fix(deps): update module github.com/hashicorp/vault/api to v1.13.0 #7734
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v1.12.2
->v1.13.0
Release Notes
hashicorp/vault (github.com/hashicorp/vault/api)
v1.13.0
Compare Source
1.13.0
March 01, 2023
SECURITY:
secret is unsupported by this backend
will be thrown by the lease manager. [GH-18874]CHANGES:
role
field on login [GH-19005]This will only be used internally for implementing user lockout. [GH-17104]
Plugins using sdk/useragent.String must instead use sdk/useragent.PluginString. [GH-14229]
builtin
in their metadata remain unaffected. [GH-18051]GET /database/config/:name
endpoint now returns an additionalplugin_version
field in the response data. [GH-16982]GET /sys/auth/:path/tune
andGET /sys/mounts/:path/tune
endpoints may now return an additionalplugin_version
field in the response data if set. [GH-17167]GET
for/sys/auth
,/sys/auth/:path
,/sys/mounts
, and/sys/mounts/:path
paths now return additionalplugin_version
,running_plugin_version
andrunning_sha256
fields in the response data for each mount. [GH-17167]FEATURES:
synchronized across primary and performance replica clusters offering
a unified CRL/OCSP view of revocations across cluster boundaries. [GH-19196]
brute force attacks for userpass, approle and ldap auth methods. [GH-19230]
sys/config/group-policy-application
API, policies can be configured to apply outside of namespace hierarchy, allowing this kind of cross-namespace sharing.IMPROVEMENTS:
token_file
auto-auth configuration to allow using a pre-existing token for Vault Agent. [GH-18740]metrics_only
role, serving only metrics, as part of the listener's new top levelrole
option. [GH-18101]elide_list_responses
option, providing a countermeasure for a common source of oversized audit log entries [GH-18128]Virtual Machine Scale Set (VMSS) in flexible orchestration mode. [GH-17540]
abort_on_error
parameter to CLI login command to help in non-interactive contexts [GH-19076]Make passcode arguments consistent across login MFA method types. [GH-18610]
vault operator rekey
prompts to describe recovery keys when-target=recovery
[GH-18892]temporary file for SIGUSR2 signals. [GH-17929]
events.alpha1
experiment. [GH-18682]sys/loggers
andsys/loggers/:name
endpoints [GH-17979]sys/lockedusers/[mount_accessor]/unlock/[alias_identifier] to sys/locked-users/[mount_accessor]/unlock/[alias_identifier]. [GH-18675]
with given mount_accessor and alias_identifier if locked [GH-18279]
detect_deadlocks
config to optionally detect core state deadlocks [GH-18604]vault operator migrate
in order to speed up a migration. [GH-18817]sys/config/group-policy-application
, to allow group policies to be configurableto apply to a group in
any
namespace. The default,within_namespace_hierarchy
, is the current behaviour.{mountPath}
to{<type>_mount_path}
[GH-18663]vX.Y.Z+builtin
orvX.Y.Z+builtin.vault
. [GH-17289]deactivated state if this is not the first unseal after an upgrade. [GH-17879]
tls_server_name
andtls_skip_verify
parameters [GH-18799]allowed by role [GH-18397]
default_follows_latest_issuer
. [GH-17824]config/auto-tidy
,config/crl
, androles/:role
. [GH-18222]which is repeated on batch responses to help more easily correlate inputs with outputs. [GH-18243]
retry_join_as_non_voter
config option. [GH-18030]go.opentelemetry.io/otel
,go.opentelemetry.io/otel/sdk
,go.opentelemetry.io/otel/trace
to v1.11.2 [GH-18589]DEPRECATIONS:
BUG FIXES:
token_bound_cidrs
validation when using /32 blocks for role and secret ID [GH-18145]-mount
flag and secret key path are the same. [GH-17679]vault secrets list -detailed
output. [GH-17577]vault server
command will no longer prevent startup. Instead, a warning will be logged if configured to use storage backend other thanraft
orconsul
.permission denied
for all HelpOperations on sudo-protected paths [GH-18568]This fix is implemented for any future releases, but will not be updated for historical releases.
sys/leases/lookup
,sys/leases/revoke
, andsys/leases/renew
endpoints if providedlease_id
is null [GH-18951]mount loop if default policies are not yet synced from the active node. [GH-17801]
break replication.
partial_success_response_code
on decryption failures. [GH-18310]and re-issueing a join request, but in doing so could transiently become a
non-voter. In some scenarios this resulted in loss of quorum. [GH-18263]
default
and adddefault-service
anddefault-batch
to UI token_type for auth mount and tuning. [GH-19290]Configuration
📅 Schedule: Branch creation - "after 1am on monday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.