open-vault/changelog
Gabriel Santos 05f3236c15
Provide public key encryption via transit engine (#17934)
* import rsa and ecdsa public keys

* allow import_version to update public keys - wip

* allow import_version to update public keys

* move check key fields into func

* put private/public keys in same switch cases

* fix method in UpdateKeyVersion

* move asymmetrics keys switch to its own method - WIP

* test import public and update it with private counterpart

* test import public keys

* use public_key to encrypt if RSAKey is not present and failed to decrypt
if key version does not have a private key

* move key to KeyEntry parsing from Policy to KeyEntry method

* move extracting of key from input fields into helper function

* change back policy Import signature to keep backwards compatibility and
add new method to import private or public keys

* test import with imported public rsa and ecdsa keys

* descriptions and error messages

* error messages, remove comments and unused code

* changelog

* documentation - wip

* suggested changes - error messages/typos and unwrap public key passed

* fix unwrap key error

* fail if both key fields have been set

* fix in extractKeyFromFields, passing a PolicyRequest wouldn't not work

* checks for read, sign and verify endpoints so they don't return errors when a private key was not imported and tests

* handle panic on "export key" endpoint if imported key is public

* fmt

* remove 'isPrivateKey' argument from 'UpdateKeyVersion' and
'parseFromKey' methods

also: rename 'UpdateKeyVersion' method to 'ImportPrivateKeyForVersion' and 'IsPublicKeyImported' to 'IsPrivateKeyMissing'

* delete 'RSAPublicKey' when private key is imported

* path_export: return public_key for ecdsa and rsa when there's no private key imported

* allow signed data validation with pss algorithm

* remove NOTE comment

* fix typo in EC public key export where empty derBytes was being used

* export rsa public key in pkcs8 format instead of pkcs1 and improve test

* change logic on how check for is private key missing is calculated

---------

Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-05-11 11:56:46 +00:00
..
7277.txt
9081.txt updated usage example (#9081) 2022-08-24 09:03:30 -04:00
9109.txt
9802.txt Add systemd notify support to Agent. Resolves: #7028 (#9802) 2022-08-29 08:18:47 -04:00
9972.txt
10072.txt
10077.txt
10085.txt
10101.txt
10131.txt
10181.txt
10231.txt
10249.txt
10299.txt Expose ssh algorithm_signer in web interface (#10114) (#10299) 2022-11-10 14:24:53 -08:00
10365.txt
10375.txt
10384.txt
10386.txt
10416.txt
10417.txt
10424.txt
10433.txt
10444.txt
10456.txt
10467.txt Add retry policy and fix documentation for Cassandra storage backend (#10467) 2022-08-30 11:00:48 -07:00
10487.txt
10489.txt
10490.txt
10491.txt
10498.txt
10505.txt
10514.txt
10520.txt
10536.txt
10537.txt
10546.txt
10556.txt
10558.txt
10579.txt
10588.txt
10596.txt
10603.txt
10609.txt
10613.txt
10650.txt
10653.txt
10655.txt
10677.txt
10684.txt
10689.txt
10705.txt
10708.txt
10725.txt
10726.txt
10730.txt
10743.txt
10744.txt
10751.txt
10756.txt
10757.txt
10758.txt
10759.txt
10766.txt
10767.txt
10812.txt
10826.txt
10833.txt
10834.txt
10848.txt
10850.txt
10855.txt
10858.txt
10877.txt
10886.txt
10901.txt
10904.txt
10906.txt
10919.txt
10927.txt
10931.txt
10938.txt
10942.txt
10948.txt
10949.txt
10951.txt
10952.txt
10953.txt
10964.txt
10980.txt
10982.txt
10992.txt
10995.txt
10996.txt
10997.txt
11000.txt
11011.txt
11015.txt
11018.txt
11022.txt
11094.txt
11113.txt
11119.txt
11127.txt
11129.txt
11142.txt
11143.txt
11182.txt
11208.txt
11213.txt
11216.txt
11218.txt
11226.txt
11231.txt
11245.txt
11247.txt
11252.txt
11256.txt
11258.txt
11259.txt
11260.txt
11262.txt
11269.txt
11283.txt
11284.txt
11288.txt
11289.txt
11294.txt
11324.txt
11345.txt
11360.txt
11364.txt
11365.txt
11366.txt
11367.txt
11371.txt
11377.txt
11388.txt
11404.txt
11408.txt
11442.txt
11447.txt
11451.txt
11453.txt
11473.txt
11495.txt
11500.txt
11502.txt
11506.txt
11517.txt
11530.txt
11532.txt
11541.txt
11562.txt
11576.txt
11585.txt
11586.txt
11588.txt
11596.txt
11597.txt
11600.txt
11607.txt
11628.txt
11638.txt
11641.txt
11647.txt
11650.txt
11672.txt
11680.txt
11696.txt
11705.txt
11708.txt
11759.txt
11775.txt
11778.txt
11780.txt
11784.txt
11785.txt
11795.txt
11796.txt
11802.txt
11820.txt
11826.txt
11836.txt
11838.txt
11861.txt
11864.txt
11872.txt
11878.txt
11884.txt
11887.txt
11895.txt
11899.txt
11904.txt Improving Handling of Unix Domain Socket Addresses (#11904) 2022-06-21 15:16:58 -07:00
11907.txt
11934.txt
11942.txt
11956.txt
11957.txt
11958.txt
11963.txt
11969.txt Agent JWT auto auth `remove_jwt_after_reading` config option (#11969) 2022-07-25 07:42:09 -06:00
11970.txt
11975.txt
11980.txt
11984.txt
11992.txt
11995.txt
11997.txt
12003.txt
12008.txt
12016.txt
12019.txt
12020.txt
12023.txt
12024.txt
12025.txt
12026.txt
12031.txt
12034.txt
12035.txt
12042.txt
12049.txt
12066.txt
12071.txt
12073.txt
12079.txt
12084.txt
12087.txt
12111.txt
12115.txt
12117.txt
12126.txt
12151.txt
12162.txt
12163.txt
12165.txt
12166.txt Add more raft metrics, emit more metrics on non-perf standbys (#12166) 2022-10-07 09:09:08 -07:00
12169.txt
12175.txt
12185.txt
12196.txt
12208.txt
12212.txt
12229.txt
12245.txt
12253.txt
12255.txt
12262.txt
12265.txt
12295.txt
12301.txt
12317.txt
12320.txt
12338.txt
12339.txt
12340.txt
12348.txt
12351.txt
12354.txt
12357.txt
12366.txt
12371.txt
12372.txt
12377.txt
12378.txt
12379.txt
12388.txt
12393.txt
12408.txt
12409.txt
12413.txt
12414.txt
12418.txt
12422.txt
12425.txt
12428.txt
12437.txt
12443.txt
12451.txt
12473.txt
12478.txt
12483.txt
12485.txt
12502.txt
12505.txt
12508.txt
12514.txt
12519.txt
12534.txt
12541.txt
12550.txt
12554.txt
12559.txt
12560.txt
12563.txt
12565.txt
12577.txt
12581.txt
12582.txt
12600.txt
12621.txt
12622.txt
12626.txt
12629.txt
12633.txt
12635.txt
12646.txt
12663.txt
12668.txt
12672.txt
12687.txt
12688.txt
12691.txt
12713.txt
12715.txt
12716.txt
12718.txt
12720.txt
12724.txt
12731.txt
12747.txt
12752.txt
12762.txt
12763.txt
12770.txt
12780.txt
12787.txt
12788.txt
12790.txt
12791.txt
12792.txt
12793.txt
12795.txt
12796.txt
12800.txt
12802.txt
12812.txt
12814.txt
12819.txt
12820.txt
12834.txt
12839.txt
12843.txt
12847.txt
12868.txt
12872.txt
12876.txt
12877.txt
12881.txt
12885.txt
12887.txt
12888.txt
12890.txt
12895.txt
12903.txt
12904.txt
12906.txt
12907.txt
12908.txt
12911.txt
12916.txt
12921.txt
12932.txt
12934.txt
12945.txt
12965.txt
12976.txt
13000.txt
13015.txt
13022.txt
13024.txt
13032.txt
13033.txt
13034.txt
13038.txt
13042.txt
13044.txt
13054.txt
13078.txt
13080.txt
13086.txt
13090.txt
13093.txt
13098.txt
13107.txt
13111.txt
13133.txt
13146.txt
13149.txt
13152.txt
13162.txt
13165.txt
13166.txt
13168.txt
13169.txt
13177.txt
13178.txt
13195.txt
13200.txt
13215.txt
13231.txt
13233.txt
13235.txt
13236.txt
13238.txt
13241.txt
13254.txt
13257.txt
13277.txt
13282.txt
13286.txt
13292.txt
13298.txt
13318.txt
13324.txt
13332.txt
13348.txt
13365.txt
13367.txt
13395.txt
13396.txt
13408.txt
13414.txt
13439.txt
13443.txt
13452.txt
13469.txt
13476.txt
13486.txt
13487.txt
13492.txt
13515.txt
13537.txt
13540.txt
13548.txt
13573.txt
13585.txt
13590.txt
13595.txt
13604.txt
13606.txt
13615.txt
13643.txt
13660.txt
13661.txt
13667.txt
13669.txt
13675.txt
13678.txt
13682.txt
13683.txt
13690.txt
13691.txt
13703.txt
13716.txt
13736.txt
13749.txt
13759.txt
13766.txt
13799.txt
13841.txt
13850.txt
13871.txt
13872.txt
13889.txt
13893.txt
13894.txt
13908.txt
13917.txt
13925.txt
13927.txt
13935.txt
13950.txt
13958.txt
13970.txt
13973.txt
13974.txt
13991.txt
14006.txt
14008.txt
14013.txt
14014.txt
14025.txt
14033.txt
14049.txt
14051.txt
14054.txt
14067.txt
14074.txt
14095.txt
14107.txt
14109.txt
14119.txt
14130.txt
14131.txt
14138.txt
14144.txt
14171.txt
14178.txt
14190.txt
14193.txt
14195.txt
14197.txt
14206.txt
14214.txt
14217.txt
14222.txt
14223.txt
14224.txt
14229.txt Move version out of SDK. (#14229) 2022-12-07 13:29:51 -05:00
14231.txt
14232.txt
14233.txt
14235.txt
14238.txt
14268.txt
14269.txt
14292.txt
14301.txt
14324.txt
14328.txt
14329.txt
14385.txt
14388.txt
14389.txt
14399.txt
14400.txt
14422.txt
14424.txt
14426.txt
14455.txt Update google-cloud-storage backend documentation (#14455) 2022-08-26 09:59:40 -05:00
14474.txt Add fields 'ttl' and 'num_uses' to SecretID generation. (#14474) 2022-09-02 09:29:59 -07:00
14487.txt
14489.txt
14493.txt
14501.txt
14508.txt
14522.txt
14523.txt
14543.txt
14545.txt
14551.txt
14622.txt
14659.txt
14670.txt
14704.txt
14744.txt
14746.txt
14751.txt auth/cert: Add metadata to identity-alias (#14751) 2022-08-23 11:03:53 -07:00
14752.txt
14753.txt
14755.txt
14763.txt
14775.txt
14791.txt
14794.txt
14807.txt
14814.txt
14817.txt
14836.txt
14846.txt
14864.txt
14869.txt
14875.txt
14899.txt
14900.txt
14916.txt
14941.txt
14943.txt
14945.txt Vault Raw Read Support (CLI & Client) (#14945) 2022-10-28 09:45:32 -04:00
14946.txt feature: secrets/auth plugin multiplexing (#14946) 2022-08-29 21:42:26 -05:00
14954.txt
14957.txt
14962.txt
14963.txt
14966.txt
14968.txt
14973.txt
14975.txt
14977.txt
14985.txt
15004.txt
15009.txt
15025.txt
15041.txt
15042.txt
15046.txt
15054.txt
15055.txt
15058.txt
15067.txt
15072.txt
15074.txt
15092.txt
15100.txt
15104.txt
15123.txt
15125.txt
15152.txt
15155.txt
15156.txt
15163.txt
15166.txt
15167.txt
15179.txt
15188.txt
15204.txt
15211.txt
15213.txt
15224.txt
15248.txt
15250.txt
15259.txt
15261.txt
15277.txt
15293.txt
15295.txt
15305.txt
15316.txt
15342.txt
15343.txt
15352.txt
15355.txt
15361.txt
15364.txt
15369.txt
15376.txt
15377.txt
15378.txt
15380.txt
15383.txt
15400.txt
15405.txt
15414.txt
15417.txt
15420.txt
15428.txt
15429.txt
15434.txt
15440.txt
15452.txt
15457.txt
15464.txt
15469.txt
15470.txt
15474.txt
15478.txt
15482.txt
15487.txt
15493.txt
15494.txt
15509.txt
15510.txt
15513.txt
15519.txt
15523.txt
15524.txt
15525.txt
15527.txt
15536.txt
15543.txt
15550.txt
15551.txt
15552.txt
15559.txt
15560.txt
15561.txt
15573.txt
15579.txt
15581.txt
15583.txt
15584.txt
15586.txt
15592.txt
15593.txt
15614.txt
15638.txt
15655.txt
15681.txt
15685.txt
15693.txt
15719.txt
15735.txt
15742.txt
15751.txt
15759.txt
15769.txt
15789.txt
15792.txt
15809.txt
15824.txt
15835.txt Dynamic parameter for mountpaths in OpenApi Spec generation(#15835) 2022-06-30 07:43:04 -07:00
15852.txt
15858.txt
15866.txt
15869.txt secrets/aws: don't create leases for AWS STS secrets (#15869) 2022-10-28 16:28:25 -05:00
15879.txt
15898.txt
15900.txt
15912.txt
15933.txt Add changelog for #15933 (#16425) 2022-07-22 09:50:28 -07:00
15946.txt Fix keyring file missing after Vault restart (#15946) 2022-06-15 10:22:42 -07:00
15986.txt Fix changelog for 15986 (#16085) 2022-06-21 12:27:24 -04:00
15989.txt (OSS) Path Suffix Support for Rate Limit Quotas (#15989) 2022-06-16 13:23:02 -04:00
15996.txt Add explicit cn_validations field to PKI Roles (#15996) 2022-06-16 06:53:27 -07:00
15998.txt UI Support for Okta Number Challenge (#15998) 2022-08-10 15:46:04 -04:00
16000.txt Activity Log Filtering Limit Parameter (#16000) 2022-06-15 15:41:31 -07:00
16018.txt ssh: Fix template regex test for defaultExtensions to allow additional text (#16018) 2022-06-17 11:06:17 -04:00
16056.txt fix bug with allowed_users_template and add allowed_domains_template for SSH role (#16056) 2022-08-16 14:59:29 -05:00
16063.txt website: Update replication docs to mention Integrated Storage (#16063) 2022-06-21 10:55:15 -07:00
16087.txt Update consul-template to latest for pkiCert fix (#16087) 2022-06-27 08:39:36 -07:00
16088.txt Replicate member_entity_ids and policies in identity/group across nodes identically (#16088) 2022-06-28 19:54:24 -04:00
16094.txt Fix bug where id not existing in multiplexing map causes panic (#16094) 2022-06-22 14:29:25 -04:00
16111.txt Add endpoints to provide ability to modify logging verbosity (#16111) 2022-06-27 11:39:53 -04:00
16112.txt Return a 403 for a bad SSCT instead of 500 (#16112) 2022-06-23 13:01:20 -07:00
16115.txt VAULT-6613 Add role support for rate limit quotas (OSS Changes) (#16115) 2022-06-24 08:58:02 -04:00
16124.txt Add signature_bits to sign-intermediate, sign-verbatim (#16124) 2022-06-23 14:07:27 -04:00
16140.txt changelog: Add entry for AD secrets engine bug fix (#16480) 2022-07-27 15:51:53 -07:00
16146.txt ActivityLog Implement HyperLogLog Store Functionality During Precomputation (#16146) 2022-06-27 09:38:32 -07:00
16162.txt activity log refactoring port (#16162) 2022-06-27 13:33:45 -07:00
16170.txt UI OIDC auth type saved in localStorage not sessionStorage (#16170) 2022-06-28 11:04:24 -06:00
16181.txt identity/oidc: allow filtering the list providers response by an allowed_client_id (#16181) 2022-07-28 09:47:53 -07:00
16184.txt Port: Use Stored Hll to Compute New Clients For Current Month (#16184) 2022-06-29 10:51:23 -07:00
16213.txt Docs: API generate-recovery-token unhidden. (#16213) 2022-08-29 09:02:47 -04:00
16218.txt Clarification for local mounts in the context of DR (#16218) 2022-07-12 10:17:12 -07:00
16224.txt fix: PGP subkeys support (#16224) 2022-09-22 09:12:41 -04:00
16231.txt agent/template: fix exec parsing error for templates (#16231) 2022-07-06 21:21:35 +01:00
16246.txt pki: When a role sets key_type to any ignore key_bits value when signing a csr (#16246) 2022-07-08 10:56:15 -04:00
16249.txt PKI - Honor header If-Modified-Since if present (#16249) 2022-08-29 15:28:47 -04:00
16274.txt auth/oidc: fix changelog entry for SecureAuth groups parsing (#16388) 2022-07-21 08:24:11 -07:00
16324.txt Vault 6773/raft rejoin nonvoter (#16324) 2022-07-18 14:37:12 -04:00
16327.txt Increase the allowed concurrent gRPC streams (#16327) 2022-07-20 15:26:52 -04:00
16351.txt Allow identity templates in ssh backend `default_user` field (#16351) 2022-07-29 09:45:52 -04:00
16353.txt Remove gox in favor of go build. (#16353) 2022-07-20 10:44:41 -07:00
16379.txt updating changelog for vault-951 (#16558) 2022-08-03 10:39:21 -07:00
16386.txt VAULT-7046 Allow trailing globbing at the end of a path suffix quota (#16386) 2022-07-21 15:31:23 -04:00
16409.txt command/audit: improve audit enable type missing error message (#16409) 2022-07-21 16:43:50 -04:00
16421.txt command/server: add dev-tls flag (#16421) 2022-07-22 14:04:03 -04:00
16435.txt auth/gcp: add support for GCE regional instance groups (#16435) 2022-07-22 17:31:25 -05:00
16441.txt Added a small utility method to display warnings when parsing command arguments. (#16441) 2022-07-27 14:00:03 -04:00
16443.txt ignore leading slash in kv get command (#16443) 2022-07-28 14:11:58 -04:00
16455.txt Remove SHA1 for certs in prep for Go 1.18 (#16455) 2022-07-28 09:14:33 -07:00
16466.txt UI: fix jwt auth failure (#16466) 2022-07-27 15:22:38 -05:00
16479.txt agent: add disable_keep_alives configurable (#16479) 2022-07-28 12:59:49 -07:00
16487.txt Clone created entities that were inserted into memdb... (#16487) 2022-07-28 09:43:24 -04:00
16489.txt Lookup, wrap, rewrap and unwrap token rename with description (#16489) 2022-07-28 14:33:47 -04:00
16494.txt Allow old certs to be cross-signed (#16494) 2022-08-03 06:34:21 -07:00
16519.txt Add PSS support to PKI Secrets Engine (#16519) 2022-08-03 12:42:24 -04:00
16525.txt auth/jwt: updates dependency and adds changelogs (#16525) 2022-08-01 12:46:34 -07:00
16534.txt secrets/gcp: adds changelog entry for bug fixes in release branches (#16534) 2022-08-02 10:52:23 -07:00
16539.txt VAULT-6818 - Restrict ability to merge entities with mount-accessor-conflicting aliases unless one is explicitly chosen to be kept (#16539) 2022-08-10 09:10:02 -04:00
16549.txt Allow configuring the possible salt lengths for RSA PSS signatures (#16549) 2022-08-31 12:27:03 -04:00
16550.txt Vault 7338/fix retry join (#16550) 2022-08-03 20:44:57 -05:00
16553.txt Make key completion work for both kv-v1 and kv-v2 (#16553) 2022-09-13 12:11:00 -04:00
16563.txt Add per-issuer AIA URI information to PKI secrets engine (#16563) 2022-08-19 11:43:44 -04:00
16564.txt Add BYOC-based revocation to PKI secrets engine (#16564) 2022-08-15 08:50:57 -05:00
16566.txt Add proof possession revocation for PKI secrets engine (#16566) 2022-08-16 14:01:26 -04:00
16567.txt identity/oidc: adds detailed listing capability for clients and providers (#16567) 2022-08-04 10:10:28 -07:00
16594.txt auth/kerberos: add remove_instance_name config (#16594) 2022-08-04 16:38:12 -04:00
16598.txt identity/oidc: adds client_secret_post token endpoint authentication method (#16598) 2022-08-08 08:41:09 -07:00
16599.txt identity/oidc: change the state parameter to optional (#16599) 2022-08-05 11:37:24 -07:00
16600.txt identity/oidc: fixes validation of the request and request_uri parameters (#16600) 2022-08-05 11:55:15 -07:00
16601.txt identity/oidc: reorder authorization endpoint validation for invalid redirect uris (#16601) 2022-08-08 09:02:18 -07:00
16609.txt upgrade raft to 1.3.10 (#16609) 2022-08-05 10:27:37 -07:00
16621.txt Allow marking issuers as revoked (#16621) 2022-08-18 18:08:31 -04:00
16622.txt Evaluate ssh validprincipals user template before splitting (#16622) 2022-10-13 17:34:36 -05:00
16631.txt update changelog from feature to improvement (#16986) 2022-09-01 15:50:51 -05:00
16636.txt auth/kerberos: update plugin version to v0.7.2 (#16636) 2022-08-09 11:02:41 -05:00
16659.txt UI/ fix tooltip submitting form (#16659) 2022-08-09 20:51:29 -07:00
16668.txt Add support for a dedicated HMAC type in Transit. (#16668) 2022-09-06 10:17:58 -05:00
16673.txt secrets/auth: fix bug with aliased backends (#16673) 2022-08-10 20:02:05 -05:00
16676.txt Basics of Cert-Count Non-Locking Telemetry (#16676) 2022-09-20 10:32:20 -07:00
16686.txt secret/database: fix bug where too many wal deletes are deferred (#16686) 2022-08-11 16:22:53 -04:00
16688.txt Plugin versioning changelog entries (#17322) 2022-09-27 16:24:21 +01:00
16699.txt Add a sentinel error for missing KV secrets (#16699) 2022-08-12 19:29:42 -04:00
16700.txt Fix for duplicate SANs in signed certificates (#16700) 2022-10-07 12:19:08 -04:00
16702.txt Add _remaining tidy metrics. (#16702) 2022-08-23 12:17:17 -04:00
16714.txt Remove extra empty lines from vault.log - Debug command (#16714) 2022-08-15 14:16:57 -07:00
16721.txt Ignore EC PARAMETER blocks during issuer import (#16721) 2022-08-15 08:59:10 -07:00
16723.txt Update changelog for OCSP feature (#16969) 2022-08-31 16:55:22 -04:00
16739.txt Fix naming of permitted_dns_domains in webui (#16739) 2022-08-16 14:57:05 -05:00
16762.txt Enable periodic, automatic rebuilding of CRLs (#16762) 2022-08-23 13:27:15 -04:00
16773.txt Support for generating Delta CRLs (#16773) 2022-08-29 11:37:09 -04:00
16794.txt VAULT-7698 Fix ignored parameter warnings for endpoint arbitrary data options (#16794) 2022-08-23 08:51:23 -04:00
16813.txt Migrate existing PKI mounts that only contains a key (#16813) 2022-08-22 10:11:21 -07:00
16821.txt UI: Forward to `redirect_to` param to when auth'd (#16821) 2022-08-23 11:05:00 -05:00
16830.txt Fix LIST issuers endpoint (#16830) 2022-08-23 11:08:23 -04:00
16834.txt command/debug: fix bug where monitor was not honoring configured duration (#16834) 2022-08-23 17:09:30 -04:00
16846.txt Fix changelog type for registry deprecation status (#16889) 2022-08-25 14:35:52 -04:00
16849.txt Add deprecation status to auth/secrets list (#16849) 2022-08-31 16:11:14 -04:00
16856.txt Update mount table and CLI with plugin version for auth (#16856) 2022-08-31 19:23:05 +01:00
16865.txt Don't allow crl-signing issuer usage without CRLSign KeyUsage (#16865) 2022-08-24 07:45:54 -07:00
16871.txt Let PKI tidy associate revoked certs with their issuers (#16871) 2022-08-26 10:13:45 -07:00
16872.txt fix incorrect use of loop variable (#16872) 2022-10-04 09:23:37 -04:00
16874.txt Cleanup changes around issuer revocation (#16874) 2022-08-25 11:36:37 -04:00
16886.txt UI/OIDC auth bug for hcp namespace flag (#16886) 2022-08-26 10:04:01 -07:00
16890.txt auth/kerberos: add config to include ldap groups in group alias (#16890) 2022-08-25 13:51:54 -07:00
16900.txt Add ability to perform automatic tidy operations (#16900) 2022-08-30 15:45:54 -04:00
16911.txt VAULT-6433: Add namespace path to MFA read/list endpoints (#16911) 2022-08-29 09:11:25 -04:00
16930.txt UI: Use correct endpoint for force revoke prefix (#16930) 2022-08-30 09:33:01 -07:00
16935.txt Add remove_roots_from_chain to sign and issue pki apis (#16935) 2022-08-31 09:51:26 -04:00
16938.txt auth/token: Fix ignored parameter warnings for valid parameters on token create (#16938) 2022-09-01 08:32:40 -04:00
16950.txt VAULT-7707 Add docs around making mass amounts of lease count quotas via automation (#16950) 2022-08-31 11:50:01 -04:00
16956.txt Load SSCT Generation Counter Upon DR Promotion [OSS] (#16956) 2022-08-31 11:05:21 -07:00
16958.txt Add ability to cancel PKI tidy operations, pause between tidying certs (#16958) 2022-08-31 11:36:12 -07:00
16970.txt VAULT-6575 Vault agent respects retry config even with caching set (#16970) 2022-09-06 10:35:54 -04:00
16972.txt Multiplexing opt out flag (#16972) 2022-09-08 11:32:46 -04:00
16982.txt Plugin versioning changelog entries (#17322) 2022-09-27 16:24:21 +01:00
16983.txt LinkTo Transition Bug (#16983) 2022-09-01 16:15:54 -06:00
16992.txt identity/oidc: adds claims_supported to discovery document (#16992) 2022-09-02 09:19:25 -07:00
16995.txt Prepare multiplexing support for database plugins (#16995) 2022-09-06 14:00:37 -04:00
17005.txt Handle deprecated builtins (#17005) 2022-09-06 15:49:35 -04:00
17019.txt autopilot: assume nodes we haven't received heartbeats from are running the same version as we are (#17019) 2022-09-06 14:49:04 -04:00
17028.txt Make some activity log tests less flaky (#17028) 2022-09-07 09:06:15 -04:00
17038.txt Mark database-specific secrets engines Pending Removal (#17038) 2022-09-07 10:45:09 -04:00
17040.txt Store login MFA secret with tokenhelper (#17040) 2022-10-26 17:02:26 -04:00
17045.txt Update Vault Azure Secrets docs for permanent deletion feature (#17045) 2022-09-13 16:25:19 -07:00
17058.txt api: Add deprecation warnings to secrets/auth POST endpoints (#17058) 2022-09-08 09:15:10 -04:00
17070.txt Import Redis OSS database plugin into Vault (#17070) 2022-09-09 13:42:25 -05:00
17071.txt UI: OIDC Config for Vault as a provider (#17071) 2022-09-08 19:06:05 -06:00
17073.txt Add "plumbing" for surfacing warnings, and warning overwriting ttl (#17073) 2022-09-15 12:38:33 -07:00
17075.txt + added redis elasticache as a built-in plugin (#17075) 2022-09-09 16:16:30 -04:00
17077.txt Add deprecation status to plugin api and cli (#17077) 2022-09-09 16:03:07 -04:00
17079.txt Do not attempt to write a new TLS keyring at startup if raft is already setup (#17079) 2022-09-09 12:19:57 -04:00
17086.txt Ember Upgrade to 4.4 (#17086) 2022-10-18 09:46:02 -06:00
17088.txt Add plugin version to GRPC interface (#17088) 2022-09-15 16:37:59 -07:00
17091.txt agent/auto-auth: add exit_on_err configurable (#17091) 2022-09-15 11:00:31 -07:00
17093.txt Add cached OCSP client support to Cert Auth (#17093) 2022-11-21 10:39:24 -06:00
17104.txt Return errInvalidCredentials when wrong credentials is provided for existent users (#17104) 2022-09-27 16:49:14 -07:00
17116.txt Replace Non-Inclusive Terms in UI (#17116) 2022-09-13 10:42:34 -06:00
17118.txt Implement partial_failure_response_code_override for batch requests (#17118) 2022-09-13 12:51:09 -05:00
17124.txt UI: Fix KV engine deleting latest version instead of specified version depending on policy (#17124) 2022-09-14 00:11:08 +02:00
17136.txt Fetch CRLs from a user defined URL (#17136) 2022-09-16 16:44:30 -05:00
17138.txt Load existing CRLs on startup and after invalidate (#17138) 2022-09-14 15:30:44 -05:00
17139.txt Prevent Requests to resultant-acl Endpoint When Unauthenticated (#17139) 2022-09-15 12:45:33 -06:00
17152.txt Adds ldap secrets to plugin registry and updates to v0.9.0 (#17152) 2022-09-15 22:19:24 -07:00
17153.txt UI: Add 'disable' to CRL config (#17153) 2022-09-19 14:03:50 -07:00
17159.txt fix: upgrade vault-plugin-database-snowflake to v0.6.0 (#17159) 2022-09-15 16:01:56 -07:00
17160.txt update changelog with google dep updates (#17176) 2022-09-16 15:46:46 -07:00
17161.txt auth/kubernetes: upgrade to v0.14.0 (#17161) 2022-09-16 02:03:21 -04:00
17164.txt secrets/kubernetes: upgrade to v0.2.0 (#17164) 2022-09-16 08:31:53 -07:00
17167.txt Plugin versioning changelog entries (#17322) 2022-09-27 16:24:21 +01:00
17174.txt secrets/gcp: updates plugin to v0.14.0 (#17174) 2022-09-16 12:42:37 -07:00
17180.txt bump secrets/azure to v0.14.0 (#17180) 2022-09-19 10:02:57 -07:00
17186.txt Fix unsafe access to perf standby status from systemview (#17186) 2022-10-05 08:56:36 -04:00
17187.txt Break grabLockOrStop into two pieces to facilitate investigating deadlocks (#17187) 2022-09-20 11:03:16 -04:00
17194.txt Upgrade vault-plugin-auth-azure to v0.12.0 (#17194) 2022-09-19 19:22:09 +01:00
17196.txt Upgrade vault-plugin-auth-cf to v0.13.0 (#17196) 2022-09-19 19:24:24 +01:00
17199.txt Update changelog for gcpkms dep updates. (#17202) 2022-09-19 11:00:37 -07:00
17204.txt Handle when pluginCatalog.Get returns (nil,nil) during cred backend creation (#17204) 2022-09-20 08:57:08 -04:00
17212.txt fix: upgrade vault-plugin-auth-oci to v0.12.0 (#17212) 2022-09-19 13:34:44 -07:00
17251.txt Upgrade vault-plugin-auth-alicloud to v0.13.0 (#17251) 2022-09-21 21:05:18 +01:00
17265.txt VAULT-6938 Remove license from being cache exempt (#17265) 2022-09-26 10:26:07 -04:00
17281.txt VAULT-8630 Fix goroutine leak from RLQ initialize (#17281) 2022-09-22 15:59:53 -04:00
17289.txt Plugin versioning changelog entries (#17322) 2022-09-27 16:24:21 +01:00
17308.txt Write explicit -help output to stdout (#17308) 2022-09-26 12:15:48 -04:00
17328.txt PKI: Fix managed key signatures when using specified signature_bits (#17328) 2022-09-28 09:08:23 -04:00
17338.txt Fix changelog for vault-8305 (#17843) 2022-11-08 11:08:20 -08:00
17339.txt fix: upgrade vault-plugin-secrets-kv to v0.13.1 (#17339) 2022-09-28 18:36:10 +01:00
17340.txt Plugins: Fix file permissions check to always use the correct path (#17340) 2022-09-30 10:33:31 +01:00
17347.txt cli/api: Update plugin listing to always include version info in the response (#17347) 2022-09-29 18:22:33 +01:00
17352.txt Added flag and env var which will disable client redirection (#17352) 2022-09-30 09:29:37 +01:00
17376.txt Fix small TtlPIcker2 bug (#17376) 2022-09-30 18:28:27 -04:00
17385.txt PKI: Do not load revoked certificates if CRL has been disabled (#17385) 2022-10-03 10:04:32 -04:00
17388.txt PKI: Add support for signature_bits param to the intermediate/generate api (#17388) 2022-10-03 12:39:54 -04:00
17395.txt Fix for KV_V2 Custom Metadata Bug (#17395) 2022-10-05 16:43:54 -07:00
17406.txt VAULT-8631 Upgrade vault-plugin-secrets to v0.13.3, to enable synchronous KVV2 creation (#17406) 2022-10-04 13:54:38 -04:00
17407.txt Bug Fix for Kymgmt keyType on default (#17407) 2022-10-04 13:14:25 -06:00
17419.txt Update plugin consul template v0.29.5 (#17419) 2022-10-04 22:34:28 +01:00
17430.txt Plugins: Add version info to CLI and server log output (#17430) 2022-10-06 12:54:27 +01:00
17459.txt VAULT-8719 Support data array for alias clash error response so UI/machines can understand error (#17459) 2022-10-17 14:46:25 -04:00
17497.txt Fix tidy-status, tidy-cancel on PR Secondaries (#17497) 2022-10-12 09:15:06 -04:00
17499.txt update protoc version to 3.21.7 oss (#17499) 2022-10-26 16:49:44 -07:00
17514.txt vault operator init -output-curl-string bug (#17514) 2022-10-13 15:15:01 -07:00
17532.txt prevent memory leak when using control group factors in a policy (#17532) 2022-10-14 19:15:15 -04:00
17540.txt auth/azure: documents auth support for VMSS flexible orchestration (#17540) 2022-10-20 12:36:29 -07:00
17562.txt Tolerate NamespaceByID returning (nil,nil) when looking up an mfa enforcement's ns (#17562) 2022-10-17 09:18:02 -04:00
17575.txt UI: combine current + history client count tabs into one dashboard (#17575) 2023-01-26 18:21:12 -08:00
17577.txt CLI: Fix secrets list -detailed headings (#17577) 2022-10-18 14:46:11 +01:00
17593.txt database/snowflake: update plugin to v0.6.1 (#17593) 2022-10-18 15:49:37 -07:00
17612.txt Intercept key_id from generic configmap and turn it into a wrapperv2 option (#17612) 2022-10-19 15:42:56 -05:00
17636.txt Add support for PKCSv1_5_NoOID signatures (#17636) 2022-10-27 08:26:20 -04:00
17638.txt Add AD mode to Transit's AEAD ciphers (#17638) 2022-10-24 13:41:02 -04:00
17640.txt Add Paging Interface for LDAP Connection (#17640) 2022-10-26 14:05:53 -05:00
17650.txt Add PATCH support to Vault CLI (#17650) 2022-10-26 14:30:40 -04:00
17660.txt VAULT-8519 fix spurious "unknown or unsupported fields" warnings for JSON config (#17660) 2022-10-27 10:28:03 -04:00
17661.txt OIDC Alternate Path Bug (#17661) 2022-10-26 15:34:43 -06:00
17678.txt Proposal: Remove debug symbols from build (#17678) 2022-11-02 10:47:13 -07:00
17679.txt Fix kv -mount flag error when mount and secret path are the same (#17679) 2022-11-01 09:57:23 -04:00
17693.txt Add empty expiry crlConfig upgrade test (#17701) 2022-10-27 11:20:12 -04:00
17732.txt Don't panic on unknown raft ops (#17732) 2022-11-30 15:37:58 -08:00
17747.txt secrets/aws: update dependencies (#17747) 2022-11-01 16:01:20 -05:00
17749.txt change release note (#18182) 2022-12-01 16:56:59 -08:00
17750.txt PKI Health Check Command (#17750) 2022-11-16 09:27:56 -05:00
17752.txt Fix gen_openapi.sh script to load plugins (#17752) 2022-11-01 17:32:54 -04:00
17768.txt VAULT-8518 Increase HMAC limit to 4096, and limit approle names to the same limit (#17768) 2022-11-02 10:42:09 -04:00
17769.txt Raft Snapshot Download Bug (#17769) 2022-11-02 13:23:09 -06:00
17772.txt PKI - Fix order of chain building writes (#17772) 2022-11-03 11:50:03 -04:00
17774.txt Return revocation info within existing certs/<serial> api (#17774) 2022-11-02 13:06:04 -04:00
17779.txt Add new API to PKI to list revoked certificates (#17779) 2022-11-03 14:17:17 -04:00
17789.txt Introspection API Implementation for Router Struct (#17789) 2022-11-04 09:39:09 -07:00
17801.txt core: fix start up policy loading race condition on perf standbys (#17801) 2022-11-03 13:01:39 -04:00
17816.txt plugins: Filter builtins by RunningVersion (#17816) 2022-11-11 14:51:37 -05:00
17822.txt Removed the legacy env var: LOGXI_FORMAT (#17822) 2022-11-04 22:16:18 +00:00
17823.txt Add automatic tidy of expired issuers (#17823) 2022-11-10 10:53:26 -05:00
17824.txt Optional automatic default issuer selection (#17824) 2022-11-08 14:40:29 -05:00
17835.txt ui: mfa: use proper request id generation (#17835) 2022-11-29 10:21:09 -06:00
17836.txt Make the error and http code clearer when supplying wrong unseal key (#17836) 2022-11-28 16:01:47 -08:00
17841.txt Updated changelogs from 'feature' to 'improvement' (#18171) 2022-11-30 20:08:49 +00:00
17855.txt VAULT-8703 Add warning for dangerous undocumented overrides, if used, in status response (#17855) 2022-11-09 11:04:36 -05:00
17856.txt Fix activity log end time (#17856) 2022-11-10 12:11:23 -08:00
17857.txt auth/azure: upgrades dependencies (#17857) 2022-11-09 10:24:51 -08:00
17858.txt Updated auth-gcp plugin (#17858) 2022-11-09 12:00:24 -05:00
17866.txt UI: Update <a> tags to LinkTo's (#17866) 2022-11-11 09:56:44 -06:00
17871.txt Updated secrets-gcp dependency (#17871) 2022-11-10 13:15:46 -05:00
17879.txt plugins: Handle mount/enable for shadowed builtins (#17879) 2022-12-14 13:06:33 -05:00
17893.txt updates k8s changelog entry to feature format (#19062) 2023-02-07 23:38:39 +00:00
17894.txt Add default to allowed values for algorithm_signer (#17894) 2023-02-09 13:03:53 -05:00
17904.txt Added error message (#17904) 2022-11-11 11:04:10 -08:00
17909.txt Make request objects required (#17909) 2022-11-11 14:05:12 -08:00
17913.txt Vault 9800 Fix vault read handling for endpoints with no top-level data object (#17913) 2022-11-17 10:51:37 -08:00
17914.txt Deduplicate policies prior to generating ACL on request (#17914) 2022-11-16 17:43:46 -05:00
17919.txt LifeTimeWatcher SleepDuration calculation testing (#17919) 2023-02-14 14:57:25 +00:00
17927.txt UI: Add Typescript for PKI engine (#17927) 2022-11-15 11:39:46 -06:00
17929.txt core/server: Add environment variable to write stacktrace to file (#17929) 2022-11-15 12:03:17 -05:00
17932.txt Use generate endpoint instead of admin-generate during MFA setup (#17932) 2022-11-22 17:05:30 -06:00
17934.txt Provide public key encryption via transit engine (#17934) 2023-05-11 11:56:46 +00:00
17935.txt Don't return a 204 if there's no historical data (#17935) 2022-11-15 12:15:51 -08:00
17944.txt Barrier: Fix potential locking issue (#17944) 2022-11-16 09:53:22 -08:00
17950.txt UI: fixes link from to show page from entity policies list (#17950) 2022-11-16 14:39:59 -06:00
17951.txt Vault 8307 user lockout workflow oss (#17951) 2022-12-06 17:22:46 -08:00
17964.txt secrets/azure: update dependencies (#17964) 2022-11-16 13:57:07 -08:00
17979.txt VAULT-9427: Add read support to `sys/loggers` endpoints (#17979) 2022-11-28 11:18:36 -05:00
18011.txt fix auth renew panic (#18011) 2022-11-18 10:38:18 -05:00
18021.txt auth/alicloud: update dependencies (#18021) 2022-11-17 15:00:34 -06:00
18030.txt storage/raft: Add retry_join_as_non_voter config option (#18030) 2022-11-18 17:58:16 +00:00
18031.txt Updated changelogs from 'feature' to 'improvement' (#18171) 2022-11-30 20:08:49 +00:00
18039.txt Mark deprecated builtins Removed (#18039) 2023-01-09 09:16:35 -05:00
18040.txt New PKI API to generate and sign a CRL based on input data (#18040) 2022-11-22 11:41:04 -05:00
18043.txt Add list to cert auth's CRLs (#18043) 2022-11-18 11:39:17 -05:00
18051.txt Remove pinned builtin plugin versions from storage (#18051) 2022-11-23 18:36:25 +00:00
18067.txt improve kv CLI to remove data or custom metadata using kv patch (#18067) 2022-11-21 17:11:36 -05:00
18101.txt VAULT-6368 Metrics-only listener for Agent (#18101) 2022-11-25 16:00:56 -05:00
18114.txt UI: TTL picker cleanup (#18114) 2022-12-01 09:33:30 -06:00
18121.txt Add stack trace to audit logging panic recovery (#18121) 2022-11-30 17:59:05 +00:00
18125.txt Log environment variable keys at startup (#18125) 2022-12-02 08:49:24 -06:00
18128.txt Add option 'elide_list_responses' to audit backends (#18128) 2023-01-11 16:15:52 -05:00
18137.txt VAULT-11510 Vault Agent can start listeners without caching (#18137) 2022-12-05 10:51:03 -05:00
18143.txt Fix vault cli namespace patch examples (#18143) 2022-12-01 14:42:40 -06:00
18145.txt Approle: Fix CIDR validation for /32 masks on Token Bound CIDRs (#18145) 2022-12-16 12:09:05 -05:00
18163.txt Skip Formatting For NIL Secret (#18163) 2022-12-01 13:36:24 -06:00
18173.txt Fix plugin list API when audit logging enabled (#18173) 2022-12-01 10:44:44 +00:00
18184.txt Address a nil panic when writing an empty POST request to the ocsp handler (#18184) 2022-12-01 15:10:12 +00:00
18186.txt Telemetry Metrics Configuration. (#18186) 2023-02-10 21:31:56 +00:00
18189.txt plugins: Mount missing plugin entries and skip loading (#18189) 2022-12-02 13:16:31 -05:00
18192.txt Add logic to generate openapi response structures (#18192) 2022-12-05 11:11:06 -05:00
18198.txt Add openapi response definitions to approle/path_role.go (#18198) 2022-12-05 16:55:13 -05:00
18199.txt Allow templating cluster-local AIA URIs (#18199) 2022-12-05 10:38:26 -05:00
18210.txt Check if sys view is missing in GRPC sys view (#18210) 2022-12-02 10:12:05 -08:00
18222.txt Respond with data to all writes in PKI engine (#18222) 2022-12-05 10:40:39 -05:00
18225.txt feat(auth/ldap): allow passing the LDAP password via an env var (#18225) 2023-02-23 11:16:17 -05:00
18227.txt Server: add and support unix listener (UDS) (#18227) 2022-12-09 12:28:18 -08:00
18228.txt Link OSS (#18228) 2022-12-08 15:02:18 -05:00
18230.txt Allow alias dereferencing in LDAP searches (#18230) 2023-02-24 13:49:17 -05:00
18243.txt Add the batch reference field, as in Transform, to Transit operations (#18243) 2022-12-13 12:03:40 -06:00
18244.txt Use a small pool of workers to run postUnsealFuncs in parallel (#18244) 2022-12-12 17:07:53 -06:00
18263.txt Prevent autopilot from demoting voters when they join a 2nd time (#18263) 2022-12-07 14:17:45 -05:00
18272.txt Add transit key config to disable upserting (#18272) 2022-12-08 15:45:18 -05:00
18273.txt VAULT-8336 Fix default rate limit paths (#18273) 2022-12-09 08:49:17 -05:00
18279.txt Prevent Brute Forcing: Create api endpoint to unlock users (#18279) 2022-12-19 14:24:42 -08:00
18299.txt Resolve unrecognized parameter warnings on batch_input parameter in transit (#18299) 2023-01-04 09:15:48 -05:00
18302.txt VAULT-11830: Expand NodeStatusReporter with new fields (#18302) 2023-01-06 20:53:09 -05:00
18310.txt Return the partial success code override for all batch error types (#18310) 2022-12-12 17:08:22 -06:00
18315.txt Add HCP connectivity info to `vault server` startup logs (#18315) 2022-12-12 14:01:02 -05:00
18342.txt Duo Passcode Prepend (#18342) 2022-12-13 14:50:11 -07:00
18350.txt UI: Update database to connection name on role (#18350) 2022-12-14 10:23:59 -06:00
18351.txt VAULT-11829: Add cluster status handler (#18351) 2023-01-06 17:06:54 -05:00
18374.txt UI: update host to new doc link location (developer.hashicorp.com/) (#18374) 2022-12-14 23:25:16 +00:00
18376.txt Adding Response Structures to PKI Config (#18376) 2023-02-15 14:51:27 -08:00
18397.txt Vault 9406 enablement certs need userid handling in role (#18397) 2023-01-25 13:13:54 -05:00
18401.txt Fix changelog for #18401 (#18727) 2023-01-16 13:49:28 -05:00
18403.txt VAULT-12095 Support multiple config files for Vault Agent (#18403) 2023-01-03 12:50:19 -05:00
18437.txt Vault 11795 vault cli verify s ign (#18437) 2023-01-26 10:21:13 -05:00
18452.txt De-duplicate namespaces when historical and current month data are mixed (#18452) 2022-12-16 16:02:42 -08:00
18456.txt VAULT-12112: openapi response definitions: sys/audit (#18456) 2023-01-20 11:09:33 -05:00
18463.txt Vault 11796 vault cli list intermediates (#18463) 2023-01-27 10:34:31 -05:00
18465.txt VAULT-12112: add openapi response structures for `/sys/auth/*` endpoints (#18465) 2023-02-16 15:03:19 -05:00
18466.txt Correctly distinguish empty issuer names in PKI (#18466) 2023-01-10 10:04:30 -05:00
18467.txt Vault 11798 vault cli issue intermediate (#18467) 2023-01-27 16:41:16 -05:00
18468.txt VAULT-12112: add openapi response structures for /sys/capabilities* endpoints (#18468) 2023-02-16 15:04:37 -05:00
18472.txt VAULT-12112: add openapi response structures for /sys/config and /sys/generate-root endpoints (#18472) 2023-02-16 15:06:26 -05:00
18482.txt Add issuer reference info on JSON endpoint (#18482) 2022-12-19 21:39:01 +00:00
18499.txt Vault 11799 Vault CLI Re-Issue (Templating based on existing certificate) (#18499) 2023-02-10 20:27:36 +00:00
18515.txt Added OpenAPI response structures for sys endpoints (#18515) 2023-02-15 15:00:06 -05:00
18521.txt UI: OIDC callback bug. (#18521) 2023-03-07 16:23:45 +00:00
18542.txt VAULT-12112: add openapi responses for /sys/internal endpoints (#18542) 2023-02-24 15:03:21 -05:00
18546.txt MongoDB - Fix write_concern param (#18546) 2022-12-23 17:14:41 -06:00
18554.txt Fix multiple OpenAPI generation issues with new AST-based generator (#18554) 2023-01-31 16:27:39 -05:00
18568.txt Fix HelpOperation on sudo-protected paths (#18568) 2023-01-10 12:17:16 -06:00
18585.txt only update SCADA metadata if status changes (#18585) 2023-01-04 11:09:51 -05:00
18587.txt secrets/kubernetes: updating to latest plugin (#18587) 2023-01-03 15:32:30 -08:00
18589.txt Upgrade `go.opentelemetry.io/otel` from v0.20.0 to v1.11.2 (#18589) 2023-01-04 11:31:30 -08:00
18598.txt Account for mount counts when de-duplicating current and historical month data (#18598) 2023-01-05 09:34:05 -08:00
18604.txt add core state lock deadlock detection config option v2 (#18604) 2023-01-11 13:32:05 -06:00
18610.txt named Login MFA methods (#18610) 2023-01-23 15:51:22 -05:00
18624.txt VAULT-12144: add openapi responses for /sys/rotate endpoints (#18624) 2023-03-28 15:40:48 -04:00
18625.txt VAULT-12144: add openapi responses for /sys/seal endpoints (#18625) 2023-03-28 15:39:08 -04:00
18626.txt VAULT-12144: add openapi responses for /sys/tools endpoints (#18626) 2023-03-24 23:11:39 +00:00
18627.txt VAULT-12144: add openapi responses for /sys/wrapping endpoints (#18627) 2023-03-28 11:12:34 -04:00
18628.txt VAULT-12144: add openapi responses for assorted /sys endpoints (#18628) 2023-03-28 15:38:35 -04:00
18632.txt db plugin: support multiline revoke stmt in postgres (#18632) 2023-01-10 15:27:00 -06:00
18633.txt added OpenAPI response objects for sys endpoints (#18633) 2023-02-15 15:02:21 -05:00
18635.txt Add response schema validation methods & test helpers (#18635) 2023-01-13 14:55:56 -05:00
18636.txt Add AppRole response schema validation tests (#18636) 2023-01-13 15:23:36 -05:00
18638.txt VAULT-9883: Agent Reloadable Config (#18638) 2023-01-10 17:45:34 +00:00
18645.txt Allow tidy to backup legacy CA bundles (#18645) 2023-01-11 12:12:53 -05:00
18651.txt ui: unload auth method when navigating away from form (#18651) 2023-01-12 13:03:22 -08:00
18663.txt OpenAPI `generic_mount_paths` follow-up (#18663) 2023-01-17 23:07:11 -05:00
18673.txt Vault 8308 Background thread to update locked user entries (#18673) 2023-01-12 14:09:33 -08:00
18675.txt Prevent Brute Forcing: Create an api endpoint to list locked users OSS changes (#18675) 2023-01-17 14:25:56 -08:00
18682.txt Event system alpha experiment (#18795) 2023-01-23 19:26:49 +00:00
18684.txt VAULT-12542 Add info encouraging users to upgrade if agent version is different to server (#18684) 2023-01-13 09:49:36 -05:00
18704.txt Speculative fix for a panic that might arise during raft teardown (#18704) 2023-01-16 13:49:11 -05:00
18708.txt Remove timeout logic from ReadRaw functions and add ReadRawWithContext (#18708) 2023-01-17 15:41:59 -05:00
18716.txt auth/kubernetes: upgrade to v0.14.1 (#18716) 2023-01-13 19:00:18 -05:00
18718.txt Prevent brute forcing : telemetry oss changes (#18718) 2023-01-17 15:10:50 -08:00
18729.txt bug: correct sdk handling of the zero int64 value (#18729) 2023-03-09 11:25:45 +00:00
18740.txt VAULT-12564 Add new token_file auto-auth method (#18740) 2023-01-24 16:09:32 -05:00
18743.txt API Explorer Query Params (#18743) 2023-01-17 16:37:07 -07:00
18752.txt * added the new redis parameter documentation (#18752) 2023-01-18 15:51:15 -05:00
18766.txt Add new clients into the monthly breakdown (#18766) 2023-01-19 09:12:17 -08:00
18772.txt Add approle's remaining response schema definitions (#18772) 2023-01-24 13:12:41 -05:00
18787.txt UI: JWT Auth Browser Popup warning. Resolves: #10753. (#18787) 2023-01-24 13:15:17 +00:00
18799.txt secrets/mysql: Add `tls_server_name` and `tls_skip_verify` parameters (#18799) 2023-01-23 20:06:46 +00:00
18808.txt UI: Bugfix: VAULT-9343 fix key management key view bug (#18808) 2023-01-24 11:33:57 -08:00
18811.txt Provide IP Address in Duo Request (#18811) 2023-01-24 17:28:59 -05:00
18817.txt Parallel migration (#18815) (#18817) 2023-01-25 15:19:45 +00:00
18842.txt UI: PKI Sign Intermediate (#18842) 2023-01-27 18:07:55 +00:00
18859.txt return 403 for wrapping requests when no token provided (#18859) 2023-01-31 13:57:50 -05:00
18863.txt VAULT-12798 Correct removal behaviour when JWT is symlink (#18863) 2023-03-14 15:44:19 -04:00
18870.txt Provide Descriptive Error when Enterprise-only Paths Called in Open-source Version (#18870) 2023-04-21 16:14:40 -04:00
18874.txt Remove dynamic keys from SSH Secrets Engine (#18874) 2023-01-31 16:02:22 -05:00
18885.txt Move cert auth backend setup into initialize (#18885) 2023-01-27 17:42:13 +00:00
18887.txt Transit Import Key CLI functionality (#18887) 2023-01-30 12:46:57 -06:00
18890.txt Brute forcing unlock user bug (#18890) 2023-01-30 13:06:10 -08:00
18892.txt VAULT-12833 Update prompts for the rekey command (#18892) 2023-01-30 16:51:01 +00:00
18899.txt Fix race in tidy status with cert counting (#18899) 2023-01-30 14:13:40 -05:00
18916.txt VAULT-13061: Fix mount path discrepancy in activity log (#18916) 2023-02-06 10:26:32 +01:00
18923.txt prevent panic on mfa enforcement delete after a namespace is deleted (#18923) 2023-01-31 21:06:16 +00:00
18934.txt Change gen_openapi.sh to generate schema with generic mount paths (#18934) 2023-01-31 23:37:19 +00:00
18935.txt openapi: Add default values to the thing_mount_path parameters (#18935) 2023-01-31 19:37:16 -05:00
18938.txt Apply URL encoding/unencoding to OCSP Get requests (#18938) 2023-02-01 11:03:43 -05:00
18939.txt Allow cleanup ssh dynamic keys host keys (#18939) 2023-02-01 15:09:16 +00:00
18945.txt Fix race accessing b.crls within cert auth (#18945) 2023-02-01 16:23:06 -05:00
18951.txt fix sys/leases panic when lease_id is nil (#18951) 2023-02-03 09:51:10 -05:00
18962.txt Make API not depend on SDK (#18962) 2023-02-06 09:41:56 -05:00
18984.txt Use UTC for leaf exceeding CA's notAfter (#18984) 2023-02-03 17:00:42 +00:00
19002.txt Fix: Optionally reload x509 key-pair from disk on agent auto-auth (#19002) 2023-03-22 11:01:58 -04:00
19005.txt fix: upgrade vault-plugin-auth-alicloud to v0.14.0 (#19005) 2023-02-06 16:15:26 -06:00
19018.txt secrets/gcp: use feature format for changelog entry of impersonated accounts (#19200) 2023-02-15 11:06:50 -08:00
19032.txt Add Configurable LDAP Max Page Size (#19032) 2023-04-20 20:39:27 +00:00
19036.txt Wrapped token login bug (#19036) 2023-02-07 14:22:22 -07:00
19037.txt Add a comment around why we are grabbing a lock to update an atomic boolean (#19087) 2023-02-09 09:12:37 -05:00
19043.txt Validate response schema for integration tests (#19043) 2023-02-15 14:57:57 -05:00
19044.txt upgrade vault-plugin-database-redis-elasticache to v0.2.0 (#19044) 2023-02-07 16:11:52 -05:00
19056.txt update vault-plugin-secrets-kv to v0.14.0 (#19056) 2023-02-08 09:48:46 -05:00
19061.txt secrets/ad: update plugin version (#19061) 2023-02-07 20:06:53 -06:00
19063.txt secrets/gcpkms: upgrade to v0.14.0 (#19063) 2023-02-07 18:30:53 -08:00
19068.txt Remove the last vestiges of sdk/version. (#19068) 2023-02-08 12:30:27 -05:00
19071.txt UI: Fix OIDC login in fullscreen (#19071) 2023-02-08 14:32:57 -06:00
19076.txt upgrade vault-plugin-auth-jwt to v0.15.0 (#19076) 2023-02-08 12:29:48 -08:00
19077.txt upgrade vault-plugin-auth-azure to v0.13.0 (#19077) 2023-02-08 14:15:48 -08:00
19084.txt fix: upgrade vault-plugin-secrets-kubernetes to v0.3.0 (#19084) 2023-02-10 10:23:31 -05:00
19094.txt fix: upgrade vault-plugin-auth-kubernetes to v0.15.0 (#19094) 2023-02-10 10:23:11 -05:00
19096.txt upgrade vault-plugin-secrets-azure to v0.15.0 (#19096) 2023-02-08 23:54:02 +00:00
19098.txt auth/cf: update plugin to v0.14.0 (#19098) 2023-02-09 08:40:51 -08:00
19100.txt Bump go-plugin version 1.4.5->1.4.8 (#19100) 2023-02-09 17:24:55 +00:00
19103.txt add error message when trying to rotate mssql root without password in configuration (#19103) 2023-02-13 07:31:13 -05:00
19111.txt fix: upgrade vault-plugin-secrets-mongodbatlas to v0.9.1 (#19111) 2023-02-09 15:55:42 -06:00
19116.txt Disabling License Banners (#19116) 2023-02-14 17:00:24 +00:00
19135.txt UI: Fix cancel button on role transform form (#19135) 2023-02-10 20:37:22 +00:00
19139.txt UI: sets operationNone for a kmip role if no checkboxes are selected (#19139) 2023-02-10 21:38:31 +00:00
19145.txt Bump kv plugin v0.14.0->v0.14.2 (#19145) 2023-02-10 21:42:05 +00:00
19160.txt address various issues with the output-policy flag (#19160) 2023-02-21 10:12:45 -05:00
19170.txt Fix database sample payload doc (#19170) 2023-02-14 08:29:27 -05:00
19186.txt add nil check for secret id entry on delete via accessor (#19186) 2023-02-24 13:18:08 -05:00
19187.txt Add rotate root docs for azure secrets (#19187) 2023-02-15 13:07:42 -08:00
19190.txt Show generate creds for static-roles when you have read permissions (#19190) 2023-02-16 18:10:56 +00:00
19194.txt Add changelog entry for alpha event system feature (#19194) 2023-02-16 17:21:12 +00:00
19196.txt Add PKI unified-revocation changelog (#19196) 2023-02-15 09:54:14 -05:00
19215.txt plugin/secrets/auth: enable multiplexing (#19215) 2023-02-16 22:25:15 +00:00
19216.txt UI/add allowed response headers secret mount (#19216) 2023-02-16 17:03:15 +00:00
19220.txt UI: Remove Wizard (#19220) 2023-02-16 22:44:33 +00:00
19244.txt use github token env var if present when fetching org id (#19244) 2023-02-21 12:17:35 -08:00
19247.txt Add OIDC provider docs for IBM ISAM (#19247) 2023-04-20 11:30:59 -07:00
19252.txt Stop vault on exit in gen_openapi.sh (#19252) 2023-02-17 13:06:00 -05:00
19260.txt Add Oracle Cloud auth to the Vault Agent (#19260) 2023-03-15 09:08:52 -04:00
19265.txt pki health-check fails to read in int config values (#19265) 2023-02-21 08:52:19 -05:00
19269.txt Output default config output from pki health-check --list as json (#19269) 2023-02-21 12:41:04 -05:00
19274.txt Fix role endpoint in pki health-check warnings (#19274) 2023-02-21 14:48:50 -05:00
19276.txt Handle permission issue on pki health-check tune checkers (#19276) 2023-02-22 09:01:29 -05:00
19290.txt Auth method token_type possibleValues fix (#19290) 2023-02-23 11:59:21 -07:00
19296.txt Sidebar Navigation (#19296) 2023-05-02 19:36:15 -06:00
19311.txt VAULT-12299 Use file.Stat when checking file permissions (#19311) 2023-02-23 18:05:00 +01:00
19319.txt openapi: Improve operationId/request/response naming strategy (#19319) 2023-04-04 13:14:40 -04:00
19334.txt secrets/ad: change deprecation status to deprecated (#19334) 2023-02-24 00:13:32 +00:00
19365.txt aws: pass cancelable context with aws calls (#19365) 2023-03-23 12:02:24 -05:00
19373.txt Fix transit byok tool, add docs, tests (#19373) 2023-02-27 18:25:38 +00:00
19378.txt Add `-mount` flag to kv list command (#19378) 2023-03-20 16:26:21 -04:00
19416.txt Fix cubbyhole and token revocation for legacy service tokens (#19416) 2023-03-06 15:09:45 -05:00
19428.txt Configure Ember Data ID Generation (#19428) 2023-03-02 13:59:35 -07:00
19429.txt Pass encodeBase64 param to transit-key-actions (#19429) 2023-03-06 11:28:49 -07:00
19448.txt UI: fix delete for SSH engine config (#19448) 2023-03-08 11:37:53 -06:00
19460.txt Regression bug fix OIDC namespace (#19460) 2023-03-23 00:55:03 +00:00
19468.txt Fix a possible data race with rollback manager and plugin reload (#19468) 2023-03-14 09:36:37 -05:00
19472.txt VAULT-14048: raft-autopilot appears to refuse to remove a node which has left and wouldn't impact stability (#19472) 2023-04-03 11:58:57 -04:00
19483.txt VAULT-14215 Fix panic for non-TLS listeners during SIGHUP (#19483) 2023-03-09 10:09:16 -05:00
19495.txt add changelog for shamir change (#19566) 2023-04-18 16:34:43 +00:00
19519.txt Add support for importing RSA-PSS keys into Transit (#19519) 2023-03-13 17:03:01 +00:00
19520.txt Add support for HEAD operations (#19520) 2023-03-21 18:37:17 -04:00
19541.txt UI/update auth form to fetchRoles after a namespace is inputted, prior to OIDC auth (#19541) 2023-03-21 07:51:15 -06:00
19545.txt database/elasticsearch: upgrades plugin to v0.13.1 (#19545) 2023-03-15 10:24:03 -07:00
19585.txt Fix remount for mounts with spaces in the name (#19585) 2023-03-16 15:26:55 -04:00
19591.txt vault-12244 (#19591) 2023-03-17 07:52:54 -07:00
19593.txt Suppress event broker not started log warning (#19593) 2023-03-20 11:14:14 +00:00
19600.txt openapi: Fix logic for labeling unauthenticated/sudo paths (#19600) 2023-03-20 13:25:09 -04:00
19616.txt VAULT-13614 Support SCRAM-SHA-256 encrypted passwords for PostgreSQL (#19616) 2023-03-21 12:12:53 -07:00
19624.txt Forward PKI revocation requests received by standby nodes to active node (#19624) 2023-03-20 14:58:36 +00:00
19640.txt secrets/ldap: upgrades plugin to v0.10.1 (#19640) 2023-03-20 11:29:09 -07:00
19676.txt Allow overriding gRPC's connection timeout with VAULT_GRPC_MIN_CONNECT_TIMEOUT (#19676) 2023-03-22 18:51:37 +00:00
19703.txt Secret Metadata Breadcrumb Bug (#19703) 2023-03-23 16:25:56 +00:00
19721.txt Address regression introduced by #15493 for non-raft storage backends. (#19721) 2023-03-24 10:15:25 -04:00
19776.txt VAULT-12940 Vault Agent uses Vault Agent specific User-Agent header when issuing requests (#19776) 2023-04-03 14:14:47 -04:00
19791.txt UI: Mount PKI options + allowed_managed_keys (#19791) 2023-04-07 14:05:29 -07:00
19798.txt Update pseudo-version for Secrets Terraform plugin (#19798) 2023-03-29 09:01:35 -07:00
19799.txt UI: Namespace area fixes (#19799) 2023-04-05 10:54:27 -05:00
19814.txt update release-note from feature to improvement (#20414) 2023-04-28 09:33:09 -07:00
19829.txt Bumping ad dependencies (#19829) 2023-03-31 11:01:02 -04:00
19846.txt plugin/secrets/alicloud: upgrade dependencies (#19846) 2023-03-30 11:11:15 -04:00
19861.txt secrets/mongodbatlas: upgrade dependencies (#19861) 2023-03-30 11:24:31 -07:00
19862.txt build: try creating the go bin directory (#19862) 2023-04-17 22:57:17 +00:00
19875.txt fix race condition in string generator helper (#19875) 2023-03-31 15:19:45 +00:00
19878.txt Remove the Bulma CSS Framework (#19878) 2023-04-27 14:23:17 -06:00
19891.txt VAULT-13191: OSS changes (#19891) 2023-03-31 15:05:16 +00:00
19901.txt Address Critical Vulnerabilities from Dependencies (#19901) 2023-04-03 15:24:38 -06:00
19913.txt Model Validation Warnings (#19913) 2023-04-03 15:24:58 -06:00
19954.txt upgrade mongo driver to 1.11 (#19954) 2023-04-03 22:18:18 -05:00
19993.txt update vault-plugin-secrets-openldap@main (#19993) 2023-04-05 14:40:08 -07:00
20019.txt VAULT-14734: activity log write endpoint (#20019) 2023-04-12 18:26:26 +02:00
20034.txt Revert changes to STS leases but keep the ttl field (#20034) 2023-04-13 15:02:39 -05:00
20044.txt add max_entry_size to sanitized config output (#20044) 2023-04-14 09:52:23 -04:00
20057.txt Log, don't err, on unified delta WAL write failure (#20057) 2023-04-11 09:36:10 -04:00
20058.txt Fix building unified delta WAL, unified delta CRLs (#20058) 2023-04-11 18:02:58 +00:00
20064.txt UI: fix browser console formatting (#20064) 2023-04-11 10:42:50 -07:00
20070.txt UI: Fix remaining DocLink paths (#20070) 2023-04-10 23:26:50 +00:00
20078.txt Require activity log retention months at least the minimum (#20078) 2023-04-11 15:09:01 +00:00
20086.txt api: Add reporting fields to activitylog config endpoint (#20086) 2023-04-12 12:02:28 -04:00
20109.txt Update wrapping-unwrap.mdx (#20109) 2023-04-18 14:20:27 -07:00
20125.txt Clients config updates for census reporting (#20125) 2023-04-13 15:57:12 -06:00
20144.txt sdk/ldaputil: add connection_timeout configurable (#20144) 2023-04-13 12:43:28 -04:00
20150.txt Add minimum_retention_months to config endpoint (#20150) 2023-04-13 18:33:23 +00:00
20154.txt Add missing cert auth ocsp read data (#20154) 2023-04-13 18:59:09 +00:00
20163.txt UI: remove references to comma separation for string array edit types (#20163) 2023-04-19 16:16:30 +00:00
20181.txt Add fix for Go x/crypto/ocsp failure case (#20181) 2023-04-17 11:48:19 -04:00
20201.txt Remove extraneous certificate from OCSP response (#20201) 2023-04-17 16:40:26 +00:00
20216.txt Fix Indentation in Kubernetes Auth Example (#20216) 2023-04-18 15:23:25 -07:00
20220.txt Minor follow-ups to #16865 (#20220) 2023-04-18 07:39:05 -04:00
20224.txt Add tests based on vault binary (#20224) 2023-04-24 09:57:37 -04:00
20234.txt Return OCSP errors on cert auth login failures (#20234) 2023-04-19 08:54:45 -04:00
20235.txt UI: Remove usage of htmlSafe (#20235) 2023-04-19 15:40:33 +00:00
20243.txt cli/namespace: add detailed flag to namespace list (#20243) 2023-04-19 09:31:51 -04:00
20247.txt Add support for docker testclusters (#20247) 2023-04-24 14:25:50 -04:00
20253.txt Add warnings to crl rebuilds, allowing notifying operator of empty issuer equivalency sets (#20253) 2023-04-19 16:55:37 +00:00
20257.txt VAULT-15668: fix windows issues with -dev-tls flag (#20257) 2023-04-21 10:54:38 +02:00
20261.txt Use a current version of etcd (#20261) 2023-04-19 14:17:11 -04:00
20263.txt UI: OIDC provider logo fix (#20263) 2023-04-19 14:30:18 -05:00
20265.txt Add new method to access a client config's TLSConfig. (#20265) 2023-04-19 15:14:18 -04:00
20276.txt Add additional fields to LIST issuers for Web UI (#20276) 2023-04-21 18:16:16 +00:00
20285.txt Small fixes for OpenAPI display attributes (#20285) 2023-04-21 17:04:12 +00:00
20294.txt Add symbols back to the build to fix Dynatrace support (#20294) 2023-04-21 17:15:56 +00:00
20341.txt Fix issuer patch of leaf_not_after_behavior (#20341) 2023-04-25 11:02:13 -04:00
20354.txt Fix reading issuer's enable_aia_url_templating value (#20354) 2023-04-25 16:48:05 -04:00
20368.txt VAULT-15840: Allow updates of only entity-alias custom-metadata (#20368) 2023-05-01 12:42:30 +02:00
20375.txt add nil check for mfa enforcement config namespace on login (#20375) 2023-04-26 16:52:39 -04:00
20411.txt Pipe MountPoint to audit logs (#20411) 2023-04-27 15:29:24 -07:00
20418.txt Fix panic when Vault enters recovery mode, added test (#20418) 2023-04-28 12:41:19 +00:00
20430.txt UI: fix secret with % in path (#20430) 2023-05-01 09:18:45 -05:00
20431.txt UI: glimmerize masked input (#20431) 2023-05-01 16:43:05 +00:00
20441.txt Show existing keys, issuers on PKI import (#20441) 2023-05-01 14:07:31 +00:00
20442.txt Update to tidy status and docs (#20442) 2023-05-01 14:26:29 +00:00
20464.txt Add walkSecretsTree helper function (#20464) 2023-05-02 15:23:43 -04:00
20477.txt CLI to take days as a unit of time (#20477) 2023-05-04 08:03:37 -07:00
20488.txt Improve addPrefixToKVPath helper (#20488) 2023-05-03 17:10:55 +00:00
20502.txt disable printing flags warning message for the ssh command (#20502) 2023-05-08 16:15:44 +00:00
20519.txt Keep symbols by default (#20519) 2023-05-04 13:23:06 -07:00
README.md
_ 1686.txt
_1622.txt
_1633.txt
_1637.txt
_1642.txt
_1656.txt
_1659.txt
_1663.txt
_1680.txt
_1691.txt
_1705.txt
_1712.txt
_1739.txt
_1757.txt
_1792.txt
_1819.txt
_2021Jan20.txt
_2021Jan26.txt
_2071.txt
_10959.txt
_go-ver-1120.txt Update main to go 1.19.2 (#17437) 2022-10-07 14:24:14 -04:00
_go-ver-1130.txt Move to Go 1.20. (#18981) 2023-02-03 12:26:25 -05:00
_go-ver-1140.txt Update Go version to 1.20.3 (#20139) 2023-04-13 13:35:02 +01:00
changelog.tmpl Fix error in changelog template (#18572) 2023-01-06 14:32:22 +00:00
client-counts-1.11.txt
client-counts.txt
diagnose.txt
go-ver-1110.txt
mount-migration.txt
note.tmpl
plugin-versioning.txt Plugin versioning changelog entries (#17322) 2022-09-27 16:24:21 +01:00

README.md

changelog

This folder holds changelog updates from commit 3bc7d15 onwards.

Release notes are text files with three lines:

  1. An opening code block with the release-note:<MODE> type annotation.

    For example:

    ```release-note:bug
    

    Valid modes are:

    • bug - Any sort of non-security defect fix.
    • change - A change in the product that may require action or review by the operator. Examples would be any kind of API change (as opposed to backwards compatible addition), a notable behavior change, or anything that might require attention before updating. Go version changes are also listed here since they can potentially have large, sometimes unknown impacts. (Go updates are a special case, and dep updates in general aren't a change). Discussion of any potential change items in the pull request to see what other communication might be warranted.
    • deprecation - Announcement of a planned future removal of a feature. Only use this if a deprecation notice also exists in the docs.
    • feature - Large topical additions for a major release. These are rarely in minor releases. Formatting for feature entries differs from normal changelog formatting - see the new features instructions.
    • improvement - Most updates to the product that arent bugs, but aren't big enough to be a feature, will be an improvement.
  2. A component (for example, secret/pki or sdk/framework or), a colon and a space, and then a one-line description of the change.

  3. An ending code block.

This should be in a file named after the pull request number (e.g., 12345.txt).

There are many examples in this folder; check one out if you're stuck!

See hashicorp/go-changelog for full documentation on the supported entries.

New and Major Features

For features we are introducing in a new major release, we prefer a single changelog entry representing that feature. This way, it is clear to readers what feature is being introduced. You do not need to reference a specific PR, and the formatting is slightly different - your changelog file should look like:

changelog/<pr num OR feature name>.txt:
```release-note:feature
**Feature Name**: Description of feature - for example "Custom password policies are now supported for all database engines."
```