Update CHANGELOG.md #30186
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -3,6 +3,46 @@ | |
| - [v1.0.0 - v1.9.10](CHANGELOG-pre-v1.10.md) | ||
| - [v0.11.6 and earlier](CHANGELOG-v0.md) | ||
|
|
||
| ## 1.19.1 | ||
| ### April 4, 2025 | ||
|
|
||
| **Enterprise LTS:** Vault Enterprise 1.19 is a [Long-Term Support (LTS)](https://developer.hashicorp.com/vault/docs/enterprise/lts) release. | ||
|
|
||
| CHANGES: | ||
|
|
||
| * UI: remove outdated and unneeded js string extensions [[GH-29834](https://github.com/hashicorp/vault/pull/29834)] | ||
| * auth/azure: Update plugin to v0.20.2. Login requires `resource_group_name`, `vm_name`, and `vmss_name` to match token claims [[GH-30052](https://github.com/hashicorp/vault/pull/30052)] | ||
| * auth/azure: Update plugin to v0.20.3 [[GH-30082](https://github.com/hashicorp/vault/pull/30082)] | ||
| * auth/gcp: Update plugin to v0.20.2 [[GH-30081](https://github.com/hashicorp/vault/pull/30081)] | ||
| * core: Verify that the client IP address extracted from an X-Forwarded-For header is a valid IPv4 or IPv6 address [[GH-29774](https://github.com/hashicorp/vault/pull/29774)] | ||
| * secrets/azure: Update plugin to v0.21.2 [[GH-30037](https://github.com/hashicorp/vault/pull/30037)] | ||
| * secrets/azure: Update plugin to v0.21.3 [[GH-30083](https://github.com/hashicorp/vault/pull/30083)] | ||
| * secrets/gcp: Update plugin to v0.21.2 [[GH-29970](https://github.com/hashicorp/vault/pull/29970)] | ||
| * secrets/gcp: Update plugin to v0.21.3 [[GH-30080](https://github.com/hashicorp/vault/pull/30080)] | ||
| * secrets/openldap: Update plugin to v0.15.2 [[GH-30079](https://github.com/hashicorp/vault/pull/30079)] | ||
|
|
||
| IMPROVEMENTS: | ||
|
|
||
| * activity: mount_type was added to the API response of sys/internal/counters/activity [[GH-30071](https://github.com/hashicorp/vault/pull/30071)] | ||
| * activity: mount_type was added to the API response of sys/internal/counters/activity | ||
| * core (enterprise): report errors from the underlying seal when getting entropy. | ||
| * storage/raft: Upgrade hashicorp/raft library to v1.7.3 which includes additional logging on the leader when opening and sending a snapshot to a follower. [[GH-29976](https://github.com/hashicorp/vault/pull/29976)] | ||
|
|
||
| BUG FIXES: | ||
|
|
||
| * auth/aws: fix a panic when a performance standby node attempts to write/update config. [[GH-30039](https://github.com/hashicorp/vault/pull/30039)] | ||
| * auth/ldap: Fix a bug that does not properly delete users and groups by first converting their names to lowercase when case senstivity option is off. [[GH-29922](https://github.com/hashicorp/vault/pull/29922)] | ||
| * auth/ldap: fix a panic when a performance standby node attempts to write/update config. [[GH-30039](https://github.com/hashicorp/vault/pull/30039)] | ||
| * aws/secrets: Prevent vault from rejecting secret role configurations where no regions or endpoints are set [[GH-29996](https://github.com/hashicorp/vault/pull/29996)] | ||
| * core (enterprise): add nil check before attempting to use Rotation Manager operations. | ||
| * core: Fix a bug that prevents certain loggers from writing to a log file. [[GH-29917](https://github.com/hashicorp/vault/pull/29917)] | ||
| * identity: reintroduce RPC functionality for group creates, allowing performance standbys to handle external group changes during login and token renewal [[GH-30069](https://github.com/hashicorp/vault/pull/30069)] | ||
| * plugins (enterprise): Fix plugin registration with artifact when a binary for the same plugin is already present in the plugin directory. | ||
| * secrets/aws: fix a bug where environment and shared credential providers were overriding the WIF configuration [[GH-29982](https://github.com/hashicorp/vault/pull/29982)] | ||
| * secrets/aws: fix a panic when a performance standby node attempts to write/update config. [[GH-30039](https://github.com/hashicorp/vault/pull/30039)] | ||
| * secrets/db: fix a panic when a performance standby node attempts to write/update config. [[GH-30039](https://github.com/hashicorp/vault/pull/30039)] | ||
| * secrets/pki: Fix a bug that prevents enabling automatic tidying of the CMPv2 nonce store. [[GH-29852](https://github.com/hashicorp/vault/pull/29852)] | ||
|
|
||
| ## 1.19.0 | ||
| ### March 5, 2025 | ||
|
|
||
|
|
@@ -243,6 +283,29 @@ Unblocks customers that were stuck in a failing loop when attempting to rotate s | |
| * ui: No longer running decodeURIComponent on KVv2 list view allowing percent encoded data-octets in path name. [[GH-28698](https://github.com/hashicorp/vault/pull/28698)] | ||
| * vault/diagnose: Fix time to expiration reporting within the TLS verification to not be a month off. [[GH-29128](https://github.com/hashicorp/vault/pull/29128)] | ||
|
|
||
| ## 1.18.7 Enterprise | ||
| ### April 4, 2025 | ||
|
|
||
| CHANGES: | ||
|
|
||
| * auth/azure: Update plugin to v0.19.3. Login requires `resource_group_name`, `vm_name`, and `vmss_name` to match token claims. | ||
| * core: Verify that the client IP address extracted from an X-Forwarded-For header is a valid IPv4 or IPv6 address [[GH-29774](https://github.com/hashicorp/vault/pull/29774)] | ||
|
|
||
| IMPROVEMENTS: | ||
|
|
||
| * core (enterprise): report errors from the underlying seal when getting entropy. | ||
| * storage/raft: Upgrade hashicorp/raft library to v1.7.3 which includes additional logging on the leader when opening and sending a snapshot to a follower. [[GH-29976](https://github.com/hashicorp/vault/pull/29976)] | ||
|
|
||
| BUG FIXES: | ||
|
|
||
| * auth/ldap: Fix a bug that does not properly delete users and groups by first converting their names to lowercase when case senstivity option is off. [[GH-29922](https://github.com/hashicorp/vault/pull/29922)] | ||
| * core: Fix Azure authentication for seal/managed keys to work for both federated workload identity and managed user identities. Fixes regression for federated workload identities. [[GH-29792](https://github.com/hashicorp/vault/pull/29792)] | ||
| * core: Fix a bug that prevents certain loggers from writing to a log file. [[GH-29917](https://github.com/hashicorp/vault/pull/29917)] | ||
| * plugins (enterprise): Fix plugin registration with artifact when a binary for the same plugin is already present in the plugin directory. | ||
| * plugins: plugin registration should honor the `plugin_tmpdir` config [[GH-29978](https://github.com/hashicorp/vault/pull/29978)] | ||
| * plugins: plugin registration should honor the `plugin_tmpdir` config | ||
|
Collaborator
There was a problem hiding this comment. Is this also a duplicate? |
||
| * secrets/azure: Upgrade plugin to v0.20.2 which reverts role name changes to no longer be a GUID. | ||
| * secrets/pki: Fix a bug that prevents enabling automatic tidying of the CMPv2 nonce store. [[GH-29852](https://github.com/hashicorp/vault/pull/29852)] | ||
|
|
||
| ## 1.18.6 Enterprise | ||
| ### March 5, 2025 | ||
|
|
@@ -641,6 +704,30 @@ use versioned plugins. [[GH-27881](https://github.com/hashicorp/vault/pull/27881 | |
| * ui: fixes renew-self being called right after login for non-renewable tokens [[GH-28204](https://github.com/hashicorp/vault/pull/28204)] | ||
| * ui: fixes toast (flash) alert message saying "created" when deleting a kv v2 secret [[GH-28093](https://github.com/hashicorp/vault/pull/28093)] | ||
|
|
||
| ## 1.17.14 Enterprise | ||
| ### April 04, 2025 | ||
|
|
||
| CHANGES: | ||
|
|
||
| * auth/azure: Update plugin to v0.18.2. Login requires `resource_group_name`, `vm_name`, and `vmss_name` to match token claims. | ||
| * core: Verify that the client IP address extracted from an X-Forwarded-For header is a valid IPv4 or IPv6 address [[GH-29774](https://github.com/hashicorp/vault/pull/29774)] | ||
|
|
||
| IMPROVEMENTS: | ||
|
|
||
| * core (enterprise): report errors from the underlying seal when getting entropy. | ||
|
|
||
| BUG FIXES: | ||
|
|
||
| * auth/ldap: Fix a bug that does not properly delete users and groups by first converting their names to lowercase when case senstivity option is off. [[GH-29922](https://github.com/hashicorp/vault/pull/29922)] | ||
| * core: Fix Azure authentication for seal/managed keys to work for both federated workload identity and managed user identities. Fixes regression for federated workload identities. [[GH-29792](https://github.com/hashicorp/vault/pull/29792)] | ||
| * core: Fix a bug that prevents certain loggers from writing to a log file. [[GH-29917](https://github.com/hashicorp/vault/pull/29917)] | ||
| * export API: Normalize the start_date parameter to the start of the month as is done in the sys/counters API to keep the results returned from both of the API's consistent. | ||
|
Collaborator
There was a problem hiding this comment. This one is missing from 1.19 and 1.18. It looks like the backport labels were incorrectly added. not sure what we want to do here? #29562
Contributor
Author
There was a problem hiding this comment. The CE & ENT PRs for this change were released in 1.19.0 and 1.18.5, then only the ENT PRs in 1.16.18 and 1.17.14. @akshya96 can you take a look and make sure everything is where it should be? |
||
| * plugins (enterprise): Fix plugin registration with artifact when a binary for the same plugin is already present in the plugin directory. | ||
| * plugins: plugin registration should honor the `plugin_tmpdir` config [[GH-29978](https://github.com/hashicorp/vault/pull/29978)] | ||
| * plugins: plugin registration should honor the `plugin_tmpdir` config | ||
|
|
||
| * secrets/azure: Upgrade plugin to v0.19.3 which reverts role name changes to no longer be a GUID. | ||
| * secrets/database: Fix a bug where a global database plugin reload exits if any of the database connections are not available [[GH-29519](https://github.com/hashicorp/vault/pull/29519)] | ||
|
|
||
| ## 1.17.13 Enterprise | ||
| ### March 5, 2025 | ||
|
|
||
|
|
@@ -1184,6 +1271,31 @@ autopilot to fail to discover new server versions and so not trigger an upgrade. | |
| * ui: fixed a bug where the replication pages did not update display when navigating between DR and performance [[GH-26325](https://github.com/hashicorp/vault/pull/26325)] | ||
| * ui: fixes undefined start time in filename for downloaded client count attribution csv [[GH-26485](https://github.com/hashicorp/vault/pull/26485)] | ||
|
|
||
| ## 1.16.18 Enterprise | ||
| ### April 4, 2025 | ||
|
|
||
| **Enterprise LTS:** Vault Enterprise 1.16 is a [Long-Term Support (LTS)](https://developer.hashicorp.com/vault/docs/enterprise/lts) release. | ||
|
|
||
| CHANGES: | ||
|
|
||
| * auth/azure: Update plugin to v0.17.3. Login requires `resource_group_name`, `vm_name`, and `vmss_name` to match token claims. | ||
|
|
||
| IMPROVEMENTS: | ||
|
|
||
| * core (enterprise): report errors from the underlying seal when getting entropy. | ||
|
|
||
| BUG FIXES: | ||
|
|
||
| * auth/ldap: Fix a bug that does not properly delete users and groups by first converting their names to lowercase when case senstivity option is off. [[GH-29922](https://github.com/hashicorp/vault/pull/29922)] | ||
| * core: Fix Azure authentication for seal/managed keys to work for both federated workload identity and managed user identities. Fixes regression for federated workload identities. [[GH-29792](https://github.com/hashicorp/vault/pull/29792)] | ||
| * core: Fix a bug that prevents certain loggers from writing to a log file. [[GH-29917](https://github.com/hashicorp/vault/pull/29917)] | ||
| * export API: Normalize the start_date parameter to the start of the month as is done in the sys/counters API to keep the results returned from both of the API's consistent. | ||
| * plugins (enterprise): Fix plugin registration with artifact when a binary for the same plugin is already present in the plugin directory. | ||
| * plugins: plugin registration should honor the `plugin_tmpdir` config [[GH-29978](https://github.com/hashicorp/vault/pull/29978)] | ||
| * plugins: plugin registration should honor the `plugin_tmpdir` config | ||
|
Contributor
Author
There was a problem hiding this comment. Yeah, makes sense, duplicate entries that got backported the whole way. |
||
| * secrets/azure: Upgrade plugin to v0.17.4 which reverts role name changes to no longer be a GUID. | ||
| * secrets/database: Fix a bug where a global database plugin reload exits if any of the database connections are not available [[GH-29519](https://github.com/hashicorp/vault/pull/29519)] | ||
|
|
||
| ## 1.16.17 Enterprise | ||
| ### March 5, 2025 | ||
|
|
||
|
|
||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks like a duplicate?