942f8bfc9f
Bump google.golang.org/protobuf from 1.29.0 to 1.29.1
...
Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go ) from 1.29.0 to 1.29.1.
- [Release notes](https://github.com/protocolbuffers/protobuf-go/releases )
- [Changelog](https://github.com/protocolbuffers/protobuf-go/blob/master/release.bash )
- [Commits](https://github.com/protocolbuffers/protobuf-go/compare/v1.29.0...v1.29.1 )
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
6588efdb01
Bump google.golang.org/api from 0.111.0 to 0.112.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.111.0 to 0.112.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.111.0...v0.112.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
19a91671a6
Merge pull request #1315 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.20.4
...
Bump github.com/newrelic/go-agent/v3 from 3.20.3 to 3.20.4
1 year ago
745c1cc130
Merge pull request #1318 from smallstep/dependabot/go_modules/github.com/googleapis/gax-go/v2-2.7.1
...
Bump github.com/googleapis/gax-go/v2 from 2.7.0 to 2.7.1
1 year ago
c72826a690
Merge pull request #1317 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.26.0
...
Bump go.step.sm/crypto from 0.25.2 to 0.26.0
1 year ago
bb3cddd6f1
Bump google.golang.org/protobuf from 1.28.1 to 1.29.0
...
Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go ) from 1.28.1 to 1.29.0.
- [Release notes](https://github.com/protocolbuffers/protobuf-go/releases )
- [Changelog](https://github.com/protocolbuffers/protobuf-go/blob/master/release.bash )
- [Commits](https://github.com/protocolbuffers/protobuf-go/compare/v1.28.1...v1.29.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
5943c3955e
Bump github.com/googleapis/gax-go/v2 from 2.7.0 to 2.7.1
...
Bumps [github.com/googleapis/gax-go/v2](https://github.com/googleapis/gax-go ) from 2.7.0 to 2.7.1.
- [Release notes](https://github.com/googleapis/gax-go/releases )
- [Commits](https://github.com/googleapis/gax-go/compare/v2.7.0...v2.7.1 )
---
updated-dependencies:
- dependency-name: github.com/googleapis/gax-go/v2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
8747156bcc
Bump go.step.sm/crypto from 0.25.2 to 0.26.0
...
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto ) from 0.25.2 to 0.26.0.
- [Release notes](https://github.com/smallstep/crypto/releases )
- [Commits](https://github.com/smallstep/crypto/compare/v0.25.2...v0.26.0 )
---
updated-dependencies:
- dependency-name: go.step.sm/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
442f2fe5f9
Bump github.com/newrelic/go-agent/v3 from 3.20.3 to 3.20.4
...
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent ) from 3.20.3 to 3.20.4.
- [Release notes](https://github.com/newrelic/go-agent/releases )
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md )
- [Commits](https://github.com/newrelic/go-agent/compare/v3.20.3...v3.20.4 )
---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
b8ee206f71
Merge pull request #1305 from smallstep/dependabot/go_modules/google.golang.org/api-0.111.0
...
Bump google.golang.org/api from 0.110.0 to 0.111.0
1 year ago
dd43e9e09f
Bump google.golang.org/api from 0.110.0 to 0.111.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.110.0 to 0.111.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.110.0...v0.111.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
152a0a2f3e
Bump go.step.sm/crypto from 0.25.0 to 0.25.2
...
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto ) from 0.25.0 to 0.25.2.
- [Release notes](https://github.com/smallstep/crypto/releases )
- [Commits](https://github.com/smallstep/crypto/compare/v0.25.0...v0.25.2 )
---
updated-dependencies:
- dependency-name: go.step.sm/crypto
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
6452afc45c
Bump golang.org/x/crypto from 0.6.0 to 0.7.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.6.0...v0.7.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
4d6ecf9a48
Upgrade to latest `smallstep/pkcs7` to fix RSA OAEP decryption
1 year ago
831a1e35ea
Add support for compating the badger db
...
This commit adds a job that will compact the badger db periodically.
In the nosql package, when Compact is called, it will run badger's
RunValueLogGC method.
1 year ago
fe63f3e832
Bump github.com/stretchr/testify from 1.8.1 to 1.8.2
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.8.1...v1.8.2 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
b02c43cf8e
Merge pull request #1280 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.12.0
...
Bump cloud.google.com/go/security from 1.11.0 to 1.12.0
1 year ago
e0b9f3960c
Bump cloud.google.com/go/security from 1.11.0 to 1.12.0
...
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go ) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.11.0...video/v1.12.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
b4f8100c72
Bump github.com/hashicorp/vault/api/auth/approle from 0.3.0 to 0.4.0
...
Bumps [github.com/hashicorp/vault/api/auth/approle](https://github.com/hashicorp/vault ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v0.3.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/approle
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
5f835dc808
Bump cloud.google.com/go/longrunning from 0.4.0 to 0.4.1
...
Bumps [cloud.google.com/go/longrunning](https://github.com/googleapis/google-cloud-go ) from 0.4.0 to 0.4.1.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/v0.4.0...batch/v0.4.1 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/longrunning
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
790139d5a7
Bump golang.org/x/crypto from 0.5.0 to 0.6.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.5.0...v0.6.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
bb068f8280
Bump google.golang.org/grpc from 1.52.3 to 1.53.0
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.52.3 to 1.53.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.52.3...v1.53.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
2f2e3dea0f
Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.3.0 to 0.4.0
...
Bumps [github.com/hashicorp/vault/api/auth/kubernetes](https://github.com/hashicorp/vault ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v0.3.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/kubernetes
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
0d80473157
Upgrade golang.org/x/net
...
When the Go client is configured with an http2.Transport we need to
upgrade x/net due to:
- net/http: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)
1 year ago
045ae52452
Bump golang.org/x/net from 0.5.0 to 0.6.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/golang/net/releases )
- [Commits](https://github.com/golang/net/compare/v0.5.0...v0.6.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
6ba20209c2
Verify CSR key fingerprint with attestation certificate key
...
This commit makes sure that the attestation certificate key matches the
key used on the CSR on an ACME device attestation flow.
1 year ago
c9814be699
Bump google.golang.org/api from 0.108.0 to 0.109.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.108.0 to 0.109.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.108.0...v0.109.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
da00046a61
Merge pull request #1235 from smallstep/herman/acme-da-subject-check
...
Improve validation and error messages for Orders with Permanent Identifier
1 year ago
0f1c509e4b
Remove debug utility
1 year ago
0c5e7f1b5c
Merge pull request #1245 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.23.2
...
Bump go.step.sm/crypto from 0.23.1 to 0.23.2
1 year ago
9a539f22fc
Bump go.step.sm/crypto from 0.23.1 to 0.23.2
...
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto ) from 0.23.1 to 0.23.2.
- [Release notes](https://github.com/smallstep/crypto/releases )
- [Commits](https://github.com/smallstep/crypto/compare/v0.23.1...v0.23.2 )
---
updated-dependencies:
- dependency-name: go.step.sm/crypto
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
c32e84b436
Bump google.golang.org/grpc from 1.52.0 to 1.52.3
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.52.0 to 1.52.3.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.52.0...v1.52.3 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
7c632629dd
Merge branch 'master' into herman/acme-da-subject-check
1 year ago
1c38113e44
Add ACME `Subproblem` for more detailed ACME client-side errors
...
When validating an ACME challenge (`device-attest-01` in this case,
but it's also true for others), and validation fails, the CA didn't
return a lot of information about why the challenge had failed. By
introducing the ACME `Subproblem` type, an ACME `Error` can include
some additional information about what went wrong when validating
the challenge.
This is a WIP commit. The `Subproblem` isn't created in many code
paths yet, just for the `step` format at the moment. Will probably
follow up with some more improvements to how the ACME error is
handled. Also need to cleanup some debug things (q.Q)
1 year ago
fc452e560c
Merge pull request #1236 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.20.3
...
Bump github.com/newrelic/go-agent/v3 from 3.20.2 to 3.20.3
1 year ago
4621b95f38
Merge pull request #1237 from smallstep/dependabot/go_modules/github.com/urfave/cli-1.22.12
...
Bump github.com/urfave/cli from 1.22.11 to 1.22.12
1 year ago
2d174472e7
Merge pull request #1238 from smallstep/dependabot/go_modules/google.golang.org/api-0.108.0
...
Bump google.golang.org/api from 0.107.0 to 0.108.0
1 year ago
cb8a2ee69f
Bump github.com/hashicorp/vault/api from 1.8.2 to 1.8.3
...
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault ) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v1.8.2...v1.8.3 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
626a3a87b4
Bump google.golang.org/api from 0.107.0 to 0.108.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.107.0 to 0.108.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.107.0...v0.108.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
925a228656
Bump github.com/urfave/cli from 1.22.11 to 1.22.12
...
Bumps [github.com/urfave/cli](https://github.com/urfave/cli ) from 1.22.11 to 1.22.12.
- [Release notes](https://github.com/urfave/cli/releases )
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md )
- [Commits](https://github.com/urfave/cli/compare/v1.22.11...v1.22.12 )
---
updated-dependencies:
- dependency-name: github.com/urfave/cli
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
07fd03c3f3
Bump github.com/newrelic/go-agent/v3 from 3.20.2 to 3.20.3
...
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent ) from 3.20.2 to 3.20.3.
- [Release notes](https://github.com/newrelic/go-agent/releases )
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md )
- [Commits](https://github.com/newrelic/go-agent/compare/v3.20.2...v3.20.3 )
---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
5bab65aa49
Merge pull request #1232 from smallstep/dependabot/go_modules/github.com/urfave/cli-1.22.11
...
Bump github.com/urfave/cli from 1.22.10 to 1.22.11
1 year ago
925f32e82f
Merge pull request #1231 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.52.0
...
Bump google.golang.org/grpc from 1.51.0 to 1.52.0
1 year ago
fb39fccf6a
Bump github.com/urfave/cli from 1.22.10 to 1.22.11
...
Bumps [github.com/urfave/cli](https://github.com/urfave/cli ) from 1.22.10 to 1.22.11.
- [Release notes](https://github.com/urfave/cli/releases )
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md )
- [Commits](https://github.com/urfave/cli/compare/v1.22.10...v1.22.11 )
---
updated-dependencies:
- dependency-name: github.com/urfave/cli
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
29deb4befa
Bump google.golang.org/grpc from 1.51.0 to 1.52.0
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.51.0 to 1.52.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.51.0...v1.52.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
98cb439b41
Bump google.golang.org/api from 0.106.0 to 0.107.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.106.0 to 0.107.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.106.0...v0.107.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
ac4d5e63ab
Merge pull request #1221 from smallstep/dependabot/go_modules/google.golang.org/api-0.106.0
...
Bump google.golang.org/api from 0.105.0 to 0.106.0
1 year ago
985a0e4858
Merge pull request #1220 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.5.0
...
Bump golang.org/x/crypto from 0.4.0 to 0.5.0
1 year ago
34dc119cf7
Bump google.golang.org/api from 0.105.0 to 0.106.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.105.0 to 0.106.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.105.0...v0.106.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
9cc35d1505
Merge branch 'master' into dependabot/go_modules/golang.org/x/crypto-0.5.0
1 year ago
dependabot[bot]
github-actions[bot]
Herman Slatman
Mariano Cano
Herman Slatman
Max