github-actions[bot]
b8ee206f71
Merge pull request #1305 from smallstep/dependabot/go_modules/google.golang.org/api-0.111.0
...
Bump google.golang.org/api from 0.110.0 to 0.111.0
2 years ago
github-actions[bot]
201be0891f
Merge pull request #1307 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.25.2
...
Bump go.step.sm/crypto from 0.25.0 to 0.25.2
2 years ago
dependabot[bot]
dd43e9e09f
Bump google.golang.org/api from 0.110.0 to 0.111.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.110.0 to 0.111.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.110.0...v0.111.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
152a0a2f3e
Bump go.step.sm/crypto from 0.25.0 to 0.25.2
...
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto ) from 0.25.0 to 0.25.2.
- [Release notes](https://github.com/smallstep/crypto/releases )
- [Commits](https://github.com/smallstep/crypto/compare/v0.25.0...v0.25.2 )
---
updated-dependencies:
- dependency-name: go.step.sm/crypto
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
github-actions[bot]
4fb00940c6
Merge pull request #1308 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.7.0
...
Bump golang.org/x/crypto from 0.6.0 to 0.7.0
2 years ago
dependabot[bot]
6452afc45c
Bump golang.org/x/crypto from 0.6.0 to 0.7.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.6.0...v0.7.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Herman Slatman
7c54154013
Merge pull request #1300 from smallstep/herman/pkcs7-rsa-oaep
2 years ago
Herman Slatman
702f844fa2
Add RSA-OAEP decryption support to changelog
2 years ago
Herman Slatman
4d6ecf9a48
Upgrade to latest `smallstep/pkcs7` to fix RSA OAEP decryption
2 years ago
Mariano Cano
2eb90bf45e
Merge pull request #1298 from smallstep/badger-gc
...
Add support for compacting the badger db
2 years ago
Mariano Cano
7700bb77da
Remove old call to compact
2 years ago
Mariano Cano
831a1e35ea
Add support for compating the badger db
...
This commit adds a job that will compact the badger db periodically.
In the nosql package, when Compact is called, it will run badger's
RunValueLogGC method.
2 years ago
github-actions[bot]
f8adb0a51c
Merge pull request #1295 from smallstep/dependabot/go_modules/github.com/stretchr/testify-1.8.2
...
Bump github.com/stretchr/testify from 1.8.1 to 1.8.2
2 years ago
dependabot[bot]
fe63f3e832
Bump github.com/stretchr/testify from 1.8.1 to 1.8.2
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.8.1...v1.8.2 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Mariano Cano
060a2f186c
Merge pull request #1294 from smallstep/fix-1292
...
Disable database if WithNoDB() option is passed
2 years ago
Mariano Cano
4fd9a9b92b
Disable database if WithNoDB() option is passed
...
This commit removes the database from the configuration if the ca was
initialized with the "--no-db" flag.
Fixes #1292
2 years ago
Mariano Cano
23423814d3
Merge pull request #1293 from LarsBingBong/patch-1
...
Mark the IDP critical in the generated CRL data.
2 years ago
LarsBingBong
0d5c40e059
Mark the IDP critical in the generated CRL data.
...
Trying to get CRL to work on my environment I've been reading up on [RFC5280](https://www.rfc-editor.org/rfc/rfc5280#section-5.2.5 ) ... and the IDP to be marked as `Critical`. I hope I'm correct and that my understanding on how to mark the IDP is critical.
Looking at e.g. `3470b1ec57/x509util/extensions_test.go (L48)
` makes me think so.
---
Hopefully the above change - if accepted - can get CRL's to work on my environment. If not we're at least one step closer.
2 years ago
Herman Slatman
176cf30a6f
Merge pull request #1290 from smallstep/herman/email-domain-ssh-sign-error
...
Add email address to error message returned for OIDC validation
2 years ago
Herman Slatman
59462e826c
Improve testing errors for OIDC `authorizeToken` function
2 years ago
Herman Slatman
10958a124b
Add email address to error message returned for OIDC validation
2 years ago
github-actions[bot]
b02c43cf8e
Merge pull request #1280 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.12.0
...
Bump cloud.google.com/go/security from 1.11.0 to 1.12.0
2 years ago
github-actions[bot]
81b1d2ede6
Merge pull request #1279 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/approle-0.4.0
...
Bump github.com/hashicorp/vault/api/auth/approle from 0.3.0 to 0.4.0
2 years ago
dependabot[bot]
e0b9f3960c
Bump cloud.google.com/go/security from 1.11.0 to 1.12.0
...
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go ) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.11.0...video/v1.12.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
b4f8100c72
Bump github.com/hashicorp/vault/api/auth/approle from 0.3.0 to 0.4.0
...
Bumps [github.com/hashicorp/vault/api/auth/approle](https://github.com/hashicorp/vault ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v0.3.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/approle
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
github-actions[bot]
ae0be0acbd
Merge pull request #1282 from smallstep/dependabot/go_modules/cloud.google.com/go/longrunning-0.4.1
...
Bump cloud.google.com/go/longrunning from 0.4.0 to 0.4.1
2 years ago
dependabot[bot]
5f835dc808
Bump cloud.google.com/go/longrunning from 0.4.0 to 0.4.1
...
Bumps [cloud.google.com/go/longrunning](https://github.com/googleapis/google-cloud-go ) from 0.4.0 to 0.4.1.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/v0.4.0...batch/v0.4.1 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/longrunning
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Max
6915feaae9
Merge pull request #1287 from smallstep/max/linting-errors
...
Fix linting errors
2 years ago
max furman
7c1c32d86b
Fix linting errors
2 years ago
github-actions[bot]
8e47f05dba
Merge pull request #1283 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.6.0
...
Bump golang.org/x/crypto from 0.5.0 to 0.6.0
2 years ago
dependabot[bot]
790139d5a7
Bump golang.org/x/crypto from 0.5.0 to 0.6.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.5.0...v0.6.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Carl Tashian
ca9f8dc576
Merge pull request #1278 from smallstep/policy-help
...
Clarify policy lockout error message
2 years ago
Carl Tashian
cfcc95de93
Update policy test
2 years ago
Carl Tashian
96c6613739
Clarify policy lockout error message
2 years ago
github-actions[bot]
effe729d53
Merge pull request #1267 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.53.0
...
Bump google.golang.org/grpc from 1.52.3 to 1.53.0
2 years ago
dependabot[bot]
bb068f8280
Bump google.golang.org/grpc from 1.52.3 to 1.53.0
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.52.3 to 1.53.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.52.3...v1.53.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
github-actions[bot]
d59d6c414f
Merge pull request #1268 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/kubernetes-0.4.0
...
Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.3.0 to 0.4.0
2 years ago
Max
25599f8ad5
Merge pull request #1255 from zyzyx03/fix-step-ca-path
...
There is an error during RA installation which shows.
2 years ago
dependabot[bot]
2f2e3dea0f
Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.3.0 to 0.4.0
...
Bumps [github.com/hashicorp/vault/api/auth/kubernetes](https://github.com/hashicorp/vault ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v0.3.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/kubernetes
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Mariano Cano
5fbee3d3ef
Merge pull request #1275 from smallstep/net-update
...
Upgrade golang.org/x/net
2 years ago
Mariano Cano
0d80473157
Upgrade golang.org/x/net
...
When the Go client is configured with an http2.Transport we need to
upgrade x/net due to:
- net/http: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)
2 years ago
github-actions[bot]
12d905be3e
Merge pull request #1270 from smallstep/dependabot/go_modules/golang.org/x/net-0.6.0
...
Bump golang.org/x/net from 0.5.0 to 0.6.0
2 years ago
dependabot[bot]
045ae52452
Bump golang.org/x/net from 0.5.0 to 0.6.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/golang/net/releases )
- [Commits](https://github.com/golang/net/compare/v0.5.0...v0.6.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Mariano Cano
c2c246b062
Merge pull request #1265 from smallstep/check-csr-acme-da
...
Verify CSR key fingerprint with attestation certificate key
2 years ago
Max
ff7b8830fe
Merge pull request #1273 from smallstep/max/dependabot-auto-merge
...
enable auto merge for dependabot PRs
2 years ago
max furman
74e6245e90
enable auto merge for dependabot PRs
2 years ago
Mariano Cano
5ff0dde819
Remove json tag in acme.Authorization fingerprint
2 years ago
Mariano Cano
da95c44943
Fix lint issue with Go 1.20
2 years ago
Mariano Cano
6ba20209c2
Verify CSR key fingerprint with attestation certificate key
...
This commit makes sure that the attestation certificate key matches the
key used on the CSR on an ACME device attestation flow.
2 years ago
Carl Tashian
ec3be2359a
Merge pull request #1262 from micheljung/patch-1
...
Add DOCKER_STEPCA_INIT_ADDRESS
2 years ago