Skip to content

build(deps): bump github.com/hashicorp/vault from 0.10.4 to 1.20.4 #2098

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

build(deps): bump github.com/hashicorp/vault from 0.10.4 to 1.20.4 #2098

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 30, 2025
edited
Loading

Bumps github.com/hashicorp/vault from 0.10.4 to 1.20.4.

Release notes

Sourced from github.com/hashicorp/vault's releases.

v1.20.4

No release notes provided.

v1.20.3

No release notes provided.

v1.20.2

August 06, 2025

SECURITY:

BUG FIXES:

  • agent/template: Fixed issue where templates would not render correctly if namespaces was provided by config, and the namespace and mount path of the secret were the same. [GH-31392]
  • identity/mfa: revert cache entry change from #31217 and document cache entry values [GH-31421]

v1.20.1

No release notes provided.

v1.20.0

1.20.0

June 25, 2025

SECURITY:

  • core: require a nonce when cancelling a rekey operation that was initiated within the last 10 minutes. [GH-30794]

CHANGES:

  • UI: remove outdated and unneeded js string extensions [GH-29834]
  • activity (enterprise): The sys/internal/counters/activity endpoint will return actual values for new clients in the current month.
  • activity (enterprise): provided values for start_time and end_time in sys/internal/counters/activity are aligned to the corresponding billing period.
  • activity: provided value for end_time in sys/internal/counters/activity is now capped at the end of the last completed month. [GH-30164]
  • api: Update the default API client to check for the Retry-After header and, if it exists, wait for the specified duration before retrying the request. [GH-30887]
  • auth/alicloud: Update plugin to v0.21.0 [GH-30810]
  • auth/azure: Update plugin to v0.20.2. Login requires resource_group_name, vm_name, and vmss_name to match token claims [GH-30052]
  • auth/azure: Update plugin to v0.20.3 [GH-30082]
  • auth/azure: Update plugin to v0.20.4 [GH-30543]
  • auth/azure: Update plugin to v0.21.0 [GH-30872]
  • auth/azure: Update plugin to v0.21.1 [GH-31010]
  • auth/cf: Update plugin to v0.20.1 [GH-30583]
  • auth/cf: Update plugin to v0.21.0 [GH-30842]
  • auth/gcp: Update plugin to v0.20.2 [GH-30081]
  • auth/jwt: Update plugin to v0.23.2 [GH-30431]
  • auth/jwt: Update plugin to v0.24.1 [GH-30876]
  • auth/kerberos: Update plugin to v0.15.0 [GH-30845]
  • auth/kubernetes: Update plugin to v0.22.1 [GH-30910]
  • auth/oci: Update plugin to v0.19.0 [GH-30841]

... (truncated)

Changelog

Sourced from github.com/hashicorp/vault's changelog.

0.11.6 (December 14th, 2018)

This release contains the three security fixes from 1.0.0 and 1.0.1 and the following bug fixes from 1.0.0/1.0.1:

  • namespaces: Correctly reload the proper mount when tuning or reloading the mount [GH-5937]
  • replication/perfstandby: Fix audit table upgrade on standbys [GH-5811]
  • replication/perfstandby: Fix redirect on approle update [GH-5820]
  • secrets/kv: Fix issue where storage version would get incorrectly downgraded [GH-5809]

It is otherwise identical to 0.11.5.

0.11.5 (November 13th, 2018)

BUG FIXES:

  • agent: Fix issue when specifying two file sinks [GH-5610]
  • auth/userpass: Fix minor timing issue that could leak the presence of a username [GH-5614]
  • autounseal/alicloud: Fix issue interacting with the API (Enterprise)
  • autounseal/azure: Fix key version tracking (Enterprise)
  • cli: Fix panic that could occur if parameters were not provided [GH-5603]
  • core: Fix buggy behavior if trying to remount into a namespace
  • identity: Fix duplication of entity alias entity during alias transfer between entities [GH-5733]
  • namespaces: Fix tuning of auth mounts in a namespace
  • ui: Fix bug where editing secrets as JSON doesn't save properly [GH-5660]
  • ui: Fix issue where IE 11 didn't render the UI and also had a broken form when trying to use tool/hash [GH-5714]

0.11.4 (October 23rd, 2018)

CHANGES:

  • core: HA lock file is no longer copied during operator migrate [GH-5503]. We've categorized this as a change, but generally this can be considered just a bug fix, and no action is needed.

FEATURES:

  • Transit Key Trimming: Keys in transit secret engine can now be trimmed to remove older unused key versions
  • Web UI support for KV Version 2: Browse, delete, undelete and destroy individual secret versions in the UI
  • Azure Existing Service Principal Support: Credentials can now be generated against an existing service principal

IMPROVEMENTS:

... (truncated)

Commits
  • 55bd8f1 [VAULT-39673] This is an automated pull request to build all artifacts for a ...
  • f7cc2f3 Merge remote-tracking branch 'remotes/from/ce/release/1.20.x' into release/1....
  • 66449e9 pipeline(hcp): fix JSON text output (#9302) (#9318) (#9328)
  • 1fd3879 Merge remote-tracking branch 'remotes/from/ce/release/1.20.x' into release/1....
  • 0951f7f VAULT-39383 updating go-discover (#9523) (#9537) (#9574)
  • 92da7f9 Merge remote-tracking branch 'remotes/from/ce/release/1.20.x' into release/1....
  • 5bf481f pipeline(changed-files): add 'github' changed file group (#9512) (#9547) (#9565)
  • ed16922 Merge remote-tracking branch 'remotes/from/ce/release/1.20.x' into release/1....
  • a7996aa pipeline(create-backport): fix inactive branch detection (#9531) (#9542) (#9559)
  • 0553001 Merge remote-tracking branch 'remotes/from/ce/release/1.20.x' into release/1....
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot
build(deps): bump github.com/hashicorp/vault from 0.10.4 to 1.20.4
a9d8003 
Bumps [github.com/hashicorp/vault](https://github.com/hashicorp/vault) from 0.10.4 to 1.20.4.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG-v0.md)
- [Commits](hashicorp/vault@v0.10.4...v1.20.4)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault
  dependency-version: 1.20.4
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Sep 30, 2025
@dependabot dependabot bot mentioned this pull request Sep 30, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants