Skip to content

build(deps): bump github.com/hashicorp/vault from 1.17.0-rc1 to 1.20.1 #44

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

build(deps): bump github.com/hashicorp/vault from 1.17.0-rc1 to 1.20.1 #44

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 1, 2025

Bumps github.com/hashicorp/vault from 1.17.0-rc1 to 1.20.1.

Release notes

Sourced from github.com/hashicorp/vault's releases.

v1.20.1

No release notes provided.

v1.20.0

1.20.0

June 25, 2025

SECURITY:

  • core: require a nonce when cancelling a rekey operation that was initiated within the last 10 minutes. [GH-30794]

CHANGES:

  • UI: remove outdated and unneeded js string extensions [GH-29834]
  • activity (enterprise): The sys/internal/counters/activity endpoint will return actual values for new clients in the current month.
  • activity (enterprise): provided values for start_time and end_time in sys/internal/counters/activity are aligned to the corresponding billing period.
  • activity: provided value for end_time in sys/internal/counters/activity is now capped at the end of the last completed month. [GH-30164]
  • api: Update the default API client to check for the Retry-After header and, if it exists, wait for the specified duration before retrying the request. [GH-30887]
  • auth/alicloud: Update plugin to v0.21.0 [GH-30810]
  • auth/azure: Update plugin to v0.20.2. Login requires resource_group_name, vm_name, and vmss_name to match token claims [GH-30052]
  • auth/azure: Update plugin to v0.20.3 [GH-30082]
  • auth/azure: Update plugin to v0.20.4 [GH-30543]
  • auth/azure: Update plugin to v0.21.0 [GH-30872]
  • auth/azure: Update plugin to v0.21.1 [GH-31010]
  • auth/cf: Update plugin to v0.20.1 [GH-30583]
  • auth/cf: Update plugin to v0.21.0 [GH-30842]
  • auth/gcp: Update plugin to v0.20.2 [GH-30081]
  • auth/jwt: Update plugin to v0.23.2 [GH-30431]
  • auth/jwt: Update plugin to v0.24.1 [GH-30876]
  • auth/kerberos: Update plugin to v0.15.0 [GH-30845]
  • auth/kubernetes: Update plugin to v0.22.1 [GH-30910]
  • auth/oci: Update plugin to v0.19.0 [GH-30841]
  • auth/saml: Update plugin to v0.6.0
  • core: Bump Go version to 1.24.4.
  • core: Verify that the client IP address extracted from an X-Forwarded-For header is a valid IPv4 or IPv6 address [GH-29774]
  • database/couchbase: Update plugin to v0.14.0 [GH-30836]
  • database/elasticsearch: Update plugin to v0.18.0 [GH-30796]
  • database/mongodbatlas: Update plugin to v0.15.0 [GH-30856]
  • database/redis-elasticache: Update plugin to v0.7.0 [GH-30785]
  • database/redis: Update plugin to v0.6.0 [GH-30797]
  • database/snowflake: Update plugin to v0.14.0 [GH-30748]
  • database/snowflake: Update plugin to v0.14.1 [GH-30868]
  • logical/system: add ent stub for plugin catalog handling [GH-30890]
  • quotas/rate-limit: Round up the Retry-After value to the nearest second when calculating the retry delay. [GH-30887]
  • secrets/ad: Update plugin to v0.21.0 [GH-30819]
  • secrets/alicloud: Update plugin to v0.20.0 [GH-30809]
  • secrets/azure: Update plugin to v0.21.2 [GH-30037]
  • secrets/azure: Update plugin to v0.21.3 [GH-30083]
  • secrets/azure: Update plugin to v0.22.0 [GH-30832]
  • secrets/gcp: Update plugin to v0.21.2 [GH-29970]

... (truncated)

Changelog

Sourced from github.com/hashicorp/vault's changelog.

1.20.1

July 25, 2025

FEATURES:

  • Post-Quantum Cryptography Support: Experimental support for PQC signatures with SLH-DSA in Transit.

IMPROVEMENTS:

  • Plugin Downloads (enterprise): add CLI -download option for plugin register (beta)
  • audit: Add additional verifications to the target of file audit sinks. [GH-31211]
  • auth/cert: test non-CA cert equality on login matching instead of individual fields. [GH-31210]
  • openapi: Add OpenAPI support for secret recovery operations. [GH-31331]
  • plugins: Clarify usage of sha256, command, and version for plugin registration of binary or artifact with API and CLI. Introduce new RegisterPluginDetailed and RegisterPluginWtihContextDetailed functions to API client to propagate response along with error, and mark RegisterPlugin and RegisterPluginWithContext as deprecated. [GH-30811]
  • secrets/pki (enterprise): enable separately-configured logging for SCEP-enrollment.
  • secrets/pki: Add the digest OID when logging SCEP digest mismatch errors. [GH-31232]

BUG FIXES:

  • activity (enterprise): Fix development_cluster setting being overwritten on performance secondaries upon cluster reload. [GH-31223]
  • auth/scep (enterprise): enforce the token_bound_cidrs role parameter within SCEP roles
  • auth: update alias lookahead to respect username case for LDAP and username/password [GH-31352]
  • auto-reporting (enterprise): Clarify debug logs to accurately reflect when automated license utilization reporting is enabled or disabled, especially since manual reporting is always initialized.
  • core/seal (enterprise): Fix a bug that caused the seal rewrap process to abort in the presence of partially sealed entries.
  • kmip (enterprise): Fix a panic that can happen when a KMIP client makes a request before the Vault server has finished unsealing. [GH-31266]
  • plugins: Fix panics that can occur when a plugin audits a request or response before the Vault server has finished unsealing. [GH-31266]
  • product usage reporting (enterprise): Clarify debug logs to accurately reflect when anonymous product usage reporting is enabled or disabled, especially since manual reporting is always initialized.
  • replication (enterprise): Fix bug with mount invalidations consuming excessive memory.
  • secrets-sync (enterprise): Unsyncing secret-key granularity associations will no longer give a misleading error about a failed unsync operation that did indeed succeed.
  • secrets/gcp: Update to [email protected] to address more eventual consistency issues [GH-31350]
  • ui: Fix capability checks for api resources with underscores to properly hide actions and dropdown items a user cannot perform [GH-31271]
  • ui: Fix kv v2 overview page from erroring if a user does not have access to the /subkeys endpoint and the policy check fails. [GH-31136]
  • ui: Fix mutation of unwrapped data when keys contain underscores [GH-31287]
  • ui: Fix regression in 1.20.0 to properly set namespace context for capabilities checks [GH-31276]
  • ui: Fix selecting multiple namespaces in the namespace picker when the path contains matching nodes [GH-31326]
  • ui: Fixes UI login settings list page which was not rendering rules with an underscore in the name. [GH-31150]
  • ui: Include user's root namespace in the namespace picker if it's a namespace other than the actual root ("") [GH-31300]
  • ui: Revert camelizing of parameters returned from sys/internal/ui/mounts so mount paths match serve value [GH-31094]

1.20.0

June 25, 2025

SECURITY:

  • core: require a nonce when cancelling a rekey operation that was initiated within the last 10 minutes. [GH-30794],[HCSEC-2025-11]

CHANGES:

  • UI: remove outdated and unneeded js string extensions [GH-29834]
  • activity (enterprise): The sys/internal/counters/activity endpoint will return actual values for new clients in the current month.

... (truncated)

Commits
  • b403b1a [VAULT-38326] This is an automated pull request to build all artifacts for a ...
  • dc5d20d backport of commit 881febbf98a011c5354b82b9b194bfc91ef22ed6 (#31360)
  • 965ba13 backport of commit 1d60673802a1333711da4343278cbe92640212a7 (#31345)
  • 4d318df backport of commit 8f7d76d78138540b883ac89e0e7a465ab2464f66 (#31358)
  • 595168a [1.20] update [email protected] (#31350)
  • 228ac5f Backport 1.20.x: Namespace picker capabilities and duplicate selection fixes ...
  • 94ce9d1 backport of commit df0e6bbedd9732c644d73d58beb062768745d73b (#31338)
  • 73cd26e backport of commit 9190485ef6bd640ba9560906bf6866ef598b6826 (#31334)
  • cd2ec3b Dependency update for 1.20 (#31321)
  • 1c7111d Add missing redirects per UDR migration (#31332)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump github.com/hashicorp/vault from 1.17.0-rc1 to 1.20.1
525169c 
Bumps [github.com/hashicorp/vault](https://github.com/hashicorp/vault) from 1.17.0-rc1 to 1.20.1.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](hashicorp/vault@v1.17.0-rc1...v1.20.1)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault
  dependency-version: 1.20.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Aug 1, 2025
@dependabot dependabot bot mentioned this pull request Aug 1, 2025
Closed
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Aug 6, 2025

Superseded by #45.

@dependabot dependabot bot closed this Aug 6, 2025
@dependabot dependabot bot deleted the dependabot/go_modules/github.com/hashicorp/vault-1.20.1 branch August 6, 2025 18:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants