fix(deps): update module github.com/hashicorp/vault to v1.18.4

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
github.com/hashicorp/vault	v1.18.2 -> v1.18.4

---

Release Notes

hashicorp/vault (github.com/hashicorp/vault)

v1.18.4

Compare Source

v1.18.3

Compare Source

1.18.3

December 18, 2024

CHANGES:

• secrets/openldap: Update plugin to v0.14.4 [GH-29131]
• secrets/pki: Enforce the issuer constraint extensions (extended key usage, name constraints, issuer name) when issuing or signing leaf certificates. For more information see PKI considerations [GH-29045]

IMPROVEMENTS:

• auth/okta: update to okta sdk v5 from v2. Transitively updates go-jose dependency to >=3.0.3 to resolve GO-2024-2631. See https://github.com/okta/okta-sdk-golang/blob/master/MIGRATING.md for details on changes. [GH-28121]
• core: Added new enable_post_unseal_trace and post_unseal_trace_directory config options to generate Go traces during the post-unseal step for debug purposes. [GH-28895]
• sdk: Add Vault build date to system view plugin environment response [GH-29082]
• ui: Replace KVv2 json secret details view with Hds::CodeBlock component allowing users to search the full secret height. [GH-28808]

BUG FIXES:

• autosnapshots (enterprise): Fix an issue where snapshot size metrics were not reported for cloud-based storage.
• core/metrics: Fix unlocked mounts read for usage reporting. [GH-29091]
• core/seal (enterprise): Fix problem with nodes unable to join Raft clusters with Seal High Availability enabled. [GH-29117]
• core: fix bug in seal unwrapper that caused high storage latency in Vault CE. For every storage read request, the
  seal unwrapper was performing the read twice, and would also issue an unnecessary storage write. [GH-29050]
• secret/db: Update static role rotation to generate a new password after 2 failed attempts. [GH-28989]
• ui: Allow users to search the full json object within the json code-editor edit/create view. [GH-28808]
• ui: Decode connection_url to fix database connection updates (i.e. editing connection config, deleting roles) failing when urls include template variables. [GH-29114]
• vault/diagnose: Fix time to expiration reporting within the TLS verification to not be a month off. [GH-29128]

---

Configuration

📅 Schedule: Branch creation - "after 10am,before 9pm" in timezone Europe/Warsaw, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 27 additional dependencies were updated
• The go directive was updated for compatibility reasons

Details:

Package	Change
go	1.23 -> 1.23.5
cloud.google.com/go	v0.115.1 -> v0.116.0
cloud.google.com/go/auth	v0.9.3 -> v0.10.2
cloud.google.com/go/auth/oauth2adapt	v0.2.4 -> v0.2.5
cloud.google.com/go/compute/metadata	v0.5.0 -> v0.5.2
cloud.google.com/go/iam	v1.2.0 -> v1.2.2
cloud.google.com/go/kms	v1.19.0 -> v1.20.1
cloud.google.com/go/longrunning	v0.6.0 -> v0.6.2
cloud.google.com/go/monitoring	v1.21.0 -> v1.21.2
github.com/docker/docker	v26.1.5+incompatible -> v27.2.1+incompatible
github.com/go-sql-driver/mysql	v1.7.1 -> v1.8.1
github.com/googleapis/gax-go/v2	v2.13.0 -> v2.14.0
github.com/hashicorp/go-secure-stdlib/plugincontainer	v0.4.0 -> v0.4.1
github.com/jackc/pgservicefile	v0.0.0-20231201235250-de7065d80cb9 -> v0.0.0-20240606120523-5a60cdf6a761
github.com/jmespath/go-jmespath	v0.4.0 -> v0.4.1-0.20220621161143-b0104c826a24
github.com/klauspost/compress	v1.17.8 -> v1.17.9
github.com/petermattis/goid	v0.0.0-20180202154549-b0b1615b78e5 -> v0.0.0-20240813172612-4fcff4a6cae7
github.com/prometheus/client_golang	v1.19.1 -> v1.20.5
github.com/sasha-s/go-deadlock	v0.2.0 -> v0.3.5
go.etcd.io/bbolt	v1.3.10 -> v1.4.0-beta.0
golang.org/x/oauth2	v0.23.0 -> v0.24.0
golang.org/x/time	v0.6.0 -> v0.8.0
google.golang.org/api	v0.197.0 -> v0.207.0
google.golang.org/genproto	v0.0.0-20240903143218-8af14fe29dc1 -> v0.0.0-20241113202542-65e8d215514f
google.golang.org/genproto/googleapis/api	v0.0.0-20240903143218-8af14fe29dc1 -> v0.0.0-20241104194629-dd2ea8efbc28
google.golang.org/genproto/googleapis/rpc	v0.0.0-20240903143218-8af14fe29dc1 -> v0.0.0-20241113202542-65e8d215514f
google.golang.org/grpc	v1.66.1 -> v1.68.0
google.golang.org/protobuf	v1.34.2 -> v1.35.2

[camaeel]

Broken by: hashicorp/vault#29261

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud