Bump github.com/hashicorp/vault/sdk from 0.9.0 to 0.9.1 #4184

dependabot · 2023-05-29T17:03:51Z

Bumps github.com/hashicorp/vault/sdk from 0.9.0 to 0.9.1.

Changelog

Sourced from github.com/hashicorp/vault/sdk's changelog.

0.9.1 (December 21st, 2017)

DEPRECATIONS/CHANGES:

AppRole Case Sensitivity: In prior versions of Vault, list operations against AppRole roles would require preserving case in the role name, even though most other operations within AppRole are case-insensitive with respect to the role name. This has been fixed; existing roles will behave as they have in the past, but new roles will act case-insensitively in these cases.

Token Auth Backend Roles parameter types: For allowed_policies and disallowed_policies in role definitions in the token auth backend, input can now be a comma-separated string or an array of strings. Reading a role will now return arrays for these parameters.

Transit key exporting: You can now mark a key in the transit backend as exportable at any time, rather than just at creation time; however, once this value is set, it still cannot be unset.

PKI Secret Backend Roles parameter types: For allowed_domains and key_usage in role definitions in the PKI secret backend, input can now be a comma-separated string or an array of strings. Reading a role will now return arrays for these parameters.

SSH Dynamic Keys Method Defaults to 2048-bit Keys: When using the dynamic key method in the SSH backend, the default is now to use 2048-bit keys if no specific key bit size is specified.

Consul Secret Backend lease handling: The consul secret backend can now accept both strings and integer numbers of seconds for its lease value. The value returned on a role read will be an integer number of seconds instead of a human-friendly string.

Unprintable characters not allowed in API paths: Unprintable characters are no longer allowed in names in the API (paths and path parameters), with an extra restriction on whitespace characters. Allowed characters are those that are considered printable by Unicode plus spaces.

FEATURES:

Transit Backup/Restore: The transit backend now supports a backup operation that can export a given key, including all key versions and configuration, as well as a restore operation allowing import into another Vault.

gRPC Database Plugins: Database plugins now use gRPC for transport, allowing them to be written in other languages.

Nomad Secret Backend: Nomad ACL tokens can now be generated and revoked using Vault.

TLS Cert Auth Backend Improvements: The cert auth backend can now match against custom certificate extensions via exact or glob matching, and additionally supports max_ttl and periodic token toggles.

IMPROVEMENTS:

auth/cert: Support custom certificate constraints [GH-3634]

... (truncated)

Commits

87b6919 Cut version 0.9.1
b971438 Bump vars for 0.9.1
ce4b28e Sync in plugin updates
ea5a3dd changelog++
706591e Allow log level to be specified in an env var (#3721)
4122bc9 changelog++
10ab224 Bust recovery cache after unsealed is set true to force migration
f46e6ca fix consul tls settings (#3719)
ccf10f6 check schema and table before create it (#3716)
8c4f369 Revert grabbing lock in database Connection funcs
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

amartinezfayo · 2023-05-31T11:47:16Z

go.mod

@@ -43,10 +43,10 @@ require (
 	github.com/googleapis/gax-go/v2 v2.9.1
 	github.com/gorilla/handlers v1.5.1
 	github.com/hashicorp/go-hclog v1.5.0
-	github.com/hashicorp/go-plugin v1.4.6
-	github.com/hashicorp/hcl v1.0.1-0.20190430135223-99e2f22d1c94
+	github.com/hashicorp/go-plugin v1.4.8


We can't update go-plugin until there is a release with the fix for hashicorp/go-plugin#232 (v1.4.9 doesn't include this fix either)

Bumps [github.com/hashicorp/vault/sdk](https://github.com/hashicorp/vault) from 0.9.0 to 0.9.1. - [Release notes](https://github.com/hashicorp/vault/releases) - [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md) - [Commits](hashicorp/vault@v0.9.0...v0.9.1) --- updated-dependencies: - dependency-name: github.com/hashicorp/vault/sdk dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

The upgrade to github.com/hashicorp/vault/sdk v0.9.1 introduces a downstream dependency on a branch of github.com/hashicorp/hcl that has a different behavior for reading in unrecognized config fields from HCL. The mainline version of HCL v1 reads these unrecognized fields as a `[]string` into a struct field tagged with the name `unusedKeys`, but the new version reads them as a `map[string][]token.Pos` into a struct field tagged with the name `unusedKeyPositions`. Fix all the affected spots in the code that handle unrecognized HCL config fields, and sort the field names for consistent unit test execution results, since maps with a string key type in Go don't guarantee any stable ordering of the keys in the map. Signed-off-by: Ryan Turner <turner@uber.com>

Signed-off-by: Marcos Yacob <marcos.yacob@hpe.com>

amartinezfayo

🎉

* Bump github.com/hashicorp/vault/sdk from 0.9.0 to 0.9.1 Bumps [github.com/hashicorp/vault/sdk](https://github.com/hashicorp/vault) from 0.9.0 to 0.9.1. - [Release notes](https://github.com/hashicorp/vault/releases) - [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md) - [Commits](hashicorp/vault@v0.9.0...v0.9.1) --- updated-dependencies: - dependency-name: github.com/hashicorp/vault/sdk dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Fix reading of unused config keys in HCL parsing The upgrade to github.com/hashicorp/vault/sdk v0.9.1 introduces a downstream dependency on a branch of github.com/hashicorp/hcl that has a different behavior for reading in unrecognized config fields from HCL. The mainline version of HCL v1 reads these unrecognized fields as a `[]string` into a struct field tagged with the name `unusedKeys`, but the new version reads them as a `map[string][]token.Pos` into a struct field tagged with the name `unusedKeyPositions`. Fix all the affected spots in the code that handle unrecognized HCL config fields, and sort the field names for consistent unit test execution results, since maps with a string key type in Go don't guarantee any stable ordering of the keys in the map. Signed-off-by: Ryan Turner <turner@uber.com> * upgreade hashicorp go-plugin Signed-off-by: Marcos Yacob <marcos.yacob@hpe.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Marcos Yacob <marcos.yacob@hpe.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Ryan Turner <turner@uber.com> Co-authored-by: Marcos Yacob <marcos.yacob@hpe.com> Signed-off-by: Neniel <11655196+Neniel@users.noreply.github.com>

dependabot bot requested review from evan2645, amartinezfayo, azdagron, MarcosDY and rturner3 as code owners May 29, 2023 17:03

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 29, 2023

dependabot bot force-pushed the dependabot/go_modules/github.com/hashicorp/vault/sdk-0.9.1 branch 5 times, most recently from d70c611 to 565d89f Compare May 31, 2023 00:17

amartinezfayo reviewed May 31, 2023

View reviewed changes

dependabot bot and others added 3 commits June 5, 2023 11:17

upgreade hashicorp go-plugin

b89e508

Signed-off-by: Marcos Yacob <marcos.yacob@hpe.com>

MarcosDY force-pushed the dependabot/go_modules/github.com/hashicorp/vault/sdk-0.9.1 branch from cbe507d to b89e508 Compare June 5, 2023 14:19

amartinezfayo approved these changes Jun 5, 2023

View reviewed changes

MarcosDY merged commit 8582f7a into main Jun 5, 2023

MarcosDY deleted the dependabot/go_modules/github.com/hashicorp/vault/sdk-0.9.1 branch June 5, 2023 18:35

MarcosDY added this to the 1.7.0 milestone Jun 5, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump github.com/hashicorp/vault/sdk from 0.9.0 to 0.9.1 #4184

Bump github.com/hashicorp/vault/sdk from 0.9.0 to 0.9.1 #4184

dependabot bot commented on behalf of github May 29, 2023 •

edited

Loading

amartinezfayo May 31, 2023

amartinezfayo left a comment

Bump github.com/hashicorp/vault/sdk from 0.9.0 to 0.9.1 #4184

Bump github.com/hashicorp/vault/sdk from 0.9.0 to 0.9.1 #4184

Conversation

dependabot bot commented on behalf of github May 29, 2023 • edited Loading

0.9.1 (December 21st, 2017)

amartinezfayo May 31, 2023

Choose a reason for hiding this comment

amartinezfayo left a comment

Choose a reason for hiding this comment

dependabot bot commented on behalf of github May 29, 2023 •

edited

Loading