Vals appends it's own version when none is explicitly provided

[mjhuber]

When using the vault token provider to fetch secrets, if no secret version is explicitly provided vals is requesting a version of the secret that is the version of vals that is running. When no version is provided I would expect that it would not pass any version info along.

❯ vals version
Version: 0.41.1
Git Commit: 72e8945219070c9d31566b57ac7f6e481642c14f

❯ cat test.yml
TOOLS_SLACK_TOKEN: ref+vault://secret/stage/internal-admin-tools/test-secret#/key

❯ vault kv get secret/stage/internal-admin-tools/test-secret
=================== Secret Path ===================
secret/data/stage/internal-admin-tools/test-secret

======= Metadata =======
Key                Value
---                -----
created_time       2025-05-22T13:05:51.380658703Z
custom_metadata    <nil>
deletion_time      n/a
destroyed          false
version            1

=== Data ===
Key    Value
---    -----
key    foo

❯ vals eval -f test.yml
vault: read: key="secret/data/stage/internal-admin-tools/test-secret"
expand vault://secret/stage/internal-admin-tools/test-secret#/key: Error making API request.

URL: GET https://vault.infra.rechargeapps.net/v1/secret/data/stage/internal-admin-tools/test-secret?version=0.41.1
Code: 400. Errors:

* Field validation failed: error converting input 0.41.1 for field "version": cannot parse '' as int: strconv.ParseInt: parsing "0.41.1": invalid syntax

however, if i change the file test.yml to explicitly reference a secret version, it works:

❯ cat test.yml
TOOLS_SLACK_TOKEN: ref+vault://secret/stage/internal-admin-tools/test-secret?version=1#/key

❯ vals eval -f test.yml
TOOLS_SLACK_TOKEN: foo