RepoJournal
HashiCorp

@hashicorp

Terraform, Vault, Consul — infra-as-code for ops teams

Pick a date

  1. Sun 3 may
  2. Tue 5 may
  3. Wed 6 may
  4. Thu 7 may
  5. Fri 8 may
  6. Sat 9 may
  7. Sun 10 may
  8. Mon 11 may
  9. Tue 12 may
  10. Wed 13 may
  11. Thu 14 may
  12. Fri 15 may
  13. Sat 16 may
  14. Sun 17 may
  15. Tue 19 may
  16. Wed 20 may
  17. Thu 21 may
  18. Sat 23 may
  19. Sun 24 may
  20. Mon 25 may
  21. Tue 26 may
  22. Wed 27 may
  23. Thu 28 may
  24. Fri 29 may
  25. Sat 30 may
  26. Sun 31 may
  27. Mon 1 jun
  28. Mon 8 jun
  29. Tue 9 jun
  30. Today 10 jun

The Wire · Showcase

HASHICORP COMPLIANCE SWEEP ACROSS ALL REPOS — COPYRIGHT HEADERS STANDARDIZED

By RepoJournal · Filed · About HashiCorp

Every major HashiCorp provider repository is undergoing a coordinated compliance audit to align with IBM licensing standards, and the headers are rolling in now.

The terraform-provider-tfe [1], terraform-provider-boundary [3], and boundary-plugin-gcp [7] are all receiving auto-generated copyright header updates as part of a systematic internal review. This isn't a functional change — it's hygiene work, but it signals a broader licensing alignment initiative across the product portfolio. In parallel, the TFE provider is shipping a real fix: the tfe_team_access resource now correctly transitions from admin access to custom permission blocks [2], resolving a state management bug that would have forced manual interventions. The Boundary provider also picked up a critical security bump to go-ntlmssp, patching CVE-2026-32952 [4] that could cause slice overflows on malicious NTLM challenges. The Vault CSI provider is moving faster on dependencies — gRPC upgraded to 1.81.0 [5] along with Kubernetes apimachinery and client-go updates, while the base image gets refreshed [6]. Watch for the compliance PRs to merge quickly; they're low-risk but broad.

Action items

References

  1. [1] [COMPLIANCE] Add/Update Copyright Headers ↗ hashicorp/terraform-provider-tfe
  2. [2] Update Access from Admin to Custom ↗ hashicorp/terraform-provider-tfe
  3. [3] [COMPLIANCE] Add/Update Copyright Headers ↗ hashicorp/terraform-provider-boundary
  4. [4] build(deps): bump github.com/Azure/go-ntlmssp from 0.0.0-20221128193559-754e69321358 to 0.1.1 in the go-security group across 1 directory ↗ hashicorp/terraform-provider-boundary
  5. [5] Bump the gomod-backward-compatible group across 1 directory with 5 updates ↗ hashicorp/vault-csi-provider
  6. [6] Bump ubi10/ubi-minimal from 10.1-1778058333 to 10.1-1778461919 ↗ hashicorp/vault-csi-provider
  7. [7] [COMPLIANCE] Add/Update Copyright Headers ↗ hashicorp/boundary-plugin-gcp

FAQ

What changed in HashiCorp on May 12, 2026?
Every major HashiCorp provider repository is undergoing a coordinated compliance audit to align with IBM licensing standards, and the headers are rolling in now.
What should HashiCorp teams do about it?
Merge compliance header PRs across TFE, Boundary, and GCP plugin — low risk, high velocity • Test and merge the tfe_team_access fix before your next TFE provider release • Validate Vault CSI provider dependency upgrades in your Kubernetes test environments
Which HashiCorp repositories shipped on May 12, 2026?
hashicorp/terraform-provider-tfe, hashicorp/terraform-provider-boundary, hashicorp/vault-csi-provider, hashicorp/boundary-plugin-gcp

Related across the cluster

For your repos

The showcase is a teaser.
Your wire is the product.

Same engine. Different stack. Below: what changes when the wire is yours.

Showcase wire

  • 14 famous open source orgs
  • One wire per day
  • Public, generic
  • Read on the web, when you remember

Your wire

  • Up to 1,500 of your repos - orgs, deps, vendors
  • Morning and evening briefs
  • Action items routed to your team
  • Slack delivery, email, breaking-news CVE alerts

Want a hands-on demo first? Ask a current user for an invite link.