* Consistency: GPG keys are PGP keys

* Consistency: GPG keys are PGP keys

* Consistency: GPG keys are PGP keys

* Consistency: GPG keys are PGP keys

* Consistency: GPG keys are PGP keys

* Consistency: s/GPG/PGP keys, use GPG's proper name

* Use GPG's proper name GnuPG

* Use GPG's proper name GnuPG

* Consistency: GPG keys are PGP keys

* Fix typo

* Add note that monitor command may truncate logs

* Apply suggestions from code review
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

- Add a 'Connect Timeout' query parameter to the test helper to set
   a timeout value of 30 seconds in an attempt to address the following
   failure we see at times in TestDeleteUser and TestUpdateUser

   mssql_test.go:253: Failed to initialize: error verifying connection: TLS Handshake failed: cannot read handshake packet: EOF

* secrets/azure: add doc for rotate-root and AAD migration

* Formatting

* Fix bad link, update warnings

* small bar chart attr fix

* truncates and adds ellipsis of label is long

* adds tooltip for long labels

* updates storybook

* adds changelog

* only calculate overflow if query selectors grab elements

* moves tooltip pointer to left

* adds pagination to auth methods list

* adds changelog

error seen on host /var/log/auth.log:
  userauth_pubkey: certificate signature algorithm ssh-rsa: signature algorithm not supported [preauth]

* add docs for OIDC provider and scopes

* fix json formatting

* add oidc docs path to nav data

* create provider with scope

* update client ids description

* update provider and scope docs

* add issuer string additional docs info

* OIDC: docs for oidc flow endpoints

* fix formatting and wording

* improve headings, formatting; fix wording
Co-authored-by: Vinay Gopalan <vinay@hashicorp.com>

* certutil: select appropriate hash algorithm for ECDSA signature

Select the appropriate signature algorithm for certificates signed
with an ECDSA private key.

The algorithm is selected based on the curve:

- P-256 -> x509.ECDSAWithSHA256
- P-384 -> x509.ECDSAWithSHA384
- P-521 -> x509.ECDSAWithSHA512
- Other -> x509.ECDSAWithSHA256

fixes #11006

* fixes issue with pgp list file input count not matching key shares number

* adds changelog entry

* Add changelog for https://github.com/hashicorp/vault-plugin-database-couchbase/pull/24

* update changelog name

* remove debug line

* secrets/azure: add changelog for rotate-root

* Rename changelog file

* Use PR number as filename

* Update README to remove IRC reference

The README references IRC (Freenode) as a means of communication regarding the Vault project, but it seems that:

1. Freenode has had its share of issues (https://en.wikipedia.org/wiki/Freenode#Ownership_change_and_conflict)
2. You now need a Freenode account to access their IRC server
3. The channel hasn't been very active (and to the best of my knowledge hasn't been migrated to Libera where a lot of Freenode based projects moved to)

I'd recommend just removing the reference for now, and if things change or another means of collaboration surfaces - adding that later.

* Added changelog file 13031.txt

* Moved required changelog file to the correct folder

* Removed changelog entry based on PR feedback

* 1.10.0-dev version bump

* Remove hard-coded versions from tests. (#13026)
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

* fix release note format

* deprecation -> change

* adding documentation changes

* adding requested changes

* adding suggested changes

* Revert "[VAULT-4034] Only cache non-nil values (#12993)"

This reverts commit 67e1ed06

.

* Update sdk/physical/cache.go
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

Added a note that agent cache requires at least one listener or template
to be defined in the config, and a couple spelling corrections.
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

VAULT-444: Add PKI tidy-status endpoint.

Add metrics so that the PKI tidy status can be monitored using telemetry as well.
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

* Add docs update for counter forwarding to oss

* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: swayne275 <swayne275@gmail.com>

* Revert "Update website/content/api-docs/system/internal-counters.mdx"

This reverts commit 4c433726427c74e1ceef2378413cfe1eced92e9d.

* Revert "Revert "Update website/content/api-docs/system/internal-counters.mdx""

This reverts commit 0d89d734ad56a0943ad138fabbc7ce03f488176c.
Co-authored-by: swayne275 <swayne275@gmail.com>

* Add note to TLS cipher suite configuration

Ordering is no longer respected and the tls_max_version flag must be
used for this list to be relevant (as TLSv1.3 will ignore the cipher
suite list entirely).

See blog post linked in the docs for more information.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Note that server cipher suite flag is ignored
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add upgrade note about TLS cipher suites
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* deps: update plugin versions for 1.9 release

* deps: update vault-plugin-secrets-azure to v0.11.1

* go get newest version of github.com/pkg/browser

* deps: update vault-plugin-secrets-alicloud v0.10.2

* deps: update vault-plugin-auth-jwt to v0.11.2

* deps: update vault-plugin-auth-gcp to v0.11.2

* Clean up some inflated indirect dep versions

* deps: update vault-plugin-auth-azure to v0.9.2

* deps: re-fetch x/oauth2 to adjust version

* deps: github.com/pkg/browser to v0.0.0-20210911075715-681adbf594b8
Co-authored-by: Ben Ash <bash@hashicorp.com>
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>

* Only cache non-nil values

* Add changelog

* Document allow_different_signature_algorithm param

* Flip the semantics of different key types for sign self issued

* More language tweaks

* Fix the field definition description

* Rework differenttype test for the new flag

* typo