Skip to content

build(deps): bump github.com/hashicorp/vault from 1.17.0-rc1 to 1.20.2 #45

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): bump github.com/hashicorp/vault from 1.17.0-rc1 to 1.20.2 #45

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 6, 2025

Bumps github.com/hashicorp/vault from 1.17.0-rc1 to 1.20.2.

Release notes

Sourced from github.com/hashicorp/vault's releases.

v1.20.2

No release notes provided.

v1.20.1

No release notes provided.

v1.20.0

1.20.0

June 25, 2025

SECURITY:

  • core: require a nonce when cancelling a rekey operation that was initiated within the last 10 minutes. [GH-30794]

CHANGES:

  • UI: remove outdated and unneeded js string extensions [GH-29834]
  • activity (enterprise): The sys/internal/counters/activity endpoint will return actual values for new clients in the current month.
  • activity (enterprise): provided values for start_time and end_time in sys/internal/counters/activity are aligned to the corresponding billing period.
  • activity: provided value for end_time in sys/internal/counters/activity is now capped at the end of the last completed month. [GH-30164]
  • api: Update the default API client to check for the Retry-After header and, if it exists, wait for the specified duration before retrying the request. [GH-30887]
  • auth/alicloud: Update plugin to v0.21.0 [GH-30810]
  • auth/azure: Update plugin to v0.20.2. Login requires resource_group_name, vm_name, and vmss_name to match token claims [GH-30052]
  • auth/azure: Update plugin to v0.20.3 [GH-30082]
  • auth/azure: Update plugin to v0.20.4 [GH-30543]
  • auth/azure: Update plugin to v0.21.0 [GH-30872]
  • auth/azure: Update plugin to v0.21.1 [GH-31010]
  • auth/cf: Update plugin to v0.20.1 [GH-30583]
  • auth/cf: Update plugin to v0.21.0 [GH-30842]
  • auth/gcp: Update plugin to v0.20.2 [GH-30081]
  • auth/jwt: Update plugin to v0.23.2 [GH-30431]
  • auth/jwt: Update plugin to v0.24.1 [GH-30876]
  • auth/kerberos: Update plugin to v0.15.0 [GH-30845]
  • auth/kubernetes: Update plugin to v0.22.1 [GH-30910]
  • auth/oci: Update plugin to v0.19.0 [GH-30841]
  • auth/saml: Update plugin to v0.6.0
  • core: Bump Go version to 1.24.4.
  • core: Verify that the client IP address extracted from an X-Forwarded-For header is a valid IPv4 or IPv6 address [GH-29774]
  • database/couchbase: Update plugin to v0.14.0 [GH-30836]
  • database/elasticsearch: Update plugin to v0.18.0 [GH-30796]
  • database/mongodbatlas: Update plugin to v0.15.0 [GH-30856]
  • database/redis-elasticache: Update plugin to v0.7.0 [GH-30785]
  • database/redis: Update plugin to v0.6.0 [GH-30797]
  • database/snowflake: Update plugin to v0.14.0 [GH-30748]
  • database/snowflake: Update plugin to v0.14.1 [GH-30868]
  • logical/system: add ent stub for plugin catalog handling [GH-30890]
  • quotas/rate-limit: Round up the Retry-After value to the nearest second when calculating the retry delay. [GH-30887]
  • secrets/ad: Update plugin to v0.21.0 [GH-30819]
  • secrets/alicloud: Update plugin to v0.20.0 [GH-30809]
  • secrets/azure: Update plugin to v0.21.2 [GH-30037]

... (truncated)

Changelog

Sourced from github.com/hashicorp/vault's changelog.

1.20.2

August 06, 2025

SECURITY:

BUG FIXES:

  • agent/template: Fixed issue where templates would not render correctly if namespaces was provided by config, and the namespace and mount path of the secret were the same. [GH-31392]
  • identity/mfa: revert cache entry change from #31217 and document cache entry values [GH-31421]

1.20.1

July 25, 2025

SECURITY:

FEATURES:

  • Post-Quantum Cryptography Support: Experimental support for PQC signatures with SLH-DSA in Transit.

IMPROVEMENTS:

  • Plugin Downloads (enterprise): add CLI -download option for plugin register (beta)
  • openapi: Add OpenAPI support for secret recovery operations. [GH-31331]
  • plugins: Clarify usage of sha256, command, and version for plugin registration of binary or artifact with API and CLI. Introduce new RegisterPluginDetailed and RegisterPluginWtihContextDetailed functions to API client to propagate response along with error, and mark RegisterPlugin and RegisterPluginWithContext as deprecated. [GH-30811]
  • secrets/pki (enterprise): enable separately-configured logging for SCEP-enrollment.
  • secrets/pki: Add the digest OID when logging SCEP digest mismatch errors. [GH-31232]

BUG FIXES:

  • activity (enterprise): Fix development_cluster setting being overwritten on performance secondaries upon cluster reload. [GH-31223]
  • auth/scep (enterprise): enforce the token_bound_cidrs role parameter within SCEP roles
  • auto-reporting (enterprise): Clarify debug logs to accurately reflect when automated license utilization reporting is enabled or disabled, especially since manual reporting is always initialized.
  • core/seal (enterprise): Fix a bug that caused the seal rewrap process to abort in the presence of partially sealed entries.
  • kmip (enterprise): Fix a panic that can happen when a KMIP client makes a request before the Vault server has finished unsealing. [GH-31266]
  • plugins: Fix panics that can occur when a plugin audits a request or response before the Vault server has finished unsealing. [GH-31266]
  • product usage reporting (enterprise): Clarify debug logs to accurately reflect when anonymous product usage reporting is enabled or disabled, especially since manual reporting is always initialized.
  • replication (enterprise): Fix bug with mount invalidations consuming excessive memory.
  • secrets-sync (enterprise): Unsyncing secret-key granularity associations will no longer give a misleading error about a failed unsync operation that did indeed succeed.
  • secrets/gcp: Update to [email protected] to address more eventual consistency issues [GH-31350]
  • ui: Fix capability checks for api resources with underscores to properly hide actions and dropdown items a user cannot perform [GH-31271]
  • ui: Fix kv v2 overview page from erroring if a user does not have access to the /subkeys endpoint and the policy check fails. [GH-31136]

... (truncated)

Commits
  • 824d129 [VAULT-38686] This is an automated pull request to build all artifacts for a ...
  • 299306f auth/ldap: ensure consistent entity aliasing when set from the username (#314...
  • 69fcd7e backport of commit 078585b3654dda8334bceb8a6288e4e12c201b6e (#31424)
  • 9a6a568 backport of commit fc249a43b18d1a1f66d6ec2779aed6a4577cf671 (#31399)
  • 4ad0846 backport of commit 40364857393da9b306a7be6e9d6110b06877a16d (#31388)
  • 7a59e52 backport of commit 738649ea9f2dbd3c4bcf7d42173eb5b8bbd86ac6 (#31387)
  • 6d284fb backport of commit 857e66b3e237ee24e99c42f2946ca85a2aac4f5b (#31362)
  • fa739a8 backport of commit f0201408b4f44a4bc69b22d7c6a1d490d02ef390 (#31380)
  • 5efb29c Bumped product version to 1.20.2.
  • b403b1a [VAULT-38326] This is an automated pull request to build all artifacts for a ...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump github.com/hashicorp/vault from 1.17.0-rc1 to 1.20.2
57a7a61 
Bumps [github.com/hashicorp/vault](https://github.com/hashicorp/vault) from 1.17.0-rc1 to 1.20.2.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](hashicorp/vault@v1.17.0-rc1...v1.20.2)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault
  dependency-version: 1.20.2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Aug 6, 2025
@dependabot dependabot bot mentioned this pull request Aug 6, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants