Mariano Cano
0d80473157
Upgrade golang.org/x/net
...
When the Go client is configured with an http2.Transport we need to
upgrade x/net due to:
- net/http: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)
2023-02-14 13:11:25 -08:00
dependabot[bot]
045ae52452
Bump golang.org/x/net from 0.5.0 to 0.6.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/golang/net/releases )
- [Commits](https://github.com/golang/net/compare/v0.5.0...v0.6.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-14 17:36:34 +00:00
Mariano Cano
6ba20209c2
Verify CSR key fingerprint with attestation certificate key
...
This commit makes sure that the attestation certificate key matches the
key used on the CSR on an ACME device attestation flow.
2023-02-09 16:48:43 -08:00
dependabot[bot]
c9814be699
Bump google.golang.org/api from 0.108.0 to 0.109.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.108.0 to 0.109.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.108.0...v0.109.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-06 15:10:38 +00:00
Herman Slatman
da00046a61
Merge pull request #1235 from smallstep/herman/acme-da-subject-check
...
Improve validation and error messages for Orders with Permanent Identifier
2023-02-02 23:50:40 +01:00
Herman Slatman
0f1c509e4b
Remove debug utility
2023-01-31 23:48:53 +01:00
Max
0c5e7f1b5c
Merge pull request #1245 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.23.2
...
Bump go.step.sm/crypto from 0.23.1 to 0.23.2
2023-01-30 09:39:43 -08:00
dependabot[bot]
9a539f22fc
Bump go.step.sm/crypto from 0.23.1 to 0.23.2
...
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto ) from 0.23.1 to 0.23.2.
- [Release notes](https://github.com/smallstep/crypto/releases )
- [Commits](https://github.com/smallstep/crypto/compare/v0.23.1...v0.23.2 )
---
updated-dependencies:
- dependency-name: go.step.sm/crypto
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-30 15:14:01 +00:00
dependabot[bot]
c32e84b436
Bump google.golang.org/grpc from 1.52.0 to 1.52.3
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.52.0 to 1.52.3.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.52.0...v1.52.3 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-30 15:13:21 +00:00
Herman Slatman
7c632629dd
Merge branch 'master' into herman/acme-da-subject-check
2023-01-26 15:52:45 +01:00
Herman Slatman
1c38113e44
Add ACME Subproblem
for more detailed ACME client-side errors
...
When validating an ACME challenge (`device-attest-01` in this case,
but it's also true for others), and validation fails, the CA didn't
return a lot of information about why the challenge had failed. By
introducing the ACME `Subproblem` type, an ACME `Error` can include
some additional information about what went wrong when validating
the challenge.
This is a WIP commit. The `Subproblem` isn't created in many code
paths yet, just for the `step` format at the moment. Will probably
follow up with some more improvements to how the ACME error is
handled. Also need to cleanup some debug things (q.Q)
2023-01-26 13:29:31 +01:00
Herman Slatman
f1724ea8c5
Merge branch 'master' into herman/acme-da-tpm
2023-01-23 22:52:56 +01:00
Max
fc452e560c
Merge pull request #1236 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.20.3
...
Bump github.com/newrelic/go-agent/v3 from 3.20.2 to 3.20.3
2023-01-23 12:15:22 -08:00
Max
4621b95f38
Merge pull request #1237 from smallstep/dependabot/go_modules/github.com/urfave/cli-1.22.12
...
Bump github.com/urfave/cli from 1.22.11 to 1.22.12
2023-01-23 12:12:38 -08:00
Max
2d174472e7
Merge pull request #1238 from smallstep/dependabot/go_modules/google.golang.org/api-0.108.0
...
Bump google.golang.org/api from 0.107.0 to 0.108.0
2023-01-23 12:07:26 -08:00
dependabot[bot]
cb8a2ee69f
Bump github.com/hashicorp/vault/api from 1.8.2 to 1.8.3
...
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault ) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v1.8.2...v1.8.3 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-23 15:07:04 +00:00
dependabot[bot]
626a3a87b4
Bump google.golang.org/api from 0.107.0 to 0.108.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.107.0 to 0.108.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.107.0...v0.108.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-23 15:06:54 +00:00
dependabot[bot]
925a228656
Bump github.com/urfave/cli from 1.22.11 to 1.22.12
...
Bumps [github.com/urfave/cli](https://github.com/urfave/cli ) from 1.22.11 to 1.22.12.
- [Release notes](https://github.com/urfave/cli/releases )
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md )
- [Commits](https://github.com/urfave/cli/compare/v1.22.11...v1.22.12 )
---
updated-dependencies:
- dependency-name: github.com/urfave/cli
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-23 15:06:37 +00:00
dependabot[bot]
07fd03c3f3
Bump github.com/newrelic/go-agent/v3 from 3.20.2 to 3.20.3
...
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent ) from 3.20.2 to 3.20.3.
- [Release notes](https://github.com/newrelic/go-agent/releases )
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md )
- [Commits](https://github.com/newrelic/go-agent/compare/v3.20.2...v3.20.3 )
---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-23 15:06:26 +00:00
Max
5bab65aa49
Merge pull request #1232 from smallstep/dependabot/go_modules/github.com/urfave/cli-1.22.11
...
Bump github.com/urfave/cli from 1.22.10 to 1.22.11
2023-01-18 14:09:29 -08:00
Max
925f32e82f
Merge pull request #1231 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.52.0
...
Bump google.golang.org/grpc from 1.51.0 to 1.52.0
2023-01-18 14:08:53 -08:00
dependabot[bot]
fb39fccf6a
Bump github.com/urfave/cli from 1.22.10 to 1.22.11
...
Bumps [github.com/urfave/cli](https://github.com/urfave/cli ) from 1.22.10 to 1.22.11.
- [Release notes](https://github.com/urfave/cli/releases )
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md )
- [Commits](https://github.com/urfave/cli/compare/v1.22.10...v1.22.11 )
---
updated-dependencies:
- dependency-name: github.com/urfave/cli
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-16 15:56:04 +00:00
dependabot[bot]
29deb4befa
Bump google.golang.org/grpc from 1.51.0 to 1.52.0
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.51.0 to 1.52.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.51.0...v1.52.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-16 15:54:27 +00:00
dependabot[bot]
98cb439b41
Bump google.golang.org/api from 0.106.0 to 0.107.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.106.0 to 0.107.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.106.0...v0.107.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-16 15:51:18 +00:00
Max
ac4d5e63ab
Merge pull request #1221 from smallstep/dependabot/go_modules/google.golang.org/api-0.106.0
...
Bump google.golang.org/api from 0.105.0 to 0.106.0
2023-01-09 09:27:00 -08:00
Max
985a0e4858
Merge pull request #1220 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.5.0
...
Bump golang.org/x/crypto from 0.4.0 to 0.5.0
2023-01-09 09:26:27 -08:00
dependabot[bot]
34dc119cf7
Bump google.golang.org/api from 0.105.0 to 0.106.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.105.0 to 0.106.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.105.0...v0.106.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 17:21:18 +00:00
Max
9cc35d1505
Merge branch 'master' into dependabot/go_modules/golang.org/x/crypto-0.5.0
2023-01-09 09:20:07 -08:00
dependabot[bot]
e7a4a1f43c
Bump cloud.google.com/go/security from 1.10.0 to 1.11.0
...
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go ) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.10.0...asset/v1.11.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 17:19:52 +00:00
Max
8ba1b44cd8
Merge pull request #1218 from smallstep/dependabot/go_modules/cloud.google.com/go/longrunning-0.4.0
...
Bump cloud.google.com/go/longrunning from 0.3.0 to 0.4.0
2023-01-09 09:16:41 -08:00
dependabot[bot]
dae0ba9008
Bump golang.org/x/crypto from 0.4.0 to 0.5.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.4.0...v0.5.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 15:09:50 +00:00
dependabot[bot]
32f4908310
Bump cloud.google.com/go/longrunning from 0.3.0 to 0.4.0
...
Bumps [cloud.google.com/go/longrunning](https://github.com/googleapis/google-cloud-go ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/v0.3.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/longrunning
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 15:09:21 +00:00
dependabot[bot]
c5c07be298
Bump golang.org/x/net from 0.4.0 to 0.5.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/golang/net/releases )
- [Commits](https://github.com/golang/net/compare/v0.4.0...v0.5.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-09 15:08:56 +00:00
Max
85f6554c5e
Merge pull request #1210 from smallstep/dependabot/go_modules/golang.org/x/crypto-0.4.0
...
Bump golang.org/x/crypto from 0.3.0 to 0.4.0
2022-12-20 12:23:22 -08:00
Max
001c156b28
Merge pull request #1208 from smallstep/dependabot/go_modules/google.golang.org/api-0.105.0
...
Bump google.golang.org/api from 0.104.0 to 0.105.0
2022-12-20 12:17:36 -08:00
dependabot[bot]
27a50d50d3
Bump golang.org/x/crypto from 0.3.0 to 0.4.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.3.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-19 15:06:33 +00:00
dependabot[bot]
75ffbae5a7
Bump github.com/newrelic/go-agent/v3 from 3.20.1 to 3.20.2
...
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent ) from 3.20.1 to 3.20.2.
- [Release notes](https://github.com/newrelic/go-agent/releases )
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md )
- [Commits](https://github.com/newrelic/go-agent/compare/v3.20.1...v3.20.2 )
---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-19 15:06:26 +00:00
dependabot[bot]
a4e64665da
Bump google.golang.org/api from 0.104.0 to 0.105.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.104.0 to 0.105.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.104.0...v0.105.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-19 15:06:20 +00:00
Max
3fb38a3c14
Merge pull request #1203 from smallstep/dependabot/go_modules/google.golang.org/api-0.104.0
...
Bump google.golang.org/api from 0.103.0 to 0.104.0
2022-12-14 09:38:21 -08:00
dependabot[bot]
e07734d90d
Bump google.golang.org/api from 0.103.0 to 0.104.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.103.0 to 0.104.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.103.0...v0.104.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-14 06:38:13 +00:00
dependabot[bot]
260f40c6bc
Bump github.com/Masterminds/sprig/v3 from 3.2.2 to 3.2.3
...
Bumps [github.com/Masterminds/sprig/v3](https://github.com/Masterminds/sprig ) from 3.2.2 to 3.2.3.
- [Release notes](https://github.com/Masterminds/sprig/releases )
- [Changelog](https://github.com/Masterminds/sprig/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Masterminds/sprig/compare/v3.2.2...v3.2.3 )
---
updated-dependencies:
- dependency-name: github.com/Masterminds/sprig/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-14 06:38:00 +00:00
dependabot[bot]
47dad19bbc
Bump golang.org/x/net from 0.2.0 to 0.4.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.2.0 to 0.4.0.
- [Release notes](https://github.com/golang/net/releases )
- [Commits](https://github.com/golang/net/compare/v0.2.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-12 15:08:15 +00:00
Max
262814ac43
Merge pull request #1191 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.51.0
...
Bump google.golang.org/grpc from 1.50.1 to 1.51.0
2022-11-21 09:13:21 -08:00
dependabot[bot]
596be4bec7
Bump google.golang.org/grpc from 1.50.1 to 1.51.0
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.50.1 to 1.51.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.50.1...v1.51.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-21 15:23:16 +00:00
dependabot[bot]
afc81d96d8
Bump github.com/newrelic/go-agent/v3 from 3.20.0 to 3.20.1
...
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent ) from 3.20.0 to 3.20.1.
- [Release notes](https://github.com/newrelic/go-agent/releases )
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md )
- [Commits](https://github.com/newrelic/go-agent/compare/v3.20.0...v3.20.1 )
---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-21 15:23:08 +00:00
dependabot[bot]
51503dabac
Bump google.golang.org/api from 0.102.0 to 0.103.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.102.0 to 0.103.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.102.0...v0.103.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-14 17:23:29 +00:00
dependabot[bot]
f63a01a4de
Bump golang.org/x/net from 0.1.0 to 0.2.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.1.0 to 0.2.0.
- [Release notes](https://github.com/golang/net/releases )
- [Commits](https://github.com/golang/net/compare/v0.1.0...v0.2.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-14 15:07:09 +00:00
Mariano Cano
07c56f577a
Add support for linked RA renewals
2022-11-08 14:25:54 -08:00
Mariano Cano
b31cf1fc18
Fix merge and use last version of linkedca
2022-11-08 10:12:19 -08:00
Herman Slatman
4cf25ede24
Merge branch 'master' into herman/acme-da-tpm
2022-11-08 12:07:46 +01:00
Herman Slatman
c169defc73
Merge pull request #1136 from smallstep/herman/ignore-empty-acme-meta
2022-11-08 09:56:00 +01:00
Mariano Cano
3ef73fa66b
Upgrade go.step.sm/crypto
2022-11-07 17:51:19 -08:00
dependabot[bot]
ae684a557a
Bump cloud.google.com/go/security from 1.9.0 to 1.10.0
...
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go ) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.9.0...asset/v1.10.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-07 22:16:22 +00:00
Herman Slatman
a7b2f5f27d
Upgrade linkedca
to v0.19.0-rc.4
2022-11-07 22:14:10 +01:00
max furman
d4e81723ee
Updates for deprecated google cloud security APIs
2022-11-07 11:31:57 -08:00
Max
55a684fe5a
Merge pull request #1162 from smallstep/dependabot/go_modules/google.golang.org/api-0.102.0
...
Bump google.golang.org/api from 0.101.0 to 0.102.0
2022-11-07 11:21:59 -08:00
Max
4fcfc9481b
Merge pull request #1160 from smallstep/dependabot/go_modules/github.com/newrelic/go-agent/v3-3.20.0
...
Bump github.com/newrelic/go-agent/v3 from 3.19.2 to 3.20.0
2022-11-07 09:28:51 -08:00
dependabot[bot]
656b9ab217
Bump google.golang.org/api from 0.101.0 to 0.102.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.101.0 to 0.102.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.101.0...v0.102.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-07 15:28:35 +00:00
dependabot[bot]
88febefbcf
Bump github.com/newrelic/go-agent/v3 from 3.19.2 to 3.20.0
...
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent ) from 3.19.2 to 3.20.0.
- [Release notes](https://github.com/newrelic/go-agent/releases )
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md )
- [Commits](https://github.com/newrelic/go-agent/compare/v3.19.2...v3.20.0 )
---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-07 15:05:48 +00:00
dependabot[bot]
2891f6b397
Bump go.step.sm/crypto from 0.22.0 to 0.23.0
...
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto ) from 0.22.0 to 0.23.0.
- [Release notes](https://github.com/smallstep/crypto/releases )
- [Commits](https://github.com/smallstep/crypto/compare/v0.22.0...v0.23.0 )
---
updated-dependencies:
- dependency-name: go.step.sm/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-07 15:04:59 +00:00
max furman
4ccc9a0c32
go.mod syntax
2022-10-31 12:01:18 -07:00
dependabot[bot]
bd577e7531
Bump cloud.google.com/go from 0.104.0 to 0.105.0
...
Bumps [cloud.google.com/go](https://github.com/googleapis/google-cloud-go ) from 0.104.0 to 0.105.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/v0.104.0...v0.105.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-31 18:54:46 +00:00
Max
e53a4b2ed5
Merge pull request #1149 from smallstep/dependabot/go_modules/go.step.sm/crypto-0.22.0
...
Bump go.step.sm/crypto from 0.21.0 to 0.22.0
2022-10-31 11:53:27 -07:00
dependabot[bot]
917d8dc103
Bump go.step.sm/crypto from 0.21.0 to 0.22.0
...
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto ) from 0.21.0 to 0.22.0.
- [Release notes](https://github.com/smallstep/crypto/releases )
- [Commits](https://github.com/smallstep/crypto/compare/v0.21.0...v0.22.0 )
---
updated-dependencies:
- dependency-name: go.step.sm/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-31 17:29:34 +00:00
Max
b85b52d7b5
Merge pull request #1148 from smallstep/dependabot/go_modules/google.golang.org/api-0.101.0
...
Bump google.golang.org/api from 0.100.0 to 0.101.0
2022-10-31 10:29:31 -07:00
Max
ea3f2fee7b
Merge pull request #1150 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api-1.8.2
...
Bump github.com/hashicorp/vault/api from 1.8.1 to 1.8.2
2022-10-31 10:29:00 -07:00
dependabot[bot]
d26414a864
Bump github.com/hashicorp/vault/api from 1.8.1 to 1.8.2
...
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault ) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v1.8.1...v1.8.2 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-31 15:29:30 +00:00
dependabot[bot]
22d2c1c31f
Bump google.golang.org/api from 0.100.0 to 0.101.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.100.0 to 0.101.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.100.0...v0.101.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-31 15:28:56 +00:00
dependabot[bot]
4e077f997e
Bump cloud.google.com/go/security from 1.8.0 to 1.9.0
...
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go ) from 1.8.0 to 1.9.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.8.0...asset/v1.9.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-31 15:28:32 +00:00
Mariano Cano
aed1738ad0
Upgrade pkcs7 to the latest patches branch
...
smallstep/pkcs7@patches includes now support for generic Decrypter
methods, so KMS can be used instead of a key in disk with SCIM
2022-10-24 11:07:28 -07:00
Max
c407354c70
Merge pull request #1137 from smallstep/dependabot/go_modules/google.golang.org/api-0.100.0
...
Bump google.golang.org/api from 0.99.0 to 0.100.0
2022-10-24 09:18:31 -07:00
dependabot[bot]
3e96113162
Bump github.com/stretchr/testify from 1.8.0 to 1.8.1
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.8.0...v1.8.1 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-24 15:45:07 +00:00
dependabot[bot]
016973fd2b
Bump google.golang.org/api from 0.99.0 to 0.100.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.99.0 to 0.100.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.99.0...v0.100.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-24 15:44:56 +00:00
dependabot[bot]
b83f268b4d
Bump google.golang.org/api from 0.98.0 to 0.99.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.98.0 to 0.99.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.98.0...v0.99.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-17 20:39:12 +00:00
dependabot[bot]
c3f6dcf7e7
Bump github.com/googleapis/gax-go/v2 from 2.5.1 to 2.6.0
...
Bumps [github.com/googleapis/gax-go/v2](https://github.com/googleapis/gax-go ) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/googleapis/gax-go/releases )
- [Commits](https://github.com/googleapis/gax-go/compare/v2.5.1...v2.6.0 )
---
updated-dependencies:
- dependency-name: github.com/googleapis/gax-go/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-17 17:18:04 +00:00
Max
70828b882f
Merge pull request #1111 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api-1.8.1
...
Bump github.com/hashicorp/vault/api from 1.8.0 to 1.8.1
2022-10-17 10:12:23 -07:00
dependabot[bot]
9ee11fd850
Bump google.golang.org/grpc from 1.50.0 to 1.50.1
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.50.0 to 1.50.1.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.50.0...v1.50.1 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-17 15:58:52 +00:00
dependabot[bot]
3676c59599
Bump github.com/hashicorp/vault/api from 1.8.0 to 1.8.1
...
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault ) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v1.8.0...v1.8.1 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-17 15:58:43 +00:00
max furman
7203739369
Fix err assert linter warnings - upgrade outdated package
2022-10-12 16:32:26 -07:00
Max
b142fc70f7
Merge pull request #1099 from smallstep/dependabot/go_modules/google.golang.org/grpc-1.50.0
...
Bump google.golang.org/grpc from 1.49.0 to 1.50.0
2022-10-10 09:39:11 -07:00
Max
32edc54946
Merge pull request #1100 from smallstep/dependabot/go_modules/github.com/sirupsen/logrus-1.9.0
...
Bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0
2022-10-10 09:38:31 -07:00
dependabot[bot]
b27d36d556
Bump go.step.sm/crypto from 0.20.0 to 0.21.0
...
Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto ) from 0.20.0 to 0.21.0.
- [Release notes](https://github.com/smallstep/crypto/releases )
- [Commits](https://github.com/smallstep/crypto/compare/v0.20.0...v0.21.0 )
---
updated-dependencies:
- dependency-name: go.step.sm/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-10 16:08:46 +00:00
dependabot[bot]
2522efe27a
Bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0
...
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus ) from 1.8.1 to 1.9.0.
- [Release notes](https://github.com/sirupsen/logrus/releases )
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sirupsen/logrus/compare/v1.8.1...v1.9.0 )
---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-10 16:08:38 +00:00
dependabot[bot]
2ee4218a69
Bump google.golang.org/grpc from 1.49.0 to 1.50.0
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.49.0 to 1.50.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.49.0...v1.50.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-10 16:08:34 +00:00
Herman Slatman
764b7bb02f
Update github.com/smallstep/nosql
to v0.5.0
...
This version of `nosql` includes some fixes for MySQL DSNs. The
tag is backdated a bit, as to not include the most recent
changes, which may have a bigger impact.
Also ran `go mod tidy`, `go mod vendor`
2022-10-07 17:44:16 +02:00
Mariano Cano
bd1938b0da
Add support for storing or sending attestation data to linkedca
2022-10-06 12:22:19 -07:00
Max
a4f6b1ba0f
Merge pull request #1086 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/kubernetes-0.3.0
...
Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.1.0 to 0.3.0
2022-10-03 09:28:06 -07:00
Max
87079a87d6
Merge pull request #1085 from smallstep/dependabot/go_modules/cloud.google.com/go/security-1.8.0
...
Bump cloud.google.com/go/security from 1.7.0 to 1.8.0
2022-10-03 09:27:15 -07:00
dependabot[bot]
3abb42dd1d
Bump github.com/hashicorp/vault/api/auth/kubernetes from 0.1.0 to 0.3.0
...
Bumps [github.com/hashicorp/vault/api/auth/kubernetes](https://github.com/hashicorp/vault ) from 0.1.0 to 0.3.0.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v0.1.0...v0.3.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/kubernetes
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-03 16:27:07 +00:00
dependabot[bot]
eba73d2aea
Bump github.com/newrelic/go-agent/v3 from 3.18.0 to 3.19.2
...
Bumps [github.com/newrelic/go-agent/v3](https://github.com/newrelic/go-agent ) from 3.18.0 to 3.19.2.
- [Release notes](https://github.com/newrelic/go-agent/releases )
- [Changelog](https://github.com/newrelic/go-agent/blob/master/CHANGELOG.md )
- [Commits](https://github.com/newrelic/go-agent/compare/v3.18.0...v3.19.2 )
---
updated-dependencies:
- dependency-name: github.com/newrelic/go-agent/v3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-03 16:25:41 +00:00
Max
32feef3275
Merge pull request #1084 from smallstep/dependabot/go_modules/github.com/hashicorp/vault/api/auth/approle-0.3.0
...
Bump github.com/hashicorp/vault/api/auth/approle from 0.1.1 to 0.3.0
2022-10-03 09:24:31 -07:00
Max
f2628697db
Merge pull request #1082 from smallstep/dependabot/go_modules/github.com/rs/xid-1.4.0
...
Bump github.com/rs/xid from 1.2.1 to 1.4.0
2022-10-03 09:23:02 -07:00
Max
2ef5c98384
Merge pull request #1067 from smallstep/dependabot/go_modules/github.com/urfave/cli-1.22.10
...
Bump github.com/urfave/cli from 1.22.4 to 1.22.10
2022-10-03 09:22:06 -07:00
dependabot[bot]
5f0fa57844
Bump cloud.google.com/go/security from 1.7.0 to 1.8.0
...
Bumps [cloud.google.com/go/security](https://github.com/googleapis/google-cloud-go ) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/asset/v1.7.0...redis/v1.8.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/security
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-03 15:25:16 +00:00
dependabot[bot]
211b1c01c0
Bump github.com/hashicorp/vault/api/auth/approle from 0.1.1 to 0.3.0
...
Bumps [github.com/hashicorp/vault/api/auth/approle](https://github.com/hashicorp/vault ) from 0.1.1 to 0.3.0.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v0.1.1...v0.3.0 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api/auth/approle
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-03 15:25:09 +00:00
dependabot[bot]
510122f026
Bump github.com/rs/xid from 1.2.1 to 1.4.0
...
Bumps [github.com/rs/xid](https://github.com/rs/xid ) from 1.2.1 to 1.4.0.
- [Release notes](https://github.com/rs/xid/releases )
- [Commits](https://github.com/rs/xid/compare/v1.2.1...v1.4.0 )
---
updated-dependencies:
- dependency-name: github.com/rs/xid
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-03 15:24:49 +00:00
Max
70abbdfc70
Merge pull request #1068 from smallstep/dependabot/go_modules/go.step.sm/cli-utils-0.7.5
...
Bump go.step.sm/cli-utils from 0.7.4 to 0.7.5
2022-09-30 12:28:35 -07:00
Max
8139179084
Merge pull request #1069 from smallstep/dependabot/go_modules/github.com/google/go-cmp-0.5.9
...
Bump github.com/google/go-cmp from 0.5.8 to 0.5.9
2022-09-30 12:18:51 -07:00
Max
af4183df18
Merge pull request #1077 from smallstep/dependabot/go_modules/google.golang.org/api-0.98.0
...
Bump google.golang.org/api from 0.96.0 to 0.98.0
2022-09-30 12:15:43 -07:00
Max
e5c5b0cb49
Merge pull request #1070 from smallstep/dependabot/go_modules/github.com/slackhq/nebula-1.6.1
...
Bump github.com/slackhq/nebula from 1.5.2 to 1.6.1
2022-09-30 11:09:44 -07:00
dependabot[bot]
ef75d4f3c6
Bump go.step.sm/cli-utils from 0.7.4 to 0.7.5
...
Bumps [go.step.sm/cli-utils](https://github.com/smallstep/cli-utils ) from 0.7.4 to 0.7.5.
- [Release notes](https://github.com/smallstep/cli-utils/releases )
- [Commits](https://github.com/smallstep/cli-utils/compare/v0.7.4...v0.7.5 )
---
updated-dependencies:
- dependency-name: go.step.sm/cli-utils
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-09-30 00:23:15 +00:00
dependabot[bot]
3faa8717b3
Bump google.golang.org/api from 0.96.0 to 0.98.0
...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.96.0 to 0.98.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.96.0...v0.98.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-09-30 00:23:08 +00:00
dependabot[bot]
0027f93fb9
Bump github.com/google/go-cmp from 0.5.8 to 0.5.9
...
Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp ) from 0.5.8 to 0.5.9.
- [Release notes](https://github.com/google/go-cmp/releases )
- [Commits](https://github.com/google/go-cmp/compare/v0.5.8...v0.5.9 )
---
updated-dependencies:
- dependency-name: github.com/google/go-cmp
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-09-30 00:22:41 +00:00
Andrew Reed
7101fbb0ee
Provisioner webhooks ( #1001 )
2022-09-29 19:16:26 -05:00
dependabot[bot]
132b32b5a5
Bump github.com/urfave/cli from 1.22.4 to 1.22.10
...
Bumps [github.com/urfave/cli](https://github.com/urfave/cli ) from 1.22.4 to 1.22.10.
- [Release notes](https://github.com/urfave/cli/releases )
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md )
- [Commits](https://github.com/urfave/cli/compare/v1.22.4...v1.22.10 )
---
updated-dependencies:
- dependency-name: github.com/urfave/cli
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-09-29 23:23:24 +00:00
dependabot[bot]
7420172d63
Bump github.com/slackhq/nebula from 1.5.2 to 1.6.1
...
Bumps [github.com/slackhq/nebula](https://github.com/slackhq/nebula ) from 1.5.2 to 1.6.1.
- [Release notes](https://github.com/slackhq/nebula/releases )
- [Changelog](https://github.com/slackhq/nebula/blob/master/CHANGELOG.md )
- [Commits](https://github.com/slackhq/nebula/compare/v1.5.2...v1.6.1 )
---
updated-dependencies:
- dependency-name: github.com/slackhq/nebula
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-09-29 23:23:07 +00:00
Mariano Cano
906c5067b9
Include attestation roots on provisioner converters
2022-09-29 16:12:55 -07:00
Herman Slatman
a8125846dd
Add TPM attestation
2022-09-21 14:58:03 +02:00
max furman
1e0ea6f958
more linting fixes
2022-09-20 19:05:12 -07:00
Mariano Cano
191d9e8629
Use go.step.sm/crypto to set the permanent identifier
2022-09-20 18:57:43 -07:00
Brandon Weeks
de5b0ef5c2
Verify key authorization is contained within the TPM quote extraData field
2022-09-20 16:51:55 -07:00
Brandon Weeks
248da10f32
Implement TPM attestation statement verification
2022-09-20 16:50:26 -07:00
Brandon Weeks
6f2b4d3042
Add ACME permanent-identifier identifier type
2022-09-20 16:48:28 -07:00
Herman Slatman
25cbe02b9e
Add provisioner template validation
...
Fixes #1012
2022-09-20 16:40:25 -07:00
Mariano Cano
df975122a0
Upgrade linkedca and add entry to changelog
2022-09-12 16:30:41 -07:00
Mariano Cano
bb0210e875
Fix typo in linkedca variable
2022-09-09 14:34:32 -07:00
Mariano Cano
66407139e5
Add methods to convert attestation formats
2022-09-08 17:49:24 -07:00
Mariano Cano
a2749ca8ed
Merge branch 'master' into device-attestation
2022-09-06 12:29:06 -07:00
Mariano Cano
45af68b244
Upgrade go.step.sm/crypto
2022-08-31 11:36:07 -07:00
Mariano Cano
6db631df51
Upgrade go.step.sm/crypto@attest
2022-08-30 15:49:10 -07:00
Mariano Cano
a893d6e7f7
Upgrade go.step.sm/cli-utils
...
Fixes issue with step path
2022-08-25 15:37:35 -07:00
Mariano Cano
1938b1bb34
Merge branch 'master' into herman/fix-template-validation
2022-08-25 13:31:33 -07:00
Mariano Cano
1d1e024b84
Upgrade to go.step.sm/crypto v0.18.0
2022-08-25 12:40:31 -07:00
Mariano Cano
bca311b05e
Add acme property to enable challenges
...
Fixes #1027
2022-08-23 17:11:40 -07:00
Herman Slatman
6b7b989988
Add provisioner template validation
...
Fixes #1012
2022-08-23 16:27:49 +02:00
Mariano Cano
693dc39481
Merge branch 'master' into device-attestation
2022-08-22 17:59:17 -07:00
Mariano Cano
6cab4d328e
Add a middleware to automatically route HEAD requests to GET
...
Fixes #992
2022-08-16 16:10:29 -07:00
Mariano Cano
0c7467ceb2
Allow to automatically configure and linked RA
2022-08-16 14:39:02 -07:00
Mariano Cano
5df1694250
Add endpoint id for the RA certificate
...
In a linked RA mode, send an endpoint id to group the server
certificates.
2022-08-11 14:47:11 -07:00
Mariano Cano
2f7cb9225f
Use go.step.sm/crypto to set the permanent identifier
2022-08-10 17:38:18 -07:00
Mariano Cano
369b8f81c3
Use go.step.sm/crypto/kms
...
Fixes #975
2022-08-08 17:58:18 -07:00
Mariano Cano
e02a190fa7
Merge branch 'master' into device-attestation
2022-08-08 17:29:59 -07:00
Mariano Cano
8445c29db6
Change actions to build using Go 1.19
...
Fixes #998
2022-08-08 12:01:18 -07:00
Mariano Cano
38fb92452f
Merge pull request #993 from smallstep/ra-ids
...
RA provisioner IDs
2022-08-04 11:26:59 -07:00
Mariano Cano
821743f71e
Upgrade newrelic to v3
2022-08-04 11:16:11 -07:00
Aaron Bieber
135c481893
Update deps to bring in support for OpenBSD
...
OpenBSD support was added to the following deps:
- github.com/go-piv/piv-go in https://github.com/go-piv/piv-go/pull/101
- github.com/newrelic/go-agent in https://github.com/newrelic/go-agent/pull/455
- github.com/miekg/pkcs11 in https://github.com/miekg/pkcs11/pull/140
With these deps bumped, tests all pass on OpenBSD amd64.
2022-08-04 11:38:15 -06:00
Mariano Cano
a2f7766943
Use released version of linkedca
2022-08-04 10:31:57 -07:00
Mariano Cano
64744562c6
Send RA provisioner to linkedca.
2022-08-03 18:44:25 -07:00
Brandon Weeks
77c6d10fd6
Verify key authorization is contained within the TPM quote extraData field
2022-06-23 05:19:36 +10:00
Brandon Weeks
e1ec31c0ed
Implement TPM attestation statement verification
2022-06-23 05:19:36 +10:00
Brandon Weeks
2ac8b69da2
Add ACME permanent-identifier identifier type
2022-06-23 05:19:36 +10:00
Mariano Cano
2adf8caac7
Fix Dependabot warning on an indirect dependency
2022-05-25 17:11:45 -07:00
Erik De Lamarter
dec1067add
vault kubernetes auth
2022-05-21 21:06:14 +02:00
Herman Slatman
d1ab1d5431
Merge branch 'master' into herman/update-crypto-0.16.2
2022-05-18 09:11:38 +02:00
Herman Slatman
b75ce3acbd
Update to go.step.sm/crypto v0.16.2
...
This patch release of go.step.sm/crypto fixes an issue with
not all `Subject` names being available for usage in a template
as `ExtraNames`.
2022-05-17 23:39:01 +02:00
Herman Slatman
7030dbb7a1
Use github.com/smallstep/pkcs7 fork with patches applied
2022-05-11 21:18:47 +02:00
Herman Slatman
ed231d29e2
Update to go.step.sm/linkedca@v0.16.1
2022-05-05 15:57:47 +02:00
Herman Slatman
f0272dc717
Fix import replacement of linkedca
2022-05-05 11:10:21 +02:00
Herman Slatman
60d8b22d89
Change context retrievers to MustTFromContext
2022-05-05 11:05:57 +02:00
Herman Slatman
f2f9cb899e
Add conditional defaults to policy protobuf request bodies
2022-04-19 12:09:45 +02:00
Herman Slatman
647538e9e8
Merge branch 'herman/allow-deny' into herman/allow-deny-options
2022-04-19 10:32:16 +02:00
Herman Slatman
ad2de16299
Merge branch 'master' into herman/allow-deny
2022-04-19 10:26:31 +02:00
Herman Slatman
7f9034d22a
Add additional policy options
2022-04-19 10:24:52 +02:00
Mariano Cano
fe9c3cf753
Merge branch 'master' into ahmet2mir-feat/vault
2022-04-18 15:35:26 -07:00
Herman Slatman
d6be9450be
Merge branch 'master' into herman/allow-deny
2022-04-15 11:57:05 +02:00
Mariano Cano
674dc3c844
Rename unreleased claim to allowRenewalAfterExpiry for consistency.
2022-04-13 15:11:54 -07:00
Mariano Cano
26e40068c8
Remove unnecessary dependencies.
2022-04-11 18:49:14 -07:00
Mariano Cano
37b521ec6c
Merge branch 'master' into feat/vault
2022-04-11 14:57:45 -07:00
Mariano Cano
d4013f0df6
Update linkedca
2022-04-07 18:19:56 -07:00
Herman Slatman
7df52dbb76
Add ACME EAB policy
2022-04-07 14:11:53 +02:00
Herman Slatman
235a2c9d04
Pin to specific version of go.step.sm/linkedca
2022-03-31 16:40:49 +02:00
Herman Slatman
5daa9fc0b1
Merge branch 'master' into herman/allow-deny
2022-03-31 16:13:50 +02:00
Mariano Cano
f5bf46b950
Upgrade go.step.sm/crypto
2022-03-30 18:24:17 -07:00
Herman Slatman
2fbdf7d5b0
Merge branch 'master' into herman/allow-deny
2022-03-30 14:50:14 +02:00
Herman Slatman
1dbaa62740
Update cloud.google.com/go/kms
2022-03-27 21:40:01 +02:00
Herman Slatman
dc23fd23bf
Merge branch 'master' into herman/allow-deny-next
2022-03-24 12:36:12 +01:00
Herman Slatman
81b0c6c37c
Add API implementation for authority and provisioner policy
2022-03-15 15:56:04 +01:00
Mariano Cano
c903f00cd4
Rename claim to allowRenewAfterExpiry.
2022-03-14 15:40:01 -07:00
Mariano Cano
616490a9c6
Refactor renew after expiry token authorization
...
This changes adds a new authority method that authorizes the
renew after expiry tokens.
2022-03-10 20:21:01 -08:00
Mariano Cano
3fb5e57f12
Upgrade nosql package
...
The new version of the package allows filtering out database drivers
using Go tags.
2022-03-04 10:56:09 -08:00
Mariano Cano
6f46cdb432
Merge pull request #829 from vijayjt/new-azure-token-authz-options
...
Add subscription and object ID validation options to Azure provisioner
2022-02-28 14:31:28 -08:00
vijayjt
7a32c312bf
Update linkedca dependency version
2022-02-25 11:21:32 +00:00
max furman
9d885e6914
bump nosql for postgres support
2022-02-22 22:39:30 -08:00
Mariano Cano
c0525381eb
Merge branch 'master' into feat/vault
2022-02-16 18:19:23 -08:00
Herman Slatman
c7c5c3c94e
Merge branch 'master' into herman/scep-macos-renewal-fixes
2022-01-31 13:20:16 +01:00
Mariano Cano
09a9b3e1c8
Upgrade go.step.sm/crypto
2022-01-27 13:12:50 -08:00
Herman Slatman
3b72d241e0
Add LinkedCA integration for improved SCEP provisioner
2022-01-21 16:07:50 +01:00
Ahmet DEMIR
d957a57e24
fix: apply mariano suggestions and fixes
...
* use json.RawMessage to remote mapstructure in options
* use vault secretid structure to support multiple source aka string, file and env
* remove log prefix
* return raw cert on error on newline for cert and csr
* clean sans, commonName in createCertificate (bad copy/paste from StepCAS)
* verify authority fingerprint
* convert serial on revoke to bigint, bytes and vault dashed representation
2022-01-20 10:16:47 +01:00
Ahmet DEMIR
16390694e1
feat(vault): adding hashicorp vault cas
2022-01-14 18:56:17 +01:00
Mariano Cano
01a76445ea
Upgrade go.step.sm/crypto
2022-01-06 12:50:26 -08:00
Mariano Cano
98044cf08d
Use a tagged version of linkedca
2022-01-06 12:04:57 -08:00
Mariano Cano
6a1d0cb9f8
Add linkedca conversions.
2022-01-04 18:42:57 -08:00
Mariano Cano
9ec0276887
Update certificate set with new api.
2022-01-03 18:54:01 -08:00
Mariano Cano
32390a2964
Add initial implementation of a nebula provisioner.
...
A nebula provisioner will generate a X509 or SSH certificate with
the identities in the nebula certificate embedded in the token.
The token is signed with the private key of the nebula certificate.
2021-12-29 14:12:03 -08:00
Herman Slatman
06bb97c91e
Add logic for Account authorizations and improve tests
2021-12-02 16:25:35 +01:00
max furman
7fac8c96c3
Merge branch 'master' into max/context
2021-11-17 11:40:01 -08:00
max furman
196f6b45c9
bump cli-utils to 0.7.0
2021-11-16 21:49:18 -08:00
max furman
b5bf79b84e
bump nosql library
2021-11-16 21:48:43 -08:00
max furman
555431448c
bump version ofcli-utils
2021-11-16 21:48:38 -08:00
max furman
da74fa2eb9
Rename FullSnippet to Fragment and remove unused replace in go.mod
2021-11-16 21:47:14 -08:00
max furman
741ac64c61
change name of package cli-utils/config to cli-utils/step
2021-11-16 21:47:14 -08:00
Herman Slatman
2c05f488f6
Remove support for Go 1.15
2021-11-13 01:43:03 +01:00
Mariano Cano
62a20c7db5
Upgrade cli-utils with latest version of promptui
2021-11-01 10:08:48 -07:00
Mariano Cano
9958e0645f
Replace promptui with apache-compatible fork.
...
Promptui depends on github.com/juju/ansiterm that is licensed under
LGPL. The fork replaces ansiterm.TabWriter with the one in the
standard library.
2021-10-27 12:38:16 -07:00
Mariano Cano
0927e0d22a
Upgrade go.step.sm/crypto dependency
...
The new version removes "env" and "expandenv" sprig functions.
2021-10-27 11:48:29 -07:00
Mariano Cano
edd475b81b
Allow to configure azurekms using the URI
...
With an URI, azurekms can be configured with client credentials,
and it can define a default vault and protection level.
2021-10-12 18:24:58 -07:00
Mariano Cano
e15b5faf7d
Merge branch 'master' into keyvault
2021-10-12 15:15:35 -07:00
Mariano Cano
d8720c3723
Update linkedca package.
2021-10-07 17:21:40 -07:00
Mariano Cano
48549bf317
Initialize windows terminal on all binaries.
2021-10-07 11:09:32 -07:00
Mariano Cano
6389100325
Add unit tests for azurekms.
2021-10-05 20:35:52 -07:00
Mariano Cano
392a18465f
Add initial implementation of Azure Key Vault KMS.
...
Fixes #462
2021-10-05 17:06:17 -07:00
Mariano Cano
ad82d8a250
Upgrade go.step.sm/crypto as long with go-jose.v2
...
There was a typo in the OKP template causing bad fingerprints for
Ed25519 keys.
See a10ff54e00
Fixes #705
2021-09-22 15:15:19 -07:00
Herman Slatman
73d0a11a20
Update github.com/micromdm/scep/v2
2021-09-16 08:29:25 +02:00
Herman Slatman
611859eec4
Update go.mozilla.org/pkcs7
...
This includes the fix as described in https://github.com/mozilla-services/pkcs7/pull/59 ,
which was the reason a fork of the library was used.
2021-09-16 08:24:28 +02:00
Mariano Cano
9e7a3cd897
Update go.step.sm/crypto
2021-08-26 18:12:37 -07:00
Mariano Cano
352acf8faa
Upgrade golang.org/x/crypto
2021-08-26 11:29:13 -07:00
Mariano Cano
42fde8ba28
Merge branch 'master' into linkedca
2021-08-25 15:56:50 -07:00
max furman
2317bf183b
Nosql and badger bump
2021-08-25 10:32:12 -07:00
max furman
cc9bc9c84b
Bump Badger
2021-08-25 10:24:18 -07:00
max furman
f53f78974e
Badger bump to fix issue with caddy build
2021-08-18 11:38:31 -07:00
Mariano Cano
456ffd8806
Use linkedca v0.5.0
2021-08-11 15:33:34 -07:00
Mariano Cano
28e882c9b3
Add deployment type to export.
2021-08-10 17:14:17 -07:00
Mariano Cano
798b90c359
Move linkedca configuration to the main package.
2021-08-04 20:15:04 -07:00
Mariano Cano
de292fbed6
Use branch version of linkedca.
2021-08-02 16:08:54 -07:00
Mariano Cano
dc1ec18b52
Create a way to export ca configurations.
2021-07-26 19:01:56 -07:00
Mariano Cano
d0c1530f89
Remove replace of linkedca package.
2021-07-26 14:48:01 -07:00
Mariano Cano
4ad82a2f76
Check linkedca for revocation.
2021-07-23 16:10:13 -07:00
Mariano Cano
71f8019243
Store x509 and ssh certificates on linkedca if enabled.
2021-07-20 18:16:24 -07:00
Mariano Cano
17eef81c91
Remove linkerd replace.
2021-07-20 14:55:07 -07:00
Mariano Cano
a72eab915b
Use linkedca v0.1.0
2021-07-20 12:59:59 -07:00
Mariano Cano
8fb5340dc9
Use a token at start time to configure linkedca.
...
Instead of using `step-ca login` we will use a new token provided
as a flag to configure and start linkedca. Certificates will be kept
in memory and refreshed automatically.
2021-07-19 19:28:06 -07:00
Mariano Cano
f7e09af9df
Implement the login command.
...
The login commands creates a new certificate for the linked ca.
This certificate will be used to sync data with the linkedca
endpoint.
2021-07-12 15:28:13 +02:00
max furman
77fdfc9fa3
Merge branch 'master' into max/cert-mgr-crud
2021-07-02 20:26:46 -07:00
max furman
9fdef64709
Admin level API for provisioner mgmt v1
2021-07-02 19:05:17 -07:00
Mariano Cano
65dacc2795
Replace golint with revive
2021-06-23 09:53:26 +02:00
Mariano Cano
2a97389f1b
Upgrade dependencies.
2021-06-08 17:47:26 -07:00
Mariano Cano
072bd0dcf4
Add support for Google CAS v1
2021-06-03 19:31:19 -07:00
Herman Slatman
66a67ed691
Update to v2.0.0 of github.com/micromdm/scep
2021-05-26 16:15:24 -07:00
Herman Slatman
75cd3ab0ac
Change to a fixed fork of go.mozilla.org/pkcs7
...
Hopefully this will be a temporary change until
the fix is merged in the upstream module.
2021-05-26 16:07:37 -07:00
Herman Slatman
2a249d20de
Refactor initialization of SCEP authority
2021-05-26 16:04:19 -07:00
Herman Slatman
48c86716a0
Add rudimentary (and incomplete) support for SCEP
2021-05-26 15:58:04 -07:00
Herman Slatman
bc2bb53009
Merge branch 'master' into hs/scep
2021-05-20 21:35:44 +02:00
Mariano Cano
f84c8f846a
Upgrade x/crypto
...
Although this does not affects us the old version had the vulnerability
CVE-2020-29652
2021-05-18 19:16:13 -07:00
max furman
b205f50412
bump crypto to 0.8.3 and go mod tidy
2021-05-13 12:14:11 -07:00
Herman Slatman
c3d9cef497
Update to v2.0.0 of github.com/micromdm/scep
2021-03-26 22:04:18 +01:00
Herman Slatman
c5e4ea08b3
Merge branch 'master' into hs/scep
2021-03-26 15:22:41 +01:00
Mariano Cano
561341a6f2
Update go.step.sm/crypto.
2021-03-18 18:04:38 -07:00
Herman Slatman
efd5501aca
Merge branch 'master' into hs/scep
2021-03-12 12:16:10 +01:00
Mariano Cano
d74f1fa55e
Use cli-utils v0.2.0
2021-03-10 12:53:25 -08:00
Mariano Cano
a1a7e38a49
Add support for cli-utils with powershell support.
2021-03-10 12:34:47 -08:00
Herman Slatman
9df5f513e7
Change to a fixed fork of go.mozilla.org/pkcs7
...
Hopefully this will be a temporary change until
the fix is merged in the upstream module.
2021-03-06 22:35:41 +01:00
Herman Slatman
7ad90d10b3
Refactor initialization of SCEP authority
2021-02-26 00:32:21 +01:00
Herman Slatman
9e43dc85d8
Merge branch 'master' into hs/scep-master
2021-02-19 10:16:39 +01:00
Mariano Cano
3eb24d7d01
Remove duplicated replace.
2021-02-16 17:14:15 -08:00
Herman Slatman
ffdd58ea3c
Add rudimentary (and incomplete) support for SCEP
2021-02-12 12:03:08 +01:00
Mariano Cano
f289d1ee1f
Update to crypto11 v1.2.4
...
This version now includes my changes to delete a certificate.
2021-02-08 12:01:21 -08:00
Mariano Cano
4fbf7569fa
Merge branch 'master' into pkcs11
2021-02-01 18:13:16 -08:00
Mariano Cano
1d47a7284d
Upgrade nosql with a version of badger compatible with 32bits
2021-02-01 18:09:28 -08:00
Mariano Cano
6c0cf99b24
Upgrade nosql with a 32-bit version of badger.
2021-01-27 11:02:56 -08:00
Mariano Cano
8dca652bc7
Add support for PKCS #11 KMS.
...
The implementation works with YubiHSM2. Unit tests are still pending.
Fixes #301
2021-01-26 20:03:53 -08:00