releases.shpreview
HashiCorp

HashiCorp

hashicorp.comInfrastructure
$npx @buildinternet/releases get hashicorp

Import blocks work inside modules; Linux s390x builds ship

preThis release7 featuresNew capabilities12 enhancementsImprovements to existing features9 fixesBug fixesAI-tallied from the release notes
Terraform · v1.16.0-alpha20260715

Terraform alpha adds import block support inside modules, Linux s390x builds, and a new store block in terraform_data for ephemeral and sensitive values. Also includes resource action triggers with on_failure modes, destroy=false in lifecycle, workspace list -json, and terraform state show -json.

Read more →

Alpine base image updated; intention enforcement hardened

This release2 featuresNew capabilities3 enhancementsImprovements to existing features1 fixBug fixesAI-tallied from the release notes
Consul · v2.0.2

Upgraded Alpine base image to 3.24 to address CVE-2026-41989 and ALPINE-CVE-2026-2100, and upgraded Serf and Memberlist to their latest versions. XDS now returns errors when injecting L4 intention (RBAC) filter or mTLS transport socket onto inbound public listeners without enforcement, preventing listeners from being served without intention enforcement or mTLS. Also added ExtAuthzFilter support to HTTPRoute Filters and gateway-wide ExtAuthz toggle for api-gateway (Enterprise only), and External Processor (ext_proc) Envoy Extension support for api-gateway and connect-proxy (Enterprise only).

Read more →

Dynamic host volumes namespace isolation fixed

Breaking (minor)This release6 featuresNew capabilities1 enhancementImprovements to existing features11 fixesBug fixesAI-tallied from the release notes
Nomad · v2.0.4

Fixed a security bug where users with host-volume-delete permission in one namespace could delete claims from another namespace. Also fixed scheduler issues with sticky host volumes, a client panic after allocation garbage collection, and UI rendering of jobs with matching ModifyIndex values.

Read more →

Resource action triggers support on_failure modes; nested blocks as computed values

preThis release6 featuresNew capabilities8 enhancementsImprovements to existing features7 fixesBug fixesAI-tallied from the release notes
Terraform · v1.16.0-alpha20260706

Resource action triggers can now use on_failure modes of halt, taint, or continue, and providers can now use nested blocks as computed values. New store block in terraform_data handles ephemeral and sensitive values, import blocks work inside modules, and workspace list command supports -json output for machine-readable results.

Read more →

Import blocks inside modules; nested computed provider blocks

preThis release9 featuresNew capabilities11 enhancementsImprovements to existing features12 fixesBug fixesAI-tallied from the release notes
Terraform · v1.16.0-alpha20260701

Import blocks now work inside modules, providers can use nested blocks as computed values, and terraform_data supports a store block for ephemeral and sensitive values. Also adds Linux s390x builds, workspace JSON output, resource action on_failure modes, and fixes a terraform apply panic involving deposed objects with lifecycle pre/postconditions.

Read more →

HCP now supports SCIM (System for Cross-domain Identity Management) provisioning for automated user and group lifecycle management. With SCIM enabled, you can automatically sync user and group changes from your identity provider to HCP, including:

Read more →

Import blocks inside modules; Linux s390x builds ship

BreakingpreThis release6 featuresNew capabilities8 enhancementsImprovements to existing features6 fixesBug fixesAI-tallied from the release notes
Terraform · v1.16.0-alpha20260626

Import blocks now work inside modules, Linux s390x builds are available, and terraform_data can store ephemeral and sensitive values. Fixes a panic on apply with lifecycle preconditions and depose objects, and fixes import blocks ignoring provider local names.

Read more →

Leader eviction on server rename fixed; x-forwarded-client-cert stripped

This release3 enhancementsImprovements to existing features2 fixesBug fixesAI-tallied from the release notes
Consul · v2.0.1

Fixed a bug where renaming or rejoining a server could evict the live leader from the internal server lookup, causing Raft leader errors on follower RPCs. Inbound HTTP requests now have the x-forwarded-client-cert header stripped before forwarding to local services. Also includes Go and Envoy security upgrades, OIDC/JWT claim mapping support for auth method token names, and product telemetry export cadence preservation across restarts.

Read more →

Trailing-slash LIST no longer bypasses ACL deny; AI Agent support in Beta

This release1 featureNew capabilities6 enhancementsImprovements to existing features7 fixesBug fixesAI-tallied from the release notes
Vault · v2.0.3

LIST requests with a trailing slash now correctly respect more-specific deny policies, fixing an ACL bypass where a request to LIST kv/private/ could skip a deny on kv/*. Also introduces beta support for AI agents in Enterprise, including an agent registry and OAuth resource server capabilities. Plus a constant-time recovery token comparison and several security fixes across RADIUS, SPIFFE, and transform.

Read more →

Import blocks now work inside modules; apply panic on deposed objects fixed

preThis release7 featuresNew capabilities6 enhancementsImprovements to existing features6 fixesBug fixesAI-tallied from the release notes
Terraform · v1.16.0-alpha20260617

Import blocks are now supported inside modules, and a terraform apply panic when a plan contained a no-op change for a deposed object with lifecycle preconditions is fixed. Also new: terraform_data store block handles ephemeral and sensitive values, resource action triggers support on_failure modes, actions can use before_destroy and after_destroy events, and Linux s390x builds are now available.

Read more →

Removed resources no longer appear in planned_values; console panic fixed

This release4 fixesBug fixesAI-tallied from the release notes
Terraform · v1.15.6

Fixed an issue where resources being removed from state via removed block were incorrectly listed under planned_values in JSON plan representations, and a panic in console when evaluating expressions with deprecated values. Also fixed exit codes for plan, query, and refresh commands on variable errors, and two module installation edge cases with null and sensitive/ephemeral module sources.

Read more →

Debug bundles no longer expose tokens; task restart bug fixed

This release2 enhancementsImprovements to existing features11 fixesBug fixesAI-tallied from the release notes
Nomad · ent-changelog-1.10.13

CLI debug bundles now redact token and certificate key flags and environment variables to prevent credential exposure. Fixed a bug where tasks could be killed mid-restart on template re-render, and restored support for multiple Vault namespaces in a single job.

Read more →