build(deps): bump github.com/hashicorp/vault from 0.10.4 to 1.18.3

[dependabot]

Bumps github.com/hashicorp/vault from 0.10.4 to 1.18.3.

Release notes

Sourced from github.com/hashicorp/vault's releases.

v1.18.3

1.18.3

December 18, 2024

CHANGES:

• secrets/openldap: Update plugin to v0.14.4 [GH-29131]
• secrets/pki: Enforce the issuer constraint extensions (extended key usage, name constraints, issuer name) when issuing or signing leaf certificates. For more information see PKI considerations [GH-29045]

IMPROVEMENTS:

• auth/okta: update to okta sdk v5 from v2. Transitively updates go-jose dependency to >=3.0.3 to resolve GO-2024-2631. See https://github.com/okta/okta-sdk-golang/blob/master/MIGRATING.md for details on changes. [GH-28121]
• core: Added new enable_post_unseal_trace and post_unseal_trace_directory config options to generate Go traces during the post-unseal step for debug purposes. [GH-28895]
• sdk: Add Vault build date to system view plugin environment response [GH-29082]
• ui: Replace KVv2 json secret details view with Hds::CodeBlock component allowing users to search the full secret height. [GH-28808]

BUG FIXES:

• autosnapshots (enterprise): Fix an issue where snapshot size metrics were not reported for cloud-based storage.
• core/metrics: Fix unlocked mounts read for usage reporting. [GH-29091]
• core/seal (enterprise): Fix problem with nodes unable to join Raft clusters with Seal High Availability enabled. [GH-29117]
• core: fix bug in seal unwrapper that caused high storage latency in Vault CE. For every storage read request, the seal unwrapper was performing the read twice, and would also issue an unnecessary storage write. [GH-29050]
• secret/db: Update static role rotation to generate a new password after 2 failed attempts. [GH-28989]
• ui: Allow users to search the full json object within the json code-editor edit/create view. [GH-28808]
• ui: Decode connection_url to fix database connection updates (i.e. editing connection config, deleting roles) failing when urls include template variables. [GH-29114]
• vault/diagnose: Fix time to expiration reporting within the TLS verification to not be a month off. [GH-29128]

v1.18.2

1.18.2

November 21, 2024

SECURITY:

• raft/snapshotagent (enterprise): upgrade raft-snapshotagent to v0.0.0-20241115202008-166203013d8e

CHANGES:

• auth/azure: Update plugin to v0.19.2 [GH-28848]
• core/ha (enterprise): Failed attempts to become a performance standby node are now using an exponential backoff instead of a 10 second delay in between retries. The backoff starts at 2s and increases by a factor of two until reaching the maximum of 16s. This should make unsealing of the node faster in some cases.
• login (enterprise): Return a 500 error during logins when performance standby nodes make failed gRPC requests to the active node. [GH-28807]

FEATURES:

• Product Usage Reporting: Added product usage reporting, which collects anonymous, numerical, non-sensitive data about Vault secrets usage, and adds it to the existing utilization reports. See the [docs] for more info [GH-28858]

IMPROVEMENTS:

... (truncated)

Changelog

Sourced from github.com/hashicorp/vault's changelog.

0.11.6 (December 14th, 2018)

This release contains the three security fixes from 1.0.0 and 1.0.1 and the following bug fixes from 1.0.0/1.0.1:

• namespaces: Correctly reload the proper mount when tuning or reloading the mount [GH-5937]
• replication/perfstandby: Fix audit table upgrade on standbys [GH-5811]
• replication/perfstandby: Fix redirect on approle update [GH-5820]
• secrets/kv: Fix issue where storage version would get incorrectly downgraded [GH-5809]

It is otherwise identical to 0.11.5.

0.11.5 (November 13th, 2018)

BUG FIXES:

• agent: Fix issue when specifying two file sinks [GH-5610]
• auth/userpass: Fix minor timing issue that could leak the presence of a username [GH-5614]
• autounseal/alicloud: Fix issue interacting with the API (Enterprise)
• autounseal/azure: Fix key version tracking (Enterprise)
• cli: Fix panic that could occur if parameters were not provided [GH-5603]
• core: Fix buggy behavior if trying to remount into a namespace
• identity: Fix duplication of entity alias entity during alias transfer between entities [GH-5733]
• namespaces: Fix tuning of auth mounts in a namespace
• ui: Fix bug where editing secrets as JSON doesn't save properly [GH-5660]
• ui: Fix issue where IE 11 didn't render the UI and also had a broken form when trying to use tool/hash [GH-5714]

0.11.4 (October 23rd, 2018)

CHANGES:

• core: HA lock file is no longer copied during operator migrate [GH-5503]. We've categorized this as a change, but generally this can be considered just a bug fix, and no action is needed.

FEATURES:

• Transit Key Trimming: Keys in transit secret engine can now be trimmed to remove older unused key versions
• Web UI support for KV Version 2: Browse, delete, undelete and destroy individual secret versions in the UI
• Azure Existing Service Principal Support: Credentials can now be generated against an existing service principal

IMPROVEMENTS:

... (truncated)

Commits

• 7ae4eca [VAULT-33100] This is an automated pull request to build all artifacts for a ...
• dfd75b4 backport of commit 18d21928b21d7b641b143d73f686ac393d5634e5 (#29198)
• fceb98c backport of commit ca203c21d08112f5f86a2fc37a76e99ba86d9661 (#29160)
• c4d66a7 Add enrollment protocol sublinks. (#28739)
• 94cc87a backport of commit 732837b0821eef152009fe455ee30f86324d7771 (#29197)
• 599f8a7 backport of commit 11708f14d6c7fdb7666a001373d49c1e94c8c77c (#29169)
• d81b4ec backport of commit 23a663fcf94cc139b1d5e86bcd28d506cab09f5c (#29182)
• d23d3ab backport of commit 23a663fcf94cc139b1d5e86bcd28d506cab09f5c (#29184)
• e260ea9 backport of commit 2076decac0f3ee7245d0b7bb1d3070b5c76160e2 (#29190)
• 09376df [DOCS] Manual cherry pick PR 28746 to 1.18.x doc (#29185)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)