Bump github.com/hashicorp/cap from 0.10.0 to 0.13.0 by dependabot[bot] · Pull Request #23583 · hashicorp/consul

dependabot · 2026-05-20T20:55:24Z

Bumps github.com/hashicorp/cap from 0.10.0 to 0.13.0.

Release notes

Sourced from github.com/hashicorp/cap's releases.

v0.13.0

What's Changed

chore: update CHANGELOG for 0.12.0 by @johanbrandhorst in hashicorp/cap#175

[IND-4227] [COMPLIANCE] Update Copyright Headers (Batch 1 of 1) by @oss-core-libraries-dashboard[bot] in hashicorp/cap#174

fix unbounded split by @Ayomi-gh in hashicorp/cap#177

[VAULT-43467] saml: resolve CVE-2026-33487, GHSA-hwqm-qvj9-4jr2, and GHSA-pcgw-qcv5-h8ch by @ryancragun in hashicorp/cap#180

chore: update go-jose to address CVE-2026-34986 by @irenarindos in hashicorp/cap#185

JWT: add optional KeySetSearcher callback to Validator by @suraj-simha in hashicorp/cap#187

chore: update CHANGELOG for 0.13.0 by @jimlambrt in hashicorp/cap#189

New Contributors

@oss-core-libraries-dashboard[bot] made their first contribution in hashicorp/cap#174

@Ayomi-gh made their first contribution in hashicorp/cap#177

@ryancragun made their first contribution in hashicorp/cap#180

@irenarindos made their first contribution in hashicorp/cap#185

@suraj-simha made their first contribution in hashicorp/cap#187

Full Changelog: hashicorp/cap@v0.12.0...v0.13.0

v0.12.0

What's Changed

Bump golang.org/x/crypto from 0.36.0 to 0.45.0 in /ldap/examples/cli by @dependabot[bot] in hashicorp/cap#170

Bump golang.org/x/crypto from 0.36.0 to 0.45.0 by @dependabot[bot] in hashicorp/cap#171

fix: fprintf usage in ldap CLI example by @jimlambrt in hashicorp/cap#173

Expose OIDC provider server metadata in Provider by @allisonlarson in hashicorp/cap#172

Full Changelog: hashicorp/cap@v0.11.0...v0.12.0

v0.11.0

What's Changed

fix (ldap): fix slice append to be concurrent safe by @jimlambrt in hashicorp/cap#167

chore: update changelog for v0.11.0 by @jimlambrt in hashicorp/cap#168

Full Changelog: hashicorp/cap@v0.10.0...v0.11.0

Changelog

Sourced from github.com/hashicorp/cap's changelog.

0.13.0

feat (jwt): add optional callback to dynamically fetch key sets in validator ([PR #187](hashicorp/cap#187))

fix (saml): always validate response and assertion signatures when signatures are present ([PR #180](hashicorp/cap#180))

0.12.0

feat (oidc): add Claims for exposing provider server metadata ([PR #172](hashicorp/cap#172))

0.11.0

fix (ldap): fix slice append to be concurrent safe when searching for ldap groups ( [PR #167](hashicorp/cap#167))

Commits

2bc0bff chore: update CHANGELOG for 0.13.0 (#189)
9d4dd6d JWT: add optional KeySetSearcher callback to Validator (#187)
dfeea34 chore: update go-jose to address CVE-2026-34986 (#185)
2026dd0 [VAULT-43467] saml: resolve CVE-2026-33487, GHSA-hwqm-qvj9-4jr2, and GHSA-pcg...
666713f fix unbounded split (#177)
b78ca40 [COMPLIANCE] Update Copyright and License Headers (Batch 1 of 1) (#174)
b72d477 chore: update CHANGELOG for 0.12.0 (#175)
1cba322 Expose OIDC provider server metadata in Provider (#172)
6bfe318 fix: fix fprintf usage in ldap CLI example (#173)
b9af6c2 Bump golang.org/x/crypto from 0.36.0 to 0.45.0 (#171)
Additional commits viewable in compare view

Bumps [github.com/hashicorp/cap](https://github.com/hashicorp/cap) from 0.10.0 to 0.13.0. - [Release notes](https://github.com/hashicorp/cap/releases) - [Changelog](https://github.com/hashicorp/cap/blob/main/CHANGELOG.md) - [Commits](hashicorp/cap@v0.10.0...v0.13.0) --- updated-dependencies: - dependency-name: github.com/hashicorp/cap dependency-version: 0.13.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code pr/no-changelog PR does not need a corresponding .changelog entry labels May 20, 2026

dependabot Bot requested review from a team as code owners May 20, 2026 20:55

dependabot Bot added pr/no-changelog PR does not need a corresponding .changelog entry dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 20, 2026

vercel Bot had a problem deploying to Preview – consul May 20, 2026 20:55 Failure

github-actions Bot added the pr/dependencies PR specifically updates dependencies of project label May 20, 2026

dependabot Bot force-pushed the dependabot/go_modules/github.com/hashicorp/cap-0.13.0 branch from 3feb9b2 to 2442e8c Compare May 21, 2026 16:06

vercel Bot had a problem deploying to Preview – consul May 21, 2026 16:06 Failure

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump github.com/hashicorp/cap from 0.10.0 to 0.13.0#23583

Bump github.com/hashicorp/cap from 0.10.0 to 0.13.0#23583
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/github.com/hashicorp/cap-0.13.0

dependabot Bot commented on behalf of github May 20, 2026 •

edited by atlassian Bot

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 20, 2026 • edited by atlassian Bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v0.13.0

What's Changed

New Contributors

v0.12.0

What's Changed

v0.11.0

What's Changed

0.13.0

0.12.0

0.11.0

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github May 20, 2026 •

edited by atlassian Bot

Loading