build(deps): bump github.com/hashicorp/vault from 1.14.0 to 1.14.10

[dependabot]

Bumps github.com/hashicorp/vault from 1.14.0 to 1.14.10.

Release notes

Sourced from github.com/hashicorp/vault's releases.

v1.14.10

1.14.10

February 29, 2024

SECURITY:

• auth/cert: compare public keys of trusted non-CA certificates with incoming client certificates to prevent trusting certs with the same serial number but not the same public/private key. [GH-25649]

CHANGES:

• core: Bump Go version to 1.20.14.

FEATURES:

• Manual License Utilization Reporting: Added manual license utilization reporting, which allows users to create manual exports of product-license [metering data] to report to Hashicorp.

IMPROVEMENTS:

• auth/cert: Cache trusted certs to reduce memory usage and improve performance of logins. [GH-25421]
• ui: redirect back to current route after reauthentication when token expires [GH-25335]
• ui: remove unnecessary OpenAPI calls for unmanaged auth methods [GH-25364]

BUG FIXES:

• core (enterprise): Fix a deadlock that can occur on performance secondary clusters when there are many mounts and a mount is deleted or filtered [GH-25448]
• core/quotas: Deleting a namespace that contains a rate limit quota no longer breaks replication [GH-25439]
• secrets/transform (enterprise): guard against a panic looking up a token in exportable mode with barrier storage.
• secrets/transit: When provided an invalid input with hash_algorithm=none, a lock was not released properly before reporting an error leading to deadlocks on a subsequent key configuration update. [GH-25336]
• storage/file: Fixing spuriously deleting storage keys ending with .temp [GH-25395]

v1.14.9

1.14.9

January 31, 2024

CHANGES:

• core: Bump Go version to 1.20.12.
• database/snowflake: Update plugin to v0.9.2 [GH-25057]

IMPROVEMENTS:

• command/server: display logs on startup immediately if disable-gated-logs flag is set [GH-24280]
• oidc/provider: Adds code_challenge_methods_supported to OpenID Connect Metadata [GH-24979]
• storage/raft: Upgrade to bbolt 1.3.8, along with an extra patch to reduce time scanning large freelist maps. [GH-24010]
• ui: latest version of chrome does not automatically redirect back to the app after authentication unless triggered by the user, hence added a link to redirect back to the app. [GH-18513]

... (truncated)

Changelog

Sourced from github.com/hashicorp/vault's changelog.

1.14.10

February 29, 2024

SECURITY:

• auth/cert: compare public keys of trusted non-CA certificates with incoming client certificates to prevent trusting certs with the same serial number but not the same public/private key. [GH-25649]

CHANGES:

• core: Bump Go version to 1.20.14.

FEATURES:

• Manual License Utilization Reporting: Added manual license utilization reporting, which allows users to create manual exports of product-license [metering data] to report to Hashicorp.

IMPROVEMENTS:

• auth/cert: Cache trusted certs to reduce memory usage and improve performance of logins. [GH-25421]
• ui: redirect back to current route after reauthentication when token expires [GH-25335]
• ui: remove unnecessary OpenAPI calls for unmanaged auth methods [GH-25364]

BUG FIXES:

• core (enterprise): Fix a deadlock that can occur on performance secondary clusters when there are many mounts and a mount is deleted or filtered [GH-25448]
• core/quotas: Deleting a namespace that contains a rate limit quota no longer breaks replication [GH-25439]
• secrets/transform (enterprise): guard against a panic looking up a token in exportable mode with barrier storage.
• secrets/transit: When provided an invalid input with hash_algorithm=none, a lock was not released properly before reporting an error leading to deadlocks on a subsequent key configuration update. [GH-25336]
• storage/file: Fixing spuriously deleting storage keys ending with .temp [GH-25395]

1.14.9

January 31, 2024

CHANGES:

• core: Bump Go version to 1.20.12.
• database/snowflake: Update plugin to v0.9.2 [GH-25057]

IMPROVEMENTS:

• command/server: display logs on startup immediately if disable-gated-logs flag is set [GH-24280]
• oidc/provider: Adds code_challenge_methods_supported to OpenID Connect Metadata [GH-24979]
• storage/raft: Upgrade to bbolt 1.3.8, along with an extra patch to reduce time scanning large freelist maps. [GH-24010]
• ui: latest version of chrome does not automatically redirect back to the app after authentication unless triggered by the user, hence added a link to redirect back to the app. [GH-18513]

BUG FIXES:

... (truncated)

Commits

• 7d15950 [VAULT-24502] This is an automated pull request to build all artifacts for a ...
• 17a3dc2 backport of commit e0b1b87ca684425a38855ac2cbd4436b7945a406 (#25701)
• 9eeac45 Bump go version to 1.20.14 (#25662)
• 612a54f backport of commit 773911494e767482207674b5e7bdb9608693c8c0 (#25654)
• 6a45d27 Backport of identity/oidc: fix flakey key rotation test into release/1.14.x (...
• d3028e6 backport of commit 5f0638aa8bcb3e6188d4b92fabca29f15460203a (#25448) (#25552)
• dd5a783 backport of commit e5c6e4cf138282119efb60bb67f1b6b3bee5dc6f (#25527)
• 35bb12a Cache trusted cert values, invalidating when anything changes (#25421) (#25464)
• de9f7a8 UI: stabilize flaky ns test (#25488) (#25495)
• 19e5992 Backport of PSA-714 - update ubi-minimal to 8.9 for security fixes into relea...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[github-actions]

Thank you for your contribution! This pull request is stale because it has been open 60 days with no activity. In order to keep it open, please remove stale label or add a comment within the next 10 days. If you need a Piper team member to remove the stale label make sure to add @SAP/jenkins-library-team to your comment.

[github-actions]

Pull request got stale and no further activity happened. It has automatically been closed. Please re-open in case you still consider it relevant.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.