Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): Bump github.com/hashicorp/vault/api/auth/approle from 0.1.1 to 0.4.1 #29

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 29, 2023

Bumps github.com/hashicorp/vault/api/auth/approle from 0.1.1 to 0.4.1.

Changelog

Sourced from github.com/hashicorp/vault/api/auth/approle's changelog.

0.4.1 (January 13, 2016)

SECURITY:

This is a security-only release; other than the version number and building against Go 1.5.3, there are no changes from 0.4.0.

0.4.0 (December 10, 2015)

DEPRECATIONS/CHANGES:

  • Policy Name Casing: Policy names are now normalized to lower-case on write, helping prevent accidental case mismatches. For backwards compatibility, policy names are not currently normalized when reading or deleting. GH-676
  • Default etcd port number: the default connection string for the etcd physical store uses port 2379 instead of port 4001, which is the port used by the supported version 2.x of etcd. GH-753
  • As noted below in the FEATURES section, if your Vault installation contains a policy called default, new tokens created will inherit this policy automatically.
  • In the PKI backend there have been a few minor breaking changes:
    • The token display name is no longer a valid option for providing a base domain for issuance. Since this name is prepended with the name of the authentication backend that issued it, it provided a faulty use-case at best and a confusing experience at worst. We hope to figure out a better per-token value in a future release.
    • The allowed_base_domain parameter has been changed to allowed_domains, which accepts a comma-separated list of domains. This allows issuing certificates with DNS subjects across multiple domains. If you had a configured allowed_base_domain parameter, it will be migrated automatically when the role is read (either via a normal read, or via issuing a certificate).

FEATURES:

  • Significantly Enhanced PKI Backend: The pki backend can now generate and sign root CA certificates and intermediate CA CSRs. It can also now sign submitted client CSRs, as well as a significant number of other enhancements. See the updated documentation for the full API. GH-666
  • CRL Checking for Certificate Authentication: The cert backend now supports pushing CRLs into the mount and using the contained serial numbers for revocation checking. See the documentation for the cert backend for more info. GH-330
  • Default Policy: Vault now ensures that a policy named default is added to every token. This policy cannot be deleted, but it can be modified (including to an empty policy). There are three endpoints allowed in the

... (truncated)

Commits
  • 1a807d5 Cut version 0.4.1
  • 3ba925b Bump values to 0.4.1
  • b3da917 Cut version 0.4.0
  • d597ae2 Fill in release date in Changelog
  • ba44fb4 Bump website version
  • b3786fb Add check for DOCKER_CROSS_IMAGE in dist script
  • 583882e Update documentation to be consistent with return codes
  • c1151dd Merge pull request #666 from hashicorp/pki-csrs
  • a09b2f3 Make the timeout for 'make test' 60s to accommodate larger numbers of generat...
  • 22cb3ae Merge branch 'master' into pki-csrs
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/hashicorp/vault/api/auth/approle](https://github.com/hashicorp/vault) from 0.1.1 to 0.4.1.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](hashicorp/vault@v0.1.1...v0.4.1)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/approle
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 29, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants