Bump the all group with 2 updates

[dependabot]

Bumps the all group with 2 updates: github.com/hashicorp/vault/api and github.com/hashicorp/vault/sdk.

Updates github.com/hashicorp/vault/api from 1.12.1-0.20240308232909-7a328b110325 to 1.12.1

Release notes

Sourced from github.com/hashicorp/vault/api's releases.

v1.12.1

1.12.1

November 2, 2022

IMPROVEMENTS:

• api: Support VAULT_DISABLE_REDIRECTS environment variable (and --disable-redirects flag) to disable default client behavior and prevent the client following any redirection responses. [GH-17352]
• database/snowflake: Allow parallel requests to Snowflake [GH-17593]
• plugins: Add plugin version information to key plugin lifecycle log lines. [GH-17430]
• sdk/ldap: Added support for paging when searching for groups using group filters [GH-17640]

BUG FIXES:

• cli: Remove empty table heading for vault secrets list -detailed output. [GH-17577]
• core/managed-keys (enterprise): Return better error messages when encountering key creation failures
• core/managed-keys (enterprise): Switch to using hash length as PSS Salt length within the test/sign api for better PKCS#11 compatibility
• core: Fix panic caused in Vault Agent when rendering certificate templates [GH-17419]
• core: Fixes spurious warnings being emitted relating to "unknown or unsupported fields" for JSON config [GH-17660]
• core: prevent memory leak when using control group factors in a policy [GH-17532]
• core: prevent panic during mfa after enforcement's namespace is deleted [GH-17562]
• kmip (enterprise): Fix a problem in the handling of attributes that caused Import operations to fail.
• kmip (enterprise): Fix selection of Cryptographic Parameters for Encrypt/Decrypt operations.
• login: Store token in tokenhelper for interactive login MFA [GH-17040]
• secrets/pki: Respond to tidy-status, tidy-cancel on PR Secondary clusters. [GH-17497]
• ui: Fixes oidc/jwt login issue with alternate mount path and jwt login via mount path tab [GH-17661]

Changelog

Sourced from github.com/hashicorp/vault/api's changelog.

1.12.11

September 13, 2023

SECURITY:

• secrets/transit: fix a regression that was honoring nonces provided in non-convergent modes during encryption. [GH-22852]

IMPROVEMENTS:

• auth/ldap: improved login speed by adding concurrency to LDAP token group searches [GH-22659]
• kmip (enterprise): reduce latency of KMIP operation handling

BUG FIXES:

• cli: Fix the CLI failing to return wrapping information for KV PUT and PATCH operations when format is set to table. [GH-22818]
• core/quotas: Reduce overhead for role calculation when using cloud auth methods. [GH-22583]
• core/seal: add a workaround for potential connection [hangs] in Azure autoseals. [GH-22760]
• raft/autopilot: Add dr-token flag for raft autopilot cli commands [GH-21165]
• replication (enterprise): Fix discovery of bad primary cluster addresses to be more reliable

1.12.10

August 30, 2023

CHANGES:

• core: Bump Go version to 1.19.12.

IMPROVEMENTS:

• core: Log rollback manager failures during unmount, remount to prevent replication failures on secondary clusters. [GH-22235]
• replication (enterprise): Make reindex less disruptive by allowing writes during the flush phase.
• storage/raft: Cap the minimum dead_server_last_contact_threshold to 1m. [GH-22040]
• ui: enables create and update KV secret workflow when control group present [GH-22471]

BUG FIXES:

• api: Fix breakage with UNIX domain socket addresses introduced by newest Go versions as a security fix. [GH-22523]
• core (enterprise): Remove MFA Configuration for namespace when deleting namespace
• core/quotas (enterprise): Fix a case where we were applying login roles to lease count quotas in a non-login context. Also fix a related potential deadlock. [GH-21110]
• core: Remove "expiration manager is nil on tokenstore" error log for unauth requests on DR secondary as they do not have expiration manager. [GH-22137]
• core: Fix readonly errors that could occur while loading mounts/auths during unseal [GH-22362]
• core: Fixed an instance where incorrect route entries would get tainted. We now pre-calculate namespace specific paths to avoid this. [GH-21470]
• expiration: Fix a deadlock that could occur when a revocation failure happens while restoring leases on startup. [GH-22374]
• license: Add autoloaded license path to the cache exempt list. This is to ensure the license changes on the active node is observed on the perfStandby node. [GH-22363]
• replication (enterprise): Fix bug sync invalidate CoreReplicatedClusterInfoPath
• replication (enterprise): Fixing a bug by which the atomicity of a merkle diff result could be affected. This means it could be a source of a merkle-diff & sync process failing to switch into stream-wal mode afterwards.
• sdk/ldaputil: Properly escape user filters when using UPN domains sdk/ldaputil: use EscapeLDAPValue implementation from cap/ldap [GH-22249]
• secrets/ldap: Fix bug causing schema and password_policy to be overwritten in config. [GH-22332]

... (truncated)

Commits

• See full diff in compare view

Updates github.com/hashicorp/vault/sdk from 0.11.0 to 0.11.1

Changelog

Sourced from github.com/hashicorp/vault/sdk's changelog.

0.11.1 (September 6th, 2018)

SECURITY:

• Random Byte Reading in Barrier: Prior to this release, Vault was not properly checking the error code when reading random bytes for the IV for AES operations in its cryptographic barrier. Specifically, this means that such an IV could potentially be zero multiple times, causing nonce re-use and weakening the security of the key. On most platforms this should never happen because reading from kernel random sources is non-blocking and always successful, but there may be platform-specific behavior that has not been accounted for. (Vault has tests to check exactly this, and the tests have never seen nonce re-use.)

FEATURES:

• AliCloud Agent Support: Vault Agent can now authenticate against the AliCloud auth method.
• UI: Enable AliCloud auth method and Azure secrets engine via the UI.

IMPROVEMENTS:

• core: Logging level for most logs (not including secrets/auth plugins) can now be changed on-the-fly via SIGHUP, reading the desired value from Vault's config file [GH-5280]

BUG FIXES:

• core: Ensure we use a background context when stepping down [GH-5290]
• core: Properly check error return from random byte reading [GH-5277]
• core: Re-add sys/ top-route injection for now [GH-5241]
• core: Policies stored in minified JSON would return an error [GH-5229]
• core: Evaluate templated policies in capabilities check [GH-5250]
• identity: Update MemDB with identity group alias while loading groups [GH-5289]
• secrets/database: Fix nil pointer when revoking some leases [GH-5262]
• secrets/pki: Fix sign-verbatim losing extra Subject attributes [GH-5245]
• secrets/pki: Remove certificates from store when tidying revoked certificates and simplify API [GH-5231]
• ui: JSON editor will not coerce input to an object, and will now show an error about Vault expecting an object [GH-5271]
• ui: authentication form will now default to any methods that have been tuned to show up for unauthenticated users [GH-5281]

Commits

• 8575f8f Cut version 0.11.1
• af9853f Disable fmt on build
• b76414c changelog++
• 27b72e8 changelog++
• fd864e6 Remove group alias mdmdb update outside of UpsertGroupInTxn
• 0b3607a Fix group alias loading when identity memdb is initialized (#5289)
• f931bf0 Merge pull request #5216 from hashicorp/respond-upstream-throttle
• 36fd14f changelog++
• e0973d4 Port fix over that ensures we use the right step-down context (#5290)
• ee8b5b2 Update relatedtools.html.md (#5287)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[cloudflare-workers-and-pages]

Deploying vaku with    Cloudflare Pages

Latest commit:	23b27d7
Status:	✅  Deploy successful!
Preview URL:	https://2b2b25dc.vaku.pages.dev
Branch Preview URL:	https://dependabot-go-modules-all-18.vaku.pages.dev

View logs