search

tellerops / teller

Cloud native secrets management for developers - never leave your command line for secrets.
https://github.com/tellerops/teller
Apache License 2.0
2.83k stars 186 forks source link

Bump github.com/hashicorp/consul/api from 1.8.1 to 1.27.0 #223

Closed dependabot[bot] closed 6 months ago

dependabot[bot] commented 7 months ago

Bumps github.com/hashicorp/consul/api from 1.8.1 to 1.27.0.

Release notes

Sourced from github.com/hashicorp/consul/api's releases.

v1.17.2

1.17.2 (January 23, 2024)

SECURITY:

  • Upgrade OpenShift container images to use ubi9-minimal:9.3 as the base image. [GH-20014]

IMPROVEMENTS:

  • connect: Remove usage of deprecated Envoy field match_subject_alt_names in favor of match_typed_subject_alt_names. [GH-19954]
  • connect: replace usage of deprecated Envoy field envoy.config.router.v3.WeightedCluster.total_weight. [GH-20011]
  • xds: Replace usage of deprecated Envoy field envoy.config.cluster.v3.Cluster.http_protocol_options [GH-20010]
  • xds: remove usages of deprecated Envoy fields: envoy.config.cluster.v3.Cluster.http2_protocol_options, envoy.config.bootstrap.v3.Admin.access_log_path [GH-19940]
  • xds: replace usage of deprecated Envoy field envoy.extensions.filters.http.lua.v3.Lua.inline_code [GH-20012]

DEPRECATIONS:

  • cli: Deprecate the -admin-access-log-path flag from consul connect envoy command in favor of: -admin-access-log-config. [GH-19943]

BUG FIXES:

  • prepared-query: (Enterprise-only) Fix issue where sameness-group failover targets to peers would attempt to query data from the default partition, rather than the sameness-group's partition always.
  • ui: update token list on Role details page to show only linked tokens [GH-19912]

v1.17.1

1.17.1 (December 12, 2023)

SECURITY:

  • Update github.com/golang-jwt/jwt/v4 to v4.5.0 to address PRISMA-2022-0270. [GH-19705]
  • Upgrade to use Go 1.20.12. This resolves CVEs CVE-2023-45283: (path/filepath) recognize ??\ as a Root Local Device path prefix (Windows) CVE-2023-45284: recognize device names with trailing spaces and superscripts (Windows) CVE-2023-39326: (net/http) limit chunked data overhead CVE-2023-45285: (cmd/go) go get may unexpectedly fallback to insecure git [GH-19840]
  • connect: update supported envoy versions to 1.24.12, 1.25.11, 1.26.6, 1.27.2 to address CVE-2023-44487 [GH-19274]

FEATURES:

  • acl: Adds nomad client templated policy [GH-19827]
  • cli: Adds new subcommand peering exported-services to list services exported to a peer . Refer to the CLI docs for more information. [GH-19821]

IMPROVEMENTS:

  • mesh: parse the proxy-defaults protocol when write the config-entry to avoid parsing it when compiling the discovery chain. [GH-19829]
  • wan-federation: use a hash to diff config entries when replicating in the secondary DC to avoid unnecessary writes.. [GH-19795]
  • Replaces UI Side Nav with Helios Design System Side Nav. Adds dc/partition/namespace searching in Side Nav. [GH-19342]
  • acl: add api-gateway templated policy [GH-19728]
  • acl: add templated policy descriptions [GH-19735]
  • api: Add support for listing ACL tokens by service name when using templated policies. [GH-19666]

... (truncated)

Changelog

Sourced from github.com/hashicorp/consul/api's changelog.

1.17.2 (January 23, 2024)

SECURITY:

  • Upgrade OpenShift container images to use ubi9-minimal:9.3 as the base image. [GH-20014]

IMPROVEMENTS:

  • connect: Remove usage of deprecated Envoy field match_subject_alt_names in favor of match_typed_subject_alt_names. [GH-19954]
  • connect: replace usage of deprecated Envoy field envoy.config.router.v3.WeightedCluster.total_weight. [GH-20011]
  • xds: Replace usage of deprecated Envoy field envoy.config.cluster.v3.Cluster.http_protocol_options [GH-20010]
  • xds: remove usages of deprecated Envoy fields: envoy.config.cluster.v3.Cluster.http2_protocol_options, envoy.config.bootstrap.v3.Admin.access_log_path [GH-19940]
  • xds: replace usage of deprecated Envoy field envoy.extensions.filters.http.lua.v3.Lua.inline_code [GH-20012]

DEPRECATIONS:

  • cli: Deprecate the -admin-access-log-path flag from consul connect envoy command in favor of: -admin-access-log-config. [GH-19943]

BUG FIXES:

  • prepared-query: (Enterprise-only) Fix issue where sameness-group failover targets to peers would attempt to query data from the default partition, rather than the sameness-group's partition always.
  • ui: update token list on Role details page to show only linked tokens [GH-19912]

1.17.1 (December 12, 2023)

SECURITY:

  • Update github.com/golang-jwt/jwt/v4 to v4.5.0 to address PRISMA-2022-0270. [GH-19705]
  • Upgrade to use Go 1.20.12. This resolves CVEs CVE-2023-45283: (path/filepath) recognize ??\ as a Root Local Device path prefix (Windows) CVE-2023-45284: recognize device names with trailing spaces and superscripts (Windows) CVE-2023-39326: (net/http) limit chunked data overhead CVE-2023-45285: (cmd/go) go get may unexpectedly fallback to insecure git [GH-19840]
  • connect: update supported envoy versions to 1.24.12, 1.25.11, 1.26.6, 1.27.2 to address CVE-2023-44487 [GH-19274]

FEATURES:

  • acl: Adds nomad client templated policy [GH-19827]
  • cli: Adds new subcommand peering exported-services to list services exported to a peer . Refer to the CLI docs for more information. [GH-19821]

IMPROVEMENTS:

  • mesh: parse the proxy-defaults protocol when write the config-entry to avoid parsing it when compiling the discovery chain. [GH-19829]
  • wan-federation: use a hash to diff config entries when replicating in the secondary DC to avoid unnecessary writes.. [GH-19795]
  • Replaces UI Side Nav with Helios Design System Side Nav. Adds dc/partition/namespace searching in Side Nav. [GH-19342]
  • acl: add api-gateway templated policy [GH-19728]
  • acl: add templated policy descriptions [GH-19735]
  • api: Add support for listing ACL tokens by service name when using templated policies. [GH-19666]
  • cli: stop simultaneous usage of -templated-policy and -templated-policy-file when creating a role or token. [GH-19389]
  • cloud: push additional server TLS metadata to HCP [GH-19682]
  • connect: Default stats_flush_interval to 60 seconds when using the Consul Telemetry Collector, unless custom stats sink are present or an explicit flush interval is configured. [GH-19663]

... (truncated)

Commits
  • 3fac134 updated go mod for api
  • 0e7c7e2 Backport of check error in TestDNSCycleRecursorCheckAllFail before asserting ...
  • ecb6ed0 Backport of ci: Use Consul Go version for Vault int tests into release/1.17.x...
  • 39d60cd Backport of NET-7025 - ci: test-integrations failures in compatibility tests....
  • cd8f8bf Backport of Add docs for k8s liveness / startup probes. into release/1.17.x (...
  • 5d350c6 Backport of agent: remove data race in agent config into release/1.17.x (#20203)
  • 05043bc Backport of docs: fix partition target in samenessgroups into release/1.17.x ...
  • 0d97ec5 Backport of Various race condition and test fixes. into release/1.17.x (#20216)
  • 9a36b73 Backport of docs: Remove ACLs section from k8s cluster peering page into rele...
  • 0b4f4fd Backport of compliance: license checker to enforce MPL pre-EOY 2023 no longer...
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 6 months ago

Superseded by #244.