chore(deps): bump github.com/hashicorp/vault from 1.16.1 to 1.16.3

[dependabot]

Bumps github.com/hashicorp/vault from 1.16.1 to 1.16.3.

Release notes

Sourced from github.com/hashicorp/vault's releases.

v1.16.3

1.16.3

May 30, 2024

CHANGES:

• auth/jwt: Update plugin to v0.20.3 [GH-26890]
• core/identity: improve performance for secondary nodes receiving identity related updates through replication [GH-27184]
• core: Bump Go version to 1.22.2.

IMPROVEMENTS:

• secrets/pki (enterprise): Disable warnings about unknown parameters to the various CIEPS endpoints
• ui: Update PGP display and show error for Generate Operation Token flow with PGP [GH-26993]

BUG FIXES:

• activity (enterprise): fix read-only storage error on upgrades
• auto-auth: Addressed issue where having no permissions to renew a renewable token caused auto-auth to attempt to renew constantly with no backoff [GH-26844]
• core (enterprise): Fix an issue that prevented the seal re-wrap status from reporting that a re-wrap is in progress for up to a second.
• core/audit: Audit logging a Vault request/response will now use a minimum 5 second context timeout. If the existing context deadline occurs later than 5s in the future, it will be used, otherwise a new context, separate from the original will be used. [GH-26616]
• core: Add missing field delegated_auth_accessors to GET /sys/mounts/:path API response [GH-26876]
• core: Address a data race updating a seal's last seen healthy time attribute [GH-27014]
• core: Fix redact_version listener parameter being ignored for some OpenAPI related endpoints. [GH-26607]
• events (enterprise): Fix bug preventing subscribing and receiving events within a namepace.
• pki: Fix error in cross-signing using ed25519 keys [GH-27093]
• replication (enterprise): fix "given mount path is not in the same namespace as the request" error that can occur when enabling replication for the first time on a secondary cluster
• secrets-sync (enterprise): Secondary nodes in a cluster now properly check activation-flags values.
• secrets/azure: Update vault-plugin-secrets-azure to 0.17.2 to include a bug fix for azure role creation [GH-26896]
• secrets/pki (enterprise): cert_role parameter within authenticators.cert EST configuration handler could not be set
• secrets/transit: Use 'hash_algorithm' parameter if present in HMAC verify requests. Otherwise fall back to deprecated 'algorithm' parameter. [GH-27211]
• ui: Fix KVv2 cursor jumping inside json editor after initial input. [GH-27120]
• ui: Fix KVv2 json editor to allow null values. [GH-27094]
• ui: Fix broken help link in console for the web command. [GH-26858]
• ui: Fix link to v2 generic secrets engine from secrets list page. [GH-27019]
• ui: Prevent perpetual loading screen when Vault needs initialization [GH-26985]
• ui: Refresh model within a namespace on the Secrets Sync overview page. [GH-26790]

v1.16.2

No release notes provided.

Changelog

Sourced from github.com/hashicorp/vault's changelog.

1.16.3

May 30, 2024

Enterprise LTS: Vault Enterprise 1.16 is a Long-Term Support (LTS) release.

CHANGES:

• auth/jwt: Update plugin to v0.20.3 [GH-26890]
• core/identity: improve performance for secondary nodes receiving identity related updates through replication [GH-27184]
• core: Bump Go version to 1.22.2.

IMPROVEMENTS:

• secrets/pki (enterprise): Disable warnings about unknown parameters to the various CIEPS endpoints
• ui: Update PGP display and show error for Generate Operation Token flow with PGP [GH-26993]

BUG FIXES:

• activity (enterprise): fix read-only storage error on upgrades
• auto-auth: Addressed issue where having no permissions to renew a renewable token caused auto-auth to attempt to renew constantly with no backoff [GH-26844]
• core (enterprise): Fix an issue that prevented the seal re-wrap status from reporting that a re-wrap is in progress for up to a second.
• core/audit: Audit logging a Vault request/response will now use a minimum 5 second context timeout. If the existing context deadline occurs later than 5s in the future, it will be used, otherwise a new context, separate from the original will be used. [GH-26616]
• core: Add missing field delegated_auth_accessors to GET /sys/mounts/:path API response [GH-26876]
• core: Address a data race updating a seal's last seen healthy time attribute [GH-27014]
• core: Fix redact_version listener parameter being ignored for some OpenAPI related endpoints. [GH-26607]
• events (enterprise): Fix bug preventing subscribing and receiving events within a namepace.
• pki: Fix error in cross-signing using ed25519 keys [GH-27093]
• replication (enterprise): fix "given mount path is not in the same namespace as the request" error that can occur when enabling replication for the first time on a secondary cluster
• secrets-sync (enterprise): Secondary nodes in a cluster now properly check activation-flags values.
• secrets/azure: Update vault-plugin-secrets-azure to 0.17.2 to include a bug fix for azure role creation [GH-26896]
• secrets/pki (enterprise): cert_role parameter within authenticators.cert EST configuration handler could not be set
• secrets/transit: Use 'hash_algorithm' parameter if present in HMAC verify requests. Otherwise fall back to deprecated 'algorithm' parameter. [GH-27211]
• ui: Fix KVv2 cursor jumping inside json editor after initial input. [GH-27120]
• ui: Fix KVv2 json editor to allow null values. [GH-27094]
• ui: Fix broken help link in console for the web command. [GH-26858]
• ui: Fix link to v2 generic secrets engine from secrets list page. [GH-27019]
• ui: Prevent perpetual loading screen when Vault needs initialization [GH-26985]
• ui: Refresh model within a namespace on the Secrets Sync overview page. [GH-26790]

1.16.2

April 24, 2024

Enterprise LTS: Vault Enterprise 1.16 is a Long-Term Support (LTS) release.

CHANGES:

• auth/jwt: Update plugin to v0.20.2 [GH-26291]
• core: Bump Go version to 1.21.9.
• secrets/azure: Update plugin to v0.17.1 [GH-26528]

... (truncated)

Commits

• e92d9a5 [VAULT-27613] This is an automated pull request to build all artifacts for a ...
• 8f82d47 UI: improve DR Operation Token flow with PGP (#26993) (#27252)
• 781c396 backport of commit 990a25aee207fadffb267fb9998d962236e2f82d (#27247)
• d8dca05 Backport of Improve IdentityStore Invalidate performance into release/1.16.x ...
• 4c4ce5f backport of commit 7c753f7dcc8b44bddf165be3da049f3df63837ac (#27233)
• 6164242 backport of commit e6c9bbbd478f4cd1b994e115bd7e3889d92152ea (#27235)
• b79bc4f backport of commit 53ec4d5f7bfe0076b4eab14bb2acfc1ba22c054f (#27226)
• dc904d6 backport of commit 417376341a0cba0e422262b641d82dae6f11bffc (#27224)
• 704d3ab backport of commit e8c1da8713ea704e84a92f9be6aec357416d077e (#27212)
• 20e2c6e backport of commit 3d5a372ce398d02d9fd494f52dba1ac6ce181343 (#27201)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[werne2j]

@dependabot rebase

[dependabot]

Dependabot can't resolve your Go dependency files. Because of this, Dependabot cannot update this pull request.

[werne2j]

@dependabot recreate

[dependabot]

Dependabot can't resolve your Go dependency files. Because of this, Dependabot cannot update this pull request.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.