luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
open-vault/changelog
History
Scott Miller 7f38b0440e
Fetch CRLs from a user defined URL (#17136) 
* Fetch CRLs from a user defined CDP (PoC)

* Handle no param sent

* Move CRL fetch to a periodFunc.  Use configured CA certs + system root as trusted certs for CRL fetch

* comments

* changelog

* Just use root trust

* cdp->url in api

* Store CRL and populate it initially in cdlWrite

* Update docs

* Update builtin/credential/cert/path_crls.go

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

* Handle pre-verification of a CRL url better

* just in case

* Fix crl write locking

* Add a CRL fetch unit test

* Remove unnecessary validity clear

* Better func name

* Don't exit early updating CRLs

* lock in updateCRLs

* gofumpt

* err-

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
 		2022-09-16 16:44:30 -05:00
..
7277.txt Allow globbing dis/allowed_policies_glob in token roles (#7277) 2021-09-21 08:25:06 -07:00
9081.txt updated usage example (#9081) 2022-08-24 09:03:30 -04:00
9109.txt Add support for go-sockaddr templated addresses in config. (#9109) 2021-10-21 10:10:48 -04:00
9802.txt Add systemd notify support to Agent. Resolves: #7028 (#9802) 2022-08-29 08:18:47 -04:00
9972.txt
10072.txt
10077.txt
10085.txt Fix entity group associations (#10085) 2021-10-01 10:22:52 -04:00
10101.txt Dedup from_entity_ids when merging two entities (#10101) 2021-10-12 15:35:19 -04:00
10131.txt
10181.txt
10231.txt
10249.txt Add allowed_uri_sans_template (#10249) 2021-12-15 09:18:28 -06:00
10365.txt
10375.txt
10384.txt
10386.txt
10416.txt
10417.txt
10424.txt
10433.txt
10444.txt
10456.txt
10467.txt Add retry policy and fix documentation for Cassandra storage backend (#10467) 2022-08-30 11:00:48 -07:00
10487.txt
10489.txt
10490.txt
10491.txt
10498.txt
10505.txt Add helper for encoding/decoding root tokens and OTP generation in SDK module (#10504) (#10505) 2021-12-01 08:05:49 -05:00
10514.txt
10520.txt
10536.txt
10537.txt
10546.txt
10556.txt
10558.txt
10579.txt
10588.txt
10596.txt
10603.txt
10609.txt
10613.txt
10650.txt
10653.txt
10655.txt
10677.txt
10684.txt
10689.txt
10705.txt
10708.txt
10725.txt
10726.txt
10730.txt
10743.txt
10744.txt
10751.txt secrets/consul: Add support to auto-bootstrap Consul ACL system (#10751) 2022-04-20 17:16:15 -05:00
10756.txt
10757.txt
10758.txt
10759.txt
10766.txt
10767.txt
10812.txt
10826.txt
10833.txt
10834.txt
10848.txt
10850.txt
10855.txt
10858.txt
10877.txt
10886.txt Let allowed_users template mix templated and non-templated parts (#10886) 2021-10-19 15:00:15 -07:00
10901.txt
10904.txt
10906.txt
10919.txt
10927.txt
10931.txt
10938.txt
10942.txt
10948.txt Adds "raw(/pem)" format to individual cert routes (#10947) (#10948) 2022-02-07 09:47:13 -05:00
10949.txt
10951.txt
10952.txt
10953.txt
10964.txt
10980.txt
10982.txt
10992.txt
10995.txt
10996.txt
10997.txt
11000.txt Fix missing changelog (#13230) 2021-11-19 12:59:00 -08:00
11011.txt
11015.txt
11018.txt
11022.txt
11094.txt
11113.txt
11119.txt
11127.txt
11129.txt
11142.txt
11143.txt
11182.txt
11208.txt
11213.txt
11216.txt certutil: select appropriate hash algorithm for ECDSA signature (#11216) 2021-11-04 16:33:01 -04:00
11218.txt pki: calculate Subject Key Identifier according to RFC 5280 (#11218) 2022-01-28 10:46:51 -05:00
11226.txt
11231.txt
11245.txt improvement: add signature_bits field to CA and signers (#11245) 2021-09-10 14:39:05 -07:00
11247.txt
11252.txt
11256.txt
11258.txt
11259.txt
11260.txt
11262.txt
11269.txt
11283.txt
11284.txt
11288.txt
11289.txt
11294.txt
11324.txt
11345.txt
11360.txt
11364.txt
11365.txt
11366.txt
11367.txt
11371.txt
11377.txt
11388.txt
11404.txt
11408.txt
11442.txt
11447.txt
11451.txt
11453.txt
11473.txt
11495.txt
11500.txt
11502.txt
11506.txt
11517.txt
11530.txt
11532.txt
11541.txt
11562.txt
11576.txt
11585.txt
11586.txt
11588.txt
11596.txt
11597.txt
11600.txt
11607.txt
11628.txt
11638.txt
11641.txt
11647.txt
11650.txt
11672.txt
11680.txt
11696.txt
11705.txt
11708.txt
11759.txt
11775.txt
11778.txt
11780.txt Add support for ed25519 (#11780) 2021-10-05 11:28:49 -04:00
11784.txt
11785.txt
11795.txt
11796.txt
11802.txt
11820.txt
11826.txt
11836.txt
11838.txt
11861.txt
11864.txt
11872.txt
11878.txt
11884.txt
11887.txt
11895.txt
11899.txt
11904.txt Improving Handling of Unix Domain Socket Addresses (#11904) 2022-06-21 15:16:58 -07:00
11907.txt
11934.txt
11942.txt
11956.txt
11957.txt
11958.txt
11963.txt
11969.txt Agent JWT auto auth `remove_jwt_after_reading` config option (#11969) 2022-07-25 07:42:09 -06:00
11970.txt
11975.txt
11980.txt Update Go client libraries for etcd (#11980) 2021-09-29 14:28:13 -04:00
11984.txt
11992.txt
11995.txt
11997.txt
12003.txt
12008.txt Docfix: "Fix" is not a valid release-note type (#12676) 2021-09-29 14:54:58 -06:00
12016.txt
12019.txt
12020.txt
12023.txt
12024.txt
12025.txt
12026.txt
12031.txt
12034.txt
12035.txt
12042.txt
12049.txt
12066.txt
12071.txt
12073.txt
12079.txt
12084.txt
12087.txt
12111.txt
12115.txt
12117.txt
12126.txt
12151.txt
12162.txt
12163.txt
12165.txt Aerospike backend update (#12165) 2021-11-29 11:09:12 -08:00
12169.txt
12175.txt
12185.txt
12196.txt
12208.txt identity: enforce key param and key existence on role creation (#12208) 2021-09-08 10:46:58 -05:00
12212.txt
12229.txt
12245.txt
12253.txt Update github.com/ulikunitz/xz (#12253) 2021-09-17 09:48:38 -07:00
12255.txt Update github.com/gogo/protobuf (#12255) 2021-09-07 11:40:14 -07:00
12262.txt Switch/upgrade to influxdata/influxdb1-client (#12262) 2022-01-25 13:30:24 -05:00
12265.txt
12295.txt
12301.txt
12317.txt
12320.txt Send x-forwarded-for in Okta Push Factor request (#12320) 2021-09-03 13:09:11 -07:00
12338.txt
12339.txt
12340.txt
12348.txt
12351.txt
12354.txt
12357.txt
12366.txt Auto-join support for IPv6 discovery (#12366) 2021-09-07 11:55:07 -07:00
12371.txt
12372.txt
12377.txt
12378.txt
12379.txt
12388.txt Add code to api.RaftSnapshot to detect incomplete snapshots (#12388) 2021-09-07 11:16:37 -04:00
12393.txt Vault 2823 cc namespace (#12393) 2021-09-07 09:16:12 -07:00
12408.txt
12409.txt
12413.txt Upgrade pq to fix connection failure cleanup bug (v1.8.0 => v1.10.3) (#12413) 2021-10-01 14:35:51 -07:00
12414.txt Identity: prepublish jwt signing keys (#12414) 2021-09-09 13:47:42 -05:00
12418.txt Add missing read unlock calls in transit backend code (#12652) 2021-09-28 11:59:30 -05:00
12422.txt
12425.txt Expose secret_id_accessor as WrappedAccessor when wrapping secret-id creation. (#12425) 2021-09-16 10:47:49 -07:00
12428.txt Add PutAutoPilotRaftConfiguration to api (#12428) 2021-11-10 12:10:15 -05:00
12437.txt UI/bar chart horizontal (#12437) 2021-09-07 12:54:33 -07:00
12443.txt change cassandra db plugin timeout to 5s as in docs (#12443) 2022-02-15 07:35:44 -08:00
12451.txt Bootstrap Nomad ACL system if no token is given (#12451) 2022-04-20 11:06:25 -07:00
12473.txt Fail alias rename if the resulting (name,accessor) exists already (#12473) 2021-09-21 08:19:44 -04:00
12478.txt Docfix: "Fix" is not a valid release-note type (#12676) 2021-09-29 14:54:58 -06:00
12483.txt update couchbase plugin version (#12483) 2021-09-07 11:48:10 -05:00
12485.txt Customizing HTTP headers in the config file (#12485) 2021-10-13 11:06:33 -04:00
12502.txt Add Custom metadata field to alias (#12502) 2021-09-17 11:03:47 -07:00
12505.txt dep: update consul-template to v0.27.0 (#12505) 2021-09-09 09:12:42 -07:00
12508.txt CLI: add new -header option to be able to add headers to all cli requests #8754 (#12508) 2021-10-27 11:04:04 -04:00
12514.txt Allow signing self issued certs with a different public key algorithm. (#12514) 2021-09-14 10:07:27 -05:00
12519.txt Fix pkcs7 parsing in some cases (#12519) 2021-09-10 12:17:03 -04:00
12534.txt vault-agent: copy values retrieved from bolt (#12534) 2021-09-13 11:06:08 -07:00
12541.txt UI/ PKI UI Redesign (#12541) 2021-10-04 14:31:36 -07:00
12550.txt Bug fix: allow forward slash in paths for delete menu (#12550) 2021-09-14 12:30:01 -06:00
12554.txt Client count updates (#12554) 2021-09-16 15:28:03 -07:00
12559.txt Use the system rand reader for CA root and intermediate generation (#12559) 2021-09-15 11:59:12 -05:00
12560.txt Use the system rand reader for SSH keypair generation (#12560) 2021-09-15 11:59:28 -05:00
12563.txt Port: Premature Rotation For autorotate (#12563) 2021-09-21 17:45:04 -07:00
12565.txt [VAULT-3519] Return no_default_policy on token role read (#12565) 2021-09-21 09:53:08 -07:00
12577.txt Added namespace search to client count (#12577) 2021-09-22 12:50:59 -07:00
12581.txt Update plugin proto to send tls.ConnectionState (Op.2) (#12581) 2021-10-07 08:06:09 -04:00
12582.txt Patch to support VAULT_HTTP_PROXY variable (#12582) 2021-10-06 09:40:31 -07:00
12600.txt dep: update vault-plugin-secrets-openldap to latest (#12600) 2021-09-21 15:30:19 -07:00
12621.txt update changelog/12621.txt (#13117) 2021-11-10 16:39:27 -08:00
12622.txt UI/bar chart updates (#12622) 2021-09-27 13:48:44 -07:00
12626.txt KV search box when no list access to metadata (#12626) 2021-09-29 14:35:00 -06:00
12629.txt Update Azure secrets engine to use MS Graph (#12629) 2021-09-29 11:28:13 -06:00
12633.txt fix: upgrade vault-plugin-auth-kubernetes (#12633) 2021-09-27 13:10:55 -04:00
12635.txt core: set namespace within GeneratePasswordFromPolicy (#12635) 2021-09-27 09:08:07 -07:00
12646.txt Auth method role edit form should be valid by default (#12646) 2021-10-04 11:53:24 -06:00
12663.txt UI/kv creation time (#12663) 2021-09-28 13:15:43 -06:00
12668.txt Add support to parameterize unauthenticated paths (#12668) 2021-10-13 11:51:20 -05:00
12672.txt UI/Add Elasticsearch DB (#12672) 2021-10-07 14:00:42 -07:00
12687.txt Add HTTP PATCH support to KV (#12687) 2021-10-13 15:24:31 -04:00
12688.txt agent: tolerate partial restore failure from persistent cache (#12718) 2021-10-08 11:30:04 +01:00
12691.txt Fix a Deadlock on HA leadership transfer (#12691) 2021-10-04 13:55:15 -04:00
12713.txt Removed unpublished:true for sys/internal/* endpoints (#12713) 2021-10-15 14:50:14 -04:00
12715.txt Fix auth/aws so that config/rotate-root saves new key pair to vault (#12715) 2021-10-19 10:26:47 -04:00
12716.txt Fix 1.8 regression preventing email addresses being used as common name within pki certificates (#12336) (#12716) 2021-10-04 14:02:47 -04:00
12718.txt agent: tolerate partial restore failure from persistent cache (#12718) 2021-10-08 11:30:04 +01:00
12720.txt CLI request when namespace is in argument and part of the path (#12720) 2021-10-21 22:35:13 -04:00
12724.txt Upgrade go-kms-wrapping to pickup oci-go-sdk update (#12724) 2021-10-04 16:21:38 -05:00
12731.txt [VAULT-3157] Move `mergeStates` utils from Agent to api module (#12731) 2021-10-06 10:57:06 -07:00
12747.txt [VAULT-3252] Disallow alias creation if entity/accessor combination exists (#12747) 2021-10-14 09:52:07 -07:00
12752.txt Added support for Oracle db connection (#12752) 2021-10-11 09:20:23 -07:00
12762.txt agent: Use an in-process listener with cache (#12762) 2021-10-15 17:22:19 -07:00
12763.txt Skip metric increment during existence check (#12763) 2022-05-05 10:22:19 -07:00
12770.txt UI/Serialize DB Connection Attributes (#12770) 2021-10-11 16:42:11 -07:00
12780.txt Filter identity token keys (#12780) 2021-10-12 11:14:03 -05:00
12787.txt Add LIST support to sys/policies/password (#12787) 2022-01-24 13:42:14 -08:00
12788.txt Return 404 response when looking for a secret_id_accessor that does not exist (#12788) 2021-10-11 15:07:51 +01:00
12790.txt Add remote_port in the audit logs when it is available (#12790) 2022-01-26 15:47:15 -08:00
12791.txt Return num_uses during authentication (#12791) 2022-01-25 18:59:53 -08:00
12792.txt Some changelog tidying for 1.10 preview (#13385) 2021-12-10 16:23:20 -05:00
12793.txt cl update (#13798) 2022-02-03 16:52:45 -08:00
12795.txt Some changelog tidying for 1.10 preview (#13385) 2021-12-10 16:23:20 -05:00
12796.txt Native Login method for Go client (#12796) 2021-10-26 16:48:48 -07:00
12800.txt UI/OIDC provider (#12800) 2021-10-13 15:04:39 -05:00
12802.txt Diagnose partial/missing telemetry configuration (#12802) 2021-10-20 16:47:59 -05:00
12812.txt Entities may have duplicate policies (#12812) 2021-10-22 19:28:31 -04:00
12814.txt api.Client: support isolated read-after-write (#12814) 2021-10-14 14:51:31 -04:00
12819.txt UI/remove empty rows from DB config pages (#12819) 2021-10-14 13:14:33 -07:00
12820.txt Port: add client ID to TWEs in activity log [vault-3136] (#12820) 2021-10-14 09:10:59 -07:00
12834.txt Fix entity alias deletion (#12834) 2021-10-19 15:05:06 -04:00
12839.txt [VAULT-3379] Add support for contained DBs in MSSQL root rotation and lease revocation (#12839) 2021-10-19 14:11:47 -07:00
12843.txt agent/cache: Store leases in-order in persistent cache so that restore respects dependencies (#12843) 2021-10-27 11:36:48 +01:00
12847.txt Forbid ssh key signing with specified extensions when role allowed_extensions is not set (#12847) 2021-10-15 17:55:18 -04:00
12868.txt Move to go 1.17 (#12868) 2021-10-21 09:32:03 -04:00
12872.txt Restrict ECDSA/NIST P-Curve hash function sizes for cert signing (#12872) 2021-11-12 12:18:38 -05:00
12876.txt Updates vault-plugin-auth-jwt to v0.11.0 (#12876) 2021-10-19 15:22:52 -07:00
12877.txt [VAULT-3008] Update RabbitMQ dependency and fix regression in UserInfo.Tags in v3.9 (#12877) 2021-10-20 09:46:37 -07:00
12881.txt operator generate-root -decode: allow token from stdin (#12881) 2021-10-20 12:29:17 -04:00
12885.txt VAULT-444: Add PKI tidy-status endpoint. (#12885) 2021-11-02 11:12:49 -04:00
12887.txt UI/Remove spinner after token renew (#12887) 2021-10-21 09:05:45 -05:00
12888.txt fix 12888 release note format (#13016) 2021-11-02 16:54:46 -06:00
12890.txt UI Conditionally Copy Tooltips (#12890) 2021-10-21 09:26:56 -06:00
12895.txt adds divider to toolbars with destructive actions (#12895) 2021-10-22 08:11:14 -06:00
12903.txt Set Cassandra connect timeout, not just regular timeout (#12903) 2021-10-22 11:02:28 -04:00
12904.txt UI/Remove token_type field from token auth method (#12904) 2021-10-29 13:00:34 -07:00
12906.txt Vertical resize on .cm-s-hashi.CodeMirror (#12906) 2021-10-22 14:58:04 -06:00
12907.txt Extend kv metadata to get, put, and patch (#12907) 2021-10-26 15:38:56 -04:00
12908.txt Info table row typography (#12908) 2021-10-22 15:16:02 -06:00
12911.txt fixing a bug for cli when namespace is in both arg and path (#12911) 2021-10-22 17:47:16 -04:00
12916.txt Adds missing unlock of RWMutex in OIDC delete key (#12916) 2021-10-25 09:59:26 -07:00
12921.txt KV alert banner for white space in KV path (#12921) 2021-10-28 10:50:33 -06:00
12932.txt Use mutex in OIDC configuration handlers (#12932) 2021-10-27 08:23:05 -07:00
12934.txt go-kms-wrapping update for Azure Key Vault's Managed HSM offering (#12934) 2021-10-27 12:07:18 -04:00
12945.txt UI/ Add PostgreSQL DB (#12945) 2021-10-29 09:58:56 -07:00
12965.txt cockroachdb: add high-availability support (#12965) 2022-03-29 13:12:06 -04:00
12976.txt Incorporate Ember Flight Icons (#12976) 2021-12-07 10:05:14 -07:00
13000.txt UI/kv codemirror diff (#13000) 2021-12-01 11:41:49 -07:00
13015.txt Secrets header version badge (#13015) 2021-11-08 14:29:00 -07:00
13022.txt Some changelog tidying for 1.10 preview (#13385) 2021-12-10 16:23:20 -05:00
13024.txt Fiddling with changelog formatting (#13496) 2021-12-21 18:32:08 -05:00
13032.txt UI/Truncate long secret names (#13032) 2021-11-04 16:57:08 -07:00
13033.txt Add changelog for couchbase plugin bug fix (#13033) 2021-11-03 15:39:19 -05:00
13034.txt secrets/azure: add changelog for rotate-root (#13034) 2021-11-03 16:38:45 -04:00
13038.txt PGP key list input fix (#13038) 2021-11-04 14:25:15 -06:00
13042.txt Fix errors logged on standbys when we try to write versions to storage (#13042) 2021-11-08 10:04:17 -05:00
13044.txt Allowing Unwrap w/ Newline files (#13044) 2021-11-24 10:13:45 -08:00
13054.txt UI/Adds pagination to auth methods list (#13054) 2021-11-04 16:35:20 -07:00
13078.txt Add a periodic test of the autoseal to detect loss of connectivity. (#13078) 2021-11-10 14:46:07 -06:00
13080.txt Add universal default key_bits value for PKI endpoints (#13080) 2021-12-13 15:26:42 -05:00
13086.txt Port: Allow Routing to Partial Monthly Client Count From Namespaces (#13086) 2021-11-08 15:38:35 -08:00
13090.txt UI/Custom empty state messages for transit and transform (#13090) 2021-11-11 16:53:53 -08:00
13093.txt Add missing changelog for pr #13093 (#13095) 2021-11-09 11:03:59 -05:00
13098.txt Raft peer removal bug (#13098) 2021-11-09 15:05:25 -07:00
13107.txt Raft Snapshot Restore Bug (#13107) 2021-11-17 10:30:59 -07:00
13111.txt Return non-retryable errors on transit encrypt and decrypt failures (#13111) 2021-11-15 15:53:22 -06:00
13133.txt OIDC Auth Bug (#13133) 2021-11-15 08:48:11 -07:00
13146.txt sdk/queue: move lock before checking queue length (#13146) 2021-11-29 14:54:00 -05:00
13149.txt UI/Update blueprints to glimmer components (#13149) 2021-11-16 13:14:16 -08:00
13152.txt Hide verify-connection attribute on connection config show page (#13152) 2021-11-16 12:56:42 -06:00
13162.txt Authenticate to "login" endpoint for non-existent mount path bug (#13162) 2021-11-22 17:06:59 -08:00
13165.txt Fix 1.9 regression with raft and stored time values (#13165) 2021-11-16 14:43:00 -05:00
13166.txt KV automatic delete state issue in UI (#13166) 2021-11-23 14:17:37 -07:00
13168.txt Revert more downgrades from #12975. (#13168) 2021-11-16 15:07:03 -05:00
13169.txt Fix startup failures when aliases from a pre-1.9 vault version exist (#13169) 2021-11-16 14:56:34 -05:00
13177.txt Form field component ttl picker not initially enabling (#13177) 2021-11-17 10:21:17 -07:00
13178.txt Some changelog tidying for 1.10 preview (#13385) 2021-12-10 16:23:20 -05:00
13195.txt Add pagination to namespace list view (#13195) 2021-11-29 13:11:14 -08:00
13200.txt Update 13200.txt changelog (#13263) 2021-11-24 13:38:15 -05:00
13215.txt Add HTTP PATCH support for KV key metadata (#13215) 2022-01-12 12:05:27 -05:00
13231.txt identity/oidc: optional nonce parameter for authorize request (#13231) 2021-11-22 09:42:22 -08:00
13233.txt Fixed null token panic from 'v1/auth/token/' endpoints and returned p… (#13233) 2021-12-21 09:46:56 -08:00
13235.txt Fix regression in returning empty value for approle cidrlist. (#13235) 2021-11-23 12:13:47 -05:00
13236.txt Fix null token type bug (#13236) 2021-12-06 09:38:53 -08:00
13238.txt UI/Fix node-forge EC error (#13238) 2021-11-23 13:51:02 -05:00
13241.txt Respect WithWrappingToken for all secret ID's in approle auth (#13241) 2021-11-23 15:53:48 -08:00
13254.txt skip hash bits verification for ed25519 (#13254) 2021-11-23 15:28:18 -05:00
13257.txt recognize ed25519 key type and return PKCS8 format (#13257) 2021-11-24 14:24:06 -05:00
13277.txt secrets/azure: Update plugin to v0.11.2 (#13277) 2021-11-29 09:05:23 -08:00
13282.txt Return an error when trying to store a too-large key with Raft (#13282) 2021-11-25 14:07:03 -05:00
13286.txt Prevent raft transactions from containing overlarge keys. (#13286) 2021-11-26 08:38:39 -05:00
13292.txt Add "operator members" command to list nodes in the cluster. (#13292) 2021-11-30 14:49:58 -05:00
13298.txt Identity: check NextSigningKey existence during key rotation (#13298) 2021-11-29 15:10:58 -06:00
13318.txt Fix possible nil pointer dereference (#13318) 2021-12-02 08:23:41 -05:00
13324.txt Rename master key to root key (#13324) 2021-12-06 17:12:20 -08:00
13332.txt github auth: use org id to verify creds (#13332) 2021-12-14 16:37:19 -06:00
13348.txt auth/cert: Add certificate extensions as metadata (#13348) 2022-01-03 13:38:16 -08:00
13365.txt auth/jwt: update changelog for pkce improvement (#13392) 2021-12-10 11:15:22 -06:00
13367.txt Fiddling with changelog formatting (#13496) 2021-12-21 18:32:08 -05:00
13395.txt Support clearing an identity alias' custom_metadata (#13395) 2021-12-10 18:07:47 -05:00
13396.txt UI/fix client count partial (#13396) 2021-12-10 16:14:57 -06:00
13408.txt Main go version bump (#13408) 2021-12-14 11:11:13 -05:00
13414.txt secrets/database: Add parameter to disable escaping username and password chars for DB connections (#13414) 2022-01-10 12:05:17 -06:00
13439.txt update okta-sdk-golang to v2.9.1 (#13439) 2022-01-06 09:42:51 -05:00
13443.txt Ember Upgrade to 3.24 (#13443) 2021-12-16 20:44:29 -07:00
13452.txt EscapeLDAPValue - catch trailing escape character (#13452) 2021-12-15 13:17:07 -08:00
13469.txt Update mssql's contained_db field to accept a boolean (#13469) 2021-12-20 10:04:43 -05:00
13476.txt Attempt to address a data race issue within identity store - take 2 (#13476) 2021-12-22 09:51:13 -05:00
13486.txt Fix properly initialize replicateStateStore from SetReadYourWrites() (#13486) 2021-12-21 16:14:39 -05:00
13487.txt [Vault-4628] OpenAPI endpoint not expanding root alternations (#13487) 2021-12-22 15:36:47 -08:00
13492.txt auth/oidc: update plugin to v0.11.4 (#13492) 2021-12-21 16:48:53 -08:00
13515.txt Add ability to optionally clone a Client's token (#13515) 2021-12-22 17:07:26 -05:00
13537.txt Enhance sys/raw to read and write values that cannot be encoded in json (#13537) 2022-01-20 07:52:53 -05:00
13540.txt Add support for PROXY protocol v2 in TCP listener (#13540) 2022-03-08 12:13:00 -05:00
13548.txt secrets/gcp: update plugin to v0.11.1 (#13548) 2022-01-03 11:18:48 -08:00
13573.txt Use MAP_POPULATE for our bbolt mmaps (#13573) 2022-01-11 08:16:53 -05:00
13585.txt UI/fix kmip role form (#13585) 2022-01-07 09:16:40 -06:00
13590.txt Search Select Input Fix (#13590) 2022-01-06 16:34:26 -07:00
13595.txt auth/kubernetes: support for dynamically reloading short-lived tokens (#13595) 2022-01-14 19:55:15 -08:00
13604.txt UI/Fixes secrets list breadcrumb (#13604) 2022-01-10 11:00:47 -08:00
13606.txt Parallel retry join (#13606) 2022-01-17 10:33:03 -05:00
13615.txt If we get a 405 doing an HTTP PATCH, assume the server is pre-1.9 and fall back to old readThenWrite approach (#13615) 2022-01-11 11:52:24 -05:00
13643.txt Distinguish LIST-only paths in OpenAPI (#13643) 2022-01-18 09:21:44 -08:00
13660.txt Add support for client certificates to -output-curl-string (#13660) 2022-01-20 10:25:26 -08:00
13661.txt Make auth/token/revoke-accessor idempotent (#13661) 2022-01-18 06:56:38 -05:00
13667.txt Vault-3991 Code Scanning Alerts Changes (#13667) 2022-01-14 15:35:27 -08:00
13669.txt auth/ldap: Add username to alias.metadata.name (#13669) 2022-01-20 12:30:26 -05:00
13675.txt Add telemetry to Vault agent (#13675) 2022-02-17 17:10:26 -08:00
13678.txt Support go-sockaddr templates in top-level cluster_addr config (#13678) 2022-01-19 10:56:04 -05:00
13682.txt Add the duration and start time to logged completed requests. (#13682) 2022-01-20 08:55:30 -05:00
13683.txt Accept both -f and --force in the web terminal (#13683) 2022-01-20 10:17:53 -07:00
13690.txt Add validation for nonce size when we aren't in convergent encryption mode within transit backend (#13690) 2022-01-19 13:02:49 +05:30
13691.txt Time-based transit key autorotation (#13691) 2022-01-20 09:10:15 -06:00
13703.txt Update to raft lib v1.3.3 (#13703) 2022-01-24 09:50:23 -05:00
13716.txt oidc: check for nil signing key on rotation (#13716) 2022-01-24 12:05:49 -06:00
13736.txt Support Y10K value in notAfter field when signing non-CA certificates (#13736) 2022-01-31 15:37:50 -06:00
13749.txt Raft/fix raft telemetry metric unit (#13749) 2022-01-24 10:51:35 -05:00
13759.txt PKI - Allow performance secondaries to generate and store certificates locally to them (#13759) 2022-01-24 10:03:04 -06:00
13766.txt Add sys/version-history endpoint and associated command (#13766) 2022-02-14 15:26:57 -05:00
13799.txt Remove fmt strings and replace with inline queries (#13799) 2022-01-27 15:20:13 -08:00
13841.txt [API] Add LDAP auth method (#13841) 2022-02-04 11:10:51 -08:00
13850.txt secret/consul: Add support for consul namespaces and admin partitions (#13850) 2022-02-09 15:44:00 -06:00
13871.txt identity/oidc: loopback redirect dynamic port (#13871) 2022-02-07 10:34:33 -08:00
13872.txt Fix kv secret access bug (#13872) 2022-02-03 01:46:03 +05:30
13889.txt Add duration/count metrics to PKI issue and revoke flows (#13889) 2022-02-08 10:37:40 -06:00
13893.txt add API docs for KVv2 subkeys endpoint (#13893) 2022-02-14 15:28:14 -05:00
13894.txt Switch from node-forge to PKI.js (#13894) 2022-02-04 12:52:28 -05:00
13908.txt Transform Advanced Templating (#13908) 2022-02-07 13:07:53 -07:00
13917.txt identity/oidc: Adds proof key for code exchange (PKCE) support (#13917) 2022-02-15 12:02:22 -08:00
13925.txt auth/kubernetes: Update plugin to v0.11.5 (#13925) 2022-02-10 12:23:19 -05:00
13927.txt Use application/pem-certificate-chain for PEMs (#13927) 2022-02-08 08:12:33 -05:00
13935.txt Add full CA Chain to /pki/cert/ca_chain response (#13935) 2022-02-07 14:37:01 -05:00
13950.txt UI: Add check for renewal time before triggering renew-self (#13950) 2022-02-08 11:43:42 -06:00
13958.txt Allow all other_sans in sign-intermediate and sign-verbatim (#13958) 2022-02-09 10:09:19 -05:00
13970.txt UI/transit auto rotate interval (#13970) 2022-02-09 10:56:49 -06:00
13973.txt secrets/azure: update to v0.11.3 (#13973) 2022-02-09 11:58:53 -05:00
13974.txt secrets/gcp: update to v0.11.2 (#13974) 2022-02-09 12:57:53 -05:00
13991.txt Allow specifying multiple allowed SSH key lengths (#13991) 2022-02-17 15:36:56 -05:00
14006.txt Switch to secure signing algorithm for SSH secrets engine (#14006) 2022-02-18 10:44:01 -05:00
14008.txt Allow generation of other types of SSH CA keys (#14008) 2022-02-15 14:14:05 -05:00
14013.txt identity/oidc: use inherited group membership for client assignments (#14013) 2022-02-11 11:40:44 -08:00
14014.txt secret/consul: Add Consul ACL roles support (#14014) 2022-02-16 19:31:08 -06:00
14025.txt update MFA changelog (#14326) 2022-03-01 15:13:39 -08:00
14033.txt update changelog to include db config connection return value change (#14256) 2022-02-24 14:03:11 -06:00
14049.txt MFA UI Changes (v3) (#14145) 2022-02-17 15:40:25 -07:00
14051.txt Allow auto-detection of AWS region when using the vault CLI (#14051) 2022-02-14 12:01:27 -08:00
14054.txt UI: Switch usage of localStorage to sessionStorage (#14054) 2022-02-17 10:04:53 -06:00
14067.txt Revert "MFA (#14049)" (#14135) 2022-02-17 13:17:59 -07:00
14074.txt Use FieldData.GetOkError() to access required Transit parameters. (#14593) 2022-03-18 16:10:38 -04:00
14095.txt auth/ldap: add resp warning if userfilter doesn't consider userattr (#14095) 2022-02-17 17:19:44 -08:00
14107.txt Revert "MFA (#14049)" (#14135) 2022-02-17 13:17:59 -07:00
14109.txt Server Side Consistency Docs (#14392) 2022-03-16 10:20:12 -07:00
14119.txt identity/oidc: Adds default provider, key, and allow_all assignment (#14119) 2022-02-22 08:33:19 -08:00
14130.txt secrets/azure: update plugin to v0.11.4 (#14130) 2022-02-17 12:09:36 -08:00
14131.txt interactive CLI for mfa login (#14131) 2022-02-24 15:16:15 -05:00
14138.txt auth/azure: update to v0.9.3 (#14138) 2022-02-18 09:42:48 -05:00
14144.txt upgrade vault-plugin-auth-kubernetes (#14144) 2022-02-22 11:25:44 -05:00
14171.txt secrets/openldap: fix panic from nil logger (#14171) 2022-02-18 19:40:30 -05:00
14178.txt Rebase #14178 / Add not_before_duration API parameter to Root/Intermediate CA generation (#15511) 2022-05-19 12:35:08 -04:00
14190.txt Update github.com/prometheus/client_golang (#14190) 2022-02-23 09:31:58 -05:00
14193.txt Remove support for etcd v2 storage backend. (#14193) 2022-02-22 16:48:04 -05:00
14195.txt Add checks for other error types within the PKI plugin (#14195) 2022-02-22 14:39:21 -05:00
14197.txt Ensure that fewer goroutines survive after a test completes (#14197) 2022-02-23 10:33:52 -05:00
14206.txt prevent int64 overflow for default_lease_ttl and max_lease_ttl (#14206) 2022-02-23 17:08:52 -05:00
14214.txt agent/azure: adds ability to use specific user-assigned managed identities for auto auth (#14214) 2022-02-23 11:43:36 -08:00
14217.txt Change OpenAPI code generator to extract request objects (#14217) 2022-03-11 19:00:26 -05:00
14222.txt Set header content type instead of overwriting all headers (#14222) 2022-02-23 17:09:57 -05:00
14223.txt Quit agent endpoint with config (#14223) 2022-02-25 10:29:05 +00:00
14224.txt UI/fix db role ttl display (#14224) 2022-02-23 10:00:20 -06:00
14231.txt Increase column width of vault_key on mysql (#14231) 2022-02-24 09:21:57 -05:00
14232.txt Update to Go 1.17.7 (#14232) 2022-02-23 15:08:08 -05:00
14233.txt UI: Fix incorrect validity modal on transit secrets engine (#14233) 2022-02-23 14:59:49 -06:00
14235.txt Fix broken interactions between glob_domains and wildcards (#14235) 2022-02-23 16:44:09 -05:00
14238.txt Add role parameter to restrict issuance of wildcard certificates (#14238) 2022-02-24 08:41:56 -05:00
14268.txt UI: add Database static role password rotation (#14268) 2022-02-25 12:16:54 -06:00
14269.txt [VAULT-5003] Use net/http client in Sys().RaftSnapshotRestore (#14269) 2022-03-14 10:13:33 -07:00
14292.txt Add warning when generate_lease=no_store=true when writing PKI role (#14292) 2022-02-28 13:55:12 -05:00
14301.txt Output full secret path in certain kv commands (#14301) 2022-03-08 13:17:27 -08:00
14324.txt auth/ldap: add `username_as_alias` config flag (#14324) 2022-03-15 10:21:40 -04:00
14328.txt treat logical.ErrRelativePath as 400 instead of 500 (#14328) 2022-03-30 09:08:02 -04:00
14329.txt Logout with wrapped token (#14329) 2022-03-02 09:45:53 -07:00
14385.txt Set service type to notify in systemd unit. (#14385) 2022-03-09 08:13:45 -05:00
14388.txt Add context-aware functions to vault/api (#14388) 2022-03-23 17:47:43 -04:00
14389.txt Added Enigma Vault secret plugin. Designed to be simple but complete, a good starting point for plugin developers (#14389) 2022-03-11 08:33:48 -05:00
14399.txt Fix debug bundle panic on Windows (#14399) 2022-06-09 15:57:45 -07:00
14400.txt UI/Hide empty masked PKI row values (#14400) 2022-03-11 13:55:01 -08:00
14422.txt UI/add managed ns redirect prefix (#14422) 2022-03-10 08:26:33 -06:00
14424.txt Agent error log level is mismatched (#14424) 2022-04-07 11:03:38 -07:00
14426.txt identity/oidc: prevent key rotation on performance secondary clusters (#14426) 2022-03-09 15:41:02 -08:00
14455.txt Update google-cloud-storage backend documentation (#14455) 2022-08-26 09:59:40 -05:00
14474.txt Add fields 'ttl' and 'num_uses' to SecretID generation. (#14474) 2022-09-02 09:29:59 -07:00
14487.txt only check Contains if IP address (#14487) 2022-03-15 09:55:50 -06:00
14489.txt UI/fix kv data cache (#14489) 2022-03-16 11:00:08 -05:00
14493.txt UI/d3 DOM cleanup hover issue (#14493) 2022-03-16 13:36:41 -05:00
14501.txt Add input validation to getRuleInfo to prevent panic (#14501) 2022-03-24 16:16:37 -04:00
14508.txt UI: Parse OpenAPI response correctly if schema includes $ref (#14508) 2022-03-16 09:24:07 -05:00
14522.txt Fix panic caused by parsing `json.Number` values for TypeCommaStringSlice fields (#14522) 2022-03-28 11:07:55 -04:00
14523.txt Fix CLI panic caused by single backslash values (#14523) 2022-03-24 16:40:32 -04:00
14543.txt identity/token: fix duplicate keys in well-known (#14543) 2022-03-16 18:48:10 -07:00
14545.txt OIDC Logout Bug (#14545) 2022-03-18 09:40:17 -06:00
14551.txt UI/Wrong sentinel error message for auth methods (#14551) 2022-03-18 16:47:42 -07:00
14622.txt Add a check for missing entity during local alias invalidation. (#14622) 2022-03-21 15:09:31 -04:00
14659.txt Remove Ivy Codemirror (#14659) 2022-03-29 10:25:16 -06:00
14670.txt Warn on upper case in policy name (#14670) 2022-03-24 13:29:11 -07:00
14704.txt Vault-4010 Unauthenticated panic when processing "help" requests (#14704) 2022-03-24 12:19:14 -07:00
14744.txt Ensure that URL encoded passwords are properly redacted. (#14744) 2022-03-29 10:33:55 -04:00
14746.txt add value length check to approle createHMAC (#14746) 2022-03-29 14:43:35 -04:00
14751.txt auth/cert: Add metadata to identity-alias (#14751) 2022-08-23 11:03:53 -07:00
14752.txt Vault-4279 reporting redundant/unused keys in config (#14752) 2022-04-01 10:34:27 -04:00
14753.txt Add ability to pass certificate PEM bytes to vault/api (#14753) 2022-04-06 11:21:46 -04:00
14755.txt Address incorrect table metric value for local mounts (#14755) 2022-03-30 13:06:49 -04:00
14763.txt Ember upgrade to 3.28.6 (#14763) 2022-04-12 13:59:34 -06:00
14775.txt Use WriteWithContext in auth helpers (#14775) 2022-04-06 11:20:34 -04:00
14791.txt Fixing excessive unix file permissions (#14791) 2022-04-01 12:57:38 -04:00
14794.txt UI/Only show form values if have read access (#14794) 2022-04-01 16:05:42 -05:00
14807.txt Mount flag syntax to mitigate confusion from KV-v2 path discrepancies (#14807) 2022-04-06 13:58:06 -07:00
14814.txt VAULT-4240 time.After() in a select statement can lead to memory leak (#14814) 2022-04-01 10:17:11 -04:00
14817.txt Vault 3992 ToB Config and Plugins Permissions (#14817) 2022-04-04 09:45:41 -07:00
14836.txt Respect increment value in grace period calculations (api/LifetimeWatcher) (#14836) 2022-04-06 13:04:45 -04:00
14846.txt Vault 3999 Change permissions for directory/archive created by debug command (#14846) 2022-04-04 09:44:03 -07:00
14864.txt VAULT-5422: Add rate limit for TOTP passcode attempts (#14864) 2022-04-14 13:48:24 -04:00
14869.txt deprecating Legacy MFA (#14869) 2022-04-19 21:19:34 -04:00
14875.txt Fix handling of default zero SignatureBits value with Any key type in PKI Secrets Engine (#14875) 2022-04-04 15:26:54 -04:00
14899.txt Fix changelog formatting for feature (#15386) 2022-05-12 08:19:52 -07:00
14900.txt [Vault-5248] MFA support for api login helpers (#14900) 2022-04-15 11:13:15 -07:00
14916.txt OIDC Login Bug (#14916) 2022-04-07 08:30:29 -06:00
14941.txt Bug Fix and Glimmerize secret-edit component (#14941) 2022-04-07 11:07:33 -06:00
14943.txt Fix handling of SignatureBits for ECDSA issuers (#14943) 2022-04-07 11:52:59 -04:00
14946.txt feature: secrets/auth plugin multiplexing (#14946) 2022-08-29 21:42:26 -05:00
14954.txt aws auth displayName (#14954) 2022-04-08 14:37:49 -07:00
14957.txt Add build date (#14957) 2022-04-19 14:28:08 -04:00
14962.txt Warnings indicating ignored and replaced parameters (#14962) 2022-04-11 09:57:12 -04:00
14963.txt [Vault-5736] Add (*Client).WithNamespace() for temporary namespace handling (#14963) 2022-04-14 09:50:21 -07:00
14966.txt Fix edit capabilities call in auth method (#14966) 2022-04-11 10:48:35 -07:00
14968.txt Don't clone OutputCurlString value (#14968) 2022-04-08 09:58:50 -07:00
14973.txt Update gocql to resolve #12878 (#14973) 2022-04-18 11:12:32 -07:00
14975.txt Add various missing PKI related changelog entries (#15500) 2022-05-23 11:53:49 -04:00
14977.txt Ensure initialMmapSize is 0 on Windows (#14977) 2022-04-08 12:07:21 -07:00
14985.txt supporting google authenticator with Okta auth (#14985) 2022-04-14 08:37:04 -04:00
15004.txt Add various missing PKI related changelog entries (#15500) 2022-05-23 11:53:49 -04:00
15009.txt forwarding requests subjected to Login MFA to the active node (#15009) 2022-04-13 10:11:53 -04:00
15025.txt UI: Masked inputs always look the same when value is hidden (#15025) 2022-04-13 16:56:39 -05:00
15041.txt When running under systemd, send ready when server completed reloading config #7028 (#15041) 2022-05-03 08:34:11 -04:00
15042.txt Raft: use a larger initial heartbeat/election timeout (#15042) 2022-04-29 08:32:16 -04:00
15046.txt Custom tooltip for Generated Token Policies form field on auth methods (#15046) 2022-04-14 14:58:26 -06:00
15054.txt Add AWS_DYNAMODB_REGION Environment variable (#15054) 2022-04-28 12:29:51 -07:00
15055.txt Remove duplicate policies when creating/updating identity groups (#15055) 2022-05-16 17:20:48 -04:00
15058.txt UI: fix blank selection on search select field (#15058) 2022-04-15 12:47:55 -05:00
15067.txt When tainting a route during setup, pre-calculate the namespace specific path (#15067) 2022-04-26 09:13:45 -07:00
15072.txt fix TypeCommaIntSlice panic caused by json.Number input (#15072) 2022-04-18 16:43:16 -04:00
15074.txt remove storybook: (#15074) 2022-04-19 15:45:20 -06:00
15092.txt Upgrade hashicorp/consul-template dependency (#15092) 2022-04-19 20:51:11 +01:00
15100.txt Add various missing PKI related changelog entries (#15500) 2022-05-23 11:53:49 -04:00
15104.txt [VAULT-5887] TypeInt64 support added to OpenApi Spec generation (#15104) 2022-04-22 15:37:12 -07:00
15123.txt Clone identity objects to prevent races. (#15123) 2022-04-22 13:04:34 -04:00
15125.txt Update golang.org/x/crypto/ssh (#15125) 2022-04-22 12:58:23 -04:00
15152.txt Add various missing PKI related changelog entries (#15500) 2022-05-23 11:53:49 -04:00
15155.txt Add various missing PKI related changelog entries (#15500) 2022-05-23 11:53:49 -04:00
15156.txt fix raft tls key rotation panic when rotation time in past (#15156) 2022-04-25 21:48:34 -04:00
15163.txt [VAULT-5813] Remove duplicate sha_256 in SystemCatalogRequest OAS (#15163) 2022-04-25 13:12:08 -07:00
15166.txt VAULT-5827 Don't prepare SQL queries before executing them (#15166) 2022-04-26 12:47:06 -07:00
15167.txt Handle client count timezone (#15167) 2022-05-20 21:43:01 +02:00
15179.txt Add various missing PKI related changelog entries (#15500) 2022-05-23 11:53:49 -04:00
15188.txt [VAULT-14990] Support retrieving kv secret paths with trailing spaces (#15188) 2022-05-10 14:07:45 -07:00
15204.txt agent/auto-auth: Add `min_backoff` to set first backoff value (#15204) 2022-04-29 12:31:32 -04:00
15211.txt Add various missing PKI related changelog entries (#15500) 2022-05-23 11:53:49 -04:00
15213.txt Allow callers to choose the entropy source for the random endpoints. (#15213) 2022-05-02 14:42:07 -05:00
15224.txt Do sockaddr template parsing only when needed (#15224) 2022-04-29 09:57:17 -04:00
15248.txt Globally scoped MFA method Get/List endpoints (#15248) 2022-05-17 14:54:16 -04:00
15250.txt not_before_duration added to SSH (#15250) 2022-05-12 08:50:40 -04:00
15259.txt change ordering of activity log month data to sort by ascending order… (#15259) 2022-05-03 13:39:29 -07:00
15261.txt loading MFA configs upont restart (#15261) 2022-05-05 18:53:57 -04:00
15277.txt Add various missing PKI related changelog entries (#15500) 2022-05-23 11:53:49 -04:00
15293.txt Update deps for consul-template 0.29.0 (#15293) 2022-05-05 10:30:40 -07:00
15295.txt secrets/consul: Add support for generating tokens with service and node identities (#15295) 2022-05-09 20:07:35 -05:00
15305.txt KV helper methods for api package (#15305) 2022-05-25 11:17:13 -07:00
15316.txt Add DR Metric scraping capability to debug command (#15316) 2022-05-06 16:04:08 -04:00
15342.txt add mount accessor to audit request and responses (#15342) 2022-05-12 11:28:00 -06:00
15343.txt postgres: replace the package lib/pq with pgx (#15343) 2022-05-23 12:49:18 -07:00
15352.txt Query and Precompute Non-Contiguous Segments in the Activity Log (#15352) 2022-05-17 12:17:32 -07:00
15355.txt Updating Okta MFA to use official SDK (#15355) 2022-05-17 15:14:26 -04:00
15361.txt auth/okta: Add support for Okta number challenge (#15361) 2022-05-11 17:09:29 -07:00
15364.txt UI/ fix firefox not recognizing csv export (#15364) 2022-05-10 17:19:38 -07:00
15369.txt Disabling client side rate limiting in Okta login MFA client (#15369) 2022-05-12 15:55:33 -04:00
15376.txt secrets/database: adds ability to manage alternative credential types and configuration (#15376) 2022-05-17 09:21:26 -07:00
15377.txt Added support for VAULT_PROXY_ADDR + Updated docs (#15377) 2022-05-24 13:38:51 -04:00
15378.txt Fix OIDC callback query params (#15378) 2022-05-13 09:58:56 -07:00
15380.txt VAULT-5935 agent: redact renew-self if using auto auth (#15380) 2022-05-12 09:25:55 -07:00
15383.txt report listener and storage types as found keys (#15383) 2022-05-12 09:04:56 -07:00
15400.txt secrets/consul: Use consistent parameter names (#15400) 2022-05-19 14:43:54 -05:00
15405.txt Added optional -log-level flag to 'operator migrate' command (#15405) 2022-05-12 15:56:25 -04:00
15414.txt Transit byok import endpoints (#15414) 2022-05-16 11:50:38 -05:00
15417.txt Vault CLI: show detailed information with ListResponseWithInfo (#15417) 2022-05-18 13:00:50 -04:00
15420.txt append nil months to query get to cover all requested months (OSS) (#15420) 2022-05-16 13:01:28 -07:00
15428.txt VAULT-5885: Fix erroneous success message in case of two-phase MFA, and provide MFA information in table format (#15428) 2022-05-17 14:03:02 -04:00
15429.txt pki/sign-verbatim uses role not before duration (#15429) 2022-05-16 16:15:18 -04:00
15434.txt api: make ListPlugins parse only known plugin types (#15434) 2022-05-17 17:41:26 +01:00
15440.txt Add default timeout to legacy ssh.ClientConfig (#15440) 2022-05-16 12:36:47 -04:00
15452.txt Vault-6037 making filesystem permissions check opt-in (#15452) 2022-05-17 11:34:31 -07:00
15457.txt Add list of granting policies audit logs (#15457) 2022-05-16 16:23:08 -07:00
15464.txt UI/vault 6212/multiple issuer pki changes (#15464) 2022-05-18 11:31:17 -07:00
15469.txt possibly forward cached MFA auth response to leader (#15469) 2022-05-17 16:30:36 -04:00
15470.txt Always return PKI configs for CRLs, URLs (#15470) 2022-05-17 11:40:09 -04:00
15474.txt UI: Better default transit auto-rotation (#15474) 2022-05-17 16:06:57 -05:00
15478.txt Remove signature_bits on intermediate generate (#15478) 2022-05-18 09:36:39 -04:00
15482.txt prevent deleting MFA method through an invalid path (#15482) 2022-05-31 14:22:04 -04:00
15487.txt oss changes (#15487) 2022-05-18 09:16:13 -07:00
15493.txt Forward autopilot state reqs, avoid self-dialing (#15493) 2022-05-18 14:50:18 -04:00
15494.txt Warn on empty Subject field for issuers (#15494) 2022-05-18 10:15:37 -04:00
15509.txt Add warning on missing AIA info fields (#15509) 2022-05-19 11:12:10 -04:00
15510.txt Vault 5917 allow patch operations to pki roles issuers (#15510) 2022-05-20 13:34:55 -04:00
15513.txt Remove reference to stored license (#15513) 2022-05-20 09:33:50 -07:00
15519.txt VAULT-4306 Ensure /raft/bootstrap/challenge call ignores erroneous namespaces set (#15519) 2022-05-19 16:27:51 -04:00
15523.txt UI: keymgmt secret engine (#15523) 2022-05-20 10:41:24 -05:00
15524.txt Return the signed ca in the ca_chain response field within sign-intermediate api call. (#15524) 2022-05-20 11:06:44 -04:00
15525.txt Fix handling of username_as_alias during LDAP authentication (#15525) 2022-05-20 14:17:26 -07:00
15527.txt Add usage documentation for new Kubernetes Secrets Engine (#15527) 2022-05-20 13:37:15 -07:00
15536.txt api/monitor: Adding log format to monitor command and debug (#15536) 2022-05-24 13:10:53 -04:00
15543.txt Allow issuer/:issuer_ref/sign-verbatim/:role, add error on missing role (#15543) 2022-05-23 13:09:18 -04:00
15550.txt secrets/consul: Deprecate token_type and policy fields (#15550) 2022-05-20 15:48:02 -05:00
15551.txt Adding vault-plugin-secrets-kubernetes v0.1.0 (#15551) 2022-05-20 14:13:33 -07:00
15552.txt VAULT-6131 OpenAPI schema now includes /auth/token endpoints when explicit permission has been granted (#15552) 2022-05-31 11:25:27 -04:00
15559.txt Convert not_before_duration to seconds before returning it (#15559) 2022-05-23 08:06:37 -04:00
15560.txt UI/Fix form validation issues (#15560) 2022-05-25 11:22:36 -07:00
15561.txt SSH secrets engine - Enabled creation of key pairs (CA Mode) (#15561) 2022-06-10 09:48:19 -04:00
15573.txt Remove unsupported fields for DB roles show page (#15573) 2022-05-25 11:28:19 -04:00
15579.txt Fix plugin reload mounts (#15579) 2022-05-25 13:37:42 -05:00
15581.txt Add deprecation note about X.509/SHA-1 (#15581) 2022-05-25 10:11:17 -07:00
15583.txt use provided namespace for wrapping lookup cubbyhole request (#15583) 2022-05-26 15:17:29 -04:00
15584.txt Add change release note for Kubernetes auth (#15891) 2022-06-09 10:07:43 +01:00
15586.txt Add an API for exporting activity log data (#15586) 2022-05-24 17:00:46 -07:00
15592.txt auth/gcp: updates plugin to v0.13.0 (#15592) 2022-05-25 10:35:41 -07:00
15593.txt auth/jwt: updates plugin to v0.13.0 (#15593) 2022-05-25 11:04:32 -07:00
15614.txt fix: upgrade vault-plugin-database-elasticsearch to v0.11.0 (#15614) 2022-05-26 10:20:52 -05:00
15638.txt Only add distinct policies to identity group (#15638) 2022-05-26 13:52:19 +01:00
15655.txt secrets/kubernetes: update to v0.1.1 (#15655) 2022-05-26 15:44:03 -07:00
15681.txt Removed red spellcheck underline that appears for sensitive values (#15681) 2022-05-31 17:00:34 -04:00
15685.txt updates `leasId` to `leaseId` (#15685) 2022-06-13 13:17:07 -05:00
15693.txt Avoid deadlocking on stateLock in emitMetrics (#15693) 2022-05-31 12:15:39 -04:00
15719.txt Update AWS auth method certificates (#15719) 2022-06-01 10:26:17 -07:00
15735.txt VAULT-6371 Fix issue with lease quotas on read requests that generate leases (#15735) 2022-06-03 15:45:21 -04:00
15742.txt Add parsing for NSS-wrapped Ed25519 keys (#15742) 2022-06-06 18:09:21 -04:00
15751.txt Support for CPS URLs in Custom Policy Identifiers. (#15751) 2022-06-03 14:50:46 -04:00
15759.txt File Audit Mode 0000 bug (#15759) 2022-06-03 09:17:41 -07:00
15769.txt Revert UI: replace localStorage with sessionStorage (#15769) 2022-06-02 15:19:57 -05:00
15789.txt UI: calendar widget fix (#15789) 2022-06-03 14:22:50 -07:00
15792.txt bump vault-plugin-secrets-kv to v0.12.1 (#15792) 2022-06-03 16:01:35 -04:00
15809.txt Allow reading Nomad CA/Client cert configuration (#15809) 2022-06-10 10:09:54 -04:00
15824.txt UI: Fix metadata tab not showing given policy (#15824) 2022-06-07 10:56:44 -05:00
15835.txt Dynamic parameter for mountpaths in OpenApi Spec generation(#15835) 2022-06-30 07:43:04 -07:00
15852.txt Change tooltip for token_bound_certs and glimmerize string-list component (#15852) 2022-06-07 13:15:25 -06:00
15858.txt Add warning about EA in FIPS mode (#15858) 2022-06-08 08:57:48 -04:00
15866.txt pass context to postgres queries (#15866) 2022-06-08 17:54:19 -04:00
15879.txt Limit SSCT WAL Check on Perf Standbys to Raft Backends Only (#15879) 2022-06-08 13:58:22 -07:00
15898.txt Remove deprecated core-js version from production builds (#15898) 2022-06-09 09:12:59 -06:00
15900.txt Parse ha_storage in config (#15900) 2022-06-09 15:55:49 -07:00
15912.txt return bad request instead of server error for identity group cycle detection (#15912) 2022-06-10 10:15:31 -04:00
15933.txt Add changelog for #15933 (#16425) 2022-07-22 09:50:28 -07:00
15946.txt Fix keyring file missing after Vault restart (#15946) 2022-06-15 10:22:42 -07:00
15986.txt Fix changelog for 15986 (#16085) 2022-06-21 12:27:24 -04:00
15989.txt (OSS) Path Suffix Support for Rate Limit Quotas (#15989) 2022-06-16 13:23:02 -04:00
15996.txt Add explicit cn_validations field to PKI Roles (#15996) 2022-06-16 06:53:27 -07:00
15998.txt UI Support for Okta Number Challenge (#15998) 2022-08-10 15:46:04 -04:00
16000.txt Activity Log Filtering Limit Parameter (#16000) 2022-06-15 15:41:31 -07:00
16018.txt ssh: Fix template regex test for defaultExtensions to allow additional text (#16018) 2022-06-17 11:06:17 -04:00
16056.txt fix bug with allowed_users_template and add allowed_domains_template for SSH role (#16056) 2022-08-16 14:59:29 -05:00
16063.txt website: Update replication docs to mention Integrated Storage (#16063) 2022-06-21 10:55:15 -07:00
16087.txt Update consul-template to latest for pkiCert fix (#16087) 2022-06-27 08:39:36 -07:00
16088.txt Replicate member_entity_ids and policies in identity/group across nodes identically (#16088) 2022-06-28 19:54:24 -04:00
16094.txt Fix bug where id not existing in multiplexing map causes panic (#16094) 2022-06-22 14:29:25 -04:00
16111.txt Add endpoints to provide ability to modify logging verbosity (#16111) 2022-06-27 11:39:53 -04:00
16112.txt Return a 403 for a bad SSCT instead of 500 (#16112) 2022-06-23 13:01:20 -07:00
16115.txt VAULT-6613 Add role support for rate limit quotas (OSS Changes) (#16115) 2022-06-24 08:58:02 -04:00
16124.txt Add signature_bits to sign-intermediate, sign-verbatim (#16124) 2022-06-23 14:07:27 -04:00
16140.txt changelog: Add entry for AD secrets engine bug fix (#16480) 2022-07-27 15:51:53 -07:00
16146.txt ActivityLog Implement HyperLogLog Store Functionality During Precomputation (#16146) 2022-06-27 09:38:32 -07:00
16162.txt activity log refactoring port (#16162) 2022-06-27 13:33:45 -07:00
16170.txt UI OIDC auth type saved in localStorage not sessionStorage (#16170) 2022-06-28 11:04:24 -06:00
16181.txt identity/oidc: allow filtering the list providers response by an allowed_client_id (#16181) 2022-07-28 09:47:53 -07:00
16184.txt Port: Use Stored Hll to Compute New Clients For Current Month (#16184) 2022-06-29 10:51:23 -07:00
16213.txt Docs: API generate-recovery-token unhidden. (#16213) 2022-08-29 09:02:47 -04:00
16218.txt Clarification for local mounts in the context of DR (#16218) 2022-07-12 10:17:12 -07:00
16231.txt agent/template: fix exec parsing error for templates (#16231) 2022-07-06 21:21:35 +01:00
16246.txt pki: When a role sets key_type to any ignore key_bits value when signing a csr (#16246) 2022-07-08 10:56:15 -04:00
16249.txt PKI - Honor header If-Modified-Since if present (#16249) 2022-08-29 15:28:47 -04:00
16274.txt auth/oidc: fix changelog entry for SecureAuth groups parsing (#16388) 2022-07-21 08:24:11 -07:00
16324.txt Vault 6773/raft rejoin nonvoter (#16324) 2022-07-18 14:37:12 -04:00
16327.txt Increase the allowed concurrent gRPC streams (#16327) 2022-07-20 15:26:52 -04:00
16351.txt Allow identity templates in ssh backend `default_user` field (#16351) 2022-07-29 09:45:52 -04:00
16353.txt Remove gox in favor of go build. (#16353) 2022-07-20 10:44:41 -07:00
16379.txt updating changelog for vault-951 (#16558) 2022-08-03 10:39:21 -07:00
16386.txt VAULT-7046 Allow trailing globbing at the end of a path suffix quota (#16386) 2022-07-21 15:31:23 -04:00
16409.txt command/audit: improve audit enable type missing error message (#16409) 2022-07-21 16:43:50 -04:00
16421.txt command/server: add dev-tls flag (#16421) 2022-07-22 14:04:03 -04:00
16435.txt auth/gcp: add support for GCE regional instance groups (#16435) 2022-07-22 17:31:25 -05:00
16441.txt Added a small utility method to display warnings when parsing command arguments. (#16441) 2022-07-27 14:00:03 -04:00
16443.txt ignore leading slash in kv get command (#16443) 2022-07-28 14:11:58 -04:00
16455.txt Remove SHA1 for certs in prep for Go 1.18 (#16455) 2022-07-28 09:14:33 -07:00
16466.txt UI: fix jwt auth failure (#16466) 2022-07-27 15:22:38 -05:00
16479.txt agent: add disable_keep_alives configurable (#16479) 2022-07-28 12:59:49 -07:00
16487.txt Clone created entities that were inserted into memdb... (#16487) 2022-07-28 09:43:24 -04:00
16489.txt Lookup, wrap, rewrap and unwrap token rename with description (#16489) 2022-07-28 14:33:47 -04:00
16494.txt Allow old certs to be cross-signed (#16494) 2022-08-03 06:34:21 -07:00
16519.txt Add PSS support to PKI Secrets Engine (#16519) 2022-08-03 12:42:24 -04:00
16525.txt auth/jwt: updates dependency and adds changelogs (#16525) 2022-08-01 12:46:34 -07:00
16534.txt secrets/gcp: adds changelog entry for bug fixes in release branches (#16534) 2022-08-02 10:52:23 -07:00
16539.txt VAULT-6818 - Restrict ability to merge entities with mount-accessor-conflicting aliases unless one is explicitly chosen to be kept (#16539) 2022-08-10 09:10:02 -04:00
16549.txt Allow configuring the possible salt lengths for RSA PSS signatures (#16549) 2022-08-31 12:27:03 -04:00
16550.txt Vault 7338/fix retry join (#16550) 2022-08-03 20:44:57 -05:00
16553.txt Make key completion work for both kv-v1 and kv-v2 (#16553) 2022-09-13 12:11:00 -04:00
16563.txt Add per-issuer AIA URI information to PKI secrets engine (#16563) 2022-08-19 11:43:44 -04:00
16564.txt Add BYOC-based revocation to PKI secrets engine (#16564) 2022-08-15 08:50:57 -05:00
16566.txt Add proof possession revocation for PKI secrets engine (#16566) 2022-08-16 14:01:26 -04:00
16567.txt identity/oidc: adds detailed listing capability for clients and providers (#16567) 2022-08-04 10:10:28 -07:00
16594.txt auth/kerberos: add remove_instance_name config (#16594) 2022-08-04 16:38:12 -04:00
16598.txt identity/oidc: adds client_secret_post token endpoint authentication method (#16598) 2022-08-08 08:41:09 -07:00
16599.txt identity/oidc: change the state parameter to optional (#16599) 2022-08-05 11:37:24 -07:00
16600.txt identity/oidc: fixes validation of the request and request_uri parameters (#16600) 2022-08-05 11:55:15 -07:00
16601.txt identity/oidc: reorder authorization endpoint validation for invalid redirect uris (#16601) 2022-08-08 09:02:18 -07:00
16609.txt upgrade raft to 1.3.10 (#16609) 2022-08-05 10:27:37 -07:00
16621.txt Allow marking issuers as revoked (#16621) 2022-08-18 18:08:31 -04:00
16631.txt update changelog from feature to improvement (#16986) 2022-09-01 15:50:51 -05:00
16636.txt auth/kerberos: update plugin version to v0.7.2 (#16636) 2022-08-09 11:02:41 -05:00
16659.txt UI/ fix tooltip submitting form (#16659) 2022-08-09 20:51:29 -07:00
16668.txt Add support for a dedicated HMAC type in Transit. (#16668) 2022-09-06 10:17:58 -05:00
16673.txt secrets/auth: fix bug with aliased backends (#16673) 2022-08-10 20:02:05 -05:00
16686.txt secret/database: fix bug where too many wal deletes are deferred (#16686) 2022-08-11 16:22:53 -04:00
16688.txt Version-aware plugin catalog (#16688) 2022-08-25 21:31:42 +01:00
16699.txt Add a sentinel error for missing KV secrets (#16699) 2022-08-12 19:29:42 -04:00
16702.txt Add _remaining tidy metrics. (#16702) 2022-08-23 12:17:17 -04:00
16714.txt Remove extra empty lines from vault.log - Debug command (#16714) 2022-08-15 14:16:57 -07:00
16721.txt Ignore EC PARAMETER blocks during issuer import (#16721) 2022-08-15 08:59:10 -07:00
16723.txt Update changelog for OCSP feature (#16969) 2022-08-31 16:55:22 -04:00
16739.txt Fix naming of permitted_dns_domains in webui (#16739) 2022-08-16 14:57:05 -05:00
16762.txt Enable periodic, automatic rebuilding of CRLs (#16762) 2022-08-23 13:27:15 -04:00
16773.txt Support for generating Delta CRLs (#16773) 2022-08-29 11:37:09 -04:00
16794.txt VAULT-7698 Fix ignored parameter warnings for endpoint arbitrary data options (#16794) 2022-08-23 08:51:23 -04:00
16813.txt Migrate existing PKI mounts that only contains a key (#16813) 2022-08-22 10:11:21 -07:00
16821.txt UI: Forward to `redirect_to` param to when auth'd (#16821) 2022-08-23 11:05:00 -05:00
16830.txt Fix LIST issuers endpoint (#16830) 2022-08-23 11:08:23 -04:00
16834.txt command/debug: fix bug where monitor was not honoring configured duration (#16834) 2022-08-23 17:09:30 -04:00
16846.txt Fix changelog type for registry deprecation status (#16889) 2022-08-25 14:35:52 -04:00
16849.txt Add deprecation status to auth/secrets list (#16849) 2022-08-31 16:11:14 -04:00
16856.txt Update mount table and CLI with plugin version for auth (#16856) 2022-08-31 19:23:05 +01:00
16865.txt Don't allow crl-signing issuer usage without CRLSign KeyUsage (#16865) 2022-08-24 07:45:54 -07:00
16871.txt Let PKI tidy associate revoked certs with their issuers (#16871) 2022-08-26 10:13:45 -07:00
16874.txt Cleanup changes around issuer revocation (#16874) 2022-08-25 11:36:37 -04:00
16886.txt UI/OIDC auth bug for hcp namespace flag (#16886) 2022-08-26 10:04:01 -07:00
16890.txt auth/kerberos: add config to include ldap groups in group alias (#16890) 2022-08-25 13:51:54 -07:00
16900.txt Add ability to perform automatic tidy operations (#16900) 2022-08-30 15:45:54 -04:00
16911.txt VAULT-6433: Add namespace path to MFA read/list endpoints (#16911) 2022-08-29 09:11:25 -04:00
16930.txt UI: Use correct endpoint for force revoke prefix (#16930) 2022-08-30 09:33:01 -07:00
16935.txt Add remove_roots_from_chain to sign and issue pki apis (#16935) 2022-08-31 09:51:26 -04:00
16938.txt auth/token: Fix ignored parameter warnings for valid parameters on token create (#16938) 2022-09-01 08:32:40 -04:00
16950.txt VAULT-7707 Add docs around making mass amounts of lease count quotas via automation (#16950) 2022-08-31 11:50:01 -04:00
16956.txt Load SSCT Generation Counter Upon DR Promotion [OSS] (#16956) 2022-08-31 11:05:21 -07:00
16958.txt Add ability to cancel PKI tidy operations, pause between tidying certs (#16958) 2022-08-31 11:36:12 -07:00
16959.txt HCP Link Status (#16959) 2022-09-07 10:21:23 -06:00
16970.txt VAULT-6575 Vault agent respects retry config even with caching set (#16970) 2022-09-06 10:35:54 -04:00
16972.txt Multiplexing opt out flag (#16972) 2022-09-08 11:32:46 -04:00
16983.txt LinkTo Transition Bug (#16983) 2022-09-01 16:15:54 -06:00
16992.txt identity/oidc: adds claims_supported to discovery document (#16992) 2022-09-02 09:19:25 -07:00
16995.txt Prepare multiplexing support for database plugins (#16995) 2022-09-06 14:00:37 -04:00
17005.txt Handle deprecated builtins (#17005) 2022-09-06 15:49:35 -04:00
17019.txt autopilot: assume nodes we haven't received heartbeats from are running the same version as we are (#17019) 2022-09-06 14:49:04 -04:00
17028.txt Make some activity log tests less flaky (#17028) 2022-09-07 09:06:15 -04:00
17038.txt Mark database-specific secrets engines Pending Removal (#17038) 2022-09-07 10:45:09 -04:00
17045.txt Update Vault Azure Secrets docs for permanent deletion feature (#17045) 2022-09-13 16:25:19 -07:00
17058.txt api: Add deprecation warnings to secrets/auth POST endpoints (#17058) 2022-09-08 09:15:10 -04:00
17070.txt Import Redis OSS database plugin into Vault (#17070) 2022-09-09 13:42:25 -05:00
17071.txt UI: OIDC Config for Vault as a provider (#17071) 2022-09-08 19:06:05 -06:00
17073.txt Add "plumbing" for surfacing warnings, and warning overwriting ttl (#17073) 2022-09-15 12:38:33 -07:00
17075.txt + added redis elasticache as a built-in plugin (#17075) 2022-09-09 16:16:30 -04:00
17077.txt Add deprecation status to plugin api and cli (#17077) 2022-09-09 16:03:07 -04:00
17079.txt Do not attempt to write a new TLS keyring at startup if raft is already setup (#17079) 2022-09-09 12:19:57 -04:00
17088.txt Add plugin version to GRPC interface (#17088) 2022-09-15 16:37:59 -07:00
17091.txt agent/auto-auth: add exit_on_err configurable (#17091) 2022-09-15 11:00:31 -07:00
17116.txt Replace Non-Inclusive Terms in UI (#17116) 2022-09-13 10:42:34 -06:00
17118.txt Implement partial_failure_response_code_override for batch requests (#17118) 2022-09-13 12:51:09 -05:00
17124.txt UI: Fix KV engine deleting latest version instead of specified version depending on policy (#17124) 2022-09-14 00:11:08 +02:00
17136.txt Fetch CRLs from a user defined URL (#17136) 2022-09-16 16:44:30 -05:00
17138.txt Load existing CRLs on startup and after invalidate (#17138) 2022-09-14 15:30:44 -05:00
17139.txt Prevent Requests to resultant-acl Endpoint When Unauthenticated (#17139) 2022-09-15 12:45:33 -06:00
17152.txt Adds ldap secrets to plugin registry and updates to v0.9.0 (#17152) 2022-09-15 22:19:24 -07:00
17159.txt fix: upgrade vault-plugin-database-snowflake to v0.6.0 (#17159) 2022-09-15 16:01:56 -07:00
17160.txt update auth/gcp to v0.14.0 (#17160) 2022-09-16 09:39:34 -07:00
17161.txt auth/kubernetes: upgrade to v0.14.0 (#17161) 2022-09-16 02:03:21 -04:00
17164.txt secrets/kubernetes: upgrade to v0.2.0 (#17164) 2022-09-16 08:31:53 -07:00
17174.txt secrets/gcp: updates plugin to v0.14.0 (#17174) 2022-09-16 12:42:37 -07:00
README.md Add more documentation on changelogs (#15701) 2022-06-06 10:04:48 -04:00
_ 1686.txt
_1622.txt
_1633.txt
_1637.txt
_1642.txt
_1656.txt
_1659.txt
_1663.txt
_1680.txt
_1691.txt
_1705.txt
_1712.txt
_1739.txt
_1757.txt
_1792.txt
_1819.txt
_2021Jan20.txt
_2021Jan26.txt
_2071.txt
_10959.txt
_go-ver-1120.txt updating go to 1.19.1 (#17053) 2022-09-07 16:13:33 -07:00
changelog.tmpl
client-counts-1.11.txt add 1.11 changelog for client counts1 (#15497) 2022-05-18 11:03:09 -07:00
client-counts.txt UI/Client counts changelog 1.10 (#14166) 2022-02-22 12:08:11 -07:00
diagnose.txt
go-ver-1110.txt mv changelog/15043.txt -> changelog/go-ver-1110.txt (#15059) 2022-04-15 14:37:54 -04:00
mount-migration.txt Fixes from mount move testing (#14492) 2022-03-15 11:11:23 -07:00
note.tmpl

README.md

changelog

This folder holds changelog updates from commit 3bc7d15 onwards.

Release notes are text files with three lines:

  1. An opening code block with the release-note:<MODE> type annotation.

    For example:

    ```release-note:bug

    Valid modes are:

    • bug - Any sort of non-security defect fix.
    • change - A change in the product that may require action or review by the operator. Examples would be any kind of API change (as opposed to backwards compatible addition), a notable behavior change, or anything that might require attention before updating. Go version changes are also listed here since they can potentially have large, sometimes unknown impacts. (Go updates are a special case, and dep updates in general aren't a change). Discussion of any potential change items in the pull request to see what other communication might be warranted.
    • deprecation - Announcement of a planned future removal of a feature. Only use this if a deprecation notice also exists in the docs.
    • feature - Large topical additions for a major release. These are rarely in minor releases. Formatting for feature entries differs from normal changelog formatting - see the new features instructions.
    • improvement - Most updates to the product that arent bugs, but aren't big enough to be a feature, will be an improvement.

  2. A component (for example, secret/pki or sdk/framework or), a colon and a space, and then a one-line description of the change.

  3. An ending code block.

This should be in a file named after the pull request number (e.g., 12345.txt).

There are many examples in this folder; check one out if you're stuck!

See hashicorp/go-changelog for full documentation on the supported entries.

New and Major Features

For features we are introducing in a new major release, we prefer a single changelog entry representing that feature. This way, it is clear to readers what feature is being introduced. You do not need to reference a specific PR, and the formatting is slightly different - your changelog file should look like:

changelog/<pr num OR feature name>.txt:
```release-note:feature
**Feature Name**: Description of feature - for example "Custom password policies are now supported for all database engines."
```