dependabot[bot] opened a new pull request, #2213: URL: https://github.com/apache/dubbo-go/pull/2213
Bumps [github.com/hashicorp/vault/sdk](https://github.com/hashicorp/vault) from 0.7.0 to 0.8.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/hashicorp/vault/blob/main/CHANGELOG.md";>github.com/hashicorp/vault/sdk's changelog</a>.</em></p> <blockquote> <h2>0.8.1 (August 16th, 2017)</h2> <p>DEPRECATIONS/CHANGES:</p> <ul> <li>PKI Root Generation: Calling <code>pki/root/generate</code> when a CA cert/key already exists will now return a <code>204</code> instead of overwriting an existing root. If you want to recreate the root, first run a delete operation on <code>pki/root</code> (requires <code>sudo</code> capability), then generate it again.</li> </ul> <p>FEATURES:</p> <ul> <li><strong>Oracle Secret Backend</strong>: There is now an external plugin to support leased credentials for Oracle databases (distributed separately).</li> <li><strong>GCP IAM Auth Backend</strong>: There is now an authentication backend that allows using GCP IAM credentials to retrieve Vault tokens. This is available as both a plugin and built-in to Vault.</li> <li><strong>PingID Push Support for Path-Based MFA (Enterprise)</strong>: PingID Push can now be used for MFA with the new path-based MFA introduced in Vault Enterprise 0.8.</li> <li><strong>Permitted DNS Domains Support in PKI</strong>: The <code>pki</code> backend now supports specifying permitted DNS domains for CA certificates, allowing you to narrowly scope the set of domains for which a CA can issue or sign child certificates.</li> <li><strong>Plugin Backend Reload Endpoint</strong>: Plugin backends can now be triggered to reload using the <code>sys/plugins/reload/backend</code> endpoint and providing either the plugin name or the mounts to reload.</li> <li><strong>Self-Reloading Plugins</strong>: The plugin system will now attempt to reload a crashed or stopped plugin, once per request.</li> </ul> <p>IMPROVEMENTS:</p> <ul> <li>auth/approle: Allow array input for policies in addition to comma-delimited strings [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/3163";>GH-3163</a>]</li> <li>plugins: Send logs through Vault's logger rather than stdout [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/3142";>GH-3142</a>]</li> <li>secret/pki: Add <code>pki/root</code> delete operation [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/3165";>GH-3165</a>]</li> <li>secret/pki: Don't overwrite an existing root cert/key when calling generate [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/3165";>GH-3165</a>]</li> </ul> <p>BUG FIXES:</p> <ul> <li>aws: Don't prefer a nil HTTP client over an existing one [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/3159";>GH-3159</a>]</li> <li>core: If there is an error when checking for create/update existence, return 500 instead of 400 [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/3162";>GH-3162</a>]</li> <li>secret/database: Avoid creating usernames that are too long for legacy MySQL [<a href="https://github-redirect.dependabot.com/hashicorp/vault/pull/3138";>GH-3138</a>]</li> </ul> <h2>0.8.0 (August 9th, 2017)</h2> <p>SECURITY:</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/hashicorp/vault/commit/8d76a41854608c547a233f2e6292ae5355154695";><code>8d76a41</code></a> Cut version 0.8.1</li> <li><a href="https://github.com/hashicorp/vault/commit/7c6e18d71e3814222e015ae2f9b7a990036cabd4";><code>7c6e18d</code></a> plugins/backend/reload -> plugins/reload/backend (<a href="https://github-redirect.dependabot.com/hashicorp/vault/issues/3186";>#3186</a>)</li> <li><a href="https://github.com/hashicorp/vault/commit/527e23411db95ad910e31c4a4bb9607020ef8997";><code>527e234</code></a> Fix plugin docs (<a href="https://github-redirect.dependabot.com/hashicorp/vault/issues/3185";>#3185</a>)</li> <li><a href="https://github.com/hashicorp/vault/commit/6c32b7d73490daed876246ac656ce24e48f715ca";><code>6c32b7d</code></a> Bump version for release</li> <li><a href="https://github.com/hashicorp/vault/commit/c14d445de4fd3a613d68368a37b25fd9323be5b1";><code>c14d445</code></a> Bump go-plugin dep</li> <li><a href="https://github.com/hashicorp/vault/commit/5d37bd54ef456d544819ca670572d1c84f23c68c";><code>5d37bd5</code></a> Remove erroneous flag from hmac docs</li> <li><a href="https://github.com/hashicorp/vault/commit/a7f3f40f9ea89a8edf79e60ee12fd99b10362703";><code>a7f3f40</code></a> * Add ability to specify a plugin dir in dev mode (<a href="https://github-redirect.dependabot.com/hashicorp/vault/issues/3184";>#3184</a>)</li> <li><a href="https://github.com/hashicorp/vault/commit/27c2386f4a33709c08e37fbb13ce21856a9b3997";><code>27c2386</code></a> Add gcp auth backend (<a href="https://github-redirect.dependabot.com/hashicorp/vault/issues/3183";>#3183</a>)</li> <li><a href="https://github.com/hashicorp/vault/commit/16863dbe4a68f9c3b8b251caf2ae9ce665786b08";><code>16863db</code></a> changelog++</li> <li><a href="https://github.com/hashicorp/vault/commit/c8388a9ebae2c6bc47182616d9e8cc210f2d4970";><code>c8388a9</code></a> Add plugin auto-reload capability (<a href="https://github-redirect.dependabot.com/hashicorp/vault/issues/3171";>#3171</a>)</li> <li>Additional commits viewable in <a href="https://github.com/hashicorp/vault/compare/v0.7.0...v0.8.1";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
