scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-02 03:27:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
24bb6c228045755caf58fa4587c1f18f55ca53e7
vault/changelog
History
Alexander Scheel 6e6914547e Let PKI tidy associate revoked certs with their issuers (#16871) 
* Refactor tidy steps into two separate helpers

This refactors the tidy go routine into two separate helpers, making it
clear where the boundaries of each are: variables are passed into these
method and concerns are separated. As more operations are rolled into
tidy, we can continue adding more helpers as appropriate. Additionally,
as we move to make auto-tidy occur, we can use these as points to hook
into periodic tidying.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Refactor revInfo checking to helper

This allows us to validate whether or not a revInfo entry contains a
presently valid issuer, from the existing mapping. Coupled with the
changeset to identify the issuer on revocation, we can begin adding
capabilities to tidy to update this association, decreasing CRL build
time and increasing the performance of OCSP.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Refactor issuer fetching for revocation purposes

Revocation needs to gracefully handle using the old legacy cert bundle,
so fetching issuers (and parsing them) needs to be done slightly
differently than other places. Refactor this from revokeCert into a
common helper that can be used by tidy.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Allow tidy to associate revoked certs, issuers

When revoking a certificate, we need to associate the issuer that signed
its certificate back to the revInfo entry. Historically this was
performed during CRL building (and still remains so), but when running
without CRL building and with only OCSP, performance will degrade as the
issuer needs to be found each time.

Instead, allow the tidy operation to take over this role, allowing us to
increase the performance of OCSP and CRL in this scenario, by decoupling
issuer identification from CRL building in the ideal case.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add tests for tidy updates

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog entry

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add documentation on new tidy parameter, metrics

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Refactor tidy config into shared struct

Finish adding metrics, status messages about new tidy operation.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-08-26 10:13:45 -07:00
..
_1622.txt
Update _1622.txt
2021-01-20 15:06:23 -05:00
_1633.txt
Changelog for enterprise fix. (#10560)
2020-12-14 12:43:38 -06:00
_1637.txt
Changelog updates for transform fixes (ENT) (#10528)
2020-12-10 13:59:30 -06:00
_1642.txt
changelog for license (#10555)
2020-12-15 10:42:39 -08:00
_1656.txt
1.5.6 & 1.6.1 changelog++
2020-12-16 10:55:12 -05:00
_1659.txt
Add changelog for ent #1659. (#10600)
2020-12-18 15:06:54 -05:00
_1663.txt
Add changelog for #1663. (#10635)
2021-01-04 11:08:39 -05:00
_1680.txt
changelog++ (#10748)
2021-01-26 19:30:42 -05:00
_1691.txt
Add changelog entry for ent PR 1691 (#11139)
2021-03-19 10:07:48 -07:00
_1705.txt
Add changelog entry for ent PR 1705 (#10827)
2021-02-03 09:35:14 -08:00
_1712.txt
Changing from "changelog" to "release-note" (#11303)
2021-04-07 18:21:01 -04:00
_1739.txt
Adds a changelog entry for key management secrets engine (#11164)
2021-03-19 15:45:35 -07:00
_1757.txt
Add transform upgrade bug fix changelog (#11090)
2021-03-12 09:52:41 -06:00
_1792.txt
Changelog for orphan status fix (#11137)
2021-03-19 11:38:07 -05:00
_1819.txt
oss part of control groups upgrade (#11772)
2021-06-07 09:15:35 -07:00
_2021Jan20.txt
Changelog notes for 1.6.2 (#10737)
2021-01-20 15:52:48 -05:00
_2021Jan26.txt
More CL notes for 1.6.2 (#10792)
2021-01-27 12:03:20 -05:00
_2071.txt
oss part of license diagnose test fix (#12234)
2021-08-02 10:50:49 -07:00
_10959.txt
Make cert domain name validation case insensitive (#10959)
2021-03-09 21:28:27 -08:00
_ 1686.txt
changelog for entropy augmentation PR [VAULT-1179] (#10755)
2021-01-26 21:06:38 -08:00
_go-ver-1120.txt
update to GO 1.18.5 (#16840)
2022-08-23 19:05:43 -04:00
7277.txt
Allow globbing dis/allowed_policies_glob in token roles (#7277)
2021-09-21 08:25:06 -07:00
9081.txt
updated usage example (#9081)
2022-08-24 09:03:30 -04:00
9109.txt
Add support for go-sockaddr templated addresses in config. (#9109)
2021-10-21 10:10:48 -04:00
9972.txt
add to changelog (#10601)
2020-12-18 10:26:08 -07:00
10072.txt
docs change for max request size community PR (#10723)
2021-01-27 10:02:00 -08:00
10077.txt
Templates and 1 example (#10363)
2020-11-16 14:05:28 -05:00
10085.txt
Fix entity group associations (#10085)
2021-10-01 10:22:52 -04:00
10101.txt
Dedup from_entity_ids when merging two entities (#10101)
2021-10-12 15:35:19 -04:00
10131.txt
changelog: add PR 10131 to the changelog (#10688)
2021-01-12 18:24:04 -08:00
10181.txt
Add a Changelog entry for 10181 (#11293)
2021-04-07 11:44:19 -05:00
10231.txt
Allow Vault Agent to run as a Windows service (#10231)
2020-11-23 14:24:32 -08:00
10249.txt
Add allowed_uri_sans_template (#10249)
2021-12-15 09:18:28 -06:00
10365.txt
"vault operator usage" CLI for client count reporting (#10365)
2020-11-23 14:57:35 -06:00
10375.txt
changelog with go changelog (#10434)
2020-11-30 09:24:24 -08:00
10384.txt
Match influxdb changelog with correct PR (#10535)
2020-12-11 15:50:07 -07:00
10386.txt
changelog for vault 849 (#10435)
2020-11-30 10:28:32 -08:00
10416.txt
Add changelog for #10416 (#10473)
2020-12-01 16:08:19 +00:00
10417.txt
Fix delete role issue on transform (#10417)
2020-11-23 10:38:09 -06:00
10424.txt
Fix license caching issue (#10424)
2020-12-02 18:21:14 +01:00
10433.txt
MySQL - Fix username generation length bug (#10433)
2020-12-01 15:24:51 -07:00
10444.txt
Add AllowedHeader and fix AllowedOrigins in the API (#10482)
2020-12-03 14:31:25 +01:00
10456.txt
changelog/10456.txt
2020-12-10 06:55:24 -05:00
10487.txt
Only use entropy augmentation for root token creation [VAULT-670] (#10487)
2020-12-04 09:44:04 -08:00
10489.txt
core: Record the time a node became active (#10489)
2020-12-11 16:50:19 -08:00
10490.txt
Fix UI custom header values (#10511)
2020-12-15 15:58:03 +01:00
10491.txt
No 'v' in version HTML anchor (#10491)
2020-12-08 11:21:48 -06:00
10498.txt
Be consistent with how we report init status. (#10498)
2020-12-08 13:55:34 -05:00
10505.txt
Add helper for encoding/decoding root tokens and OTP generation in SDK module (#10504) (#10505)
2021-12-01 08:05:49 -05:00
10514.txt
metrics: activity log (#10514)
2021-01-26 16:37:07 -06:00
10520.txt
Send a test message before committing a new audit device. (#10520)
2020-12-16 16:00:32 -06:00
10536.txt
rate limit: fix initialize defaults (#10536)
2020-12-14 14:55:52 -05:00
10537.txt
Improve consistency in error messages (#10537)
2020-12-11 15:21:53 -06:00
10546.txt
Updates the OIDC/JWT auth plugin (#10546)
2020-12-14 10:07:07 -08:00
10556.txt
Only set the namespace if the env var isn't present (#1519) (#10556)
2020-12-14 11:40:48 -08:00
10558.txt
changelog: add entry for 10558 (#10563)
2020-12-14 12:00:26 -08:00
10579.txt
Fix ip disclosure (#10649)
2021-01-05 15:32:47 -06:00
10588.txt
UI/managed namespace changes (#10588)
2021-01-07 14:18:36 -06:00
10596.txt
Bug: Fix issue with double encoding on space in secret history route (#10596)
2021-01-04 09:32:52 -07:00
10603.txt
Add changelog entry for Snowflake DB support being added (#11078)
2021-03-10 16:09:13 -08:00
10609.txt
Add log gathering to debug command. (#10609)
2020-12-22 15:15:24 -05:00
10613.txt
Feature flags API (#10613)
2021-01-06 16:05:00 -06:00
10650.txt
Make the error response to the sys/internal/ui/mounts with no client token consistent (#10650)
2021-01-07 11:46:08 -06:00
10653.txt
add variable entropy readers to cert gen helpers [VAULT-1179] (#10653)
2021-01-08 09:48:27 -08:00
10655.txt
UI Database Secrets Engine (MongoDB) (#10655)
2021-02-18 10:36:31 -06:00
10677.txt
UI: Update dependencies (#10677)
2021-02-01 13:38:03 -06:00
10684.txt
UI: Fix shape of response anticipated from feature-flags endpoint (#10684)
2021-01-11 14:44:52 -06:00
10689.txt
Update 10689.txt
2021-02-24 13:29:09 -05:00
10705.txt
changelog: add entry for PR 10705 (#10785)
2021-01-26 12:54:15 -08:00
10708.txt
Protect part of emitMetrics from panic behavior during post-seal (#10708)
2021-01-19 14:06:50 -08:00
10725.txt
Implement sys/seal-status and sys/leader in system backend (#10725)
2021-01-20 14:04:24 -06:00
10726.txt
Minimal change to ensure that the bulky leaseEntry isn't kept in memory. (#10726)
2021-01-19 17:51:41 -05:00
10730.txt
Update to go 1.15.7 (#10730)
2021-01-20 11:02:33 -08:00
10743.txt
make token create case insensitive [VAULT-1021] (#10743)
2021-01-27 09:56:54 -08:00
10744.txt
Documentation for barrier autorotation (#11027)
2021-03-01 10:45:22 -06:00
10751.txt
secrets/consul: Add support to auto-bootstrap Consul ACL system (#10751)
2022-04-20 17:16:15 -05:00
10756.txt
Pull in newest consul-template from master and all corresponding dependencies [VAULT-1392] (#10756)
2021-01-29 12:30:16 -08:00
10757.txt
Set namespace for template server in agent (#10757)
2021-01-25 17:37:01 -05:00
10758.txt
changelog++ (#10775)
2021-01-26 12:45:54 -05:00
10759.txt
CHANGELOG update: GCP secrets WAL issue fix (#10776)
2021-01-26 13:50:39 -08:00
10766.txt
Add Username Templating Concepts page (#10935)
2021-02-26 16:04:12 -07:00
10767.txt
Add Username Templating Concepts page (#10935)
2021-02-26 16:04:12 -07:00
10812.txt
Changing from "changelog" to "release-note" (#11303)
2021-04-07 18:21:01 -04:00
10826.txt
Changing from "changelog" to "release-note" (#11303)
2021-04-07 18:21:01 -04:00
10833.txt
Set TokenParent in the Index to be cached (#10833)
2021-02-03 18:30:41 -08:00
10834.txt
Add Username Templating Concepts page (#10935)
2021-02-26 16:04:12 -07:00
10848.txt
Updating date-fns library from 1.x to 2.x (#10848)
2021-02-08 13:13:00 -07:00
10850.txt
agent: allow auto-auth to use an existing token (#10850)
2021-02-11 09:36:03 -05:00
10855.txt
Fill in missing lease ID deterministically. Generate a UUID on creation. (#10855)
2021-02-08 13:46:59 -06:00
10858.txt
Add Username Templating Concepts page (#10935)
2021-02-26 16:04:12 -07:00
10877.txt
Correct lock acquisition order in the pathEntityMergeID identity to fix deadlock condition (#10877)
2021-02-10 11:05:16 -05:00
10886.txt
Let allowed_users template mix templated and non-templated parts (#10886)
2021-10-19 15:00:15 -07:00
10901.txt
Use an atomic to avoid a race in runEventDemuxer. (#10901)
2021-02-11 11:50:41 -05:00
10904.txt
UI: Upgrade storybook (#10904)
2021-02-11 12:16:00 -07:00
10906.txt
Add Username Templating Concepts page (#10935)
2021-02-26 16:04:12 -07:00
10919.txt
Updates the JWT/OIDC auth plugin (#10919)
2021-02-16 17:21:35 -08:00
10927.txt
agent: persistent caching support (#10938)
2021-03-03 14:01:33 -08:00
10931.txt
Bundle new Vault plugin: Terraform secrets (#10931)
2021-02-19 16:38:56 -06:00
10938.txt
agent: persistent caching support (#10938)
2021-03-03 14:01:33 -08:00
10942.txt
Add TOTP support to Okta Auth (#10942)
2021-02-21 21:18:17 -08:00
10948.txt
Adds "raw(/pem)" format to individual cert routes (#10947) (#10948)
2022-02-07 09:47:13 -05:00
10949.txt
UI/Database Secrets Engine cleanup (#10949)
2021-02-19 14:04:51 -06:00
10951.txt
UI/add usage metrics description (#10951)
2021-02-22 09:35:15 -06:00
10952.txt
update docs related to OCI alias changes (#10952)
2021-02-23 10:08:15 -06:00
10953.txt
Add changelog entry for #10953 (#11077)
2021-03-10 15:54:15 -08:00
10964.txt
Add configurable exponential backoff to Agent auto-auth (#10964)
2021-02-23 12:04:21 -08:00
10980.txt
UI: Show error when connection roles fail to update on role create (#10980)
2021-02-23 10:47:02 -06:00
10982.txt
UI: Add the wizard to the database secret engine (#10982)
2021-02-23 13:52:39 -07:00
10992.txt
Make metrics access unauthenticated when in dev mode. (#10992)
2021-02-24 14:04:23 -05:00
10995.txt
Vendor Couchbase DB plugin v0.3.0 (#10995)
2021-02-25 12:59:45 -07:00
10996.txt
Vendor OpenLDAP v0.4.0 (#10996)
2021-02-25 13:00:00 -07:00
10997.txt
Changing from "changelog" to "release-note" (#11303)
2021-04-07 18:21:01 -04:00
11000.txt
Fix missing changelog (#13230)
2021-11-19 12:59:00 -08:00
11011.txt
Changing from "changelog" to "release-note" (#11303)
2021-04-07 18:21:01 -04:00
11015.txt
Changing from "changelog" to "release-note" (#11303)
2021-04-07 18:21:01 -04:00
11018.txt
Changing from "changelog" to "release-note" (#11303)
2021-04-07 18:21:01 -04:00
11022.txt
Add Partial Month Client Count API for Activity Log (#11022)
2021-03-01 16:15:59 -07:00
11094.txt
Changing from "changelog" to "release-note" (#11303)
2021-04-07 18:21:01 -04:00
11113.txt
Changing from "changelog" to "release-note" (#11303)
2021-04-07 18:21:01 -04:00
11119.txt
UI: Connection "Add Role" automatically populates database in form (#11119)
2021-03-17 11:32:27 -05:00
11127.txt
Changing from "changelog" to "release-note" (#11303)
2021-04-07 18:21:01 -04:00
11129.txt
Add command to look up a lease by ID (#11129)
2021-03-18 11:11:09 -05:00
11142.txt
Changing from "changelog" to "release-note" (#11303)
2021-04-07 18:21:01 -04:00
11143.txt
UI/control groups kv (#11143)
2021-03-22 10:03:47 -06:00
11182.txt
UI/namespace bug (#11182)
2021-03-23 14:55:31 -06:00
11208.txt
Replace go-bindata-assetfs build dependency with native go:embed (#11208)
2021-08-18 11:05:11 -04:00
11213.txt
UI: Fix status menu bug (#11213)
2021-03-26 09:53:33 -06:00
11216.txt
certutil: select appropriate hash algorithm for ECDSA signature (#11216)
2021-11-04 16:33:01 -04:00
11218.txt
pki: calculate Subject Key Identifier according to RFC 5280 (#11218)
2022-01-28 10:46:51 -05:00
11226.txt
Changing from "changelog" to "release-note" (#11303)
2021-04-07 18:21:01 -04:00
11231.txt
UI/database mssql (#11231)
2021-04-14 16:07:07 -05:00
11245.txt
improvement: add signature_bits field to CA and signers (#11245)
2021-09-10 14:39:05 -07:00
11247.txt
Autopilot: Return leader info via delegate (#11247)
2021-04-27 15:54:26 -04:00
11252.txt
Add CL for #11252. (#11368)
2021-04-16 09:33:47 -04:00
11256.txt
Updated show lease with toggle ttl picker (#11256)
2021-04-02 13:23:56 -07:00
11258.txt
UI/fix kvv2 version (#11258)
2021-04-02 15:17:42 -05:00
11259.txt
Changing from "changelog" to "release-note" (#11303)
2021-04-07 18:21:01 -04:00
11260.txt
Add HA only autopilot to changelog (#11339)
2021-04-12 09:57:45 -04:00
11262.txt
Cassandra DB plugin: Allow special chars in usernames (#11262)
2021-04-16 14:01:15 -06:00
11269.txt
Switch to shared raft-boltdb library and add metrics (#11269)
2021-04-26 16:01:26 -07:00
11283.txt
Bug Fix: OIDC with hcp flag (#11283)
2021-04-07 10:46:06 -06:00
11284.txt
UI/obscure secret on input (#11284)
2021-04-22 08:58:37 -06:00
11288.txt
Add ServerName to Vault Agent template config (#11288)
2021-05-13 07:18:15 -07:00
11289.txt
Add HTTP response headers for hostname and raft node ID (if applicable) (#11289)
2021-04-20 15:25:04 -07:00
11294.txt
Bug: DB secret engine not showing "Select one" in role select options (#11294)
2021-04-08 13:46:40 -06:00
11324.txt
Add support for unauthenticated pprof access on a per-listener basis,… (#11324)
2021-04-19 14:30:59 -04:00
11345.txt
feat(aws): add ability to provide a role session name when generating STS credentials (#11345)
2021-05-17 11:03:09 -07:00
11360.txt
Updated search select component styling (#11360)
2021-04-19 15:40:18 -07:00
11364.txt
Don't cut off stack traces at 32MB. (#11364)
2021-04-16 15:55:05 -04:00
11365.txt
Validate hostnames when using TLS in Cassandra (#11365)
2021-04-16 15:52:35 -06:00
11366.txt
Add metrics for requests forwarded by standbys. (#11366)
2021-04-16 14:02:20 -04:00
11367.txt
pki: fix tidy removal on revoked entries (#11367)
2021-04-19 09:40:40 -07:00
11371.txt
Fix goroutine leak caused by updating rate quotas (#11371)
2021-04-16 14:00:01 -04:00
11377.txt
On lease deletion, also delete non-orphan batch token parent index (#11377)
2021-04-16 17:03:22 -04:00
11388.txt
Updates the JWT/OIDC auth plugin to v0.9.3 (#11388)
2021-04-19 09:14:17 -07:00
11404.txt
Add root rotation statement support to mongoDB (#11404)
2021-04-19 15:40:44 -05:00
11408.txt
Make cubbyhole revocation/tidying compatible with cubbys in namespaces. (#11408)
2021-04-19 17:28:04 -04:00
11442.txt
UI/okta duo push notification (#11442)
2021-05-06 12:29:39 -06:00
11447.txt
UI/update UI deps (#11447)
2021-04-26 11:23:57 -05:00
11451.txt
secrets/database: Fixes marshalling bug for json.Number types (#11451)
2021-04-23 14:07:26 -07:00
11453.txt
[VAULT-1441] Fix race that allowed remounting on path used by another mount (#11453)
2021-04-24 09:05:41 -07:00
11473.txt
Update Agent Auth with GCP to use new SignJWT endpoint (#11473)
2021-04-30 15:45:06 -05:00
11495.txt
Add support for templated values in SSH CA DefaultExtensions. (#11495)
2021-05-13 14:37:22 -07:00
11500.txt
Updated code mirror component for consistency (#11500)
2021-05-06 09:59:15 -07:00
11502.txt
Adding changelog for #11502 (#11944)
2021-06-25 15:41:08 -07:00
11506.txt
Use correct mount accessor when refreshing external group memberships (#11506)
2021-05-03 08:23:59 -04:00
11517.txt
When running under systemd, send notifications about server startup, shutdown, and config reload (#11517)
2021-05-04 14:47:16 -05:00
11530.txt
KV 2 Toolbar delete redesign (#11530)
2021-05-19 10:43:55 -06:00
11532.txt
Fixes #11914. (#11915)
2021-06-22 12:39:23 -04:00
11541.txt
Fix barrier key autoration config edge cases (#11541)
2021-05-05 14:39:04 -05:00
11562.txt
changelog: add changelog for #11562 (#11564)
2021-05-07 11:43:09 -07:00
11576.txt
agent/cert: properly return the cached client on AuthClient (#11576)
2021-05-12 14:59:07 -07:00
11585.txt
DB engine: Check ErrPluginStaticUnsupported in rollback code (#11601)
2021-05-12 17:09:56 -06:00
11586.txt
UI: Regex validation on transform templates (#11586)
2021-05-12 10:12:33 -05:00
11588.txt
Add an exponential backoff to TCP listeners to avoid fast loops in error scenarios (#11588)
2021-05-12 10:47:38 -05:00
11596.txt
core: updates to password policy generator (#11596)
2021-05-13 09:55:46 -04:00
11597.txt
Fix: link on database role item goes to correct URL (#11597)
2021-05-12 14:33:35 -05:00
11600.txt
Add ability to customize some timeouts in MongoDB database plugin (#11600)
2021-05-17 11:40:35 -06:00
11607.txt
Vault 1979: Query API for Irrevocable Leases (#11607)
2021-06-02 10:11:30 -06:00
11628.txt
Fix: Transit encrypt batch does not honor key_version (#11628)
2021-05-27 14:05:20 -05:00
11638.txt
AWS Auth: Update error message to include underlying error (#11638)
2021-05-17 13:56:35 -06:00
11641.txt
UI/fix identity model (#11641)
2021-05-17 16:41:39 -05:00
11647.txt
Tokenutil: Perform num uses check earlier (#11647)
2021-05-19 14:06:08 -04:00
11650.txt
Patch expiration fix over from ENT (#11650)
2021-05-18 14:55:38 -07:00
11672.txt
UI/tools partial (#11672)
2021-05-24 10:45:35 -06:00
11680.txt
Update cluster status partial to component (#11680)
2021-05-27 09:52:51 -07:00
11696.txt
changelog: add entry for #11696 (#11715)
2021-05-27 10:57:59 -07:00
11705.txt
UI unseal screen updates (#11705)
2021-05-26 13:59:11 -05:00
11708.txt
UI: allow reset on database json fields (#11708)
2021-05-27 16:25:58 -05:00
11759.txt
UI/license banners (#11759)
2021-06-03 15:30:26 -05:00
11775.txt
agent: restart template runner on retry for unlimited retries (#11775)
2021-06-21 16:10:15 -07:00
11778.txt
UI/license page with autoload (#11778)
2021-06-07 12:44:39 -05:00
11780.txt
Add support for ed25519 (#11780)
2021-10-05 11:28:49 -04:00
11784.txt
Updates the JWT/OIDC auth plugin to v0.9.4 (#11784)
2021-06-07 16:02:57 -07:00
11785.txt
Implement ember-cp-validations on KV secret engine (#11785)
2021-06-15 09:21:54 -06:00
11795.txt
Displays Auth Method description on Vault UI login page (#11795)
2021-06-14 13:03:49 -07:00
11796.txt
add changelog to influxdb (#11896)
2021-06-18 14:56:41 -05:00
11802.txt
Udate to Go 1.16.5 (#11802)
2021-06-09 10:38:52 -04:00
11820.txt
db/cassandra: Adding changelog and documentation (#11822)
2021-06-10 19:06:40 -04:00
11826.txt
Omit wrapping tokens and control groups from client counts (#11826)
2021-06-10 15:57:51 -07:00
11836.txt
mod: update vault-plugin-secrets-ad@v0.9.1 (#11837)
2021-06-11 13:40:51 -04:00
11838.txt
dep: update consul-template to v0.26.0 (#11838)
2021-06-11 10:29:40 -07:00
11861.txt
Cassandra: Refactor PEM parsing logic (#11861)
2021-06-21 11:38:08 -06:00
11864.txt
Fix for Issue 11863 - Panic when creating/updating approle role with token_type (#11864)
2021-06-24 13:03:41 -04:00
11872.txt
Mongo doesnt allow periods in usernames (#11872)
2021-06-24 13:26:31 -04:00
11878.txt
UI/cp validations kv duplicate path (#11878)
2021-06-22 10:34:00 -06:00
11884.txt
UI/fix safari oidc login (#11884)
2021-06-17 15:56:04 -05:00
11887.txt
base32.DecodeString expects length 8 for the buffer (#11887)
2021-07-14 07:38:10 -04:00
11895.txt
Add new boltdb options (#11895)
2021-06-21 11:35:40 -07:00
11899.txt
RabbitMQ - Add username customization (#11899)
2021-06-22 14:50:46 -05:00
11904.txt
Improving Handling of Unix Domain Socket Addresses (#11904)
2022-06-21 15:16:58 -07:00
11907.txt
raft: Set BatchApplyCh for more consistent batch sizes (#11907)
2021-06-21 12:00:41 -07:00
11934.txt
agent/template: add static_secret_render_interval configurable (#11934)
2021-06-24 15:40:31 -04:00
11942.txt
secrets/ad: change improvement to feature in changelog (#12095)
2021-07-15 15:55:40 -04:00
11956.txt
mongodbatlas: update changelog for username customization (#12098)
2021-07-15 15:44:03 -05:00
11957.txt
Update ElasticSearch DB plugin to v0.8.0 (#11957)
2021-06-29 08:07:00 -05:00
11958.txt
changelog: update feature formatting for gcp and key management secrets (#12120)
2021-07-19 12:16:27 -07:00
11963.txt
Handle form validation for open api form (#11963)
2021-07-13 15:50:27 -07:00
11969.txt
Agent JWT auto auth remove_jwt_after_reading config option (#11969)
2022-07-25 07:42:09 -06:00
11970.txt
[VAULT-708] Zero out request counter on preSeal (#11970)
2021-07-07 14:03:39 -05:00
11975.txt
[ldap] auth method fix request_timeout (#11975)
2021-07-01 13:33:01 -05:00
11980.txt
Update Go client libraries for etcd (#11980)
2021-09-29 14:28:13 -04:00
11984.txt
UI: Show day of month instead of day of year in the expiration warning dialog (#11984)
2021-09-02 18:06:55 -04:00
11992.txt
vault delete should allow the same output options as vault write,… (#11992)
2021-07-06 10:36:07 -04:00
11995.txt
Truncate Secret Engine Description Text (#11995)
2021-07-08 08:21:10 -07:00
11997.txt
Update SnowflakeDB plugin to v0.2.0 (#11997)
2021-07-06 13:23:03 -05:00
12003.txt
Adds transform secrets engine to feature (#12003)
2021-07-07 16:14:54 -07:00
12008.txt
Docfix: "Fix" is not a valid release-note type (#12676)
2021-09-29 14:54:58 -06:00
12016.txt
Redshift - Add username customization (#12016)
2021-07-08 10:29:12 -05:00
12019.txt
Change changelog type for openldap bug fix (#12112)
2021-07-16 16:37:21 -04:00
12020.txt
[VAULT-1836] Support kv-v1 generic mounts for vault.kv.secret.count metric (#12020)
2021-07-09 11:05:05 -04:00
12023.txt
changelog: update feature formatting for gcp and key management secrets (#12120)
2021-07-19 12:16:27 -07:00
12024.txt
UI/control group db cred (#12024)
2021-07-12 12:50:30 -05:00
12025.txt
[VAULT-2776] Add prefix_filter option to Vault (#12025)
2021-07-09 14:49:53 -05:00
12026.txt
[VAULT-1986] Cap AWS Token TTL based on Default Lease TTL (#12026)
2021-07-15 10:05:38 -07:00
12031.txt
Make the list and kv list commands work with wrapping, e.g. for controlgroups (#12031)
2021-07-09 12:08:58 -04:00
12034.txt
VAULT-2809: Tweak creation of vault.db file (#12034)
2021-07-09 14:45:50 -04:00
12035.txt
UI: Automatically refresh page on logout (#12035)
2021-07-14 10:01:14 -05:00
12042.txt
[VAULT-2825] Fix erroneous 500 resp for field validation errors (#12042)
2021-07-12 13:39:28 -04:00
12049.txt
Update node to latest stable version (#12049)
2021-07-22 14:09:12 -07:00
12066.txt
[VAULT-1969] Add support for custom IAM usernames based on templates (#12066)
2021-07-20 09:48:29 -07:00
12071.txt
Enable building darwin arm64 for 1.8.x (#11855) (#12071)
2021-07-14 09:26:37 -05:00
12073.txt
Update kubernetes auth plugin with AliasLookahead fix (#12073)
2021-07-15 14:35:40 +01:00
12079.txt
Fix KV Version History queryParams on the component LinkedBlock (#12079)
2021-07-14 15:38:55 -06:00
12084.txt
Improve Secret Empty States (#12084)
2021-07-21 12:47:52 -07:00
12087.txt
secrets/database: fixes external plugin reconnect after shutdown for v4 and v5 interface (#12087)
2021-07-15 13:41:04 -07:00
12111.txt
UI/database cg read role (#12111)
2021-07-20 11:28:44 -05:00
12115.txt
fix: print consul svc addr in debug log (#12115)
2021-07-21 13:12:49 -07:00
12117.txt
Add ability to optionally clone an api.Client's headers (#12117)
2021-07-19 17:15:31 -04:00
12126.txt
VAULT-2285 adding capability to accept comma separated entries for au… (#12126)
2021-08-09 15:37:03 -04:00
12151.txt
identity: do not allow a role's token_ttl to be longer than verification_ttl (#12151)
2021-07-28 20:34:52 -05:00
12162.txt
Check to make sure context isn't expired before doing a raft operation. (#12162)
2021-08-19 12:03:56 -04:00
12163.txt
serviceregistration: add external-source meta value (#12163)
2021-08-03 09:31:01 -07:00
12165.txt
Aerospike backend update (#12165)
2021-11-29 11:09:12 -08:00
12169.txt
UI add custom metadata to KV2 (#12169)
2021-08-31 09:41:41 -06:00
12175.txt
Fix vault debug so that captured logs include newlines. (#12175)
2021-07-27 09:15:24 -04:00
12185.txt
Update genUsername to cap STS usernames at 32 chars (#12185)
2021-08-09 09:40:47 -07:00
12196.txt
VAULT-1303 when a request to vault fails, show namespace if set (#12196)
2021-07-30 12:32:05 -04:00
12208.txt
identity: enforce key param and key existence on role creation (#12208)
2021-09-08 10:46:58 -05:00
12212.txt
UI/TTL helperEnabled/DisabledText fix (#12212)
2021-08-03 15:50:49 -07:00
12229.txt
Fix Diagnose Formatting In Disk Usage Checks (#12229)
2021-08-02 10:06:04 -07:00
12245.txt
Updating go version to 1.16.6 for security fix (#12245)
2021-08-04 11:30:43 -04:00
12253.txt
Update github.com/ulikunitz/xz (#12253)
2021-09-17 09:48:38 -07:00
12255.txt
Update github.com/gogo/protobuf (#12255)
2021-09-07 11:40:14 -07:00
12262.txt
Switch/upgrade to influxdata/influxdb1-client (#12262)
2022-01-25 13:30:24 -05:00
12265.txt
Updates vault-plugin-auth-jwt to v0.10.1 (#12265)
2021-08-04 13:13:02 -07:00
12295.txt
UI/StatText Component (#12295)
2021-08-16 11:55:12 -07:00
12301.txt
dep: update database-couchbase plugin to v0.4.1 (#12301)
2021-08-12 11:54:19 -07:00
12317.txt
Vault 2176 snapshot config issue (#12317)
2021-08-16 10:12:00 -07:00
12320.txt
Send x-forwarded-for in Okta Push Factor request (#12320)
2021-09-03 13:09:11 -07:00
12338.txt
api: return parse errors if any for storage endpoints (#12338)
2021-08-17 13:19:39 -04:00
12339.txt
(OSS Port) Restrict Quota Deletion to Primary Cluster [vault-2399] (#12339)
2021-08-17 15:34:43 -07:00
12340.txt
creds/aws: Add support for DSA signature verification for EC2 (#12340)
2021-08-19 09:16:31 -04:00
12348.txt
UI: Allow metrics view without config read (#12348)
2021-08-18 15:33:39 -05:00
12351.txt
dbplugin: fix error message in DeleteUser (#12351)
2021-08-18 16:12:40 -07:00
12354.txt
Handle api explorer routing error (#12354)
2021-08-19 14:32:02 -07:00
12357.txt
Fixed overflowing text of flash message container (#12357)
2021-08-19 14:27:22 -07:00
12366.txt
Auto-join support for IPv6 discovery (#12366)
2021-09-07 11:55:07 -07:00
12371.txt
Upgrade snappy to fix panic with identity/packer on Go 1.16+arm64. (#12371)
2021-08-19 15:51:06 -04:00
12372.txt
[MAR-3131] Set grace to 0 on non-positive lease duration (#12372)
2021-08-24 19:06:40 -07:00
12377.txt
[VAULT-3226] Use os.rename on windows os (#12377)
2021-08-19 16:05:53 -07:00
12378.txt
plugin/snowflake: update gosnowflake to v1.6.1 (#12378)
2021-08-20 11:52:31 -04:00
12379.txt
Updates vault-plugin-secrets-gcp to v0.10.2 (#12379)
2021-08-19 16:33:34 -07:00
12388.txt
Add code to api.RaftSnapshot to detect incomplete snapshots (#12388)
2021-09-07 11:16:37 -04:00
12393.txt
Vault 2823 cc namespace (#12393)
2021-09-07 09:16:12 -07:00
12408.txt
bump go to 1.16.7 (#12408)
2021-08-24 09:54:26 -07:00
12409.txt
Bug Fix: tab on MaskedInput for GeneratedItems it was clearing the value (#12409)
2021-08-24 08:59:37 -06:00
12413.txt
Upgrade pq to fix connection failure cleanup bug (v1.8.0 => v1.10.3) (#12413)
2021-10-01 14:35:51 -07:00
12414.txt
Identity: prepublish jwt signing keys (#12414)
2021-09-09 13:47:42 -05:00
12418.txt
Add missing read unlock calls in transit backend code (#12652)
2021-09-28 11:59:30 -05:00
12422.txt
Client count config view (#12422)
2021-08-25 14:22:15 -07:00
12425.txt
Expose secret_id_accessor as WrappedAccessor when wrapping secret-id creation. (#12425)
2021-09-16 10:47:49 -07:00
12428.txt
Add PutAutoPilotRaftConfiguration to api (#12428)
2021-11-10 12:10:15 -05:00
12437.txt
UI/bar chart horizontal (#12437)
2021-09-07 12:54:33 -07:00
12443.txt
change cassandra db plugin timeout to 5s as in docs (#12443)
2022-02-15 07:35:44 -08:00
12451.txt
Bootstrap Nomad ACL system if no token is given (#12451)
2022-04-20 11:06:25 -07:00
12473.txt
Fail alias rename if the resulting (name,accessor) exists already (#12473)
2021-09-21 08:19:44 -04:00
12478.txt
Docfix: "Fix" is not a valid release-note type (#12676)
2021-09-29 14:54:58 -06:00
12483.txt
update couchbase plugin version (#12483)
2021-09-07 11:48:10 -05:00
12485.txt
Customizing HTTP headers in the config file (#12485)
2021-10-13 11:06:33 -04:00
12502.txt
Add Custom metadata field to alias (#12502)
2021-09-17 11:03:47 -07:00
12505.txt
dep: update consul-template to v0.27.0 (#12505)
2021-09-09 09:12:42 -07:00
12508.txt
CLI: add new -header option to be able to add headers to all cli requests #8754 (#12508)
2021-10-27 11:04:04 -04:00
12514.txt
Allow signing self issued certs with a different public key algorithm. (#12514)
2021-09-14 10:07:27 -05:00
12519.txt
Fix pkcs7 parsing in some cases (#12519)
2021-09-10 12:17:03 -04:00
12534.txt
vault-agent: copy values retrieved from bolt (#12534)
2021-09-13 11:06:08 -07:00
12541.txt
UI/ PKI UI Redesign (#12541)
2021-10-04 14:31:36 -07:00
12550.txt
Bug fix: allow forward slash in paths for delete menu (#12550)
2021-09-14 12:30:01 -06:00
12554.txt
Client count updates (#12554)
2021-09-16 15:28:03 -07:00
12559.txt
Use the system rand reader for CA root and intermediate generation (#12559)
2021-09-15 11:59:12 -05:00
12560.txt
Use the system rand reader for SSH keypair generation (#12560)
2021-09-15 11:59:28 -05:00
12563.txt
Port: Premature Rotation For autorotate (#12563)
2021-09-21 17:45:04 -07:00
12565.txt
[VAULT-3519] Return no_default_policy on token role read (#12565)
2021-09-21 09:53:08 -07:00
12577.txt
Added namespace search to client count (#12577)
2021-09-22 12:50:59 -07:00
12581.txt
Update plugin proto to send tls.ConnectionState (Op.2) (#12581)
2021-10-07 08:06:09 -04:00
12582.txt
Patch to support VAULT_HTTP_PROXY variable (#12582)
2021-10-06 09:40:31 -07:00
12600.txt
dep: update vault-plugin-secrets-openldap to latest (#12600)
2021-09-21 15:30:19 -07:00
12621.txt
update changelog/12621.txt (#13117)
2021-11-10 16:39:27 -08:00
12622.txt
UI/bar chart updates (#12622)
2021-09-27 13:48:44 -07:00
12626.txt
KV search box when no list access to metadata (#12626)
2021-09-29 14:35:00 -06:00
12629.txt
Update Azure secrets engine to use MS Graph (#12629)
2021-09-29 11:28:13 -06:00
12633.txt
fix: upgrade vault-plugin-auth-kubernetes (#12633)
2021-09-27 13:10:55 -04:00
12635.txt
core: set namespace within GeneratePasswordFromPolicy (#12635)
2021-09-27 09:08:07 -07:00
12646.txt
Auth method role edit form should be valid by default (#12646)
2021-10-04 11:53:24 -06:00
12663.txt
UI/kv creation time (#12663)
2021-09-28 13:15:43 -06:00
12668.txt
Add support to parameterize unauthenticated paths (#12668)
2021-10-13 11:51:20 -05:00
12672.txt
UI/Add Elasticsearch DB (#12672)
2021-10-07 14:00:42 -07:00
12687.txt
Add HTTP PATCH support to KV (#12687)
2021-10-13 15:24:31 -04:00
12688.txt
agent: tolerate partial restore failure from persistent cache (#12718)
2021-10-08 11:30:04 +01:00
12691.txt
Fix a Deadlock on HA leadership transfer (#12691)
2021-10-04 13:55:15 -04:00
12713.txt
Removed unpublished:true for sys/internal/* endpoints (#12713)
2021-10-15 14:50:14 -04:00
12715.txt
Fix auth/aws so that config/rotate-root saves new key pair to vault (#12715)
2021-10-19 10:26:47 -04:00
12716.txt
Fix 1.8 regression preventing email addresses being used as common name within pki certificates (#12336) (#12716)
2021-10-04 14:02:47 -04:00
12718.txt
agent: tolerate partial restore failure from persistent cache (#12718)
2021-10-08 11:30:04 +01:00
12720.txt
CLI request when namespace is in argument and part of the path (#12720)
2021-10-21 22:35:13 -04:00
12724.txt
Upgrade go-kms-wrapping to pickup oci-go-sdk update (#12724)
2021-10-04 16:21:38 -05:00
12731.txt
[VAULT-3157] Move mergeStates utils from Agent to api module (#12731)
2021-10-06 10:57:06 -07:00
12747.txt
[VAULT-3252] Disallow alias creation if entity/accessor combination exists (#12747)
2021-10-14 09:52:07 -07:00
12752.txt
Added support for Oracle db connection (#12752)
2021-10-11 09:20:23 -07:00
12762.txt
agent: Use an in-process listener with cache (#12762)
2021-10-15 17:22:19 -07:00
12763.txt
Skip metric increment during existence check (#12763)
2022-05-05 10:22:19 -07:00
12770.txt
UI/Serialize DB Connection Attributes (#12770)
2021-10-11 16:42:11 -07:00
12780.txt
Filter identity token keys (#12780)
2021-10-12 11:14:03 -05:00
12787.txt
Add LIST support to sys/policies/password (#12787)
2022-01-24 13:42:14 -08:00
12788.txt
Return 404 response when looking for a secret_id_accessor that does not exist (#12788)
2021-10-11 15:07:51 +01:00
12790.txt
Add remote_port in the audit logs when it is available (#12790)
2022-01-26 15:47:15 -08:00
12791.txt
Return num_uses during authentication (#12791)
2022-01-25 18:59:53 -08:00
12792.txt
Some changelog tidying for 1.10 preview (#13385)
2021-12-10 16:23:20 -05:00
12793.txt
cl update (#13798)
2022-02-03 16:52:45 -08:00
12795.txt
Some changelog tidying for 1.10 preview (#13385)
2021-12-10 16:23:20 -05:00
12796.txt
Native Login method for Go client (#12796)
2021-10-26 16:48:48 -07:00
12800.txt
UI/OIDC provider (#12800)
2021-10-13 15:04:39 -05:00
12802.txt
Diagnose partial/missing telemetry configuration (#12802)
2021-10-20 16:47:59 -05:00
12812.txt
Entities may have duplicate policies (#12812)
2021-10-22 19:28:31 -04:00
12814.txt
api.Client: support isolated read-after-write (#12814)
2021-10-14 14:51:31 -04:00
12819.txt
UI/remove empty rows from DB config pages (#12819)
2021-10-14 13:14:33 -07:00
12820.txt
Port: add client ID to TWEs in activity log [vault-3136] (#12820)
2021-10-14 09:10:59 -07:00
12834.txt
Fix entity alias deletion (#12834)
2021-10-19 15:05:06 -04:00
12839.txt
[VAULT-3379] Add support for contained DBs in MSSQL root rotation and lease revocation (#12839)
2021-10-19 14:11:47 -07:00
12843.txt
agent/cache: Store leases in-order in persistent cache so that restore respects dependencies (#12843)
2021-10-27 11:36:48 +01:00
12847.txt
Forbid ssh key signing with specified extensions when role allowed_extensions is not set (#12847)
2021-10-15 17:55:18 -04:00
12868.txt
Move to go 1.17 (#12868)
2021-10-21 09:32:03 -04:00
12872.txt
Restrict ECDSA/NIST P-Curve hash function sizes for cert signing (#12872)
2021-11-12 12:18:38 -05:00
12876.txt
Updates vault-plugin-auth-jwt to v0.11.0 (#12876)
2021-10-19 15:22:52 -07:00
12877.txt
[VAULT-3008] Update RabbitMQ dependency and fix regression in UserInfo.Tags in v3.9 (#12877)
2021-10-20 09:46:37 -07:00
12881.txt
operator generate-root -decode: allow token from stdin (#12881)
2021-10-20 12:29:17 -04:00
12885.txt
VAULT-444: Add PKI tidy-status endpoint. (#12885)
2021-11-02 11:12:49 -04:00
12887.txt
UI/Remove spinner after token renew (#12887)
2021-10-21 09:05:45 -05:00
12888.txt
fix 12888 release note format (#13016)
2021-11-02 16:54:46 -06:00
12890.txt
UI Conditionally Copy Tooltips (#12890)
2021-10-21 09:26:56 -06:00
12895.txt
adds divider to toolbars with destructive actions (#12895)
2021-10-22 08:11:14 -06:00
12903.txt
Set Cassandra connect timeout, not just regular timeout (#12903)
2021-10-22 11:02:28 -04:00
12904.txt
UI/Remove token_type field from token auth method (#12904)
2021-10-29 13:00:34 -07:00
12906.txt
Vertical resize on .cm-s-hashi.CodeMirror (#12906)
2021-10-22 14:58:04 -06:00
12907.txt
Extend kv metadata to get, put, and patch (#12907)
2021-10-26 15:38:56 -04:00
12908.txt
Info table row typography (#12908)
2021-10-22 15:16:02 -06:00
12911.txt
fixing a bug for cli when namespace is in both arg and path (#12911)
2021-10-22 17:47:16 -04:00
12916.txt
Adds missing unlock of RWMutex in OIDC delete key (#12916)
2021-10-25 09:59:26 -07:00
12921.txt
KV alert banner for white space in KV path (#12921)
2021-10-28 10:50:33 -06:00
12932.txt
Use mutex in OIDC configuration handlers (#12932)
2021-10-27 08:23:05 -07:00
12934.txt
go-kms-wrapping update for Azure Key Vault's Managed HSM offering (#12934)
2021-10-27 12:07:18 -04:00
12945.txt
UI/ Add PostgreSQL DB (#12945)
2021-10-29 09:58:56 -07:00
12965.txt
cockroachdb: add high-availability support (#12965)
2022-03-29 13:12:06 -04:00
12976.txt
Incorporate Ember Flight Icons (#12976)
2021-12-07 10:05:14 -07:00
13000.txt
UI/kv codemirror diff (#13000)
2021-12-01 11:41:49 -07:00
13015.txt
Secrets header version badge (#13015)
2021-11-08 14:29:00 -07:00
13022.txt
Some changelog tidying for 1.10 preview (#13385)
2021-12-10 16:23:20 -05:00
13024.txt
Fiddling with changelog formatting (#13496)
2021-12-21 18:32:08 -05:00
13032.txt
UI/Truncate long secret names (#13032)
2021-11-04 16:57:08 -07:00
13033.txt
Add changelog for couchbase plugin bug fix (#13033)
2021-11-03 15:39:19 -05:00
13034.txt
secrets/azure: add changelog for rotate-root (#13034)
2021-11-03 16:38:45 -04:00
13038.txt
PGP key list input fix (#13038)
2021-11-04 14:25:15 -06:00
13042.txt
Fix errors logged on standbys when we try to write versions to storage (#13042)
2021-11-08 10:04:17 -05:00
13044.txt
Allowing Unwrap w/ Newline files (#13044)
2021-11-24 10:13:45 -08:00
13054.txt
UI/Adds pagination to auth methods list (#13054)
2021-11-04 16:35:20 -07:00
13078.txt
Add a periodic test of the autoseal to detect loss of connectivity. (#13078)
2021-11-10 14:46:07 -06:00
13080.txt
Add universal default key_bits value for PKI endpoints (#13080)
2021-12-13 15:26:42 -05:00
13086.txt
Port: Allow Routing to Partial Monthly Client Count From Namespaces (#13086)
2021-11-08 15:38:35 -08:00
13090.txt
UI/Custom empty state messages for transit and transform (#13090)
2021-11-11 16:53:53 -08:00
13093.txt
Add missing changelog for pr #13093 (#13095)
2021-11-09 11:03:59 -05:00
13098.txt
Raft peer removal bug (#13098)
2021-11-09 15:05:25 -07:00
13107.txt
Raft Snapshot Restore Bug (#13107)
2021-11-17 10:30:59 -07:00
13111.txt
Return non-retryable errors on transit encrypt and decrypt failures (#13111)
2021-11-15 15:53:22 -06:00
13133.txt
OIDC Auth Bug (#13133)
2021-11-15 08:48:11 -07:00
13146.txt
sdk/queue: move lock before checking queue length (#13146)
2021-11-29 14:54:00 -05:00
13149.txt
UI/Update blueprints to glimmer components (#13149)
2021-11-16 13:14:16 -08:00
13152.txt
Hide verify-connection attribute on connection config show page (#13152)
2021-11-16 12:56:42 -06:00
13162.txt
Authenticate to "login" endpoint for non-existent mount path bug (#13162)
2021-11-22 17:06:59 -08:00
13165.txt
Fix 1.9 regression with raft and stored time values (#13165)
2021-11-16 14:43:00 -05:00
13166.txt
KV automatic delete state issue in UI (#13166)
2021-11-23 14:17:37 -07:00
13168.txt
Revert more downgrades from #12975. (#13168)
2021-11-16 15:07:03 -05:00
13169.txt
Fix startup failures when aliases from a pre-1.9 vault version exist (#13169)
2021-11-16 14:56:34 -05:00
13177.txt
Form field component ttl picker not initially enabling (#13177)
2021-11-17 10:21:17 -07:00
13178.txt
Some changelog tidying for 1.10 preview (#13385)
2021-12-10 16:23:20 -05:00
13195.txt
Add pagination to namespace list view (#13195)
2021-11-29 13:11:14 -08:00
13200.txt
Update 13200.txt changelog (#13263)
2021-11-24 13:38:15 -05:00
13215.txt
Add HTTP PATCH support for KV key metadata (#13215)
2022-01-12 12:05:27 -05:00
13231.txt
identity/oidc: optional nonce parameter for authorize request (#13231)
2021-11-22 09:42:22 -08:00
13233.txt
Fixed null token panic from 'v1/auth/token/' endpoints and returned p… (#13233)
2021-12-21 09:46:56 -08:00
13235.txt
Fix regression in returning empty value for approle cidrlist. (#13235)
2021-11-23 12:13:47 -05:00
13236.txt
Fix null token type bug (#13236)
2021-12-06 09:38:53 -08:00
13238.txt
UI/Fix node-forge EC error (#13238)
2021-11-23 13:51:02 -05:00
13241.txt
Respect WithWrappingToken for all secret ID's in approle auth (#13241)
2021-11-23 15:53:48 -08:00
13254.txt
skip hash bits verification for ed25519 (#13254)
2021-11-23 15:28:18 -05:00
13257.txt
recognize ed25519 key type and return PKCS8 format (#13257)
2021-11-24 14:24:06 -05:00
13277.txt
secrets/azure: Update plugin to v0.11.2 (#13277)
2021-11-29 09:05:23 -08:00
13282.txt
Return an error when trying to store a too-large key with Raft (#13282)
2021-11-25 14:07:03 -05:00
13286.txt
Prevent raft transactions from containing overlarge keys. (#13286)
2021-11-26 08:38:39 -05:00
13292.txt
Add "operator members" command to list nodes in the cluster. (#13292)
2021-11-30 14:49:58 -05:00
13298.txt
Identity: check NextSigningKey existence during key rotation (#13298)
2021-11-29 15:10:58 -06:00
13318.txt
Fix possible nil pointer dereference (#13318)
2021-12-02 08:23:41 -05:00
13324.txt
Rename master key to root key (#13324)
2021-12-06 17:12:20 -08:00
13332.txt
github auth: use org id to verify creds (#13332)
2021-12-14 16:37:19 -06:00
13348.txt
auth/cert: Add certificate extensions as metadata (#13348)
2022-01-03 13:38:16 -08:00
13365.txt
auth/jwt: update changelog for pkce improvement (#13392)
2021-12-10 11:15:22 -06:00
13367.txt
Fiddling with changelog formatting (#13496)
2021-12-21 18:32:08 -05:00
13395.txt
Support clearing an identity alias' custom_metadata (#13395)
2021-12-10 18:07:47 -05:00
13396.txt
UI/fix client count partial (#13396)
2021-12-10 16:14:57 -06:00
13408.txt
Main go version bump (#13408)
2021-12-14 11:11:13 -05:00
13414.txt
secrets/database: Add parameter to disable escaping username and password chars for DB connections (#13414)
2022-01-10 12:05:17 -06:00
13439.txt
update okta-sdk-golang to v2.9.1 (#13439)
2022-01-06 09:42:51 -05:00
13443.txt
Ember Upgrade to 3.24 (#13443)
2021-12-16 20:44:29 -07:00
13452.txt
EscapeLDAPValue - catch trailing escape character (#13452)
2021-12-15 13:17:07 -08:00
13469.txt
Update mssql's contained_db field to accept a boolean (#13469)
2021-12-20 10:04:43 -05:00
13476.txt
Attempt to address a data race issue within identity store - take 2 (#13476)
2021-12-22 09:51:13 -05:00
13486.txt
Fix properly initialize replicateStateStore from SetReadYourWrites() (#13486)
2021-12-21 16:14:39 -05:00
13487.txt
[Vault-4628] OpenAPI endpoint not expanding root alternations (#13487)
2021-12-22 15:36:47 -08:00
13492.txt
auth/oidc: update plugin to v0.11.4 (#13492)
2021-12-21 16:48:53 -08:00
13515.txt
Add ability to optionally clone a Client's token (#13515)
2021-12-22 17:07:26 -05:00
13537.txt
Enhance sys/raw to read and write values that cannot be encoded in json (#13537)
2022-01-20 07:52:53 -05:00
13540.txt
Add support for PROXY protocol v2 in TCP listener (#13540)
2022-03-08 12:13:00 -05:00
13548.txt
secrets/gcp: update plugin to v0.11.1 (#13548)
2022-01-03 11:18:48 -08:00
13573.txt
Use MAP_POPULATE for our bbolt mmaps (#13573)
2022-01-11 08:16:53 -05:00
13585.txt
UI/fix kmip role form (#13585)
2022-01-07 09:16:40 -06:00
13590.txt
Search Select Input Fix (#13590)
2022-01-06 16:34:26 -07:00
13595.txt
auth/kubernetes: support for dynamically reloading short-lived tokens (#13595)
2022-01-14 19:55:15 -08:00
13604.txt
UI/Fixes secrets list breadcrumb (#13604)
2022-01-10 11:00:47 -08:00
13606.txt
Parallel retry join (#13606)
2022-01-17 10:33:03 -05:00
13615.txt
If we get a 405 doing an HTTP PATCH, assume the server is pre-1.9 and fall back to old readThenWrite approach (#13615)
2022-01-11 11:52:24 -05:00
13643.txt
Distinguish LIST-only paths in OpenAPI (#13643)
2022-01-18 09:21:44 -08:00
13660.txt
Add support for client certificates to -output-curl-string (#13660)
2022-01-20 10:25:26 -08:00
13661.txt
Make auth/token/revoke-accessor idempotent (#13661)
2022-01-18 06:56:38 -05:00
13667.txt
Vault-3991 Code Scanning Alerts Changes (#13667)
2022-01-14 15:35:27 -08:00
13669.txt
auth/ldap: Add username to alias.metadata.name (#13669)
2022-01-20 12:30:26 -05:00
13675.txt
Add telemetry to Vault agent (#13675)
2022-02-17 17:10:26 -08:00
13678.txt
Support go-sockaddr templates in top-level cluster_addr config (#13678)
2022-01-19 10:56:04 -05:00
13682.txt
Add the duration and start time to logged completed requests. (#13682)
2022-01-20 08:55:30 -05:00
13683.txt
Accept both -f and --force in the web terminal (#13683)
2022-01-20 10:17:53 -07:00
13690.txt
Add validation for nonce size when we aren't in convergent encryption mode within transit backend (#13690)
2022-01-19 13:02:49 +05:30
13691.txt
Time-based transit key autorotation (#13691)
2022-01-20 09:10:15 -06:00
13703.txt
Update to raft lib v1.3.3 (#13703)
2022-01-24 09:50:23 -05:00
13716.txt
oidc: check for nil signing key on rotation (#13716)
2022-01-24 12:05:49 -06:00
13736.txt
Support Y10K value in notAfter field when signing non-CA certificates (#13736)
2022-01-31 15:37:50 -06:00
13749.txt
Raft/fix raft telemetry metric unit (#13749)
2022-01-24 10:51:35 -05:00
13759.txt
PKI - Allow performance secondaries to generate and store certificates locally to them (#13759)
2022-01-24 10:03:04 -06:00
13766.txt
Add sys/version-history endpoint and associated command (#13766)
2022-02-14 15:26:57 -05:00
13799.txt
Remove fmt strings and replace with inline queries (#13799)
2022-01-27 15:20:13 -08:00
13841.txt
[API] Add LDAP auth method (#13841)
2022-02-04 11:10:51 -08:00
13850.txt
secret/consul: Add support for consul namespaces and admin partitions (#13850)
2022-02-09 15:44:00 -06:00
13871.txt
identity/oidc: loopback redirect dynamic port (#13871)
2022-02-07 10:34:33 -08:00
13872.txt
Fix kv secret access bug (#13872)
2022-02-03 01:46:03 +05:30
13889.txt
Add duration/count metrics to PKI issue and revoke flows (#13889)
2022-02-08 10:37:40 -06:00
13893.txt
add API docs for KVv2 subkeys endpoint (#13893)
2022-02-14 15:28:14 -05:00
13894.txt
Switch from node-forge to PKI.js (#13894)
2022-02-04 12:52:28 -05:00
13908.txt
Transform Advanced Templating (#13908)
2022-02-07 13:07:53 -07:00
13917.txt
identity/oidc: Adds proof key for code exchange (PKCE) support (#13917)
2022-02-15 12:02:22 -08:00
13925.txt
auth/kubernetes: Update plugin to v0.11.5 (#13925)
2022-02-10 12:23:19 -05:00
13927.txt
Use application/pem-certificate-chain for PEMs (#13927)
2022-02-08 08:12:33 -05:00
13935.txt
Add full CA Chain to /pki/cert/ca_chain response (#13935)
2022-02-07 14:37:01 -05:00
13950.txt
UI: Add check for renewal time before triggering renew-self (#13950)
2022-02-08 11:43:42 -06:00
13958.txt
Allow all other_sans in sign-intermediate and sign-verbatim (#13958)
2022-02-09 10:09:19 -05:00
13970.txt
UI/transit auto rotate interval (#13970)
2022-02-09 10:56:49 -06:00
13973.txt
secrets/azure: update to v0.11.3 (#13973)
2022-02-09 11:58:53 -05:00
13974.txt
secrets/gcp: update to v0.11.2 (#13974)
2022-02-09 12:57:53 -05:00
13991.txt
Allow specifying multiple allowed SSH key lengths (#13991)
2022-02-17 15:36:56 -05:00
14006.txt
Switch to secure signing algorithm for SSH secrets engine (#14006)
2022-02-18 10:44:01 -05:00
14008.txt
Allow generation of other types of SSH CA keys (#14008)
2022-02-15 14:14:05 -05:00
14013.txt
identity/oidc: use inherited group membership for client assignments (#14013)
2022-02-11 11:40:44 -08:00
14014.txt
secret/consul: Add Consul ACL roles support (#14014)
2022-02-16 19:31:08 -06:00
14025.txt
update MFA changelog (#14326)
2022-03-01 15:13:39 -08:00
14033.txt
update changelog to include db config connection return value change (#14256)
2022-02-24 14:03:11 -06:00
14049.txt
MFA UI Changes (v3) (#14145)
2022-02-17 15:40:25 -07:00
14051.txt
Allow auto-detection of AWS region when using the vault CLI (#14051)
2022-02-14 12:01:27 -08:00
14054.txt
UI: Switch usage of localStorage to sessionStorage (#14054)
2022-02-17 10:04:53 -06:00
14067.txt
Revert "MFA (#14049)" (#14135)
2022-02-17 13:17:59 -07:00
14074.txt
Use FieldData.GetOkError() to access required Transit parameters. (#14593)
2022-03-18 16:10:38 -04:00
14095.txt
auth/ldap: add resp warning if userfilter doesn't consider userattr (#14095)
2022-02-17 17:19:44 -08:00
14107.txt
Revert "MFA (#14049)" (#14135)
2022-02-17 13:17:59 -07:00
14109.txt
Server Side Consistency Docs (#14392)
2022-03-16 10:20:12 -07:00
14119.txt
identity/oidc: Adds default provider, key, and allow_all assignment (#14119)
2022-02-22 08:33:19 -08:00
14130.txt
secrets/azure: update plugin to v0.11.4 (#14130)
2022-02-17 12:09:36 -08:00
14131.txt
interactive CLI for mfa login (#14131)
2022-02-24 15:16:15 -05:00
14138.txt
auth/azure: update to v0.9.3 (#14138)
2022-02-18 09:42:48 -05:00
14144.txt
upgrade vault-plugin-auth-kubernetes (#14144)
2022-02-22 11:25:44 -05:00
14171.txt
secrets/openldap: fix panic from nil logger (#14171)
2022-02-18 19:40:30 -05:00
14178.txt
Rebase #14178 / Add not_before_duration API parameter to Root/Intermediate CA generation (#15511)
2022-05-19 12:35:08 -04:00
14190.txt
Update github.com/prometheus/client_golang (#14190)
2022-02-23 09:31:58 -05:00
14193.txt
Remove support for etcd v2 storage backend. (#14193)
2022-02-22 16:48:04 -05:00
14195.txt
Add checks for other error types within the PKI plugin (#14195)
2022-02-22 14:39:21 -05:00
14197.txt
Ensure that fewer goroutines survive after a test completes (#14197)
2022-02-23 10:33:52 -05:00
14206.txt
prevent int64 overflow for default_lease_ttl and max_lease_ttl (#14206)
2022-02-23 17:08:52 -05:00
14214.txt
agent/azure: adds ability to use specific user-assigned managed identities for auto auth (#14214)
2022-02-23 11:43:36 -08:00
14217.txt
Change OpenAPI code generator to extract request objects (#14217)
2022-03-11 19:00:26 -05:00
14222.txt
Set header content type instead of overwriting all headers (#14222)
2022-02-23 17:09:57 -05:00
14223.txt
Quit agent endpoint with config (#14223)
2022-02-25 10:29:05 +00:00
14224.txt
UI/fix db role ttl display (#14224)
2022-02-23 10:00:20 -06:00
14231.txt
Increase column width of vault_key on mysql (#14231)
2022-02-24 09:21:57 -05:00
14232.txt
Update to Go 1.17.7 (#14232)
2022-02-23 15:08:08 -05:00
14233.txt
UI: Fix incorrect validity modal on transit secrets engine (#14233)
2022-02-23 14:59:49 -06:00
14235.txt
Fix broken interactions between glob_domains and wildcards (#14235)
2022-02-23 16:44:09 -05:00
14238.txt
Add role parameter to restrict issuance of wildcard certificates (#14238)
2022-02-24 08:41:56 -05:00
14268.txt
UI: add Database static role password rotation (#14268)
2022-02-25 12:16:54 -06:00
14269.txt
[VAULT-5003] Use net/http client in Sys().RaftSnapshotRestore (#14269)
2022-03-14 10:13:33 -07:00
14292.txt
Add warning when generate_lease=no_store=true when writing PKI role (#14292)
2022-02-28 13:55:12 -05:00
14301.txt
Output full secret path in certain kv commands (#14301)
2022-03-08 13:17:27 -08:00
14324.txt
auth/ldap: add username_as_alias config flag (#14324)
2022-03-15 10:21:40 -04:00
14328.txt
treat logical.ErrRelativePath as 400 instead of 500 (#14328)
2022-03-30 09:08:02 -04:00
14329.txt
Logout with wrapped token (#14329)
2022-03-02 09:45:53 -07:00
14385.txt
Set service type to notify in systemd unit. (#14385)
2022-03-09 08:13:45 -05:00
14388.txt
Add context-aware functions to vault/api (#14388)
2022-03-23 17:47:43 -04:00
14389.txt
Added Enigma Vault secret plugin. Designed to be simple but complete, a good starting point for plugin developers (#14389)
2022-03-11 08:33:48 -05:00
14399.txt
Fix debug bundle panic on Windows (#14399)
2022-06-09 15:57:45 -07:00
14400.txt
UI/Hide empty masked PKI row values (#14400)
2022-03-11 13:55:01 -08:00
14422.txt
UI/add managed ns redirect prefix (#14422)
2022-03-10 08:26:33 -06:00
14424.txt
Agent error log level is mismatched (#14424)
2022-04-07 11:03:38 -07:00
14426.txt
identity/oidc: prevent key rotation on performance secondary clusters (#14426)
2022-03-09 15:41:02 -08:00
14455.txt
Update google-cloud-storage backend documentation (#14455)
2022-08-26 09:59:40 -05:00
14487.txt
only check Contains if IP address (#14487)
2022-03-15 09:55:50 -06:00
14489.txt
UI/fix kv data cache (#14489)
2022-03-16 11:00:08 -05:00
14493.txt
UI/d3 DOM cleanup hover issue (#14493)
2022-03-16 13:36:41 -05:00
14501.txt
Add input validation to getRuleInfo to prevent panic (#14501)
2022-03-24 16:16:37 -04:00
14508.txt
UI: Parse OpenAPI response correctly if schema includes $ref (#14508)
2022-03-16 09:24:07 -05:00
14522.txt
Fix panic caused by parsing json.Number values for TypeCommaStringSlice fields (#14522)
2022-03-28 11:07:55 -04:00
14523.txt
Fix CLI panic caused by single backslash values (#14523)
2022-03-24 16:40:32 -04:00
14543.txt
identity/token: fix duplicate keys in well-known (#14543)
2022-03-16 18:48:10 -07:00
14545.txt
OIDC Logout Bug (#14545)
2022-03-18 09:40:17 -06:00
14551.txt
UI/Wrong sentinel error message for auth methods (#14551)
2022-03-18 16:47:42 -07:00
14622.txt
Add a check for missing entity during local alias invalidation. (#14622)
2022-03-21 15:09:31 -04:00
14659.txt
Remove Ivy Codemirror (#14659)
2022-03-29 10:25:16 -06:00
14670.txt
Warn on upper case in policy name (#14670)
2022-03-24 13:29:11 -07:00
14704.txt
Vault-4010 Unauthenticated panic when processing "help" requests (#14704)
2022-03-24 12:19:14 -07:00
14744.txt
Ensure that URL encoded passwords are properly redacted. (#14744)
2022-03-29 10:33:55 -04:00
14746.txt
add value length check to approle createHMAC (#14746)
2022-03-29 14:43:35 -04:00
14751.txt
auth/cert: Add metadata to identity-alias (#14751)
2022-08-23 11:03:53 -07:00
14752.txt
Vault-4279 reporting redundant/unused keys in config (#14752)
2022-04-01 10:34:27 -04:00
14753.txt
Add ability to pass certificate PEM bytes to vault/api (#14753)
2022-04-06 11:21:46 -04:00
14755.txt
Address incorrect table metric value for local mounts (#14755)
2022-03-30 13:06:49 -04:00
14763.txt
Ember upgrade to 3.28.6 (#14763)
2022-04-12 13:59:34 -06:00
14775.txt
Use WriteWithContext in auth helpers (#14775)
2022-04-06 11:20:34 -04:00
14791.txt
Fixing excessive unix file permissions (#14791)
2022-04-01 12:57:38 -04:00
14794.txt
UI/Only show form values if have read access (#14794)
2022-04-01 16:05:42 -05:00
14807.txt
Mount flag syntax to mitigate confusion from KV-v2 path discrepancies (#14807)
2022-04-06 13:58:06 -07:00
14814.txt
VAULT-4240 time.After() in a select statement can lead to memory leak (#14814)
2022-04-01 10:17:11 -04:00
14817.txt
Vault 3992 ToB Config and Plugins Permissions (#14817)
2022-04-04 09:45:41 -07:00
14836.txt
Respect increment value in grace period calculations (api/LifetimeWatcher) (#14836)
2022-04-06 13:04:45 -04:00
14846.txt
Vault 3999 Change permissions for directory/archive created by debug command (#14846)
2022-04-04 09:44:03 -07:00
14864.txt
VAULT-5422: Add rate limit for TOTP passcode attempts (#14864)
2022-04-14 13:48:24 -04:00
14869.txt
deprecating Legacy MFA (#14869)
2022-04-19 21:19:34 -04:00
14875.txt
Fix handling of default zero SignatureBits value with Any key type in PKI Secrets Engine (#14875)
2022-04-04 15:26:54 -04:00
14899.txt
Fix changelog formatting for feature (#15386)
2022-05-12 08:19:52 -07:00
14900.txt
[Vault-5248] MFA support for api login helpers (#14900)
2022-04-15 11:13:15 -07:00
14916.txt
OIDC Login Bug (#14916)
2022-04-07 08:30:29 -06:00
14941.txt
Bug Fix and Glimmerize secret-edit component (#14941)
2022-04-07 11:07:33 -06:00
14943.txt
Fix handling of SignatureBits for ECDSA issuers (#14943)
2022-04-07 11:52:59 -04:00
14954.txt
aws auth displayName (#14954)
2022-04-08 14:37:49 -07:00
14957.txt
Add build date (#14957)
2022-04-19 14:28:08 -04:00
14962.txt
Warnings indicating ignored and replaced parameters (#14962)
2022-04-11 09:57:12 -04:00
14963.txt
[Vault-5736] Add (*Client).WithNamespace() for temporary namespace handling (#14963)
2022-04-14 09:50:21 -07:00
14966.txt
Fix edit capabilities call in auth method (#14966)
2022-04-11 10:48:35 -07:00
14968.txt
Don't clone OutputCurlString value (#14968)
2022-04-08 09:58:50 -07:00
14973.txt
Update gocql to resolve #12878 (#14973)
2022-04-18 11:12:32 -07:00
14975.txt
Add various missing PKI related changelog entries (#15500)
2022-05-23 11:53:49 -04:00
14977.txt
Ensure initialMmapSize is 0 on Windows (#14977)
2022-04-08 12:07:21 -07:00
14985.txt
supporting google authenticator with Okta auth (#14985)
2022-04-14 08:37:04 -04:00
15004.txt
Add various missing PKI related changelog entries (#15500)
2022-05-23 11:53:49 -04:00
15009.txt
forwarding requests subjected to Login MFA to the active node (#15009)
2022-04-13 10:11:53 -04:00
15025.txt
UI: Masked inputs always look the same when value is hidden (#15025)
2022-04-13 16:56:39 -05:00
15041.txt
When running under systemd, send ready when server completed reloading config #7028 (#15041)
2022-05-03 08:34:11 -04:00
15042.txt
Raft: use a larger initial heartbeat/election timeout (#15042)
2022-04-29 08:32:16 -04:00
15046.txt
Custom tooltip for Generated Token Policies form field on auth methods (#15046)
2022-04-14 14:58:26 -06:00
15054.txt
Add AWS_DYNAMODB_REGION Environment variable (#15054)
2022-04-28 12:29:51 -07:00
15055.txt
Remove duplicate policies when creating/updating identity groups (#15055)
2022-05-16 17:20:48 -04:00
15058.txt
UI: fix blank selection on search select field (#15058)
2022-04-15 12:47:55 -05:00
15067.txt
When tainting a route during setup, pre-calculate the namespace specific path (#15067)
2022-04-26 09:13:45 -07:00
15072.txt
fix TypeCommaIntSlice panic caused by json.Number input (#15072)
2022-04-18 16:43:16 -04:00
15074.txt
remove storybook: (#15074)
2022-04-19 15:45:20 -06:00
15092.txt
Upgrade hashicorp/consul-template dependency (#15092)
2022-04-19 20:51:11 +01:00
15100.txt
Add various missing PKI related changelog entries (#15500)
2022-05-23 11:53:49 -04:00
15104.txt
[VAULT-5887] TypeInt64 support added to OpenApi Spec generation (#15104)
2022-04-22 15:37:12 -07:00
15123.txt
Clone identity objects to prevent races. (#15123)
2022-04-22 13:04:34 -04:00
15125.txt
Update golang.org/x/crypto/ssh (#15125)
2022-04-22 12:58:23 -04:00
15152.txt
Add various missing PKI related changelog entries (#15500)
2022-05-23 11:53:49 -04:00
15155.txt
Add various missing PKI related changelog entries (#15500)
2022-05-23 11:53:49 -04:00
15156.txt
fix raft tls key rotation panic when rotation time in past (#15156)
2022-04-25 21:48:34 -04:00
15163.txt
[VAULT-5813] Remove duplicate sha_256 in SystemCatalogRequest OAS (#15163)
2022-04-25 13:12:08 -07:00
15166.txt
VAULT-5827 Don't prepare SQL queries before executing them (#15166)
2022-04-26 12:47:06 -07:00
15167.txt
Handle client count timezone (#15167)
2022-05-20 21:43:01 +02:00
15179.txt
Add various missing PKI related changelog entries (#15500)
2022-05-23 11:53:49 -04:00
15188.txt
[VAULT-14990] Support retrieving kv secret paths with trailing spaces (#15188)
2022-05-10 14:07:45 -07:00
15204.txt
agent/auto-auth: Add min_backoff to set first backoff value (#15204)
2022-04-29 12:31:32 -04:00
15211.txt
Add various missing PKI related changelog entries (#15500)
2022-05-23 11:53:49 -04:00
15213.txt
Allow callers to choose the entropy source for the random endpoints. (#15213)
2022-05-02 14:42:07 -05:00
15224.txt
Do sockaddr template parsing only when needed (#15224)
2022-04-29 09:57:17 -04:00
15248.txt
Globally scoped MFA method Get/List endpoints (#15248)
2022-05-17 14:54:16 -04:00
15250.txt
not_before_duration added to SSH (#15250)
2022-05-12 08:50:40 -04:00
15259.txt
change ordering of activity log month data to sort by ascending order… (#15259)
2022-05-03 13:39:29 -07:00
15261.txt
loading MFA configs upont restart (#15261)
2022-05-05 18:53:57 -04:00
15277.txt
Add various missing PKI related changelog entries (#15500)
2022-05-23 11:53:49 -04:00
15293.txt
Update deps for consul-template 0.29.0 (#15293)
2022-05-05 10:30:40 -07:00
15295.txt
secrets/consul: Add support for generating tokens with service and node identities (#15295)
2022-05-09 20:07:35 -05:00
15305.txt
KV helper methods for api package (#15305)
2022-05-25 11:17:13 -07:00
15316.txt
Add DR Metric scraping capability to debug command (#15316)
2022-05-06 16:04:08 -04:00
15342.txt
add mount accessor to audit request and responses (#15342)
2022-05-12 11:28:00 -06:00
15343.txt
postgres: replace the package lib/pq with pgx (#15343)
2022-05-23 12:49:18 -07:00
15352.txt
Query and Precompute Non-Contiguous Segments in the Activity Log (#15352)
2022-05-17 12:17:32 -07:00
15355.txt
Updating Okta MFA to use official SDK (#15355)
2022-05-17 15:14:26 -04:00
15361.txt
auth/okta: Add support for Okta number challenge (#15361)
2022-05-11 17:09:29 -07:00
15364.txt
UI/ fix firefox not recognizing csv export (#15364)
2022-05-10 17:19:38 -07:00
15369.txt
Disabling client side rate limiting in Okta login MFA client (#15369)
2022-05-12 15:55:33 -04:00
15376.txt
secrets/database: adds ability to manage alternative credential types and configuration (#15376)
2022-05-17 09:21:26 -07:00
15377.txt
Added support for VAULT_PROXY_ADDR + Updated docs (#15377)
2022-05-24 13:38:51 -04:00
15378.txt
Fix OIDC callback query params (#15378)
2022-05-13 09:58:56 -07:00
15380.txt
VAULT-5935 agent: redact renew-self if using auto auth (#15380)
2022-05-12 09:25:55 -07:00
15383.txt
report listener and storage types as found keys (#15383)
2022-05-12 09:04:56 -07:00
15400.txt
secrets/consul: Use consistent parameter names (#15400)
2022-05-19 14:43:54 -05:00
15405.txt
Added optional -log-level flag to 'operator migrate' command (#15405)
2022-05-12 15:56:25 -04:00
15414.txt
Transit byok import endpoints (#15414)
2022-05-16 11:50:38 -05:00
15417.txt
Vault CLI: show detailed information with ListResponseWithInfo (#15417)
2022-05-18 13:00:50 -04:00
15420.txt
append nil months to query get to cover all requested months (OSS) (#15420)
2022-05-16 13:01:28 -07:00
15428.txt
VAULT-5885: Fix erroneous success message in case of two-phase MFA, and provide MFA information in table format (#15428)
2022-05-17 14:03:02 -04:00
15429.txt
pki/sign-verbatim uses role not before duration (#15429)
2022-05-16 16:15:18 -04:00
15434.txt
api: make ListPlugins parse only known plugin types (#15434)
2022-05-17 17:41:26 +01:00
15440.txt
Add default timeout to legacy ssh.ClientConfig (#15440)
2022-05-16 12:36:47 -04:00
15452.txt
Vault-6037 making filesystem permissions check opt-in (#15452)
2022-05-17 11:34:31 -07:00
15457.txt
Add list of granting policies audit logs (#15457)
2022-05-16 16:23:08 -07:00
15464.txt
UI/vault 6212/multiple issuer pki changes (#15464)
2022-05-18 11:31:17 -07:00
15469.txt
possibly forward cached MFA auth response to leader (#15469)
2022-05-17 16:30:36 -04:00
15470.txt
Always return PKI configs for CRLs, URLs (#15470)
2022-05-17 11:40:09 -04:00
15474.txt
UI: Better default transit auto-rotation (#15474)
2022-05-17 16:06:57 -05:00
15478.txt
Remove signature_bits on intermediate generate (#15478)
2022-05-18 09:36:39 -04:00
15482.txt
prevent deleting MFA method through an invalid path (#15482)
2022-05-31 14:22:04 -04:00
15487.txt
oss changes (#15487)
2022-05-18 09:16:13 -07:00
15493.txt
Forward autopilot state reqs, avoid self-dialing (#15493)
2022-05-18 14:50:18 -04:00
15494.txt
Warn on empty Subject field for issuers (#15494)
2022-05-18 10:15:37 -04:00
15509.txt
Add warning on missing AIA info fields (#15509)
2022-05-19 11:12:10 -04:00
15510.txt
Vault 5917 allow patch operations to pki roles issuers (#15510)
2022-05-20 13:34:55 -04:00
15513.txt
Remove reference to stored license (#15513)
2022-05-20 09:33:50 -07:00
15519.txt
VAULT-4306 Ensure /raft/bootstrap/challenge call ignores erroneous namespaces set (#15519)
2022-05-19 16:27:51 -04:00
15523.txt
UI: keymgmt secret engine (#15523)
2022-05-20 10:41:24 -05:00
15524.txt
Return the signed ca in the ca_chain response field within sign-intermediate api call. (#15524)
2022-05-20 11:06:44 -04:00
15525.txt
Fix handling of username_as_alias during LDAP authentication (#15525)
2022-05-20 14:17:26 -07:00
15527.txt
Add usage documentation for new Kubernetes Secrets Engine (#15527)
2022-05-20 13:37:15 -07:00
15536.txt
api/monitor: Adding log format to monitor command and debug (#15536)
2022-05-24 13:10:53 -04:00
15543.txt
Allow issuer/:issuer_ref/sign-verbatim/:role, add error on missing role (#15543)
2022-05-23 13:09:18 -04:00
15550.txt
secrets/consul: Deprecate token_type and policy fields (#15550)
2022-05-20 15:48:02 -05:00
15551.txt
Adding vault-plugin-secrets-kubernetes v0.1.0 (#15551)
2022-05-20 14:13:33 -07:00
15552.txt
VAULT-6131 OpenAPI schema now includes /auth/token endpoints when explicit permission has been granted (#15552)
2022-05-31 11:25:27 -04:00
15559.txt
Convert not_before_duration to seconds before returning it (#15559)
2022-05-23 08:06:37 -04:00
15560.txt
UI/Fix form validation issues (#15560)
2022-05-25 11:22:36 -07:00
15561.txt
SSH secrets engine - Enabled creation of key pairs (CA Mode) (#15561)
2022-06-10 09:48:19 -04:00
15573.txt
Remove unsupported fields for DB roles show page (#15573)
2022-05-25 11:28:19 -04:00
15579.txt
Fix plugin reload mounts (#15579)
2022-05-25 13:37:42 -05:00
15581.txt
Add deprecation note about X.509/SHA-1 (#15581)
2022-05-25 10:11:17 -07:00
15583.txt
use provided namespace for wrapping lookup cubbyhole request (#15583)
2022-05-26 15:17:29 -04:00
15584.txt
Add change release note for Kubernetes auth (#15891)
2022-06-09 10:07:43 +01:00
15586.txt
Add an API for exporting activity log data (#15586)
2022-05-24 17:00:46 -07:00
15592.txt
auth/gcp: updates plugin to v0.13.0 (#15592)
2022-05-25 10:35:41 -07:00
15593.txt
auth/jwt: updates plugin to v0.13.0 (#15593)
2022-05-25 11:04:32 -07:00
15614.txt
fix: upgrade vault-plugin-database-elasticsearch to v0.11.0 (#15614)
2022-05-26 10:20:52 -05:00
15638.txt
Only add distinct policies to identity group (#15638)
2022-05-26 13:52:19 +01:00
15655.txt
secrets/kubernetes: update to v0.1.1 (#15655)
2022-05-26 15:44:03 -07:00
15681.txt
Removed red spellcheck underline that appears for sensitive values (#15681)
2022-05-31 17:00:34 -04:00
15685.txt
updates leasId to leaseId (#15685)
2022-06-13 13:17:07 -05:00
15693.txt
Avoid deadlocking on stateLock in emitMetrics (#15693)
2022-05-31 12:15:39 -04:00
15719.txt
Update AWS auth method certificates (#15719)
2022-06-01 10:26:17 -07:00
15735.txt
VAULT-6371 Fix issue with lease quotas on read requests that generate leases (#15735)
2022-06-03 15:45:21 -04:00
15742.txt
Add parsing for NSS-wrapped Ed25519 keys (#15742)
2022-06-06 18:09:21 -04:00
15751.txt
Support for CPS URLs in Custom Policy Identifiers. (#15751)
2022-06-03 14:50:46 -04:00
15759.txt
File Audit Mode 0000 bug (#15759)
2022-06-03 09:17:41 -07:00
15769.txt
Revert UI: replace localStorage with sessionStorage (#15769)
2022-06-02 15:19:57 -05:00
15789.txt
UI: calendar widget fix (#15789)
2022-06-03 14:22:50 -07:00
15792.txt
bump vault-plugin-secrets-kv to v0.12.1 (#15792)
2022-06-03 16:01:35 -04:00
15809.txt
Allow reading Nomad CA/Client cert configuration (#15809)
2022-06-10 10:09:54 -04:00
15824.txt
UI: Fix metadata tab not showing given policy (#15824)
2022-06-07 10:56:44 -05:00
15835.txt
Dynamic parameter for mountpaths in OpenApi Spec generation(#15835)
2022-06-30 07:43:04 -07:00
15852.txt
Change tooltip for token_bound_certs and glimmerize string-list component (#15852)
2022-06-07 13:15:25 -06:00
15858.txt
Add warning about EA in FIPS mode (#15858)
2022-06-08 08:57:48 -04:00
15866.txt
pass context to postgres queries (#15866)
2022-06-08 17:54:19 -04:00
15879.txt
Limit SSCT WAL Check on Perf Standbys to Raft Backends Only (#15879)
2022-06-08 13:58:22 -07:00
15898.txt
Remove deprecated core-js version from production builds (#15898)
2022-06-09 09:12:59 -06:00
15900.txt
Parse ha_storage in config (#15900)
2022-06-09 15:55:49 -07:00
15912.txt
return bad request instead of server error for identity group cycle detection (#15912)
2022-06-10 10:15:31 -04:00
15933.txt
Add changelog for #15933 (#16425)
2022-07-22 09:50:28 -07:00
15946.txt
Fix keyring file missing after Vault restart (#15946)
2022-06-15 10:22:42 -07:00
15986.txt
Fix changelog for 15986 (#16085)
2022-06-21 12:27:24 -04:00
15989.txt
(OSS) Path Suffix Support for Rate Limit Quotas (#15989)
2022-06-16 13:23:02 -04:00
15996.txt
Add explicit cn_validations field to PKI Roles (#15996)
2022-06-16 06:53:27 -07:00
15998.txt
UI Support for Okta Number Challenge (#15998)
2022-08-10 15:46:04 -04:00
16000.txt
Activity Log Filtering Limit Parameter (#16000)
2022-06-15 15:41:31 -07:00
16018.txt
ssh: Fix template regex test for defaultExtensions to allow additional text (#16018)
2022-06-17 11:06:17 -04:00
16056.txt
fix bug with allowed_users_template and add allowed_domains_template for SSH role (#16056)
2022-08-16 14:59:29 -05:00
16063.txt
website: Update replication docs to mention Integrated Storage (#16063)
2022-06-21 10:55:15 -07:00
16087.txt
Update consul-template to latest for pkiCert fix (#16087)
2022-06-27 08:39:36 -07:00
16088.txt
Replicate member_entity_ids and policies in identity/group across nodes identically (#16088)
2022-06-28 19:54:24 -04:00
16094.txt
Fix bug where id not existing in multiplexing map causes panic (#16094)
2022-06-22 14:29:25 -04:00
16111.txt
Add endpoints to provide ability to modify logging verbosity (#16111)
2022-06-27 11:39:53 -04:00
16112.txt
Return a 403 for a bad SSCT instead of 500 (#16112)
2022-06-23 13:01:20 -07:00
16115.txt
VAULT-6613 Add role support for rate limit quotas (OSS Changes) (#16115)
2022-06-24 08:58:02 -04:00
16124.txt
Add signature_bits to sign-intermediate, sign-verbatim (#16124)
2022-06-23 14:07:27 -04:00
16140.txt
changelog: Add entry for AD secrets engine bug fix (#16480)
2022-07-27 15:51:53 -07:00
16146.txt
ActivityLog Implement HyperLogLog Store Functionality During Precomputation (#16146)
2022-06-27 09:38:32 -07:00
16162.txt
activity log refactoring port (#16162)
2022-06-27 13:33:45 -07:00
16170.txt
UI OIDC auth type saved in localStorage not sessionStorage (#16170)
2022-06-28 11:04:24 -06:00
16181.txt
identity/oidc: allow filtering the list providers response by an allowed_client_id (#16181)
2022-07-28 09:47:53 -07:00
16184.txt
Port: Use Stored Hll to Compute New Clients For Current Month (#16184)
2022-06-29 10:51:23 -07:00
16218.txt
Clarification for local mounts in the context of DR (#16218)
2022-07-12 10:17:12 -07:00
16231.txt
agent/template: fix exec parsing error for templates (#16231)
2022-07-06 21:21:35 +01:00
16240.txt
[Kubernetes Secret Engine]: Role namespace configuration possible via LabelSelector (#16240)
2022-07-19 13:11:45 -05:00
16246.txt
pki: When a role sets key_type to any ignore key_bits value when signing a csr (#16246)
2022-07-08 10:56:15 -04:00
16274.txt
auth/oidc: fix changelog entry for SecureAuth groups parsing (#16388)
2022-07-21 08:24:11 -07:00
16324.txt
Vault 6773/raft rejoin nonvoter (#16324)
2022-07-18 14:37:12 -04:00
16327.txt
Increase the allowed concurrent gRPC streams (#16327)
2022-07-20 15:26:52 -04:00
16351.txt
Allow identity templates in ssh backend default_user field (#16351)
2022-07-29 09:45:52 -04:00
16353.txt
Remove gox in favor of go build. (#16353)
2022-07-20 10:44:41 -07:00
16379.txt
updating changelog for vault-951 (#16558)
2022-08-03 10:39:21 -07:00
16386.txt
VAULT-7046 Allow trailing globbing at the end of a path suffix quota (#16386)
2022-07-21 15:31:23 -04:00
16409.txt
command/audit: improve audit enable type missing error message (#16409)
2022-07-21 16:43:50 -04:00
16421.txt
command/server: add dev-tls flag (#16421)
2022-07-22 14:04:03 -04:00
16435.txt
auth/gcp: add support for GCE regional instance groups (#16435)
2022-07-22 17:31:25 -05:00
16441.txt
Added a small utility method to display warnings when parsing command arguments. (#16441)
2022-07-27 14:00:03 -04:00
16443.txt
ignore leading slash in kv get command (#16443)
2022-07-28 14:11:58 -04:00
16455.txt
Remove SHA1 for certs in prep for Go 1.18 (#16455)
2022-07-28 09:14:33 -07:00
16466.txt
UI: fix jwt auth failure (#16466)
2022-07-27 15:22:38 -05:00
16479.txt
agent: add disable_keep_alives configurable (#16479)
2022-07-28 12:59:49 -07:00
16487.txt
Clone created entities that were inserted into memdb... (#16487)
2022-07-28 09:43:24 -04:00
16489.txt
Lookup, wrap, rewrap and unwrap token rename with description (#16489)
2022-07-28 14:33:47 -04:00
16494.txt
Allow old certs to be cross-signed (#16494)
2022-08-03 06:34:21 -07:00
16519.txt
Add PSS support to PKI Secrets Engine (#16519)
2022-08-03 12:42:24 -04:00
16525.txt
auth/jwt: updates dependency and adds changelogs (#16525)
2022-08-01 12:46:34 -07:00
16534.txt
secrets/gcp: adds changelog entry for bug fixes in release branches (#16534)
2022-08-02 10:52:23 -07:00
16539.txt
VAULT-6818 - Restrict ability to merge entities with mount-accessor-conflicting aliases unless one is explicitly chosen to be kept (#16539)
2022-08-10 09:10:02 -04:00
16550.txt
Vault 7338/fix retry join (#16550)
2022-08-03 20:44:57 -05:00
16563.txt
Add per-issuer AIA URI information to PKI secrets engine (#16563)
2022-08-19 11:43:44 -04:00
16564.txt
Add BYOC-based revocation to PKI secrets engine (#16564)
2022-08-15 08:50:57 -05:00
16566.txt
Add proof possession revocation for PKI secrets engine (#16566)
2022-08-16 14:01:26 -04:00
16567.txt
identity/oidc: adds detailed listing capability for clients and providers (#16567)
2022-08-04 10:10:28 -07:00
16594.txt
auth/kerberos: add remove_instance_name config (#16594)
2022-08-04 16:38:12 -04:00
16598.txt
identity/oidc: adds client_secret_post token endpoint authentication method (#16598)
2022-08-08 08:41:09 -07:00
16599.txt
identity/oidc: change the state parameter to optional (#16599)
2022-08-05 11:37:24 -07:00
16600.txt
identity/oidc: fixes validation of the request and request_uri parameters (#16600)
2022-08-05 11:55:15 -07:00
16601.txt
identity/oidc: reorder authorization endpoint validation for invalid redirect uris (#16601)
2022-08-08 09:02:18 -07:00
16609.txt
upgrade raft to 1.3.10 (#16609)
2022-08-05 10:27:37 -07:00
16621.txt
Allow marking issuers as revoked (#16621)
2022-08-18 18:08:31 -04:00
16631.txt
Hana - Add username customization (#16631)
2022-08-08 16:01:34 -05:00
16636.txt
auth/kerberos: update plugin version to v0.7.2 (#16636)
2022-08-09 11:02:41 -05:00
16659.txt
UI/ fix tooltip submitting form (#16659)
2022-08-09 20:51:29 -07:00
16673.txt
secrets/auth: fix bug with aliased backends (#16673)
2022-08-10 20:02:05 -05:00
16686.txt
secret/database: fix bug where too many wal deletes are deferred (#16686)
2022-08-11 16:22:53 -04:00
16688.txt
Version-aware plugin catalog (#16688)
2022-08-25 21:31:42 +01:00
16699.txt
Add a sentinel error for missing KV secrets (#16699)
2022-08-12 19:29:42 -04:00
16702.txt
Add _remaining tidy metrics. (#16702)
2022-08-23 12:17:17 -04:00
16714.txt
Remove extra empty lines from vault.log - Debug command (#16714)
2022-08-15 14:16:57 -07:00
16721.txt
Ignore EC PARAMETER blocks during issuer import (#16721)
2022-08-15 08:59:10 -07:00
16723.txt
Add an OCSP responder to Vault's PKI plugin (#16723)
2022-08-22 14:06:15 -04:00
16739.txt
Fix naming of permitted_dns_domains in webui (#16739)
2022-08-16 14:57:05 -05:00
16762.txt
Enable periodic, automatic rebuilding of CRLs (#16762)
2022-08-23 13:27:15 -04:00
16794.txt
VAULT-7698 Fix ignored parameter warnings for endpoint arbitrary data options (#16794)
2022-08-23 08:51:23 -04:00
16813.txt
Migrate existing PKI mounts that only contains a key (#16813)
2022-08-22 10:11:21 -07:00
16821.txt
UI: Forward to redirect_to param to when auth'd (#16821)
2022-08-23 11:05:00 -05:00
16830.txt
Fix LIST issuers endpoint (#16830)
2022-08-23 11:08:23 -04:00
16834.txt
command/debug: fix bug where monitor was not honoring configured duration (#16834)
2022-08-23 17:09:30 -04:00
16846.txt
Fix changelog type for registry deprecation status (#16889)
2022-08-25 14:35:52 -04:00
16865.txt
Don't allow crl-signing issuer usage without CRLSign KeyUsage (#16865)
2022-08-24 07:45:54 -07:00
16871.txt
Let PKI tidy associate revoked certs with their issuers (#16871)
2022-08-26 10:13:45 -07:00
16874.txt
Cleanup changes around issuer revocation (#16874)
2022-08-25 11:36:37 -04:00
16886.txt
UI/OIDC auth bug for hcp namespace flag (#16886)
2022-08-26 10:04:01 -07:00
16890.txt
auth/kerberos: add config to include ldap groups in group alias (#16890)
2022-08-25 13:51:54 -07:00
changelog.tmpl
Changelog notes for 1.6.2 (#10737)
2021-01-20 15:52:48 -05:00
client-counts-1.11.txt
add 1.11 changelog for client counts1 (#15497)
2022-05-18 11:03:09 -07:00
client-counts.txt
UI/Client counts changelog 1.10 (#14166)
2022-02-22 12:08:11 -07:00
diagnose.txt
Diagnose docs + changelog (#12159)
2021-07-26 08:45:12 -07:00
go-ver-1110.txt
mv changelog/15043.txt -> changelog/go-ver-1110.txt (#15059)
2022-04-15 14:37:54 -04:00
mount-migration.txt
Fixes from mount move testing (#14492)
2022-03-15 11:11:23 -07:00
note.tmpl
Templates and 1 example (#10363)
2020-11-16 14:05:28 -05:00
README.md
Add more documentation on changelogs (#15701)
2022-06-06 10:04:48 -04:00

README.md

changelog

This folder holds changelog updates from commit 3bc7d15 onwards.

Release notes are text files with three lines:

  1. An opening code block with the release-note:<MODE> type annotation.

    For example:

    ```release-note:bug

    Valid modes are:

    • bug - Any sort of non-security defect fix.
    • change - A change in the product that may require action or review by the operator. Examples would be any kind of API change (as opposed to backwards compatible addition), a notable behavior change, or anything that might require attention before updating. Go version changes are also listed here since they can potentially have large, sometimes unknown impacts. (Go updates are a special case, and dep updates in general aren't a change). Discussion of any potential change items in the pull request to see what other communication might be warranted.
    • deprecation - Announcement of a planned future removal of a feature. Only use this if a deprecation notice also exists in the docs.
    • feature - Large topical additions for a major release. These are rarely in minor releases. Formatting for feature entries differs from normal changelog formatting - see the new features instructions.
    • improvement - Most updates to the product that arent bugs, but aren't big enough to be a feature, will be an improvement.

  2. A component (for example, secret/pki or sdk/framework or), a colon and a space, and then a one-line description of the change.

  3. An ending code block.

This should be in a file named after the pull request number (e.g., 12345.txt).

There are many examples in this folder; check one out if you're stuck!

See hashicorp/go-changelog for full documentation on the supported entries.

New and Major Features

For features we are introducing in a new major release, we prefer a single changelog entry representing that feature. This way, it is clear to readers what feature is being introduced. You do not need to reference a specific PR, and the formatting is slightly different - your changelog file should look like:

changelog/<pr num OR feature name>.txt:
```release-note:feature
**Feature Name**: Description of feature - for example "Custom password policies are now supported for all database engines."
```