rebase: bump the github-dependencies group with 2 updates

Bumps the github-dependencies group with 2 updates: [github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://github.com/Azure/azure-sdk-for-go) and [github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets](https://github.com/Azure/azure-sdk-for-go). Updates `github.com/Azure/azure-sdk-for-go/sdk/azidentity` from 1.8.1 to 1.8.2 - [Release notes](https://github.com/Azure/azure-sdk-for-go/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/documentation/release.md) - [Commits](https://github.com/Azure/azure-sdk-for-go/compare/sdk/azidentity/v1.8.1...sdk/azidentity/v1.8.2) Updates `github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets` from 1.3.0 to 1.3.1 - [Release notes](https://github.com/Azure/azure-sdk-for-go/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/documentation/release.md) - [Commits](https://github.com/Azure/azure-sdk-for-go/compare/sdk/azcore/v1.3.0...sdk/azcore/v1.3.1) --- updated-dependencies: - dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azidentity dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-dependencies - dependency-name: github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
2025-02-22 18:19:29 +00:00 · 2025-02-17 20:46:57 +00:00 · 2025-02-17 20:46:57 +00:00 · 7d9414f5b2
commit 7d9414f5b2
parent 7595e20969
27 changed files with 278 additions and 295 deletions
--- a/go.mod
+++ b/go.mod
@ -48,8 +48,8 @@ require (
 )
 require (
-	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.1
+	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.2
-	github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.3.0
+	github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.3.1
 	github.com/csi-addons/kubernetes-csi-addons v0.11.0
 )
@ -57,8 +57,8 @@ require (
 	cel.dev/expr v0.19.0 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.0 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.1 // indirect
-	github.com/AzureAD/microsoft-authentication-library-for-go v1.3.2 // indirect
+	github.com/AzureAD/microsoft-authentication-library-for-go v1.3.3 // indirect
 	github.com/JeffAshton/win_pdh v0.0.0-20161109143554-76bb4ee9f0ab // indirect
 	github.com/Microsoft/go-winio v0.6.2 // indirect
 	github.com/NYTimes/gziphandler v1.1.1 // indirect
--- a/go.sum
+++ b/go.sum
@ -1325,16 +1325,16 @@ github.com/Azure/azure-sdk-for-go v62.0.0+incompatible h1:8N2k27SYtc12qj5nTsuFMF
 github.com/Azure/azure-sdk-for-go v62.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
 github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.0 h1:g0EZJwz7xkXQiZAI5xi9f3WWFYBlX1CPTrR+NDToRkQ=
 github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.0/go.mod h1:XCW7KnZet0Opnr7HccfUw1PLc4CjHqpcaxW8DHklNkQ=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.1 h1:1mvYtZfWQAnwNah/C+Z+Jb9rQH95LPE2vlmMuWAHJk8=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.2 h1:F0gBpfdPLGsw+nsgk6aqqkZS1jiixa5WwFe3fk/T3Ys=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.1/go.mod h1:75I/mXtme1JyWFtz8GocPHVFyH421IBoZErnO16dd0k=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.2/go.mod h1:SqINnQ9lVVdRlyC8cd1lCI0SdX4n2paeABd2K8ggfnE=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.1 h1:Bk5uOhSAenHyR5P61D/NzeQCv+4fEVV8mOkJ82NqpWw=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.2 h1:yz1bePFlP5Vws5+8ez6T3HWXPmwOK7Yvq8QxDBD3SKY=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.1/go.mod h1:QZ4pw3or1WPmRBxf0cHd1tknzrT54WPBOQoGutCPvSU=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.2/go.mod h1:Pa9ZNPuoNu/GztvBSKk9J1cDJW6vk/n0zLtV4mgd8N8=
 github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 h1:ywEEhmNahHBihViHepv3xPBn1663uRv2t2q/ESv9seY=
 github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0/go.mod h1:iZDifYGJTIgIIkYRNWPENUnqx6bJ2xnSDFI2tjwZNuY=
-github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.3.0 h1:WLUIpeyv04H0RCcQHaA4TNoyrQ39Ox7V+re+iaqzTe0=
+github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.3.1 h1:mrkDCdkMsD4l9wjFGhofFHFrV43Y3c53RSLKOCJ5+Ow=
-github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.3.0/go.mod h1:hd8hTTIY3VmUVPRHNH7GVCHO3SHgXkJKZHReby/bnUQ=
+github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.3.1/go.mod h1:hPv41DbqMmnxcGralanA/kVlfdH5jv3T4LxGku2E1BY=
-github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.0 h1:eXnN9kaS8TiDwXjoie3hMRLuwdUBUMW9KRgOqB3mCaw=
+github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.1 h1:bFWuoEKg+gImo7pvkiQEFAc8ocibADgXeiLAxWhWmkI=
-github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.0/go.mod h1:XIpam8wumeZ5rVMuhdDQLMfIPDf1WO3IzrCRO3e3e3o=
+github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.1/go.mod h1:Vih/3yc6yac2JzU4hzpaDupBJP0Flaia9rXXrU8xyww=
 github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
 github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
 github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24=
@ -1350,8 +1350,8 @@ github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZ
 github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU=
 github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1 h1:WJTmL004Abzc5wDB5VtZG2PJk5ndYDgVacGqfirKxjM=
 github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1/go.mod h1:tCcJZ0uHAmvjsVYzEFivsRTN00oz5BEsRgQHu5JZ9WE=
-github.com/AzureAD/microsoft-authentication-library-for-go v1.3.2 h1:kYRSnvJju5gYVyhkij+RTJ/VR6QIUaCfWeaFm2ycsjQ=
+github.com/AzureAD/microsoft-authentication-library-for-go v1.3.3 h1:H5xDQaE3XowWfhZRUpnfC+rGZMEVoSiji+b+/HFAPU4=
-github.com/AzureAD/microsoft-authentication-library-for-go v1.3.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
+github.com/AzureAD/microsoft-authentication-library-for-go v1.3.3/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
 github.com/IBM/keyprotect-go-client v0.5.1/go.mod h1:5TwDM/4FRJq1ZOlwQL1xFahLWQ3TveR88VmL1u3njyI=
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/CHANGELOG.md
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/CHANGELOG.md
@ -1,5 +1,10 @@
 # Release History
 ## 1.8.2 (2025-02-12)
 ### Other Changes
 * Upgraded dependencies
 ## 1.8.1 (2025-01-15)
 ### Bugs Fixed
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/MIGRATION.md
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/MIGRATION.md
@ -304,4 +304,4 @@ client := subscriptions.NewClient()
 client.Authorizer = azidext.NewTokenCredentialAdapter(cred, []string{"https://management.azure.com//.default"})
 ```
-![Impressions](https://azure-sdk-impressions.azurewebsites.net/api/impressions/azure-sdk-for-go%2Fsdk%2Fazidentity%2FMIGRATION.png)
+
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/README.md
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/README.md
@ -254,4 +254,4 @@ additional questions or comments.
 [ctc_overview]: https://aka.ms/azsdk/go/identity/credential-chains#chainedtokencredential-overview
 [dac_overview]: https://aka.ms/azsdk/go/identity/credential-chains#defaultazurecredential-overview
-![Impressions](https://azure-sdk-impressions.azurewebsites.net/api/impressions/azure-sdk-for-go%2Fsdk%2Fazidentity%2FREADME.png)
+
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azure_cli_credential.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azure_cli_credential.go
@ -70,7 +70,11 @@ func NewAzureCLICredential(options *AzureCLICredentialOptions) (*AzureCLICredent
 	}
 	for _, r := range cp.Subscription {
 		if !(alphanumeric(r) || r == '-' || r == '_' || r == ' ' || r == '.') {
-			return nil, fmt.Errorf("%s: invalid Subscription %q", credNameAzureCLI, cp.Subscription)
+			return nil, fmt.Errorf(
 				"%s: Subscription %q contains invalid characters. If this is the name of a subscription, use its ID instead",
 				credNameAzureCLI,
 				cp.Subscription,
 			)
 		}
 	}
 	if cp.TenantID != "" && !validTenantID(cp.TenantID) {
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/version.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/version.go
@ -14,5 +14,5 @@ const (
 	module = "github.com/Azure/azure-sdk-for-go/sdk/" + component
 	// Version is the semantic version (see http://semver.org) of this module.
-	version = "v1.8.1"
+	version = "v1.8.2"
 )
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/CHANGELOG.md
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/CHANGELOG.md
@ -1,5 +1,10 @@
 # Release History
 ## 1.3.1 (2025-02-13)
 ### Other Changes
 * Upgraded dependencies
 ## 1.3.0 (2024-11-06)
 ### Features Added
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/README.md
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/README.md
@ -56,7 +56,7 @@ func main() {
 ### Secret
-A secret consists of a secret value and its associated metadata and management information. This library handles secret values as strings, but Azure Key Vault doesn't store them as such. For more information about secrets and how Key Vault stores and manages them, see the [Key Vault documentation](https://docs.microsoft.com/azure/key-vault/general/about-keys-secrets-certificates).
+A secret consists of a secret value and its associated metadata and management information. This library handles secret values as strings, but Azure Key Vault doesn't store them as such. For more information about secrets and how Key Vault stores and manages them, see the [Key Vault documentation](https://learn.microsoft.com/azure/key-vault/general/about-keys-secrets-certificates).
 `azseecrets.Client` can set secret values in the vault, update secret metadata, and delete secrets, as shown in the examples below.
@ -129,16 +129,16 @@ When you submit a pull request, a CLA-bot will automatically determine whether y
 This project has adopted the [Microsoft Open Source Code of Conduct][code_of_conduct]. For more information, see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact opencode@microsoft.com with any additional questions or comments.
 [azure_identity]: https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity
-[azure_keyvault_cli]: https://docs.microsoft.com/azure/key-vault/general/quick-create-cli
+[azure_keyvault_cli]: https://learn.microsoft.com/azure/key-vault/general/quick-create-cli
-[azure_keyvault_portal]: https://docs.microsoft.com/azure/key-vault/general/quick-create-portal
+[azure_keyvault_portal]: https://learn.microsoft.com/azure/key-vault/general/quick-create-portal
 [azure_sub]: https://azure.microsoft.com/free/
 [code_of_conduct]: https://opensource.microsoft.com/codeofconduct/
 [default_cred_ref]: https://github.com/Azure/azure-sdk-for-go/tree/main/sdk/azidentity#defaultazurecredential
-[keyvault_docs]: https://docs.microsoft.com/azure/key-vault/
+[keyvault_docs]: https://learn.microsoft.com/azure/key-vault/
-[managed_identity]: https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/overview
+[managed_identity]: https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/overview
 [reference_docs]: https://aka.ms/azsdk/go/keyvault-secrets/docs
 [client_docs]: https://aka.ms/azsdk/go/keyvault-secrets/docs#Client
 [module_source]: https://github.com/Azure/azure-sdk-for-go/tree/main/sdk/security/keyvault/azsecrets
 [secrets_samples]: https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets#pkg-examples
-![Impressions](https://azure-sdk-impressions.azurewebsites.net/api/impressions/azure-sdk-for-go%2Fsdk%2Fsecurity%2Fkeyvault%2Fazsecrets%2FREADME.png)
+
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/autorest.md
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/autorest.md
@ -1,141 +0,0 @@
 ## Go
 ```yaml
 clear-output-folder: false
 export-clients: true
 go: true
 input-file: https://github.com/Azure/azure-rest-api-specs/blob/7452e1cc7db72fbc6cd9539b390d8b8e5c2a1864/specification/keyvault/data-plane/Microsoft.KeyVault/stable/7.5/secrets.json
 license-header: MICROSOFT_MIT_NO_VERSION
 module: github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets
 openapi-type: "data-plane"
 output-folder: ../azsecrets
 override-client-name: Client
 security: "AADToken"
 security-scopes: "https://vault.azure.net/.default"
 use: "@autorest/go@4.0.0-preview.59"
 inject-spans: true
 version: "^3.0.0"
 directive:
  # delete unused model
  - remove-model: SecretProperties
  # make vault URL a parameter of the client constructor
  - from: swagger-document
    where: $["x-ms-parameterized-host"]
    transform: $.parameters[0]["x-ms-parameter-location"] = "client"
  # rename parameter models to match their methods
  - rename-model:
      from: SecretRestoreParameters
      to: RestoreSecretParameters
  - rename-model:
      from: SecretSetParameters
      to: SetSecretParameters
  - rename-model:
      from: SecretUpdateParameters
      to: UpdateSecretParameters
  - rename-model:
      from: SecretBundle
      to: Secret
  - rename-model:
      from: DeletedSecretBundle
      to: DeletedSecret
  - rename-model:
      from: SecretItem
      to: SecretProperties
  - rename-model:
      from: DeletedSecretItem
      to: DeletedSecretProperties
  - rename-model:
      from: UpdateSecretParameters
      to: UpdateSecretPropertiesParameters
  - rename-model:
      from: DeletedSecretListResult
      to: DeletedSecretPropertiesListResult
  - rename-model:
      from: SecretListResult
      to: SecretPropertiesListResult
  # rename operations
  - rename-operation:
      from: GetDeletedSecrets
      to: ListDeletedSecretProperties
  - rename-operation:
      from: GetSecrets
      to: ListSecretProperties
  - rename-operation:
      from: GetSecretVersions
      to: ListSecretPropertiesVersions
  - rename-operation:
      from: UpdateSecret
      to: UpdateSecretProperties
  # rename fields
  - from: swagger-document
    where: $.definitions.RestoreSecretParameters.properties.value
    transform: $["x-ms-client-name"] = "SecretBackup"
  - from: swagger-document
    where: $.definitions.Secret.properties.kid
    transform: $["x-ms-client-name"] = "KID"
  # remove type DeletionRecoveryLevel, use string instead
  - from: models.go
    where: $
    transform: return $.replace(/DeletionRecoveryLevel/g, "string");
  # Remove MaxResults parameter
  - where: "$.paths..*"
    remove-parameter:
      in: query
      name: maxresults
  # delete unused error models
  - from: models.go
    where: $
    transform: return $.replace(/(?:\/\/.*\s)+type (?:Error|KeyVaultError).+\{(?:\s.+\s)+\}\s/g, "");
  - from: models_serde.go
    where: $
    transform: return $.replace(/(?:\/\/.*\s)+func \(\w \*?(?:Error|KeyVaultError)\).*\{\s(?:.+\s)+\}\s/g, "");
  # delete the Attributes model defined in common.json (it's used only with allOf)
  - from: models.go
    where: $
    transform: return $.replace(/(?:\/\/.*\s)+type Attributes.+\{(?:\s.+\s)+\}\s/g, "");
  - from: models_serde.go
    where: $
    transform: return $.replace(/(?:\/\/.*\s)+func \(a \*?Attributes\).*\{\s(?:.+\s)+\}\s/g, "");
  # delete the version path param check (version == "" is legal for Key Vault but indescribable by OpenAPI)
  - from: client.go
    where: $
    transform: return $.replace(/\sif secretVersion == "" \{\s+.+secretVersion cannot be empty"\)\s+\}\s/g, "");
  # delete client name prefix from method options and response types
  - from:
      - client.go
      - models.go
      - options.go
      - response_types.go
    where: $
    transform: return $.replace(/Client(\w+)((?:Options|Response))/g, "$1$2");
  # make secret IDs a convenience type so we can add parsing methods
  - from: models.go
    where: $
    transform: return $.replace(/(\sID \*)string(\s+.*)/g, "$1ID$2")
  - from: models.go
    where: $
    transform: return $.replace(/(\sKID \*)string(\s+.*)/g, "$1ID$2")
  # Maxresults -> MaxResults
  - from:
      - client.go
      - models.go
    where: $
    transform: return $.replace(/Maxresults/g, "MaxResults")
  # secretName, secretVersion -> name, version
  - from: client.go
  - where: $
  - transform: return $.replace(/secretName/g, "name").replace(/secretVersion/g, "version")
 ```
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/build.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/build.go
@ -1,9 +1,7 @@
-//go:build go1.18
+//go:generate tsp-client update
-// +build go1.18
+//go:generate go run ./internal/transforms.go
 //go:generate autorest ./autorest.md
 //go:generate rm ./constants.go
-//go:generate gofmt -w .
+//go:generate goimports -w .
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License. See License.txt in the project root for license information.
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/ci.yml
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/ci.yml
@ -28,4 +28,3 @@ extends:
    ServiceDirectory: 'security/keyvault/azsecrets'
    RunLiveTests: true
    UsePipelineProxy: false
    SupportedClouds: 'Public,UsGov,China'
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/client.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/client.go
@ -1,33 +1,32 @@
 //go:build go1.18
 // +build go1.18
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License. See License.txt in the project root for license information.
-// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT.
+// Code generated by Microsoft (R) Go Code Generator. DO NOT EDIT.
 // Changes may cause incorrect behavior and will be lost if the code is regenerated.
 package azsecrets
 import (
 	"context"
 	"errors"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
 	"net/http"
 	"net/url"
 	"strings"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
 )
-// Client contains the methods for the Client group.
+// Client - The key vault client performs cryptographic key operations and vault operations against the Key Vault service.
 // Don't use this type directly, use a constructor function instead.
 type Client struct {
-	internal *azcore.Client
+	internal     *azcore.Client
-	endpoint string
+	vaultBaseUrl string
 }
-// BackupSecret - Requests that a backup of the specified secret be downloaded to the client. All versions of the secret will
+// BackupSecret - Backs up the specified secret.
-// be downloaded. This operation requires the secrets/backup permission.
+//
 // Requests that a backup of the specified secret be downloaded to the client. All versions of the secret will be downloaded.
 // This operation requires the secrets/backup permission.
 // If the operation fails it returns an *azcore.ResponseError type.
 //
 // Generated from API version 7.5
@ -54,13 +53,15 @@ func (client *Client) BackupSecret(ctx context.Context, name string, options *Ba
 }
 // backupSecretCreateRequest creates the BackupSecret request.
-func (client *Client) backupSecretCreateRequest(ctx context.Context, name string, options *BackupSecretOptions) (*policy.Request, error) {
+func (client *Client) backupSecretCreateRequest(ctx context.Context, name string, _ *BackupSecretOptions) (*policy.Request, error) {
 	host := "{vaultBaseUrl}"
 	host = strings.ReplaceAll(host, "{vaultBaseUrl}", client.vaultBaseUrl)
 	urlPath := "/secrets/{secret-name}/backup"
 	if name == "" {
 		return nil, errors.New("parameter name cannot be empty")
 	}
 	urlPath = strings.ReplaceAll(urlPath, "{secret-name}", url.PathEscape(name))
-	req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.endpoint, urlPath))
+	req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(host, urlPath))
 	if err != nil {
 		return nil, err
 	}
@ -80,8 +81,10 @@ func (client *Client) backupSecretHandleResponse(resp *http.Response) (BackupSec
 	return result, nil
 }
-// DeleteSecret - The DELETE operation applies to any secret stored in Azure Key Vault. DELETE cannot be applied to an individual
+// DeleteSecret - Deletes a secret from a specified key vault.
-// version of a secret. This operation requires the secrets/delete permission.
+//
 // The DELETE operation applies to any secret stored in Azure Key Vault. DELETE cannot be applied to an individual version
 // of a secret. This operation requires the secrets/delete permission.
 // If the operation fails it returns an *azcore.ResponseError type.
 //
 // Generated from API version 7.5
@ -108,13 +111,15 @@ func (client *Client) DeleteSecret(ctx context.Context, name string, options *De
 }
 // deleteSecretCreateRequest creates the DeleteSecret request.
-func (client *Client) deleteSecretCreateRequest(ctx context.Context, name string, options *DeleteSecretOptions) (*policy.Request, error) {
+func (client *Client) deleteSecretCreateRequest(ctx context.Context, name string, _ *DeleteSecretOptions) (*policy.Request, error) {
 	host := "{vaultBaseUrl}"
 	host = strings.ReplaceAll(host, "{vaultBaseUrl}", client.vaultBaseUrl)
 	urlPath := "/secrets/{secret-name}"
 	if name == "" {
 		return nil, errors.New("parameter name cannot be empty")
 	}
 	urlPath = strings.ReplaceAll(urlPath, "{secret-name}", url.PathEscape(name))
-	req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.endpoint, urlPath))
+	req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(host, urlPath))
 	if err != nil {
 		return nil, err
 	}
@ -134,8 +139,10 @@ func (client *Client) deleteSecretHandleResponse(resp *http.Response) (DeleteSec
 	return result, nil
 }
-// GetDeletedSecret - The Get Deleted Secret operation returns the specified deleted secret along with its attributes. This
+// GetDeletedSecret - Gets the specified deleted secret.
-// operation requires the secrets/get permission.
+//
 // The Get Deleted Secret operation returns the specified deleted secret along with its attributes. This operation requires
 // the secrets/get permission.
 // If the operation fails it returns an *azcore.ResponseError type.
 //
 // Generated from API version 7.5
@ -162,13 +169,15 @@ func (client *Client) GetDeletedSecret(ctx context.Context, name string, options
 }
 // getDeletedSecretCreateRequest creates the GetDeletedSecret request.
-func (client *Client) getDeletedSecretCreateRequest(ctx context.Context, name string, options *GetDeletedSecretOptions) (*policy.Request, error) {
+func (client *Client) getDeletedSecretCreateRequest(ctx context.Context, name string, _ *GetDeletedSecretOptions) (*policy.Request, error) {
 	host := "{vaultBaseUrl}"
 	host = strings.ReplaceAll(host, "{vaultBaseUrl}", client.vaultBaseUrl)
 	urlPath := "/deletedsecrets/{secret-name}"
 	if name == "" {
 		return nil, errors.New("parameter name cannot be empty")
 	}
 	urlPath = strings.ReplaceAll(urlPath, "{secret-name}", url.PathEscape(name))
-	req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.endpoint, urlPath))
+	req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(host, urlPath))
 	if err != nil {
 		return nil, err
 	}
@ -188,8 +197,9 @@ func (client *Client) getDeletedSecretHandleResponse(resp *http.Response) (GetDe
 	return result, nil
 }
-// GetSecret - The GET operation is applicable to any secret stored in Azure Key Vault. This operation requires the secrets/get
+// GetSecret - Get a specified secret from a given key vault.
-// permission.
+//
 // The GET operation is applicable to any secret stored in Azure Key Vault. This operation requires the secrets/get permission.
 // If the operation fails it returns an *azcore.ResponseError type.
 //
 // Generated from API version 7.5
@ -218,14 +228,16 @@ func (client *Client) GetSecret(ctx context.Context, name string, version string
 }
 // getSecretCreateRequest creates the GetSecret request.
-func (client *Client) getSecretCreateRequest(ctx context.Context, name string, version string, options *GetSecretOptions) (*policy.Request, error) {
+func (client *Client) getSecretCreateRequest(ctx context.Context, name string, version string, _ *GetSecretOptions) (*policy.Request, error) {
 	host := "{vaultBaseUrl}"
 	host = strings.ReplaceAll(host, "{vaultBaseUrl}", client.vaultBaseUrl)
 	urlPath := "/secrets/{secret-name}/{secret-version}"
 	if name == "" {
 		return nil, errors.New("parameter name cannot be empty")
 	}
 	urlPath = strings.ReplaceAll(urlPath, "{secret-name}", url.PathEscape(name))
 	urlPath = strings.ReplaceAll(urlPath, "{secret-version}", url.PathEscape(version))
-	req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.endpoint, urlPath))
+	req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(host, urlPath))
 	if err != nil {
 		return nil, err
 	}
@ -245,8 +257,10 @@ func (client *Client) getSecretHandleResponse(resp *http.Response) (GetSecretRes
 	return result, nil
 }
-// NewListDeletedSecretPropertiesPager - The Get Deleted Secrets operation returns the secrets that have been deleted for
+// NewListDeletedSecretPropertiesPager - Lists deleted secrets for the specified vault.
-// a vault enabled for soft-delete. This operation requires the secrets/list permission.
+//
 // The Get Deleted Secrets operation returns the secrets that have been deleted for a vault enabled for soft-delete. This
 // operation requires the secrets/list permission.
 //
 // Generated from API version 7.5
 //   - options - ListDeletedSecretPropertiesOptions contains the optional parameters for the Client.NewListDeletedSecretPropertiesPager
@ -275,8 +289,10 @@ func (client *Client) NewListDeletedSecretPropertiesPager(options *ListDeletedSe
 // listDeletedSecretPropertiesCreateRequest creates the ListDeletedSecretProperties request.
 func (client *Client) listDeletedSecretPropertiesCreateRequest(ctx context.Context, options *ListDeletedSecretPropertiesOptions) (*policy.Request, error) {
 	host := "{vaultBaseUrl}"
 	host = strings.ReplaceAll(host, "{vaultBaseUrl}", client.vaultBaseUrl)
 	urlPath := "/deletedsecrets"
-	req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.endpoint, urlPath))
+	req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(host, urlPath))
 	if err != nil {
 		return nil, err
 	}
@ -296,13 +312,14 @@ func (client *Client) listDeletedSecretPropertiesHandleResponse(resp *http.Respo
 	return result, nil
 }
-// NewListSecretPropertiesPager - The Get Secrets operation is applicable to the entire vault. However, only the base secret
+// NewListSecretPropertiesPager - List secrets in a specified key vault.
-// identifier and its attributes are provided in the response. Individual secret versions are not listed in the
+//
-// response. This operation requires the secrets/list permission.
+// The Get Secrets operation is applicable to the entire vault. However, only the base secret identifier and its attributes
 // are provided in the response. Individual secret versions are not listed in the response. This operation requires the secrets/list
 // permission.
 //
 // Generated from API version 7.5
-//   - options - ListSecretPropertiesOptions contains the optional parameters for the Client.NewListSecretPropertiesPager
+//   - options - ListSecretPropertiesOptions contains the optional parameters for the Client.NewListSecretPropertiesPager method.
 //     method.
 func (client *Client) NewListSecretPropertiesPager(options *ListSecretPropertiesOptions) *runtime.Pager[ListSecretPropertiesResponse] {
 	return runtime.NewPager(runtime.PagingHandler[ListSecretPropertiesResponse]{
 		More: func(page ListSecretPropertiesResponse) bool {
@ -327,8 +344,10 @@ func (client *Client) NewListSecretPropertiesPager(options *ListSecretProperties
 // listSecretPropertiesCreateRequest creates the ListSecretProperties request.
 func (client *Client) listSecretPropertiesCreateRequest(ctx context.Context, options *ListSecretPropertiesOptions) (*policy.Request, error) {
 	host := "{vaultBaseUrl}"
 	host = strings.ReplaceAll(host, "{vaultBaseUrl}", client.vaultBaseUrl)
 	urlPath := "/secrets"
-	req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.endpoint, urlPath))
+	req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(host, urlPath))
 	if err != nil {
 		return nil, err
 	}
@ -348,8 +367,10 @@ func (client *Client) listSecretPropertiesHandleResponse(resp *http.Response) (L
 	return result, nil
 }
-// NewListSecretPropertiesVersionsPager - The full secret identifier and attributes are provided in the response. No values
+// NewListSecretPropertiesVersionsPager - List all versions of the specified secret.
-// are returned for the secrets. This operations requires the secrets/list permission.
+//
 // The full secret identifier and attributes are provided in the response. No values are returned for the secrets. This operations
 // requires the secrets/list permission.
 //
 // Generated from API version 7.5
 //   - name - The name of the secret.
@ -379,12 +400,14 @@ func (client *Client) NewListSecretPropertiesVersionsPager(name string, options
 // listSecretPropertiesVersionsCreateRequest creates the ListSecretPropertiesVersions request.
 func (client *Client) listSecretPropertiesVersionsCreateRequest(ctx context.Context, name string, options *ListSecretPropertiesVersionsOptions) (*policy.Request, error) {
 	host := "{vaultBaseUrl}"
 	host = strings.ReplaceAll(host, "{vaultBaseUrl}", client.vaultBaseUrl)
 	urlPath := "/secrets/{secret-name}/versions"
 	if name == "" {
 		return nil, errors.New("parameter name cannot be empty")
 	}
 	urlPath = strings.ReplaceAll(urlPath, "{secret-name}", url.PathEscape(name))
-	req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.endpoint, urlPath))
+	req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(host, urlPath))
 	if err != nil {
 		return nil, err
 	}
@ -404,9 +427,10 @@ func (client *Client) listSecretPropertiesVersionsHandleResponse(resp *http.Resp
 	return result, nil
 }
-// PurgeDeletedSecret - The purge deleted secret operation removes the secret permanently, without the possibility of recovery.
+// PurgeDeletedSecret - Permanently deletes the specified secret.
-// This operation can only be enabled on a soft-delete enabled vault. This operation requires the
+//
-// secrets/purge permission.
+// The purge deleted secret operation removes the secret permanently, without the possibility of recovery. This operation
 // can only be enabled on a soft-delete enabled vault. This operation requires the secrets/purge permission.
 // If the operation fails it returns an *azcore.ResponseError type.
 //
 // Generated from API version 7.5
@ -432,13 +456,15 @@ func (client *Client) PurgeDeletedSecret(ctx context.Context, name string, optio
 }
 // purgeDeletedSecretCreateRequest creates the PurgeDeletedSecret request.
-func (client *Client) purgeDeletedSecretCreateRequest(ctx context.Context, name string, options *PurgeDeletedSecretOptions) (*policy.Request, error) {
+func (client *Client) purgeDeletedSecretCreateRequest(ctx context.Context, name string, _ *PurgeDeletedSecretOptions) (*policy.Request, error) {
 	host := "{vaultBaseUrl}"
 	host = strings.ReplaceAll(host, "{vaultBaseUrl}", client.vaultBaseUrl)
 	urlPath := "/deletedsecrets/{secret-name}"
 	if name == "" {
 		return nil, errors.New("parameter name cannot be empty")
 	}
 	urlPath = strings.ReplaceAll(urlPath, "{secret-name}", url.PathEscape(name))
-	req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.endpoint, urlPath))
+	req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(host, urlPath))
 	if err != nil {
 		return nil, err
 	}
@ -449,8 +475,10 @@ func (client *Client) purgeDeletedSecretCreateRequest(ctx context.Context, name
 	return req, nil
 }
-// RecoverDeletedSecret - Recovers the deleted secret in the specified vault. This operation can only be performed on a soft-delete
+// RecoverDeletedSecret - Recovers the deleted secret to the latest version.
-// enabled vault. This operation requires the secrets/recover permission.
+//
 // Recovers the deleted secret in the specified vault. This operation can only be performed on a soft-delete enabled vault.
 // This operation requires the secrets/recover permission.
 // If the operation fails it returns an *azcore.ResponseError type.
 //
 // Generated from API version 7.5
@ -477,13 +505,15 @@ func (client *Client) RecoverDeletedSecret(ctx context.Context, name string, opt
 }
 // recoverDeletedSecretCreateRequest creates the RecoverDeletedSecret request.
-func (client *Client) recoverDeletedSecretCreateRequest(ctx context.Context, name string, options *RecoverDeletedSecretOptions) (*policy.Request, error) {
+func (client *Client) recoverDeletedSecretCreateRequest(ctx context.Context, name string, _ *RecoverDeletedSecretOptions) (*policy.Request, error) {
 	host := "{vaultBaseUrl}"
 	host = strings.ReplaceAll(host, "{vaultBaseUrl}", client.vaultBaseUrl)
 	urlPath := "/deletedsecrets/{secret-name}/recover"
 	if name == "" {
 		return nil, errors.New("parameter name cannot be empty")
 	}
 	urlPath = strings.ReplaceAll(urlPath, "{secret-name}", url.PathEscape(name))
-	req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.endpoint, urlPath))
+	req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(host, urlPath))
 	if err != nil {
 		return nil, err
 	}
@ -503,8 +533,9 @@ func (client *Client) recoverDeletedSecretHandleResponse(resp *http.Response) (R
 	return result, nil
 }
-// RestoreSecret - Restores a backed up secret, and all its versions, to a vault. This operation requires the secrets/restore
+// RestoreSecret - Restores a backed up secret to a vault.
-// permission.
+//
 // Restores a backed up secret, and all its versions, to a vault. This operation requires the secrets/restore permission.
 // If the operation fails it returns an *azcore.ResponseError type.
 //
 // Generated from API version 7.5
@ -531,9 +562,11 @@ func (client *Client) RestoreSecret(ctx context.Context, parameters RestoreSecre
 }
 // restoreSecretCreateRequest creates the RestoreSecret request.
-func (client *Client) restoreSecretCreateRequest(ctx context.Context, parameters RestoreSecretParameters, options *RestoreSecretOptions) (*policy.Request, error) {
+func (client *Client) restoreSecretCreateRequest(ctx context.Context, parameters RestoreSecretParameters, _ *RestoreSecretOptions) (*policy.Request, error) {
 	host := "{vaultBaseUrl}"
 	host = strings.ReplaceAll(host, "{vaultBaseUrl}", client.vaultBaseUrl)
 	urlPath := "/secrets/restore"
-	req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.endpoint, urlPath))
+	req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(host, urlPath))
 	if err != nil {
 		return nil, err
 	}
@ -541,6 +574,7 @@ func (client *Client) restoreSecretCreateRequest(ctx context.Context, parameters
 	reqQP.Set("api-version", "7.5")
 	req.Raw().URL.RawQuery = reqQP.Encode()
 	req.Raw().Header["Accept"] = []string{"application/json"}
 	req.Raw().Header["Content-Type"] = []string{"application/json"}
 	if err := runtime.MarshalAsJSON(req, parameters); err != nil {
 		return nil, err
 	}
@ -556,13 +590,15 @@ func (client *Client) restoreSecretHandleResponse(resp *http.Response) (RestoreS
 	return result, nil
 }
-// SetSecret - The SET operation adds a secret to the Azure Key Vault. If the named secret already exists, Azure Key Vault
+// SetSecret - Sets a secret in a specified key vault.
-// creates a new version of that secret. This operation requires the secrets/set permission.
+//
 // The SET operation adds a secret to the Azure Key Vault. If the named secret already exists, Azure Key Vault creates a new
 // version of that secret. This operation requires the secrets/set permission.
 // If the operation fails it returns an *azcore.ResponseError type.
 //
 // Generated from API version 7.5
-//   - name - The name of the secret. The value you provide may be copied globally for the purpose of running the service.
+//   - name - The name of the secret. The value you provide may be copied globally for the purpose of running the service. The
-//     The value provided should not include personally identifiable or sensitive information.
+//     value provided should not include personally identifiable or sensitive information.
 //   - parameters - The parameters for setting the secret.
 //   - options - SetSecretOptions contains the optional parameters for the Client.SetSecret method.
 func (client *Client) SetSecret(ctx context.Context, name string, parameters SetSecretParameters, options *SetSecretOptions) (SetSecretResponse, error) {
@ -586,13 +622,15 @@ func (client *Client) SetSecret(ctx context.Context, name string, parameters Set
 }
 // setSecretCreateRequest creates the SetSecret request.
-func (client *Client) setSecretCreateRequest(ctx context.Context, name string, parameters SetSecretParameters, options *SetSecretOptions) (*policy.Request, error) {
+func (client *Client) setSecretCreateRequest(ctx context.Context, name string, parameters SetSecretParameters, _ *SetSecretOptions) (*policy.Request, error) {
 	host := "{vaultBaseUrl}"
 	host = strings.ReplaceAll(host, "{vaultBaseUrl}", client.vaultBaseUrl)
 	urlPath := "/secrets/{secret-name}"
 	if name == "" {
 		return nil, errors.New("parameter name cannot be empty")
 	}
 	urlPath = strings.ReplaceAll(urlPath, "{secret-name}", url.PathEscape(name))
-	req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.endpoint, urlPath))
+	req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(host, urlPath))
 	if err != nil {
 		return nil, err
 	}
@ -600,6 +638,7 @@ func (client *Client) setSecretCreateRequest(ctx context.Context, name string, p
 	reqQP.Set("api-version", "7.5")
 	req.Raw().URL.RawQuery = reqQP.Encode()
 	req.Raw().Header["Accept"] = []string{"application/json"}
 	req.Raw().Header["Content-Type"] = []string{"application/json"}
 	if err := runtime.MarshalAsJSON(req, parameters); err != nil {
 		return nil, err
 	}
@ -615,9 +654,10 @@ func (client *Client) setSecretHandleResponse(resp *http.Response) (SetSecretRes
 	return result, nil
 }
-// UpdateSecretProperties - The UPDATE operation changes specified attributes of an existing stored secret. Attributes that
+// UpdateSecretProperties - Updates the attributes associated with a specified secret in a given key vault.
-// are not specified in the request are left unchanged. The value of a secret itself cannot be changed.
+//
-// This operation requires the secrets/set permission.
+// The UPDATE operation changes specified attributes of an existing stored secret. Attributes that are not specified in the
 // request are left unchanged. The value of a secret itself cannot be changed. This operation requires the secrets/set permission.
 // If the operation fails it returns an *azcore.ResponseError type.
 //
 // Generated from API version 7.5
@ -646,14 +686,16 @@ func (client *Client) UpdateSecretProperties(ctx context.Context, name string, v
 }
 // updateSecretPropertiesCreateRequest creates the UpdateSecretProperties request.
-func (client *Client) updateSecretPropertiesCreateRequest(ctx context.Context, name string, version string, parameters UpdateSecretPropertiesParameters, options *UpdateSecretPropertiesOptions) (*policy.Request, error) {
+func (client *Client) updateSecretPropertiesCreateRequest(ctx context.Context, name string, version string, parameters UpdateSecretPropertiesParameters, _ *UpdateSecretPropertiesOptions) (*policy.Request, error) {
 	host := "{vaultBaseUrl}"
 	host = strings.ReplaceAll(host, "{vaultBaseUrl}", client.vaultBaseUrl)
 	urlPath := "/secrets/{secret-name}/{secret-version}"
 	if name == "" {
 		return nil, errors.New("parameter name cannot be empty")
 	}
 	urlPath = strings.ReplaceAll(urlPath, "{secret-name}", url.PathEscape(name))
 	urlPath = strings.ReplaceAll(urlPath, "{secret-version}", url.PathEscape(version))
-	req, err := runtime.NewRequest(ctx, http.MethodPatch, runtime.JoinPaths(client.endpoint, urlPath))
+	req, err := runtime.NewRequest(ctx, http.MethodPatch, runtime.JoinPaths(host, urlPath))
 	if err != nil {
 		return nil, err
 	}
@ -661,6 +703,7 @@ func (client *Client) updateSecretPropertiesCreateRequest(ctx context.Context, n
 	reqQP.Set("api-version", "7.5")
 	req.Raw().URL.RawQuery = reqQP.Encode()
 	req.Raw().Header["Accept"] = []string{"application/json"}
 	req.Raw().Header["Content-Type"] = []string{"application/json"}
 	if err := runtime.MarshalAsJSON(req, parameters); err != nil {
 		return nil, err
 	}
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/custom_client.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/custom_client.go
@ -1,6 +1,3 @@
 //go:build go1.18
 // +build go1.18
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License. See License.txt in the project root for license information.
@ -50,7 +47,7 @@ func NewClient(vaultURL string, credential azcore.TokenCredential, options *Clie
 	if err != nil {
 		return nil, err
 	}
-	return &Client{endpoint: vaultURL, internal: azcoreClient}, nil
+	return &Client{vaultBaseUrl: vaultURL, internal: azcoreClient}, nil
 }
 // ID is a secret's unique ID, containing its name and version.
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/models.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/models.go
@ -1,10 +1,6 @@
 //go:build go1.18
 // +build go1.18
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License. See License.txt in the project root for license information.
-// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT.
+// Code generated by Microsoft (R) Go Code Generator. DO NOT EDIT.
 // Changes may cause incorrect behavior and will be lost if the code is regenerated.
 package azsecrets
@ -85,8 +81,8 @@ type DeletedSecretPropertiesListResult struct {
 	// READ-ONLY; The URL to get the next set of deleted secrets.
 	NextLink *string
-	// READ-ONLY; A response message containing a list of the deleted secrets in the vault along with a link to the next page
+	// READ-ONLY; A response message containing a list of deleted secrets in the key vault along with a link to the next page
-	// of deleted secrets
+	// of deleted secrets.
 	Value []*DeletedSecretProperties
 }
@ -140,8 +136,8 @@ type SecretAttributes struct {
 	RecoverableDays *int32
 	// READ-ONLY; Reflects the deletion recovery level currently in effect for secrets in the current vault. If it contains 'Purgeable',
-	// the secret can be permanently deleted by a privileged user; otherwise, only the
+	// the secret can be permanently deleted by a privileged user; otherwise, only the system can purge the secret, at the end
-	// system can purge the secret, at the end of the retention interval.
+	// of the retention interval.
 	RecoveryLevel *string
 	// READ-ONLY; Last updated time in UTC.
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/models_serde.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/models_serde.go
@ -1,25 +1,24 @@
 //go:build go1.18
 // +build go1.18
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License. See License.txt in the project root for license information.
-// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT.
+// Code generated by Microsoft (R) Go Code Generator. DO NOT EDIT.
 // Changes may cause incorrect behavior and will be lost if the code is regenerated.
 package azsecrets
 import (
 	"encoding/json"
 	"fmt"
 	"reflect"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
 	"reflect"
 )
 // MarshalJSON implements the json.Marshaller interface for type BackupSecretResult.
 func (b BackupSecretResult) MarshalJSON() ([]byte, error) {
 	objectMap := make(map[string]any)
-	populateByteArray(objectMap, "value", b.Value, runtime.Base64URLFormat)
+	populateByteArray(objectMap, "value", b.Value, func() any {
 		return runtime.EncodeByteArray(b.Value, runtime.Base64URLFormat)
 	})
 	return json.Marshal(objectMap)
 }
@ -33,7 +32,9 @@ func (b *BackupSecretResult) UnmarshalJSON(data []byte) error {
 		var err error
 		switch key {
 		case "value":
-			err = runtime.DecodeByteArray(string(val), &b.Value, runtime.Base64URLFormat)
+			if val != nil && string(val) != "null" {
 				err = runtime.DecodeByteArray(string(val), &b.Value, runtime.Base64URLFormat)
 			}
 			delete(rawMsg, key)
 		}
 		if err != nil {
@ -195,7 +196,9 @@ func (d *DeletedSecretPropertiesListResult) UnmarshalJSON(data []byte) error {
 // MarshalJSON implements the json.Marshaller interface for type RestoreSecretParameters.
 func (r RestoreSecretParameters) MarshalJSON() ([]byte, error) {
 	objectMap := make(map[string]any)
-	populateByteArray(objectMap, "value", r.SecretBackup, runtime.Base64URLFormat)
+	populateByteArray(objectMap, "value", r.SecretBackup, func() any {
 		return runtime.EncodeByteArray(r.SecretBackup, runtime.Base64URLFormat)
 	})
 	return json.Marshal(objectMap)
 }
@ -209,7 +212,9 @@ func (r *RestoreSecretParameters) UnmarshalJSON(data []byte) error {
 		var err error
 		switch key {
 		case "value":
-			err = runtime.DecodeByteArray(string(val), &r.SecretBackup, runtime.Base64URLFormat)
+			if val != nil && string(val) != "null" {
 				err = runtime.DecodeByteArray(string(val), &r.SecretBackup, runtime.Base64URLFormat)
 			}
 			delete(rawMsg, key)
 		}
 		if err != nil {
@ -479,18 +484,18 @@ func populate(m map[string]any, k string, v any) {
 	}
 }
-func populateByteArray(m map[string]any, k string, b []byte, f runtime.Base64Encoding) {
+func populateByteArray[T any](m map[string]any, k string, b []T, convert func() any) {
 	if azcore.IsNullValue(b) {
 		m[k] = nil
 	} else if len(b) == 0 {
 		return
 	} else {
-		m[k] = runtime.EncodeByteArray(b, f)
+		m[k] = convert()
 	}
 }
 func unpopulate(data json.RawMessage, fn string, v any) error {
-	if data == nil {
+	if data == nil || string(data) == "null" {
 		return nil
 	}
 	if err := json.Unmarshal(data, v); err != nil {
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/options.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/options.go
@ -1,10 +1,6 @@
 //go:build go1.18
 // +build go1.18
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License. See License.txt in the project root for license information.
-// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT.
+// Code generated by Microsoft (R) Go Code Generator. DO NOT EDIT.
 // Changes may cause incorrect behavior and will be lost if the code is regenerated.
 package azsecrets
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/response_types.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/response_types.go
@ -1,10 +1,6 @@
 //go:build go1.18
 // +build go1.18
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License. See License.txt in the project root for license information.
-// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT.
+// Code generated by Microsoft (R) Go Code Generator. DO NOT EDIT.
 // Changes may cause incorrect behavior and will be lost if the code is regenerated.
 package azsecrets
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/time_unix.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/time_unix.go
@ -1,20 +1,16 @@
 //go:build go1.18
 // +build go1.18
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License. See License.txt in the project root for license information.
-// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT.
+// Code generated by Microsoft (R) Go Code Generator. DO NOT EDIT.
 // Changes may cause incorrect behavior and will be lost if the code is regenerated.
 package azsecrets
 import (
 	"encoding/json"
 	"fmt"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
 	"reflect"
 	"strings"
 	"time"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
 )
 type timeUnix time.Time
@ -49,7 +45,7 @@ func populateTimeUnix(m map[string]any, k string, t *time.Time) {
 }
 func unpopulateTimeUnix(data json.RawMessage, fn string, t **time.Time) error {
-	if data == nil || strings.EqualFold(string(data), "null") {
+	if data == nil || string(data) == "null" {
 		return nil
 	}
 	var aux timeUnix
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/tsp-location.yaml
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/tsp-location.yaml
@ -0,0 +1,6 @@
 directory: specification/keyvault/Security.KeyVault.Secrets
 commit: 646edc1e47bb0653b995a9cf474cf30255188530
 repo: Azure/azure-rest-api-specs
 additionalDirectories: 
 - specification/keyvault/Security.KeyVault.Common/
 # https://github.com/Azure/azure-rest-api-specs/tree/646edc1e47bb0653b995a9cf474cf30255188530/specification/keyvault/Security.KeyVault.Secrets
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/version.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets/version.go
@ -1,12 +1,9 @@
 //go:build go1.18
 // +build go1.18
 // Copyright (c) Microsoft Corporation. All rights reserved.
-// Licensed under the MIT License.
+// Licensed under the MIT License. See License.txt in the project root for license information.
 package azsecrets
 const (
 	moduleName = "github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets"
-	version    = "v1.3.0"
+	version    = "v1.3.1"
 )
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal/CHANGELOG.md
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal/CHANGELOG.md
@ -1,5 +1,10 @@
 # Release History
 ## 1.1.1 (2025-02-13)
 ### Bugs Fixed
 * Fixed data race when using Client from multiple goroutines concurrently (thanks, @strager)
 ## 1.1.0 (2024-10-21)
 ### Features Added
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal/challenge_policy.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal/challenge_policy.go
@ -13,6 +13,7 @@ import (
 	"net/http"
 	"net/url"
 	"strings"
 	"sync"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
@ -30,7 +31,12 @@ type KeyVaultChallengePolicyOptions struct {
 type keyVaultAuthorizer struct {
 	// tro is the policy's authentication parameters. These are discovered from an authentication challenge
 	// elicited ahead of the first client request.
-	tro                     policy.TokenRequestOptions
+	//
 	// Protected by troLock.
 	tro policy.TokenRequestOptions
 	// Lock protecting tro in case there are multiple concurrent initial requests.
 	troLock sync.RWMutex
 	verifyChallengeResource bool
 }
@ -55,7 +61,8 @@ func NewKeyVaultChallengePolicy(cred azcore.TokenCredential, opts *KeyVaultChall
 }
 func (k *keyVaultAuthorizer) authorize(req *policy.Request, authNZ func(policy.TokenRequestOptions) error) error {
-	if len(k.tro.Scopes) == 0 || k.tro.TenantID == "" {
+	tro := k.getTokenRequestOptions()
 	if len(tro.Scopes) == 0 || tro.TenantID == "" {
 		if body := req.Body(); body != nil {
 			// We don't know the scope or tenant ID because we haven't seen a challenge yet. We elicit one now by sending
 			// the request without authorization, first removing its body, if any. authorizeOnChallenge will reattach the
@ -70,7 +77,7 @@ func (k *keyVaultAuthorizer) authorize(req *policy.Request, authNZ func(policy.T
 		return nil
 	}
 	// else we know the auth parameters and can authorize the request as normal
-	return authNZ(k.tro)
+	return authNZ(tro)
 }
 func (k *keyVaultAuthorizer) authorizeOnChallenge(req *policy.Request, res *http.Response, authNZ func(policy.TokenRequestOptions) error) error {
@ -87,7 +94,7 @@ func (k *keyVaultAuthorizer) authorizeOnChallenge(req *policy.Request, res *http
 		}
 	}
 	// authenticate with the parameters supplied by Key Vault, authorize the request, send it again
-	return authNZ(k.tro)
+	return authNZ(k.getTokenRequestOptions())
 }
 // parses Tenant ID from auth challenge
@ -126,7 +133,6 @@ func (k *keyVaultAuthorizer) updateTokenRequestOptions(resp *http.Response, req
 		}
 	}
 	k.tro.TenantID = parseTenant(vals["authorization"])
 	scope := ""
 	if v, ok := vals["scope"]; ok {
 		scope = v
@ -149,6 +155,25 @@ func (k *keyVaultAuthorizer) updateTokenRequestOptions(resp *http.Response, req
 	if !strings.HasSuffix(scope, "/.default") {
 		scope += "/.default"
 	}
-	k.tro.Scopes = []string{scope}
+	k.setTokenRequestOptions(policy.TokenRequestOptions{
 		TenantID: parseTenant(vals["authorization"]),
 		Scopes:   []string{scope},
 	})
 	return nil
 }
 // Returns a (possibly-zero) copy of TokenRequestOptions.
 //
 // The returned value's Scopes and other fields must not be modified.
 func (k *keyVaultAuthorizer) getTokenRequestOptions() policy.TokenRequestOptions {
 	k.troLock.RLock()
 	defer k.troLock.RUnlock()
 	return k.tro // Copy.
 }
 // After calling this function, tro.Scopes and other fields must not be modified.
 func (k *keyVaultAuthorizer) setTokenRequestOptions(tro policy.TokenRequestOptions) {
 	k.troLock.Lock()
 	defer k.troLock.Unlock()
 	k.tro = tro // Copy.
 }
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal/ci.keyvault.yml
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal/ci.keyvault.yml
@ -26,3 +26,4 @@ extends:
  parameters:
    ServiceDirectory: 'security/keyvault/internal'
    RunLiveTests: false
    EnableRaceDetector: true
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal/constants.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal/constants.go
@ -7,5 +7,5 @@
 package internal
 const (
-	version = "v1.1.0" //nolint
+	version = "v1.1.1" //nolint
 )
--- a/vendor/github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential/confidential.go
+++ b/vendor/github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential/confidential.go
@ -305,7 +305,9 @@ func WithInstanceDiscovery(enabled bool) Option {
 // If an invalid region name is provided, the non-regional endpoint MIGHT be used or the token request MIGHT fail.
 func WithAzureRegion(val string) Option {
 	return func(o *clientOptions) {
-		o.azureRegion = val
+		if val != "" {
 			o.azureRegion = val
 		}
 	}
 }
@ -429,6 +431,7 @@ func WithClaims(claims string) interface {
 	AcquireByAuthCodeOption
 	AcquireByCredentialOption
 	AcquireOnBehalfOfOption
 	AcquireByUsernamePasswordOption
 	AcquireSilentOption
 	AuthCodeURLOption
 	options.CallOption
@ -437,6 +440,7 @@ func WithClaims(claims string) interface {
 		AcquireByAuthCodeOption
 		AcquireByCredentialOption
 		AcquireOnBehalfOfOption
 		AcquireByUsernamePasswordOption
 		AcquireSilentOption
 		AuthCodeURLOption
 		options.CallOption
@ -450,6 +454,8 @@ func WithClaims(claims string) interface {
 					t.claims = claims
 				case *acquireTokenOnBehalfOfOptions:
 					t.claims = claims
 				case *acquireTokenByUsernamePasswordOptions:
 					t.claims = claims
 				case *acquireTokenSilentOptions:
 					t.claims = claims
 				case *authCodeURLOptions:
@ -496,6 +502,7 @@ func WithTenantID(tenantID string) interface {
 	AcquireByAuthCodeOption
 	AcquireByCredentialOption
 	AcquireOnBehalfOfOption
 	AcquireByUsernamePasswordOption
 	AcquireSilentOption
 	AuthCodeURLOption
 	options.CallOption
@ -504,6 +511,7 @@ func WithTenantID(tenantID string) interface {
 		AcquireByAuthCodeOption
 		AcquireByCredentialOption
 		AcquireOnBehalfOfOption
 		AcquireByUsernamePasswordOption
 		AcquireSilentOption
 		AuthCodeURLOption
 		options.CallOption
@ -517,6 +525,8 @@ func WithTenantID(tenantID string) interface {
 					t.tenantID = tenantID
 				case *acquireTokenOnBehalfOfOptions:
 					t.tenantID = tenantID
 				case *acquireTokenByUsernamePasswordOptions:
 					t.tenantID = tenantID
 				case *acquireTokenSilentOptions:
 					t.tenantID = tenantID
 				case *authCodeURLOptions:
@ -592,6 +602,46 @@ func (cca Client) AcquireTokenSilent(ctx context.Context, scopes []string, opts
 	return cca.base.AcquireTokenSilent(ctx, silentParameters)
 }
 // acquireTokenByUsernamePasswordOptions contains optional configuration for AcquireTokenByUsernamePassword
 type acquireTokenByUsernamePasswordOptions struct {
 	claims, tenantID string
 	authnScheme      AuthenticationScheme
 }
 // AcquireByUsernamePasswordOption is implemented by options for AcquireTokenByUsernamePassword
 type AcquireByUsernamePasswordOption interface {
 	acquireByUsernamePasswordOption()
 }
 // AcquireTokenByUsernamePassword acquires a security token from the authority, via Username/Password Authentication.
 // NOTE: this flow is NOT recommended.
 //
 // Options: [WithClaims], [WithTenantID]
 func (cca Client) AcquireTokenByUsernamePassword(ctx context.Context, scopes []string, username, password string, opts ...AcquireByUsernamePasswordOption) (AuthResult, error) {
 	o := acquireTokenByUsernamePasswordOptions{}
 	if err := options.ApplyOptions(&o, opts); err != nil {
 		return AuthResult{}, err
 	}
 	authParams, err := cca.base.AuthParams.WithTenant(o.tenantID)
 	if err != nil {
 		return AuthResult{}, err
 	}
 	authParams.Scopes = scopes
 	authParams.AuthorizationType = authority.ATUsernamePassword
 	authParams.Claims = o.claims
 	authParams.Username = username
 	authParams.Password = password
 	if o.authnScheme != nil {
 		authParams.AuthnScheme = o.authnScheme
 	}
 	token, err := cca.base.Token.UsernamePassword(ctx, authParams)
 	if err != nil {
 		return AuthResult{}, err
 	}
 	return cca.base.AuthResultFromToken(ctx, authParams, token, true)
 }
 // acquireTokenByAuthCodeOptions contains the optional parameters used to acquire an access token using the authorization code flow.
 type acquireTokenByAuthCodeOptions struct {
 	challenge, claims, tenantID string
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@ -23,7 +23,7 @@ github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime
 github.com/Azure/azure-sdk-for-go/sdk/azcore/streaming
 github.com/Azure/azure-sdk-for-go/sdk/azcore/to
 github.com/Azure/azure-sdk-for-go/sdk/azcore/tracing
-# github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.1
+# github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.2
 ## explicit; go 1.18
 github.com/Azure/azure-sdk-for-go/sdk/azidentity
 github.com/Azure/azure-sdk-for-go/sdk/azidentity/internal
@ -36,13 +36,13 @@ github.com/Azure/azure-sdk-for-go/sdk/internal/log
 github.com/Azure/azure-sdk-for-go/sdk/internal/poller
 github.com/Azure/azure-sdk-for-go/sdk/internal/temporal
 github.com/Azure/azure-sdk-for-go/sdk/internal/uuid
-# github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.3.0
+# github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.3.1
 ## explicit; go 1.18
 github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets
-# github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.0
+# github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.1
 ## explicit; go 1.18
 github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal
-# github.com/AzureAD/microsoft-authentication-library-for-go v1.3.2
+# github.com/AzureAD/microsoft-authentication-library-for-go v1.3.3
 ## explicit; go 1.18
 github.com/AzureAD/microsoft-authentication-library-for-go/apps/cache
 github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential