In doing some testing I found that the listener clusteraddr isn't really used, or at least isn't as important as the top-level clusteraddr setting.  As such, go-sockaddr templating needs to be implemented for the top-level `cluster_addr` setting or it's unusable for HA.

Also fix a nil pointer panic I discovered at the same time.

Add validation for nonce size when we aren't in convergent encryption mode within transit backend (#13690)

* Add validation for nonce size when we aren't in convergent encryption mode within transit backend

* Add changelog entry

* makes more mock data

* sort month by clients

* fix mock data

* fix typo

* adds serializer for payload to format data for charts

* remove console logs

* change key from month_year to timestamp

* add comments/todos

* change dates to UTC iso timestamp

* revert serializer changes - moving to a new PR

* fire off network for query with Start time from license and return endDate and display

* startDate

* comment change

* saving wip

* change from startDate to startTime

* comment cleanup

* Address comments

* fixing small comments

* Distinguish LIST-only paths in OpenAPI

* add changelog

* Put enum field inside schema

The payload json example is invalid syntax.

The auth/token/revoke will not error out if the token does not exists, it
always tries to revoke the token and return success to the client whether
or not the token exists. This makes the behavior of
auth/token/revoke-accessor coherent with this and remove the need to
check whether the token still exists.

* auth/kubernetes: support for short-lived tokens

* Uplift new version of Kubernetes auth plugin that does not store the
  service account token persistently to Vault storage.

* Update the documentation to recommend local token again when running
  Vault inside cluster.
Signed-off-by: Tero Saarni <tero.saarni@est.tech>

* Added changelog entry
Signed-off-by: Tero Saarni <tero.saarni@est.tech>

* clarification to changelog entry, executed go mod tidy

* clarifications and added targeted release version

* code scanning alerts changes

* adding changelog

* update pollCluster helper

* bypasses problematic assertion for now

* docs: update oracle tls examples

* Add warnings

* Add notes

* Add missing note

* updating custom response for partial month count

* Update website/content/api-docs/system/internal-counters.mdx
Co-authored-by: Pratyoy Mukhopadhyay <35388175+pmmukh@users.noreply.github.com>

* removing new line
Co-authored-by: Pratyoy Mukhopadhyay <35388175+pmmukh@users.noreply.github.com>

* distinguish between single month and range attribution views, add export csv modal and action

* adds activity handler for mirage testing with client count work against new API

* adds class for grey subtitle in modal

* akes data detail titles dynamic

* fix passing of glyph type

* clarify mirage responses

* cleanup todos

* create SingleMonth template

* updates stattext styling

* add flex helper and fix header margin

* rename variable in formatNumber helper

* update templates with size-specific margins

* clarify class name

* fix jsdoc param type

* include nomad vault question

* added link

* go get vault-plugin-secrets-kv@vault-4290-patch-metadata

* add kv metadata patch command

* add changelog entry

* success tests for kv metadata patch flags

* add more kv metadata patch flags tests

* add kv metadata patch cas warning test

* add kv-v2 key metadata patch API docs

* add kv metadata patch to docs

* prevent unintentional field overwriting in kv metadata put cmd

* like create/update ops, prevent patch to paths ending in /

* fix kv metadata patch cmd in docs

* fix flag defaults for kv metadata put

* go get vault-plugin-secrets-kv@vault-4290-patch-metadata

* fix TestKvMetadataPatchCommand_Flags test

* doc fixes

* go get vault-plugin-secrets-kv@master; go mod tidy

* use GetOkErr in patch handler so unknown fields result in error response

* do not error on unknown fields for patch handling

* godoc update for HandlePatchOperation

* adds development workflow to mirage config

* adds example mirage dev handler

* adds changelog

* removes changelog entry

* adds base mirage handlers

* cherry pick my changes over

* clean up

* styling fix

* clean up

* address pr comments

* rename

* update comment

If we get a 405 doing an HTTP PATCH, assume the server is pre-1.9 and fall back to old readThenWrite approach (#13615)

* Remove unnecessary branch filters; we rely instead on exiting the jobs on inappropriate branches, since otherwise GH's required checks won't be satisfied.

* Use MAP_POPULATE for our bbolt mmaps, assuming the files fit in memory.  This should improve startup times when freelist sync is disabled.

* fixes basekey param

* adds changelog

secrets/database: Add parameter to disable escaping username and password chars for DB connections (#13414)

* Add a parameter that disables escaping characters in the username or password fields for secrets engines database connections

* Always disallow template variables inside the username or password