Alexander Scheel
Alexander Scheel
This extends `SecurityBarrier` into a `TransactionalSecurityBarrier` variant, in which access to the underlying storage (but not the barrier keyring itself!) can be modified in a transaction-aware way. Note that modifying...
This converts `StorageView` to an interface, aligning with the `Storage` interface. The only consumer, as far as I can tell, is the `BarrierView`, which was easy enough to convert to...
Thread for organizing contributions to the OpenSSF Completion: https://www.bestpractices.dev/en/projects/9126 If anyone has suggestions, please comment here and I'll review and merge into the badge. :-) For some context: this is...
### Summary OpenBao inherits a problem from upstream Vault: because the mount table is stored as a single entry, it is constrained by the size of a storage entry, not...
Many entries were missing summary and descriptions because while they used the new format, they didn't add separate summary and descriptions for each operation separately from the path. This meant...
As reported by @sjones4 on https://github.com/hashicorp/vault/issues/28529 > **Is your feature request related to a problem? Please describe.** Vaults transit secret engine supports `ecdsa` key types but does not allow these...
This adds transaction support to the K/V secrets engine, enabling safe modifications to entries stored in the engine, even when operations are canceled partway through. Notably, this requires careful for...
@dolmen writes on [#26136](https://github.com/hashicorp/vault/issues/26136) > The [`github.com/hashicorp/go-rootcerts`](https://pkg.go.dev/github.com/hashicorp/go-rootcerts) module doesn't seem necessary anymore with recent Go versions: > > * The package was initially created to workaround a _Darwin-only_ [bug](https://github.com/golang/go/issues/14514) that...
Go 1.23.0 was released on August 13th. Notably, related to #496, it includes: > The experimental post-quantum key exchange mechanism X25519Kyber768Draft00 is now enabled by default when [Config.CurvePreferences](https://go.dev/pkg/crypto/tls#Config.CurvePreferences) is nil....
This adds support for transactions to the plugin GRPC layer, opportunistically upgrading the client storage implementation to a transactional aware one if the underlying storage implementation on the server supports...