Bump github.com/hashicorp/vault from 1.18.2 to 1.18.3

[dependabot]

Bumps github.com/hashicorp/vault from 1.18.2 to 1.18.3.

Release notes

Sourced from github.com/hashicorp/vault's releases.

v1.18.3

1.18.3

December 18, 2024

CHANGES:

• secrets/openldap: Update plugin to v0.14.4 [GH-29131]
• secrets/pki: Enforce the issuer constraint extensions (extended key usage, name constraints, issuer name) when issuing or signing leaf certificates. For more information see PKI considerations [GH-29045]

IMPROVEMENTS:

• auth/okta: update to okta sdk v5 from v2. Transitively updates go-jose dependency to >=3.0.3 to resolve GO-2024-2631. See https://github.com/okta/okta-sdk-golang/blob/master/MIGRATING.md for details on changes. [GH-28121]
• core: Added new enable_post_unseal_trace and post_unseal_trace_directory config options to generate Go traces during the post-unseal step for debug purposes. [GH-28895]
• sdk: Add Vault build date to system view plugin environment response [GH-29082]
• ui: Replace KVv2 json secret details view with Hds::CodeBlock component allowing users to search the full secret height. [GH-28808]

BUG FIXES:

• autosnapshots (enterprise): Fix an issue where snapshot size metrics were not reported for cloud-based storage.
• core/metrics: Fix unlocked mounts read for usage reporting. [GH-29091]
• core/seal (enterprise): Fix problem with nodes unable to join Raft clusters with Seal High Availability enabled. [GH-29117]
• core: fix bug in seal unwrapper that caused high storage latency in Vault CE. For every storage read request, the seal unwrapper was performing the read twice, and would also issue an unnecessary storage write. [GH-29050]
• secret/db: Update static role rotation to generate a new password after 2 failed attempts. [GH-28989]
• ui: Allow users to search the full json object within the json code-editor edit/create view. [GH-28808]
• ui: Decode connection_url to fix database connection updates (i.e. editing connection config, deleting roles) failing when urls include template variables. [GH-29114]
• vault/diagnose: Fix time to expiration reporting within the TLS verification to not be a month off. [GH-29128]

Changelog

Sourced from github.com/hashicorp/vault's changelog.

1.18.3

December 18, 2024

CHANGES:

• secrets/openldap: Update plugin to v0.14.4 [GH-29131]
• secrets/pki: Enforce the issuer constraint extensions (extended key usage, name constraints, issuer name) when issuing or signing leaf certificates. For more information see PKI considerations [GH-29045]

IMPROVEMENTS:

• auth/okta: update to okta sdk v5 from v2. Transitively updates go-jose dependency to >=3.0.3 to resolve GO-2024-2631. See https://github.com/okta/okta-sdk-golang/blob/master/MIGRATING.md for details on changes. [GH-28121]
• core: Added new enable_post_unseal_trace and post_unseal_trace_directory config options to generate Go traces during the post-unseal step for debug purposes. [GH-28895]
• sdk: Add Vault build date to system view plugin environment response [GH-29082]
• ui: Replace KVv2 json secret details view with Hds::CodeBlock component allowing users to search the full secret height. [GH-28808]

BUG FIXES:

• autosnapshots (enterprise): Fix an issue where snapshot size metrics were not reported for cloud-based storage.
• core/metrics: Fix unlocked mounts read for usage reporting. [GH-29091]
• core/seal (enterprise): Fix problem with nodes unable to join Raft clusters with Seal High Availability enabled. [GH-29117]
• core: fix bug in seal unwrapper that caused high storage latency in Vault CE. For every storage read request, the seal unwrapper was performing the read twice, and would also issue an unnecessary storage write. [GH-29050]
• secret/db: Update static role rotation to generate a new password after 2 failed attempts. [GH-28989]
• ui: Allow users to search the full json object within the json code-editor edit/create view. [GH-28808]
• ui: Decode connection_url to fix database connection updates (i.e. editing connection config, deleting roles) failing when urls include template variables. [GH-29114]
• ui: Fix Swagger explorer bug where requests with path params were not working. [GH-28670]
• vault/diagnose: Fix time to expiration reporting within the TLS verification to not be a month off. [GH-29128]

Commits

• 7ae4eca [VAULT-33100] This is an automated pull request to build all artifacts for a ...
• dfd75b4 backport of commit 18d21928b21d7b641b143d73f686ac393d5634e5 (#29198)
• fceb98c backport of commit ca203c21d08112f5f86a2fc37a76e99ba86d9661 (#29160)
• c4d66a7 Add enrollment protocol sublinks. (#28739)
• 94cc87a backport of commit 732837b0821eef152009fe455ee30f86324d7771 (#29197)
• 599f8a7 backport of commit 11708f14d6c7fdb7666a001373d49c1e94c8c77c (#29169)
• d81b4ec backport of commit 23a663fcf94cc139b1d5e86bcd28d506cab09f5c (#29182)
• d23d3ab backport of commit 23a663fcf94cc139b1d5e86bcd28d506cab09f5c (#29184)
• e260ea9 backport of commit 2076decac0f3ee7245d0b7bb1d3070b5c76160e2 (#29190)
• 09376df [DOCS] Manual cherry pick PR 28746 to 1.18.x doc (#29185)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)