Update module github.com/hashicorp/vault/api to v1.15.0 #19
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v1.12.2
->v1.15.0
Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
hashicorp/vault (github.com/hashicorp/vault/api)
v1.15.0
Compare Source
1.15.0
September 27, 2023
SECURITY:
CHANGES:
which will have access to some system backend paths that were previously only accessible in the root namespace. [GH-21215]
data_path
will include full data path of secret, including name. [GH-22487]EventSender
interface method is nowSendEvent
instead ofSend
. [GH-22487]vault.rollback.attempt.{MOUNT_POINT}
andvault.route.rollback.{MOUNT_POINT}
metrics withvault.rollback.attempt
andvault.route.rollback metrics
by default. Added a telemetry configurationadd_mount_point_rollback_metrics
which, when set to true, causes vault to emit the metrics with mount points in their names. [GH-22400]FEATURES:
static roles on a defined schedule. [GH-22484]
IMPROVEMENTS:
#18257). Update go-kms-wrapping dependency to include PR
#155 [GH-22994]
use_sts_region_from_client
which allows for using dynamic regional sts endpoints based on Authorization header when using IAM-based authentication. [GH-21960]-dev-tls-san
flag to configure subject alternative names for the certificate generated when using-dev-tls
. [GH-22657]vault.policy.configured.count
. [GH-21010]-output-policy
recognition of some non-standard sudo paths [GH-21772]sys/raw/
andsys/leases/lookup/
to match prevailing conventions [GH-21760]CreateOperation
to be defined without anExistenceCheck
, thereby fixing misleadingx-vault-createSupported
in OpenAPI [GH-18492]service_account_json
parameter when reading DB connection details [GH-23256]pending_permits
,active_permits
, andpool_size
. [GH-21742]DEPRECATIONS:
BUG FIXES:
auth/token/create
fields to avoid incorrect warnings about ignored parameters [GH-18556]respects
AWS_ROLE_ARN
,AWS_WEB_IDENTITY_TOKEN_FILE
, andAWS_ROLE_SESSION_NAME
. [GH-21951]-field
flag is provided during avault write
. [GH-21546]table
. [GH-22818]policies are not used when Sentinel feature isn't licensed.
Also fix a related potential deadlock. [GH-21110]
identity/mfa/method/*
APIs [GH-20879]vault plugin runtime list
can successfully list plugin runtimes with GET [GH-23171]set of addrs changes.
sdk/ldaputil: use EscapeLDAPValue implementation from cap/ldap [GH-22249]
no managed key found with uuid
. [GH-21316]default_critical_options
anddefault_extension
if left unchanged. [GH-21739]ed25519
) [GH-21926]max_versions
default for secret metadata unintentionally overriding kv engine defaults [GH-22394]v1.14.0
Compare Source
1.14.0
June 21, 2023
BREAKING CHANGES:
To re-enable keeping these metrics available on the tidy status endpoint, enable
maintain_stored_certificate_counts on tidy-config, to also publish them to the
metrics consumer, enable publish_stored_certificate_count_metrics . [GH-18186]
CHANGES:
that allows for setting of the primary cluster addresses directly, instead of
via a token.
FEATURES:
utilization reporting, which sends minimal product-license metering
data
to HashiCorp without requiring you to manually collect and report them.
env_template
configuration stanza. The process-supervisor configuration can be generated with a newvault agent generate-config
helper tool. [GH-20530]as an external plugin by vault versions that support secrets/auth plugin
multiplexing (> 1.12) [GH-19215]
vault proxy -config=config.hcl
. It currently has the same feature set as Vault Agent's API proxy, but the two may diverge in the future. We plan to deprecate the API proxy functionality of Vault Agent in a future release. [GH-20548]IMPROVEMENTS:
distinguishing client sources. [GH-20626]
reload
option to cert auth configuration in case of external renewals of local x509 key-pairs. [GH-19002]remove_jwt_follows_symlinks
(default: false), that, if set to true will now remove the JWT, instead of the symlink to the JWT, if a symlink to a JWT has been provided in thepath
option, and theremove_jwt_after_reading
config option is set to true (default). [GH-18863]results in a response which contains the full billing period [GH-20694]
/sys/internal/counters/config
endpoint now contains read-onlyminimum_retention_months
. [GH-20150]/sys/internal/counters/config
endpoint now contains read-onlyreporting_enabled
andbilling_start_timestamp
fields. [GH-20086]auth/kerberos: Upgrade plugin dependencies [GH-20771]
VAULT_PPROF_WRITE_TO_FILE=true
is set on the server. [GH-20609]reporting via the
OPTOUT_LICENSE_REPORTING
environment variable. [GH-3939]secrets/gcpkms: Upgrade plugin dependencies [GH-20784]
kv-get
command for reading kv v2 data and metadata [GH-20590]BUG FIXES:
max_page_size
properly [GH-20453]on this secondary if we don't have a corresponding mount entry.
new_token
forwarding is set. When this occurred, this would result in the following error to the client:error performing token check: no lease entry found for token that ought to have one, possible eventual consistency issue
.sscGenCounter
resulting in 412 errors.
have its own changelog entry. Fix wrong lock used in ListAuths link meta interface implementation. [GH-21260]
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.