Herman Slatman
52bc96760b
Add SCEP certificate issuance notification webhook
1 year ago
Herman Slatman
69a53eec33
Merge branch 'master' into herman/scep-provisioner-decrypter
1 year ago
Herman Slatman
ea7c508fbb
Upgrade to `go.step.sm/crypto` v0.35.1
1 year ago
Herman Slatman
c3572281ad
Upgrade `github.com/smallstep/go-attestation` to fix legacy `tpm2`
1 year ago
dependabot[bot]
18d1b21a66
Bump github.com/google/go-tpm from 0.3.3 to 0.9.0
...
Bumps [github.com/google/go-tpm](https://github.com/google/go-tpm ) from 0.3.3 to 0.9.0.
- [Release notes](https://github.com/google/go-tpm/releases )
- [Commits](https://github.com/google/go-tpm/compare/v0.3.3...v0.9.0 )
---
updated-dependencies:
- dependency-name: github.com/google/go-tpm
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
github-actions[bot]
70533f55a4
Merge pull request #1538 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/kubernetes-0.5.0
...
Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.4.1 to 0.5.0
1 year ago
dependabot[bot]
d05f030452
Bump google.golang.org/api from 0.138.0 to 0.141.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.138.0 to 0.141.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.138.0...v0.141.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot]
a73617150e
Bump google.golang.org/grpc from 1.58.0 to 1.58.1
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.58.0 to 1.58.1.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.58.0...v1.58.1 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot]
75132d94f3
Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.4.1 to 0.5.0
...
Bumps [github.com/hashicorp/vault/api/auth/kubernetes](https://github.com/hashicorp/vault ) from 0.4.1 to 0.5.0.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG-v0.md )
- [Commits](https://github.com/hashicorp/vault/compare/v0.4.1...v0.5.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/kubernetes
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot]
77eeb7e2c5
Bump google.golang.org/grpc from 1.57.0 to 1.58.0
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.57.0 to 1.58.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.57.0...v1.58.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
github-actions[bot]
828591c61b
Merge pull request #1530 from smallstep/dependabot/go_modules/golang.org/x/net-0.15.0
...
Bump golang.org/x/net from 0.14.0 to 0.15.0
1 year ago
github-actions[bot]
1a4203edc0
Merge pull request #1533 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/approle-0.5.0
...
Bump github.com/hashicorp/vault/api/auth/approle from 0.4.1 to 0.5.0
1 year ago
dependabot[bot]
23cc1c71ee
Bump golang.org/x/net from 0.14.0 to 0.15.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.14.0 to 0.15.0.
- [Commits](https://github.com/golang/net/compare/v0.14.0...v0.15.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot]
ea40de159c
Bump github.com/hashicorp/vault/api/auth/approle from 0.4.1 to 0.5.0
...
Bumps [github.com/hashicorp/vault/api/auth/approle](https://github.com/hashicorp/vault ) from 0.4.1 to 0.5.0.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG-v0.md )
- [Commits](https://github.com/hashicorp/vault/compare/v0.4.1...v0.5.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/approle
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot]
b330c63df8
Bump golang.org/x/crypto from 0.12.0 to 0.13.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.12.0 to 0.13.0.
- [Commits](https://github.com/golang/crypto/compare/v0.12.0...v0.13.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
Herman Slatman
d9f56cdbdc
Merge branch 'master' into herman/scep-provisioner-decrypter
1 year ago
Herman Slatman
9d3b78ae49
Add `excludeIntermediate` to SCEP provisioner
1 year ago
Max
116ff8ed65
bump go.mod to go1.20 and associated linter fixes ( #1518 )
1 year ago
dependabot[bot]
8d26a6c832
Bump github.com/google/uuid from 1.3.0 to 1.3.1
...
Bumps [github.com/google/uuid](https://github.com/google/uuid ) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/google/uuid/releases )
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/uuid/compare/v1.3.0...v1.3.1 )
---
updated-dependencies:
- dependency-name: github.com/google/uuid
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
github-actions[bot]
ddabd453bd
Merge pull request #1513 from smallstep/dependabot/go_modules/google.golang.org/api-0.138.0
...
Bump google.golang.org/api from 0.136.0 to 0.138.0
1 year ago
dependabot[bot]
dccbe9f845
Bump go.step.sm/crypto from 0.34.0 to 0.35.0
...
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto ) from 0.34.0 to 0.35.0.
- [Release notes](https://github.com/smallstep/crypto/releases )
- [Commits](https://github.com/smallstep/crypto/compare/v0.34.0...v0.35.0 )
---
updated-dependencies:
- dependency-name: go.step.sm/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot]
1ca2353160
Bump google.golang.org/api from 0.136.0 to 0.138.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.136.0 to 0.138.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.136.0...v0.138.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
github-actions[bot]
d3a16ab212
Merge pull request #1506 from smallstep/dependabot/go_modules/google.golang.org/api-0.136.0
...
Bump google.golang.org/api from 0.134.0 to 0.136.0
1 year ago
github-actions[bot]
b45127e3d5
Merge pull request #1507 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.24.1
...
Bump github.com/newrelic/go-agent/v3 from 3.24.0 to 3.24.1
1 year ago
dependabot[bot]
b0b300988d
Bump github.com/fxamacker/cbor/v2 from 2.4.0 to 2.5.0
...
Bumps [github.com/fxamacker/cbor/v2](https://github.com/fxamacker/cbor ) from 2.4.0 to 2.5.0.
- [Release notes](https://github.com/fxamacker/cbor/releases )
- [Commits](https://github.com/fxamacker/cbor/compare/v2.4.0...v2.5.0 )
---
updated-dependencies:
- dependency-name: github.com/fxamacker/cbor/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot]
3d7ddfdacc
Bump github.com/newrelic/go-agent/v3 from 3.24.0 to 3.24.1
...
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent ) from 3.24.0 to 3.24.1.
- [Release notes](https://github.com/newrelic/go-agent/releases )
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md )
- [Commits](https://github.com/newrelic/go-agent/compare/v3.24.0...v3.24.1 )
---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot]
e51e82b9f0
Bump google.golang.org/api from 0.134.0 to 0.136.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.134.0 to 0.136.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.134.0...v0.136.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
github-actions[bot]
12bcb64b26
Merge pull request #1505 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.24.0
...
Bump github.com/newrelic/go-agent/v3 from 3.23.1 to 3.24.0
1 year ago
dependabot[bot]
91ef511e65
Bump github.com/newrelic/go-agent/v3 from 3.23.1 to 3.24.0
...
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent ) from 3.23.1 to 3.24.0.
- [Release notes](https://github.com/newrelic/go-agent/releases )
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md )
- [Commits](https://github.com/newrelic/go-agent/compare/v3.23.1...v3.24.0 )
---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot]
e074b77243
Bump golang.org/x/net from 0.13.0 to 0.14.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.13.0 to 0.14.0.
- [Commits](https://github.com/golang/net/compare/v0.13.0...v0.14.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
Herman Slatman
645b6ffc18
Ensure no prompt is fired for loading provisioner decrypter
1 year ago
Herman Slatman
70626b157d
Merge branch 'master' into herman/scep-provisioner-decrypter
1 year ago
Mariano Cano
4667060df8
Upgrade golang.org/x/net
...
This commit fixes the vulnerability GO-2023-1988, improper rendering of
text nodes in golang.org/x/net/html.
More info: https://pkg.go.dev/vuln/GO-2023-1988
1 year ago
Mariano Cano
103b4e1cf1
Fix adding certificate templates with ASN.1 functions
...
This commit upgrades go.step.sm/crypto with a fix to validate the
templates that use custom functions.
1 year ago
Herman Slatman
88ed900dc3
Rely on the latest linkedca
1 year ago
Herman Slatman
59b7419dcf
Rely on latest `linkedca` commit with `SCEPDecrypter` support
1 year ago
Herman Slatman
569a1be12c
Merge branch 'master' into herman/scep-provisioner-decrypter
1 year ago
dependabot[bot]
74240092e9
Bump google.golang.org/api from 0.132.0 to 0.134.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.132.0 to 0.134.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.132.0...v0.134.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot]
a8b67cd9e6
Bump google.golang.org/grpc from 1.56.2 to 1.57.0
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.56.2 to 1.57.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.56.2...v1.57.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
Mariano Cano
c7c7decd5e
Add support for the disableSmallstepExtensions claim
...
This commit adds a new claim to exclude the Smallstep provisioner
extension from the generated certificates.
Fixes #620
1 year ago
Mariano Cano
7429008599
Use tagged versions of crypto and cli-utils
1 year ago
Herman Slatman
1ce80cf740
Merge branch 'master' into herman/scep-provisioner-decrypter
1 year ago
Herman Slatman
567fc25404
Use the RSA decryption configuration for signing responses too
1 year ago
Mariano Cano
40a2f53589
Remove automatic initialization of the STEPPATH
...
This commit upgrades cli-utils and crypto packages that remove the
automatic initialization of the STEPPATH.
1 year ago
github-actions[bot]
7282245e88
Merge pull request #1488 from smallstep/dependabot/go_modules/go.step.sm/linkedca-0.20.0
...
Bump go.step.sm/linkedca from 0.19.1 to 0.20.0
1 year ago
dependabot[bot]
7796ad8f90
Bump go.step.sm/linkedca from 0.19.1 to 0.20.0
...
Bumps [go.step.sm/linkedca](https://github.com/smallstep/linkedca ) from 0.19.1 to 0.20.0.
- [Release notes](https://github.com/smallstep/linkedca/releases )
- [Commits](https://github.com/smallstep/linkedca/compare/v0.19.1...v0.20.0 )
---
updated-dependencies:
- dependency-name: go.step.sm/linkedca
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot]
2d666cfc4f
Bump google.golang.org/api from 0.131.0 to 0.132.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.131.0 to 0.132.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.131.0...v0.132.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
Mariano Cano
9edf43b188
Upgrade go.step.sm/crypto with yubikey fix
...
This commit upgrades the go.step.sm/crypto with a version that includes
a mutex on YubiKey sign and decrypt operations.
Fixes #1463
1 year ago
github-actions[bot]
f998b19bb3
Merge pull request #1474 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.32.3
...
Bump go.step.sm/crypto from 0.32.2 to 0.32.3
1 year ago
dependabot[bot]
d1607e460d
Bump google.golang.org/api from 0.130.0 to 0.131.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.130.0 to 0.131.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.130.0...v0.131.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago