV secret engine and metadata to config [GH-12169]
  • ui: Creates new StatText component [GH-12295]
  • ui: client count monthly view [GH-12554]
  • ui: creates bar chart component for displaying client count data by namespace [GH-12437]

IMPROVEMENTS:

  • agent/template: add support for new 'writeToFile' template function [GH-12505]
  • auth/approle: expose secret_id_accessor as WrappedAccessor when creating wrapped secret-id. [GH-12425]
  • auth/okta: Send x-forwarded-for in Okta Push Factor request [GH-12320]
  • core/token: Return the token_no_default_policy config on token role read if set [GH-12565]
  • core: Update github.com/ulikunitz/xz to fix security vulnerability GHSA-25xm-hr59-7c27. [GH-12253]
  • core: Upgrade github.com/gogo/protobuf [GH-12255]
  • core: observe the client counts broken down by namespace for partial month client count [GH-12393]
  • identity: fix issue where Cache-Control header causes stampede of requests for JWKS keys [GH-12414]
  • pki: adds signature_bits field to customize signature algorithm on CAs and certs signed by Vault [GH-11245]
  • plugin: update the couchbase gocb version in the couchbase plugin [GH-12483]
  • replication (enterprise): Add merkle.flushDirty.num_pages_outstanding metric which specifies number of outstanding dirty pages that were not flushed. [GH-2093]
  • secrets/aws: Add conditional template that allows custom usernames for both STS and IAM cases [GH-12185]
  • secrets/pki: Allow signing of self-issued certs with a different signature algorithm. [GH-12514]
  • secrets/pki: Use entropy augmentation when available when generating root and intermediate CA key material. [GH-12559]
  • secrets/ssh: Use entropy augmentation when available for generation of the signing key. [GH-12560]
  • serviceregistration: add external-source: "vault" metadata value for Consul registration. [GH-12163]
  • storage/raft: Best-effort handling of cancelled contexts. [GH-12162]
  • ui: Add creation time to KV 2 version history and version view [GH-12663]
  • ui: namespace search in client count views [GH-12577]
  • ui: updated client tracking config view [GH-12422]

BUG FIXES:

  • agent: Avoid possible unexpected fault address panic when using persistent cache. [GH-12534]
  • api: Fixes storage APIs returning incorrect error when parsing responses [GH-12338]
  • auth/aws: Fix ec2 auth on instances that have a cert in their PKCS7 signature [GH-12519]
  • auth/aws: Fixes ec2 login no longer supporting DSA signature verification [GH-12340]
  • auth/jwt: Fixes OIDC auth from the Vault UI when using form_post as the oidc_response_mode. [GH-12265]

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
codecov-commenter commented 3 years ago

Codecov Report

Merging #17 (e46aef0) into main (0701188) will not change coverage. The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##             main      #17   +/-   ##
=======================================
  Coverage   40.86%   40.86%           
=======================================
  Files          10       10           
  Lines         673      673           
=======================================
  Hits          275      275           
  Misses        370      370           
  Partials       28       28
Flag Coverage Δ
unittests 40.86% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 0701188...e46aef0. Read the comment docs.