Bump github.com/hashicorp/vault/sdk from 0.5.0 to 0.5.1

[dependabot]

Bumps github.com/hashicorp/vault/sdk from 0.5.0 to 0.5.1.

Changelog

Sourced from github.com/hashicorp/vault/sdk's changelog.

0.5.1 (February 25th, 2016)

DEPRECATIONS/CHANGES:

• RSA keys less than 2048 bits are no longer supported in the PKI backend. 1024-bit keys are considered unsafe and are disallowed in the Internet PKI. The pki backend has enforced SHA256 hashes in signatures from the beginning, and software that can handle these hashes should be able to handle larger key sizes. GH-1095
• The PKI backend now does not automatically delete expired certificates, including from the CRL. Doing so could lead to a situation where a time mismatch between the Vault server and clients could result in a certificate that would not be considered expired by a client being removed from the CRL. The new pki/tidy endpoint can be used to trigger expirations. GH-1129
• The cert backend now performs a variant of channel binding at renewal time for increased security. In order to not overly burden clients, a notion of identity is used. This functionality can be disabled. See the 0.5.1 upgrade guide for more specific information GH-1127

FEATURES:

• Codebase Audit: Vault's 0.5 codebase was audited by iSEC. (The terms of the audit contract do not allow us to make the results public.) GH-220

IMPROVEMENTS:

• api: The VAULT_TLS_SERVER_NAME environment variable can be used to control the SNI header during TLS connections GH-1131
• api/health: Add the server's time in UTC to health responses GH-1117
• command/rekey and command/generate-root: These now return the status at attempt initialization time, rather than requiring a separate fetch for the nonce GH-1054
• credential/cert: Don't require root/sudo tokens for the certs/ and crls/ paths; use normal ACL behavior instead GH-468
• credential/github: The validity of the token used for login will be checked at renewal time GH-1047
• credential/github: The config endpoint no longer requires a root token; normal ACL path matching applies
• deps: Use the standardized Go 1.6 vendoring system
• secret/aws: Inform users of AWS-imposed policy restrictions around STS tokens if they attempt to use an invalid policy GH-1113
• secret/mysql: The MySQL backend now allows disabling verification of the connection_url GH-1096
• secret/pki: Submitted CSRs are now verified to have the correct key type and minimum number of bits according to the role. The exception is intermediate CA signing and the sign-verbatim path GH-1104
• secret/pki: New tidy endpoint to allow expunging expired certificates. GH-1129
• secret/postgresql: The PostgreSQL backend now allows disabling verification of the connection_url GH-1096

... (truncated)

Commits

• 0ce2ba3 Cut version 0.5.1
• 0a4bcf8 changelog++
• b280daa changelog++
• adb98d7 Update documentation around VAULT_TLS_SERVER_NAME
• 8970f3a Merge pull request #1131 from rmt/master
• 2f79bb1 Bump TF variables
• b906f22 Add VAULT_TLS_SERVER_NAME environment variable
• c77e00d TF_DEV->VAULT_DEV_BUILD
• 7a03684 changelog++
• cc0f559 Bump website version number
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov-commenter]

Codecov Report

Merging #1988 (a992d57) into main (68e8d93) will decrease coverage by 0.01%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##             main    #1988      +/-   ##
==========================================
- Coverage   28.71%   28.69%   -0.02%     
==========================================
  Files         132      133       +1     
  Lines        8087     8092       +5     
==========================================
  Hits         2322     2322              
- Misses       5458     5463       +5     
  Partials      307      307              

Impacted Files	Coverage Δ
pkg/oci/remote/image.go	73.68% <0.00%> (ø)
cmd/cosign/cli/download.go	0.00% <0.00%> (ø)
cmd/cosign/cli/options/download.go	0.00% <0.00%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 68e8d93...a992d57. Read the comment docs.