Skip to content

docs: update GitHub auth method docs and security model#13572

Merged
taoism4504 merged 1 commit intomainfrom
docs/update-security-model-audit
Jan 5, 2022
Merged

docs: update GitHub auth method docs and security model#13572
taoism4504 merged 1 commit intomainfrom
docs/update-security-model-audit

Conversation

@mickael-hc
Copy link
Copy Markdown
Contributor

@mickael-hc mickael-hc commented Jan 5, 2022

Provide changes based on recent audit feedback, and describes risks of third party auth methods and plugins

@mickael-hc
docs: update GitHub auth method docs and security model
d91ba9d 
Provide changes based on recent audit feedback: describe risks of third party authentication systems and plugins.
@mickael-hc mickael-hc requested a review from taoism4504 as a code owner January 5, 2022 15:41
taoism4504
taoism4504 approved these changes Jan 5, 2022
View reviewed changes
Copy link
Copy Markdown
Contributor

@taoism4504 taoism4504 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@taoism4504 taoism4504 merged commit 7353573 into main Jan 5, 2022
This was referenced Jan 5, 2022
Merged
Merged
Closed
Merged
@mladlow
Copy link
Copy Markdown
Contributor

mladlow commented Jan 5, 2022
edited
Loading

Just FYI you do not need the backport/website AND backport/1.latest.x labels - backport/website also backports to 1.latest.x

@mickael-hc mickael-hc deleted the docs/update-security-model-audit branch January 5, 2022 18:46
heppu pushed a commit to heppu/vault that referenced this pull request Jan 13, 2022
@mickael-hc @heppu
docs: update GitHub auth method docs and security model (hashicorp#13572
83f072c 
)

Provide changes based on recent audit feedback: describe risks of third party authentication systems and plugins.
pbromb pushed a commit to pbromb/vault that referenced this pull request Apr 13, 2026
@hc-github-team-secure-vault-core @ryancragun
Backport [VAULT-43618] sdk: migrate from github.com/docker/docker to …
4bef290 
…github.com/moby/moby into release/1.21.x+ent (hashicorp#13572) (hashicorp#13629)

* [VAULT-43618] sdk: migrate from github.com/docker/docker to github.com/moby/moby (hashicorp#13549) (hashicorp#13573)
Resolve GHSA-x744-4wpc-v9h2 and GHSA-pxq6-2prw-chj9 in `vault` by replacing
`github.com/docker/docker` with `github.com/moby/moby/client` @ `v0.3.0` and
`github.com/moby/moby/api` @ `v1.54.0`. This is necessary as `docker/docker`
 is no longer maintained and the fixes are not available in it.

Resolve GO-2026-4518, GHSA-x6gf-mpr2-68h6 and GHSA-jqcq-xjh3-6g23 by
upgrading to github.com/jackc/pgx/v5. This is necessary as v4 is not
longer maitained.

Signed-off-by: Ryan Cragun <me@ryan.ec>
Co-authored-by: Ryan Cragun <me@ryan.ec>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@taoism4504 taoism4504 taoism4504 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

pr/no-changelog

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mickael-hc @mladlow @taoism4504