mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-05-13 00:28:49 +02:00
Code Issues Projects Releases Wiki Activity

Merge remote-tracking branch 'remotes/from/ce/main'

Browse Source
This commit is contained in:
hc-github-team-secure-vault-core 2026-05-07 22:20:03 +00:00
commit eaa382079b
5 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/actions/build-vault/action.yml vendored
View File

@ -224,6 +224,10 @@ runs:
path: out/${{ steps.metadata.outputs.artifact-basename }}.zip
if-no-files-found: error
- if: inputs.create-packages == 'true'
env:
# Use our elevated token instead of the workflow token so that our
# download of nfpm is less likely to fail.
GH_TOKEN: ${{ inputs.github-token }}
uses: hashicorp/actions-packaging-linux@33f7d23b14f24e6a7b7d9948cb7f5caca2045ee3
with:
name: ${{ inputs.package-name }}

4
builtin/logical/pki/backend_test.go
View File

@ -8321,3 +8321,7 @@ func TestBackend_IDNWithWildcards_AltNames(t *testing.T) {
})
}
}
func stringSliceContainsAny(sl []string, substr string) bool {
return slices.ContainsFunc(sl, func(s string) bool { return strings.Contains(s, substr) })
}

3
changelog/_14581.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:security
core: Update github.com/apache/thrift to fix security vulnerability GHSA-wf45-q9ch-q8gh
```

4
go.mod
View File

@ -245,7 +245,9 @@ require (
require (
github.com/andybalholm/brotli v1.2.0 // indirect
github.com/apache/thrift v0.22.0 // indirect
// We're currently pulling v0.23.0 + a 32 bit fix: https://github.com/apache/thrift/commit/d2acd3c49e5832cb0179f72b111c4ad5bd89c4c5
// until a new version is release.
github.com/apache/thrift v0.23.1-0.20260429145742-d2acd3c49e58 // indirect
github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
github.com/aws/aws-sdk-go-v2/service/signin v1.0.9 // indirect
github.com/containerd/errdefs v1.0.0 // indirect

4
go.sum
View File

@ -184,8 +184,8 @@ github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFI
github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4=
github.com/apache/arrow-go/v18 v18.4.0 h1:/RvkGqH517iY8bZKc4FD5/kkdwXJGjxf28JIXbJ/oB0=
github.com/apache/arrow-go/v18 v18.4.0/go.mod h1:Aawvwhj8x2jURIzD9Moy72cF0FyJXOpkYpdmGRHcw14=
github.com/apache/thrift v0.22.0 h1:r7mTJdj51TMDe6RtcmNdQxgn9XcyfGDOzegMDRg47uc=
github.com/apache/thrift v0.22.0/go.mod h1:1e7J/O1Ae6ZQMTYdy9xa3w9k+XHWPfRvdPyJeynQ+/g=
github.com/apache/thrift v0.23.1-0.20260429145742-d2acd3c49e58 h1:rDLE+tSW60VzRD7v5I+DU22Mjhmm+mfLc5Xl5dHkx6w=
github.com/apache/thrift v0.23.1-0.20260429145742-d2acd3c49e58/go.mod h1:zPt6WxgvTOM6hF92y8C+MkEM5LMxZuk4JcQOiU4Esvs=
github.com/apparentlymart/go-textseg/v15 v15.0.0 h1:uYvfpb3DyLSCGWnctWKGj857c6ew1u1fNQOlOtuGxQY=
github.com/apparentlymart/go-textseg/v15 v15.0.0/go.mod h1:K8XmNZdhEBkdlyDdvbmmsvpAG721bKi0joRfFdHIWJ4=
github.com/apple/foundationdb/bindings/go v0.0.0-20190411004307-cd5c9d91fad2 h1:VoHKYIXEQU5LWoambPBOvYxyLqZYHuj+rj5DVnMUc3k=