chore: bump hashicorp/vault-action from 3.0.0 to 3.1.0 #5530

dependabot · 2025-01-21T22:25:27Z

Bumps hashicorp/vault-action from 3.0.0 to 3.1.0.

Release notes

Sourced from hashicorp/vault-action's releases.

v3.1.0

3.1.0 (January 9, 2025)

Improvements:

fix wildcard handling when field contains dot GH-542

bump body-parser from 1.20.0 to 1.20.3

bump braces from 3.0.2 to 3.0.3

bump cross-spawn from 7.0.3 to 7.0.6

bump micromatch from 4.0.5 to 4.0.8

Features:

secretId is no longer required for approle to support advanced use cases like machine login when bind_secret_id is false. GH-522

Use pki configuration to generate certificates from Vault GH-564

Changelog

Sourced from hashicorp/vault-action's changelog.

3.1.0 (January 9, 2025)

Improvements:

fix wildcard handling when field contains dot GH-542

bump body-parser from 1.20.0 to 1.20.3

bump braces from 3.0.2 to 3.0.3

bump cross-spawn from 7.0.3 to 7.0.6

bump micromatch from 4.0.5 to 4.0.8

Features:

secretId is no longer required for approle to support advanced use cases like machine login when bind_secret_id is false. GH-522

Use pki configuration to generate certificates from Vault GH-564

Commits

a1b77a0 Prepare for v3.1.0 release (#571)
3b999ae chore: Update dist/index for latest code (#568)
c46b8b8 chore: Update docker compose command (#567)
33b70ff feat: Add PKI capability (#564)
8b7eace docs: add namespace example to readme (#562)
148ee64 chore: add details on kvv2 path (#554)
0f302fb chore: bump and pin github actions (#552)
47dbc64 fix wildcard handling when field contains dot (#542)
66531b2 Revert convert to esm (#544)
ee41aa2 chore(deps): bump jsonata from 2.0.3 to 2.0.4 (#531)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

netlify · 2025-01-21T22:26:14Z

✅ Deploy Preview for docs-spectrocloud ready!

Name	Link
🔨 Latest commit	`ef76804`
🔍 Latest deploy log	https://app.netlify.com/sites/docs-spectrocloud/deploys/6797cc9ecc88c10008e6173f
😎 Deploy Preview	https://deploy-preview-5530--docs-spectrocloud.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

Bumps [hashicorp/vault-action](https://github.com/hashicorp/vault-action) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/hashicorp/vault-action/releases) - [Changelog](https://github.com/hashicorp/vault-action/blob/main/CHANGELOG.md) - [Commits](hashicorp/vault-action@v3.0.0...v3.1.0) --- updated-dependencies: - dependency-name: hashicorp/vault-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

…/vault-action-3.1.0

Bumps [hashicorp/vault-action](https://github.com/hashicorp/vault-action) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/hashicorp/vault-action/releases) - [Changelog](https://github.com/hashicorp/vault-action/blob/main/CHANGELOG.md) - [Commits](hashicorp/vault-action@v3.0.0...v3.1.0) --- updated-dependencies: - dependency-name: hashicorp/vault-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (cherry picked from commit 0192f18)

vault-token-factory-spectrocloud · 2025-01-27T18:26:23Z

💔 Some backports could not be created

Status	Branch	Result
❌	version-4-0	Backport failed because of merge conflicts You might need to backport the following PRs to version-4-0: - chore: PAC-938-packs data initial fetch and component development for readme (#3178) - chore: bump hashicorp/vault-action from 2.7.3 to 3.0.0 (#2547) - ci: added missing condition for non-cron workflows (#1720) - ci: changed default workflow - chore: released docs versioning - docs: updated URLs to use file path context - chore: validate backport (#1488)
❌	version-4-1	Backport failed because of merge conflicts You might need to backport the following PRs to version-4-1: - chore: PAC-938-packs data initial fetch and component development for readme (#3178) - ci: added missing condition for non-cron workflows (#1720) - ci: changed default workflow
❌	version-4-2	Backport failed because of merge conflicts You might need to backport the following PRs to version-4-2: - chore: add caching for CVE data (#5281) - chore: PAC-938-packs data initial fetch and component development for readme (#3178) - chore: bump hashicorp/vault-action from 2.7.3 to 3.0.0 (#2547)
✅	version-4-3
✅	version-4-4
✅	version-4-5

Note: Successful backport PRs will be merged automatically after passing CI.

Manual backport

To create the backport manually run:

backport --pr 5530

Questions ?

Please refer to the Backport tool documentation and see the Github Action logs for details

Bumps [hashicorp/vault-action](https://github.com/hashicorp/vault-action) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/hashicorp/vault-action/releases) - [Changelog](https://github.com/hashicorp/vault-action/blob/main/CHANGELOG.md) - [Commits](hashicorp/vault-action@v3.0.0...v3.1.0) --- updated-dependencies: - dependency-name: hashicorp/vault-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (cherry picked from commit 0192f18) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [hashicorp/vault-action](https://github.com/hashicorp/vault-action) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/hashicorp/vault-action/releases) - [Changelog](https://github.com/hashicorp/vault-action/blob/main/CHANGELOG.md) - [Commits](hashicorp/vault-action@v3.0.0...v3.1.0) --- updated-dependencies: - dependency-name: hashicorp/vault-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

dependabot bot added the dependencies Pull requests that update a dependency file label Jan 21, 2025

dependabot bot requested a review from a team as a code owner January 21, 2025 22:25

dependabot bot added the github_actions Pull requests that update GitHub Actions code label Jan 21, 2025

dependabot bot requested review from lennessyy, benradstone and caroldelwing January 21, 2025 22:25

dependabot bot force-pushed the dependabot/github_actions/master/hashicorp/vault-action-3.1.0 branch from a149959 to c6098fe Compare January 22, 2025 18:15

dependabot bot force-pushed the dependabot/github_actions/master/hashicorp/vault-action-3.1.0 branch from c6098fe to e1390f8 Compare January 22, 2025 19:08

Merge branch 'master' into dependabot/github_actions/master/hashicorp…

ef76804

…/vault-action-3.1.0

karl-cardenas-coding enabled auto-merge (squash) January 27, 2025 18:12

karl-cardenas-coding approved these changes Jan 27, 2025

View reviewed changes

karl-cardenas-coding merged commit 0192f18 into master Jan 27, 2025
30 of 34 checks passed

karl-cardenas-coding deleted the dependabot/github_actions/master/hashicorp/vault-action-3.1.0 branch January 27, 2025 18:22

vault-token-factory-spectrocloud bot mentioned this pull request Jan 27, 2025

[version-4-3] chore: bump hashicorp/vault-action from 3.0.0 to 3.1.0 (#5530) #5570

Merged

vault-token-factory-spectrocloud bot mentioned this pull request Jan 27, 2025

[version-4-4] chore: bump hashicorp/vault-action from 3.0.0 to 3.1.0 (#5530) #5571

Merged

vault-token-factory-spectrocloud bot mentioned this pull request Jan 27, 2025

[version-4-5] chore: bump hashicorp/vault-action from 3.0.0 to 3.1.0 (#5530) #5572

Merged

karl-cardenas-coding mentioned this pull request Jan 27, 2025

[version-4-2] chore: bump hashicorp/vault-action from 3.0.0 to 3.1.0 (#5530) #5573

Merged

karl-cardenas-coding mentioned this pull request Jan 27, 2025

[version-4-1] chore: bump hashicorp/vault-action from 3.0.0 to 3.1.0 (#5530) #5574

Merged

karl-cardenas-coding mentioned this pull request Jan 27, 2025

[version-4-0] chore: bump hashicorp/vault-action from 3.0.0 to 3.1.0 (#5530) #5575

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: bump hashicorp/vault-action from 3.0.0 to 3.1.0 #5530

chore: bump hashicorp/vault-action from 3.0.0 to 3.1.0 #5530

dependabot bot commented on behalf of github Jan 21, 2025 •

edited

Loading

netlify bot commented Jan 21, 2025 •

edited

Loading

vault-token-factory-spectrocloud bot commented Jan 27, 2025

chore: bump hashicorp/vault-action from 3.0.0 to 3.1.0 #5530

chore: bump hashicorp/vault-action from 3.0.0 to 3.1.0 #5530

Conversation

dependabot bot commented on behalf of github Jan 21, 2025 • edited Loading

v3.1.0

3.1.0 (January 9, 2025)

3.1.0 (January 9, 2025)

netlify bot commented Jan 21, 2025 • edited Loading

✅ Deploy Preview for docs-spectrocloud ready!

vault-token-factory-spectrocloud bot commented Jan 27, 2025

💔 Some backports could not be created

Manual backport

Questions ?

dependabot bot commented on behalf of github Jan 21, 2025 •

edited

Loading

netlify bot commented Jan 21, 2025 •

edited

Loading