chore(deps): update hashicorp/consul docker tag to v2#148
Open
renovate[bot] wants to merge 1 commit into
Open
Conversation
a764761 to
b87dc84
Compare
b87dc84 to
e20f620
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
1.11.2→2.0.2Release Notes
hashicorp/consul (hashicorp/consul)
v2.0.2Compare Source
2.0.2 (July 8, 2026)
SECURITY:
FEATURES:
IMPROVEMENTS:
armon/go-metricstohashicorp/go-metricsand update Go dependencies across all modules [GH-23635]BUG FIXES:
v2.0.1Compare Source
2.0.1 (June 18, 2026)
SECURITY:
IMPROVEMENTS:
BUG FIXES:
x-forwarded-client-certheader from inbound HTTP requests before forwarding them to local service instances. [GH-23544]Raft leader not found in server lookup mapping(HTTP 500) errors on follower RPCs until the next member event resynced the mapping. [GH-23533]v2.0.0Compare Source
2.0.0 (May 22, 2026)
SECURITY:
read_timeoutandwrite_timeoutare now set to 15 minutes (up from 30 seconds), whileread_header_timeout(10s) andidle_timeout(120s) still provide protection against Slowloris attacks. All timeouts remain configurable via thehttp_configblock. [GH-23267]ubi9-minimal:9.7. [GH-23553]curlto >= 8.20.0 from Alpine edge in the container image to addressCVE-2026-6429,
CVE-2026-4873,
CVE-2026-5773,
CVE-2026-6253,
CVE-2026-6276,
CVE-2026-7168,
CVE-2026-5545.
Alpine 3.23 stable does not yet carry the patched version. [GH-23750]
FEATURES:
IMPROVEMENTS:
github.com/hashicorp/vault/sdkfrom v0.7.0 to v0.25.1 andgithub.qkg1.top/hashicorp/vault/apifrom v1.12.2 to v1.16.0. [GH-23574]Consecutive5xx,ConsecutiveGatewayFailure, andEnforcingConsecutiveGatewayFailurefields toPassiveHealthCheck, allowing operators to configure Envoy outlier detection thresholds for 5xx responses and gateway failures (502/503/504) on upstreams defaults.BUG FIXES:
consul config writecommand to provide actionable guidance when config entries cannot be modified due to references by gateways or routers. [GH-22921]v1.22.7Compare Source
SECURITY:
IMPROVEMENTS:
BUG FIXES:
replacePrefixMatchis not configured [GH-23390]v1.22.6Compare Source
SECURITY:
IMPROVEMENTS:
v1.22.5Compare Source
SECURITY:
alpine3.23[GH-23194]IMPROVEMENTS:
--aws-iam-endpointflag toconsul logincommand for AWS IAM auth method to support custom IAM endpoint configuration [GH-23109]v1.22.3Compare Source
SECURITY:
alpine3.23.2[GH-23138]IMPROVEMENTS:
consul services imported-servicesand new api(/v1/exported-services) command to list services imported by partitions within a local datacenter [GH-12045]v1.22.2Compare Source
1.22.2 (December 15, 2025)
SECURITY:
IMPROVEMENTS:
BUG FIXES:
consul config writecommand to provide actionable guidance when config entries cannot be modified due to references by gateways or routers. [GH-22921]v1.22.1Compare Source
SECURITY:
golang.org/x/cryptofrom v0.42.0 to v0.44.0. This resolves GO-2025-4116IMPROVEMENTS:
reopen()calls with direct property assignment and subclassing to resolve Ember component reopen deprecation warnings [GH-22971]BUG FIXES:
v1.22.0Compare Source
SECURITY:
FEATURES:
IMPROVEMENTS:
consul operator utilization [-today-only] [-message] [-y]to generate a bundle with census utilization snapshot. Main flow is implemented in consul-enterprisehttp: Added a new API Handler for
/v1/operator/utilization. Core functionality to be implemented in consul-enterpriseagent: Always enabled census metrics collection with configurable option to export it to Hashicorp Reporting [GH-22843]
snapshot agentnow supports authenticating to Azure Blob Storage using Azure Managed Service Identities (MSI). [GH-11171]BUG FIXES:
consul operator utilization --helpto show only available options without extra parameters. [GH-22912]v1.21.5Compare Source
SECURITY:
mitchellh/mapstructuretogo-viper/mapstructureto v2 to address CVE-2025-52893. [GH-22581]FEATURES:
max_request_headers_kbto configure maximum header size for requests from downstream to upstream [GH-22604]max_request_headers_kbto configure maximum header size for requests from downstream to upstream in API Gateway config and proxy-defaults [GH-22679]max_request_headers_kbto configure maximum header size for requests from downstream to upstream in Mesh Gateway via service-defaults and proxy-defaults [GH-22722]max_request_headers_kbto configure maximum header size for requests from downstream to upstream in Terminating Gateway service-defaults and proxy-defaults [GH-22680]IMPROVEMENTS:
BUG FIXES:
v1.21.4Compare Source
SECURITY:
IMPROVEMENTS:
BUG FIXES:
v1.21.3Compare Source
IMPROVEMENTS:
BUG FIXES:
v1.21.2Compare Source
SECURITY:
CVE-2025-4802
CVE-2024-40896
CVE-2024-12243
CVE-2025-24528
CVE-2025-3277
CVE-2024-12133
CVE-2024-57970
CVE-2025-31115 [GH-22409]
IMPROVEMENTS:
datacenterresulting in non-generation of X.509 certificates when using external CA for agent TLS communication. [GH-22382]BUG FIXES:
v1.21.1Compare Source
FEATURES:
IMPROVEMENTS:
v1.21.0Compare Source
v1.20.6Compare Source
1.20.6 (April 25, 2025)
SECURITY:
golang.org/x/netto v0.38.0 to address GHSA-vvgc-356p-c3xw and GO-2025-3595.Update
github.com/golang-jwt/jwt/v4to v4.5.2 to address GO-2025-3553 and GHSA-mh63-6h87-95cp.Update
Goto v1.23.8 to address GO-2025-3563. [GH-22268]IMPROVEMENTS:
BUG FIXES:
v1.20.5Compare Source
1.20.5 (March 11, 2025)
SECURITY:
golang.org/x/cryptoto v0.35.0 to address GO-2025-3487.Update
golang.org/x/oauth2to v0.27.0 to address GO-2025-3488.Update
github.com/go-jose/go-jose/v3to v3.0.4 to address GO-2025-3485. [GH-22207]BUG FIXES:
v1.20.4Compare Source
1.20.4 (February 20, 2025)
IMPROVEMENTS:
BUG FIXES:
v1.20.3Compare Source
SECURITY:
CVE-2024-45341 and
CVE-2024-45336 [GH-22084]
CVE-2025-22866 [GH-22132]
IMPROVEMENTS:
BUG FIXES:
v1.20.2Compare Source
SECURITY:
github.com/golang-jwt/jwt/v4to v4.5.1 to address GHSA-29wx-vh33-7x7r. [GH-21951]golang.org/x/cryptoto v0.31.0 to address GO-2024-3321. [GH-22001]golang.org/x/netto v0.33.0 to address GO-2024-3333. [GH-22021]registry.access.redhat.com/ubi9-minimalimage to 9.5 to address CVE-2024-3596,CVE-2024-2511,CVE-2024-26458. [GH-22011]FEATURES:
BUG FIXES:
v1.20.1Compare Source
BREAKING CHANGES:
HttpConnectionManager.normalize_pathby default on inbound traffic to mesh proxies. This resolves CVE-2024-10005. [GH-21816]SECURITY:
containsandignoreCaseto L7 Intentions HTTP header matching criteria to support configuration resilient to variable casing and multiple values. This resolves CVE-2024-10006. [GH-21816]http.incoming.requestNormalizationto Mesh configuration entry to support inbound service traffic request normalization. This resolves CVE-2024-10005 and CVE-2024-10006. [GH-21816]IMPROVEMENTS:
v1.20.0Compare Source
SECURITY:
CVE-2024-34155 [GH-21705]
v1.55.5 or higher. This resolves CVEsCVE-2020-8911 and
CVE-2020-8912. [GH-21684]
FEATURES:
IMPROVEMENTS:
BUG FIXES:
v1.19.2Compare Source
SECURITY:
IMPROVEMENTS:
BUG FIXES:
v1.19.1Compare Source
SECURITY:
IMPROVEMENTS:
BUG FIXES:
This affected Nomad integrations with Consul. [GH-21361]
tag.name.service.consul, were being disregarded. [GH-21361]that was always being logged on each prepared query evaluation. [GH-21381]
v1.19.0Compare Source
BREAKING CHANGES:
consulelement in the metric name have been removed. Please use the same metric without the secondconsulinstead. As an example instead ofconsul.consul.state.config_entriesuseconsul.state.config_entries[GH-20674]SECURITY:
1.27.5 and 1.28.3. This resolves CVECVE-2024-32475 (
auto_sni). [GH-21017]v0.18.7 or higher. This resolves CVECVE-2020-8559. [GH-21017]
FEATURES:
Use
v1dnsin theexperimentsagent config to disable.The legacy server will be removed in a future release of Consul.
See the Consul 1.19.x Release Notes for removed DNS features. [GH-20715]
IMPROVEMENTS:
github.com/envoyproxy/go-control-planeto 0.12.0. [GH-20973]consul-dataplanenow accepts partition, namespace, token as metadata to default those query parameters.consul-dataplanev1.5+ will send this information automatically. [GH-20899]consul snapshot decodeCLI command to output a JSON object stream of all the snapshots data. [GH-20824]telemetry.disable_per_tenancy_usage_metricsin agent configuration to disable setting tenancy labels on usage metrics. This significantly decreases CPU utilization in clusters with many admin partitions or namespaces.DEPRECATIONS:
local_storage,aws_storage,azure_blob_storage, andgoogle_storagein snapshot agent configuration files are now deprecated. Use thebackup_destinationsconfig object instead.BUG FIXES:
v1.18.2Compare Source
Enterprise LTS: Consul Enterprise 1.18 is a Long-Term Support (LTS) release.
SECURITY:
alpine3.23[GH-23194]IMPROVEMENTS:
--aws-iam-endpointflag toconsul logincommand for AWS IAM auth method to support custom IAM endpoint configuration [GH-23109Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.