Prepare for release of 1.20.0 (#21827)

* Consume release of proto-public

* Consume release of api in envoyextensions

* Consume releases of api + envoyextensions in troubleshoot

* Consume all submodule releases in root

* Update CHANGELOG.md

* Update testing modules

* Remove version pinning magic for submodule releases

CHANGELOG.md

@@ -1,3 +1,34 @@
+## 1.20.0 (October 14, 2024)
+
+SECURITY:
+
+* Explicitly set 'Content-Type' header to mitigate XSS vulnerability. [[GH-21704](https://github.com/hashicorp/consul/issues/21704)]
+* Implement HTML sanitization for user-generated content to prevent XSS attacks in the UI. [[GH-21711](https://github.com/hashicorp/consul/issues/21711)]
+* UI: Remove codemirror linting due to package dependency [[GH-21726](https://github.com/hashicorp/consul/issues/21726)]
+* Upgrade Go to use 1.22.7. This addresses CVE 
+[CVE-2024-34155](https://nvd.nist.gov/vuln/detail/CVE-2024-34155) [[GH-21705](https://github.com/hashicorp/consul/issues/21705)]
+* Upgrade to support aws/aws-sdk-go `v1.55.5 or higher`. This resolves CVEs
+[CVE-2020-8911](https://nvd.nist.gov/vuln/detail/cve-2020-8911) and 
+[CVE-2020-8912](https://nvd.nist.gov/vuln/detail/cve-2020-8912). [[GH-21684](https://github.com/hashicorp/consul/issues/21684)]
+* ui: Pin a newer resolution of Braces [[GH-21710](https://github.com/hashicorp/consul/issues/21710)]
+* ui: Pin a newer resolution of Codemirror [[GH-21715](https://github.com/hashicorp/consul/issues/21715)]
+* ui: Pin a newer resolution of Markdown-it [[GH-21717](https://github.com/hashicorp/consul/issues/21717)]
+* ui: Pin a newer resolution of ansi-html [[GH-21735](https://github.com/hashicorp/consul/issues/21735)]
+
+FEATURES:
+
+* grafana: added the dashboards service-to-service dashboard, service dashboard, and consul dataplane dashboard [[GH-21806](https://github.com/hashicorp/consul/issues/21806)]
+* server: remove v2 tenancy, catalog, and mesh experiments [[GH-21592](https://github.com/hashicorp/consul/issues/21592)]
+
+IMPROVEMENTS:
+
+* security: upgrade ubi base image to 9.4 [[GH-21750](https://github.com/hashicorp/consul/issues/21750)]
+* connect: Add Envoy 1.31 and 1.30 to support matrix [[GH-21616](https://github.com/hashicorp/consul/issues/21616)]
+
+BUG FIXES:
+
+* jwt-provider: change dns lookup family from the default of AUTO which would prefer ipv6 to ALL if LOGICAL_DNS is used or PREFER_IPV4 if STRICT_DNS is used to gracefully handle transitions to ipv6. [[GH-21703](https://github.com/hashicorp/consul/issues/21703)]
+
 ## 1.20.0-rc1 (September 19, 2024)
 
 SECURITY:

api/go.mod

@@ -2,8 +2,10 @@ module github.com/hashicorp/consul/api
 
 go 1.19
 
-//github.com/hashicorp/consul/proto-public => ../proto-public
-replace github.com/hashicorp/consul/sdk => ../sdk
+replace (
+	github.com/hashicorp/consul/proto-public => ../proto-public
+	github.com/hashicorp/consul/sdk => ../sdk
+)
 
 retract (
 	v1.28.0 // tag was mutated
@@ -13,7 +15,7 @@ retract (
 
 require (
 	github.com/google/go-cmp v0.5.9
-	github.com/hashicorp/consul/proto-public v0.5.4-rc1
+	github.com/hashicorp/consul/proto-public v0.6.3
 	github.com/hashicorp/consul/sdk v0.16.1
 	github.com/hashicorp/go-cleanhttp v0.5.2
 	github.com/hashicorp/go-hclog v1.5.0

api/go.sum

@@ -44,8 +44,6 @@ github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/hashicorp/consul/proto-public v0.5.4-rc1 h1:psIJ9DgJw5QbRsh6RGYYr3Viw+r+up9PE7Z6mAZsAEQ=
-github.com/hashicorp/consul/proto-public v0.5.4-rc1/go.mod h1:a1pOtKbQ2+iRnMlEA2bywlEZ0nbCQ2pS7GDQN6pqLwU=
 github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
 github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
 github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=

envoyextensions/go.mod

@@ -2,16 +2,18 @@ module github.com/hashicorp/consul/envoyextensions
 
 go 1.20
 
-//github.com/hashicorp/consul/api => ../api
-//github.com/hashicorp/consul/proto-public => ../proto-public
-replace github.com/hashicorp/consul/sdk => ../sdk
+replace (
+	github.com/hashicorp/consul/api => ../api
+	github.com/hashicorp/consul/proto-public => ../proto-public
+	github.com/hashicorp/consul/sdk => ../sdk
+)
 
 retract v0.7.2 // tag was mutated
 
 require (
 	github.com/envoyproxy/go-control-plane v0.12.0
 	github.com/google/go-cmp v0.5.9
-	github.com/hashicorp/consul/api v1.29.5-rc1
+	github.com/hashicorp/consul/api v1.29.5
 	github.com/hashicorp/consul/sdk v0.16.1
 	github.com/hashicorp/go-hclog v1.5.0
 	github.com/hashicorp/go-multierror v1.1.1

envoyextensions/go.sum

@@ -60,9 +60,6 @@ github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/hashicorp/consul/api v1.29.5-rc1 h1:14ULV2lHRRtbKUDkKSeg8CExDGrqxr/eUEeqtswaW8M=
-github.com/hashicorp/consul/api v1.29.5-rc1/go.mod h1:OiMrmEbZPgDfmTwiE7+ZAkv+EJ16SsVIuLJRQrkjDC0=
-github.com/hashicorp/consul/proto-public v0.5.4-rc1 h1:psIJ9DgJw5QbRsh6RGYYr3Viw+r+up9PE7Z6mAZsAEQ=
 github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
 github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
 github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=

go.mod

@@ -43,11 +43,11 @@ require (
 	github.com/hashi-derek/grpc-proxy v0.0.0-20231207191910-191266484d75
 	github.com/hashicorp/consul-awsauth v0.0.0-20220713182709-05ac1c5c2706
 	github.com/hashicorp/consul-net-rpc v0.0.0-20221205195236-156cfab66a69
-	github.com/hashicorp/consul/api v1.29.5-rc1
-	github.com/hashicorp/consul/envoyextensions v0.7.4-rc1
-	github.com/hashicorp/consul/proto-public v0.6.2
+	github.com/hashicorp/consul/api v1.29.5
+	github.com/hashicorp/consul/envoyextensions v0.7.4
+	github.com/hashicorp/consul/proto-public v0.6.3
 	github.com/hashicorp/consul/sdk v0.16.1
-	github.com/hashicorp/consul/troubleshoot v0.7.1
+	github.com/hashicorp/consul/troubleshoot v0.7.2
 	github.com/hashicorp/go-bexpr v0.1.2
 	github.com/hashicorp/go-checkpoint v0.5.0
 	github.com/hashicorp/go-cleanhttp v0.5.2

test-integ/go.mod

@@ -6,8 +6,8 @@ toolchain go1.22.5
 
 require (
 	github.com/google/go-cmp v0.5.9
-	github.com/hashicorp/consul/api v1.29.5-rc1
-	github.com/hashicorp/consul/proto-public v0.6.2
+	github.com/hashicorp/consul/api v1.29.5
+	github.com/hashicorp/consul/proto-public v0.6.3
 	github.com/hashicorp/consul/sdk v0.16.1
 	github.com/hashicorp/consul/test/integration/consul-container v0.0.0-20230628201853-bdf4fad7c5a5
 	github.com/hashicorp/consul/testing/deployer v0.0.0-20230811171106-4a0afb5d1373

test/integration/consul-container/go.mod

@@ -12,8 +12,8 @@ require (
 	github.com/evanphx/json-patch v4.12.0+incompatible
 	github.com/go-jose/go-jose/v3 v3.0.3
 	github.com/hashicorp/consul v1.16.1
-	github.com/hashicorp/consul/api v1.29.5-rc1
-	github.com/hashicorp/consul/envoyextensions v0.7.4-rc1
+	github.com/hashicorp/consul/api v1.29.5
+	github.com/hashicorp/consul/envoyextensions v0.7.4
 	github.com/hashicorp/consul/sdk v0.16.1
 	github.com/hashicorp/consul/testing/deployer v0.0.0-20230811171106-4a0afb5d1373
 	github.com/hashicorp/go-cleanhttp v0.5.2
@@ -61,7 +61,7 @@ require (
 	github.com/google/go-cmp v0.5.9 // indirect
 	github.com/google/uuid v1.4.0 // indirect
 	github.com/hashicorp/consul-server-connection-manager v0.1.4 // indirect
-	github.com/hashicorp/consul/proto-public v0.6.2 // indirect
+	github.com/hashicorp/consul/proto-public v0.6.3 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-hclog v1.6.3 // indirect
 	github.com/hashicorp/go-immutable-radix v1.3.1 // indirect

testing/deployer/go.mod

@@ -7,7 +7,7 @@ require (
 	github.com/google/go-cmp v0.5.9
 	github.com/hashicorp/consul-server-connection-manager v0.1.4
 	github.com/hashicorp/consul/api v1.29.4
-	github.com/hashicorp/consul/proto-public v0.6.2
+	github.com/hashicorp/consul/proto-public v0.6.3
 	github.com/hashicorp/consul/sdk v0.16.1
 	github.com/hashicorp/go-cleanhttp v0.5.2
 	github.com/hashicorp/go-hclog v1.5.0

troubleshoot/go.mod

@@ -2,10 +2,12 @@ module github.com/hashicorp/consul/troubleshoot
 
 go 1.19
 
-//github.com/hashicorp/consul/api => ../api
-//github.com/hashicorp/consul/envoyextensions => ../envoyextensions
-//github.com/hashicorp/consul/proto-public => ../proto-public
-replace github.com/hashicorp/consul/sdk => ../sdk
+replace (
+	github.com/hashicorp/consul/api => ../api
+	github.com/hashicorp/consul/envoyextensions => ../envoyextensions
+	github.com/hashicorp/consul/proto-public => ../proto-public
+	github.com/hashicorp/consul/sdk => ../sdk
+)
 
 exclude (
 	github.com/hashicorp/go-msgpack v1.1.5 // has breaking changes and must be avoided
@@ -21,8 +23,8 @@ retract (
 require (
 	github.com/envoyproxy/go-control-plane v0.12.0
 	github.com/envoyproxy/go-control-plane/xdsmatcher v0.0.0-20230524161521-aaaacbfbe53e
-	github.com/hashicorp/consul/api v1.29.5-rc1
-	github.com/hashicorp/consul/envoyextensions v0.7.4-rc1
+	github.com/hashicorp/consul/api v1.29.5
+	github.com/hashicorp/consul/envoyextensions v0.7.4
 	github.com/hashicorp/consul/sdk v0.16.1
 	github.com/stretchr/testify v1.8.4
 	google.golang.org/protobuf v1.33.0

troubleshoot/go.sum

@@ -61,11 +61,6 @@ github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMyw
 github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/hashicorp/consul/api v1.29.5-rc1 h1:14ULV2lHRRtbKUDkKSeg8CExDGrqxr/eUEeqtswaW8M=
-github.com/hashicorp/consul/api v1.29.5-rc1/go.mod h1:OiMrmEbZPgDfmTwiE7+ZAkv+EJ16SsVIuLJRQrkjDC0=
-github.com/hashicorp/consul/envoyextensions v0.7.4-rc1 h1:X25Ga6IbBaSoTLLLNxpXQImhRtmM0zWUpy4HlR1R8NI=
-github.com/hashicorp/consul/envoyextensions v0.7.4-rc1/go.mod h1:l/AHQyfoRIhuBy3ZTYwtnUEnDTaeD9opxV+ouiIxSRU=
-github.com/hashicorp/consul/proto-public v0.5.4-rc1 h1:psIJ9DgJw5QbRsh6RGYYr3Viw+r+up9PE7Z6mAZsAEQ=
 github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
 github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
 github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=