mirrors/versitygw
1
0
Fork 0
mirror of https://github.com/versity/versitygw.git synced 2026-05-13 07:21:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,456 Commits 31 Branches 50 Tags
ben/ipa-auth
Commit Graph

2456 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ben McClelland
b091152a9c feat: auth/ipa: implement create/update account and add role 
Implement the previously stubbed IPA IAM methods:

- CreateAccount: creates a user vault via vault_add and archives the
  secret+role using vault_archive_internal.
- UpdateUserAccount: retrieves the existing account, applies the
  requested property changes, and re-archives the updated secret+role.
- archiveSecret: encrypts the secret and role as JSON, pads with PKCS#7,
  wraps with AES-128-CBC using a random session key, and sends to the
  KRA via vault_archive_internal. Stores the user role alongside the
  secret so it is preserved across updates.
- pkcs7Pad: PKCS#7 padding helper (counterpart to the existing pkcs7Unpad).

GetUserAccount is updated to read the Role field back out of the vault
data and restore it on the returned account.

For RSA session key wrapping, use PKCS#1 v1.5 (required by the Dogtag
KRA default configuration) with an RSA-OAEP/SHA-256 fallback for
FIPS-enabled KRA installations. There is no protocol mechanism to query
which padding the server requires, so the fallback mirrors the behaviour
of the FreeIPA Python client.
 2026-05-09 21:49:53 -07:00
Ben McClelland
e49bb1d76a Merge pull request #2121 from versity/test/test_rest_delete_objects 2026-05-09 09:14:52 -07:00
Luke McCrone
6608c53612 test: DeleteObjects payload testing 2026-05-08 14:46:54 -03:00
Ben McClelland
d94b2da5b7 Merge pull request #2118 from versity/ben/bucket-tags 
feat: add bucket metrics tag when request specifies a bucket
 2026-05-08 08:12:53 -07:00
Ben McClelland
ff0cea3f83 Merge pull request #2094 from versity/ben/webui-search 
feat: replace webui client-side name filter with server-side prefix filter
 2026-05-06 16:30:02 -07:00
Ben McClelland
861c5f5d97 feat: add bucket metrics tag when request specifies a bucket 
If the incoming request specifies a bucket name, add a tag
bucket=<bucketname> to the metric.

Fixes #2103
 2026-05-06 13:46:08 -07:00
Ben McClelland
12f3d3a1e2 Merge pull request #2117 from versity/test/dockerfile_prep 
test: dockerfile, run script updates, README updates
 2026-05-06 13:39:00 -07:00
Ben McClelland
c6e795f91f Merge pull request #2114 from versity/sis/unsupported-sigv2 
fix: reject SigV2 requests
 2026-05-06 13:38:14 -07:00
niksis02
e69d073273 fix: reject SigV2 requests 
The gateway currently supports only Signature Version 4 (SigV4) authorization. Deprecated AWS SigV2 requests are now rejected with an AWS-specific `InvalidRequest` error for both Authorization-header requests and query-string requests(presigned URLs).

This also fixes SigV4 Authorization-header handling for date headers. SigV4 accepts two date headers: `Date` and `X-Amz-Date`. `X-Amz-Date` takes precedence, but when it is missing, `Date` should be used. The gateway now uses the `Date` header with lower precedence when `X-Amz-Date` is not present. No SDK integration test was added for this case because the SDK always sets `X-Amz-Date`, and this behavior is not configurable.
 2026-05-06 23:43:10 +04:00
Ben McClelland
cb609e40a6 feat: replace webui client-side name filter with server-side prefix filter 
Remove the client-side search that filtered already-loaded objects by
name. Replace it with a prefix input that is appended to the current
path prefix and passed directly to the S3 ListObjectsV2 API, so
filtering is performed server-side and works correctly across all pages.

Fixes #2091
 2026-05-06 12:34:52 -07:00
Luke McCrone
0136a0ba84 test: dockerfile, run script updates, README updates 2026-05-06 14:44:50 -03:00
Ben McClelland
79441fa48e Merge pull request #2115 from versity/ben/sidecar-test 
chore: fix sidecar flag in runtests to correctly pass test option
 2026-05-06 09:04:42 -07:00
Ben McClelland
e1578f6a8f Merge pull request #2104 from versity/test/snia_prep 
test: add test tags
 2026-05-06 09:03:03 -07:00
Ben McClelland
e4fa31c91d chore: fix sidecar flag in runtests to correctly pass test option 
There was a typo in the runtests script that was preventing
passing the correct sidecar option to the tests.
 2026-05-06 08:24:50 -07:00
Luke McCrone
317767b15b test: add test tags 2026-05-05 19:07:56 -03:00
Ben McClelland
31f1fbe875 Merge pull request #2110 from versity/dependabot/go_modules/dev-dependencies-25347e5731 
chore(deps): bump the dev-dependencies group with 19 updates
 2026-05-04 19:13:47 -07:00
dependabot[bot]
325ab6e183 chore(deps): bump the dev-dependencies group with 19 updates 
Bumps the dev-dependencies group with 19 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.41.6` | `1.41.7` |
| [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.32.16` | `1.32.17` |
| [github.com/aws/aws-sdk-go-v2/credentials](https://github.com/aws/aws-sdk-go-v2) | `1.19.15` | `1.19.16` |
| [github.com/aws/aws-sdk-go-v2/feature/s3/transfermanager](https://github.com/aws/aws-sdk-go-v2) | `0.1.18` | `0.1.20` |
| [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.100.0` | `1.100.1` |
| [github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream](https://github.com/aws/aws-sdk-go-v2) | `1.7.9` | `1.7.10` |
| [github.com/aws/aws-sdk-go-v2/feature/ec2/imds](https://github.com/aws/aws-sdk-go-v2) | `1.18.22` | `1.18.23` |
| [github.com/aws/aws-sdk-go-v2/internal/configsources](https://github.com/aws/aws-sdk-go-v2) | `1.4.22` | `1.4.23` |
| [github.com/aws/aws-sdk-go-v2/internal/endpoints/v2](https://github.com/aws/aws-sdk-go-v2) | `2.7.22` | `2.7.23` |
| [github.com/aws/aws-sdk-go-v2/internal/v4a](https://github.com/aws/aws-sdk-go-v2) | `1.4.23` | `1.4.24` |
| [github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding](https://github.com/aws/aws-sdk-go-v2) | `1.13.8` | `1.13.9` |
| [github.com/aws/aws-sdk-go-v2/service/internal/checksum](https://github.com/aws/aws-sdk-go-v2) | `1.9.14` | `1.9.15` |
| [github.com/aws/aws-sdk-go-v2/service/internal/presigned-url](https://github.com/aws/aws-sdk-go-v2) | `1.13.22` | `1.13.23` |
| [github.com/aws/aws-sdk-go-v2/service/internal/s3shared](https://github.com/aws/aws-sdk-go-v2) | `1.19.22` | `1.19.23` |
| [github.com/aws/aws-sdk-go-v2/service/signin](https://github.com/aws/aws-sdk-go-v2) | `1.0.10` | `1.0.11` |
| [github.com/aws/aws-sdk-go-v2/service/sso](https://github.com/aws/aws-sdk-go-v2) | `1.30.16` | `1.30.17` |
| [github.com/aws/aws-sdk-go-v2/service/ssooidc](https://github.com/aws/aws-sdk-go-v2) | `1.35.20` | `1.35.21` |
| [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2) | `1.42.0` | `1.42.1` |
| [github.com/klauspost/compress](https://github.com/klauspost/compress) | `1.18.5` | `1.18.6` |


Updates `github.com/aws/aws-sdk-go-v2` from 1.41.6 to 1.41.7
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.41.6...v1.41.7)

Updates `github.com/aws/aws-sdk-go-v2/config` from 1.32.16 to 1.32.17
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.32.16...config/v1.32.17)

Updates `github.com/aws/aws-sdk-go-v2/credentials` from 1.19.15 to 1.19.16
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/credentials/v1.19.15...credentials/v1.19.16)

Updates `github.com/aws/aws-sdk-go-v2/feature/s3/transfermanager` from 0.1.18 to 0.1.20
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/feature/s3/transfermanager/v0.1.18...feature/s3/transfermanager/v0.1.20)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.100.0 to 1.100.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.100.0...service/s3/v1.100.1)

Updates `github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream` from 1.7.9 to 1.7.10
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/account/v1.7.9...service/account/v1.7.10)

Updates `github.com/aws/aws-sdk-go-v2/feature/ec2/imds` from 1.18.22 to 1.18.23
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/config/v1.18.23/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.18.22...config/v1.18.23)

Updates `github.com/aws/aws-sdk-go-v2/internal/configsources` from 1.4.22 to 1.4.23
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/internal/v4a/v1.4.22...internal/v4a/v1.4.23)

Updates `github.com/aws/aws-sdk-go-v2/internal/endpoints/v2` from 2.7.22 to 2.7.23
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/internal/endpoints/v2.7.22...internal/endpoints/v2.7.23)

Updates `github.com/aws/aws-sdk-go-v2/internal/v4a` from 1.4.23 to 1.4.24
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/internal/v4a/v1.4.23...internal/v4a/v1.4.24)

Updates `github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding` from 1.13.8 to 1.13.9
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/mq/v1.13.8...service/mq/v1.13.9)

Updates `github.com/aws/aws-sdk-go-v2/service/internal/checksum` from 1.9.14 to 1.9.15
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/grafana/v1.9.14...service/grafana/v1.9.15)

Updates `github.com/aws/aws-sdk-go-v2/service/internal/presigned-url` from 1.13.22 to 1.13.23
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/credentials/v1.13.22...credentials/v1.13.23)

Updates `github.com/aws/aws-sdk-go-v2/service/internal/s3shared` from 1.19.22 to 1.19.23
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/simspaceweaver/v1.19.22...service/simspaceweaver/v1.19.23)

Updates `github.com/aws/aws-sdk-go-v2/service/signin` from 1.0.10 to 1.0.11
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/internal/v4a/v1.0.10...internal/v4a/v1.0.11)

Updates `github.com/aws/aws-sdk-go-v2/service/sso` from 1.30.16 to 1.30.17
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/acm/v1.30.16...service/acm/v1.30.17)

Updates `github.com/aws/aws-sdk-go-v2/service/ssooidc` from 1.35.20 to 1.35.21
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/pi/v1.35.20...service/pi/v1.35.21)

Updates `github.com/aws/aws-sdk-go-v2/service/sts` from 1.42.0 to 1.42.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.42.0...service/s3/v1.42.1)

Updates `github.com/klauspost/compress` from 1.18.5 to 1.18.6
- [Release notes](https://github.com/klauspost/compress/releases)
- [Commits](https://github.com/klauspost/compress/compare/v1.18.5...v1.18.6)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-version: 1.41.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.32.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/credentials
  dependency-version: 1.19.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/feature/s3/transfermanager
  dependency-version: 0.1.20
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-version: 1.100.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream
  dependency-version: 1.7.10
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/feature/ec2/imds
  dependency-version: 1.18.23
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/internal/configsources
  dependency-version: 1.4.23
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/internal/endpoints/v2
  dependency-version: 2.7.23
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/internal/v4a
  dependency-version: 1.4.24
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding
  dependency-version: 1.13.9
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/internal/checksum
  dependency-version: 1.9.15
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/internal/presigned-url
  dependency-version: 1.13.23
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/internal/s3shared
  dependency-version: 1.19.23
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/signin
  dependency-version: 1.0.11
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sso
  dependency-version: 1.30.17
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/ssooidc
  dependency-version: 1.35.21
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
  dependency-version: 1.42.1
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/klauspost/compress
  dependency-version: 1.18.6
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-05 01:08:35 +00:00
Ben McClelland
21da1d7e70 Merge pull request #2097 from versity/dependabot/go_modules/dev-dependencies-3789651bc5 
chore(deps): bump the dev-dependencies group with 7 updates
 2026-05-04 16:24:32 -07:00
Ben McClelland
bb3cdd9cb6 fix: skip integration tests not compatible in sidecar 
A few tests are not yet compatible with sidecar mode. Add a test
option to skip these when running sidecar tests.
 2026-05-04 16:05:29 -07:00
niksis02
d2fa265fb8 feat: support sha512, md5, xxhash3, xxhash64, xxhash128 data integrity checksums 
Integrate the new S3 checksum types in the gateway, including `SHA512`, `MD5`, `XXHASH64`, `XXHASH3`, and `XXHASH128`. This adds checksum calculation, validation, schema handling, and test coverage for the expanded checksum support.

These external packages have been used:
- `github.com/zeebo/xxh3` for `XXHASH3` and `XXHASH128`
- `github.com/cespare/xxhash/v2` for `XXHASH64`

Adjust integration tests because `aws-sdk-go-v2/service/s3` does not support automatic checksum calculation for the new checksum algorithms and returns an SDK-level error when only the checksum algorithm is provided. Only precalculated checksum values are acceptable for these checksum types.

References:
- `https://github.com/aws/aws-sdk-go-v2/issues/3404`
- `https://github.com/aws/aws-sdk-go-v2/issues/3403`
 2026-05-04 08:50:39 -07:00
Ben McClelland
6731179e12 Merge pull request #2107 from versity/sis/unsigned-streaming-payload-caching-fix 
fix: remove unsigned chunk reader caching
 2026-05-04 08:42:33 -07:00
Yevgeniy Miretskiy
d1fba07fe6 feat: add custom route and middleware options 
Add options for embedders to register Fiber routes and middleware before the S3 route table is initialized.

WithRoute registers a top-level route with explicit method and path matching. WithMiddleware registers prefix middleware that can handle a request or call ctx.Next() to continue into the S3 stack.

Add coverage for route registration order when a top-level route and catch-all middleware are both configured.
 2026-05-04 08:41:16 -07:00
niksis02
27971f2a20 fix: remove unsigned chunk reader caching 
Closes #1273

Rewrite UnsignedChunkReader to stream the payload bytes directly into the caller buffer instead of allocating and stashing full chunks. With this implementation, no stash is held by the reader and the chunk reader doesn't allocate any memory.

Make debug logging more descriptive, which records reader state on all error paths and logs read progress whenever a Read call fills the caller buffer.

Some unit tests were added to cover the main moving parts of the reader flow.
 2026-05-02 01:14:38 +04:00
Ben McClelland
40c02dd31e Merge pull request #2106 from dyld-w/dyld-w/admin-cors-create-bucket 
fix: apply CORS middleware to admin CreateBucket route
 2026-05-01 13:12:32 -07:00
Dylan Dellett-Wion
e6aa9de052 fix: apply CORS middleware to admin CreateBucket route 
The PATCH /:bucket/create admin route was missing
middlewares.ApplyDefaultCORS, while every other admin PATCH route
applies it. The OPTIONS preflight handler already sets CORS headers,
so browsers pass preflight but block the actual response for lacking
Access-Control-Allow-Origin. This caused the WebUI bucket-creation
flow to fail with ERR_FAILED even though the server returned 201.

Fixes #2105. Introduced in #1739 when the endpoint was added.

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-04-30 21:06:55 -04:00
Ben McClelland
437d46857d Merge pull request #2089 from versity/test/rest_get_object_queries 
@lrm25 test: GetObject - add query tests, go/bats improved header/object rep…
 2026-04-30 12:52:17 -07:00
Ben McClelland
42c34c1162 Merge pull request #2101 from versity/ben/scoutfs-move-blocks 
fix: scoutfs multipart alignment check for last part
 2026-04-30 11:47:05 -07:00
Ben McClelland
dd27c6cd27 fix: scoutfs multipart alignment check for last part 
The MoveData() requires that all but the last part be 4k aligned.
We accidentally were including the alignment check for the last
part causing large uploads where the total object was not a
multiple of 4k to fallback to copying the last part. For very large
part sizes this was triggering timeouts in some clients.
 2026-04-30 08:19:14 -07:00
Ben McClelland
f895ba5d17 Merge pull request #2096 from versity/ben/enospc 
feat: add new ErrNoSpaceLeftOnDevice API error for ENOSPC errors
 2026-04-29 13:48:02 -07:00
Luke McCrone
9a21c5a1e0 test: GetObject - add query tests, go/bats improved header/object reply handling 2026-04-28 21:10:09 -03:00
Ben McClelland
8ae566d44e feat: add new ErrNoSpaceLeftOnDevice API error for ENOSPC errors 
Add a new non-AWS error ErrNoSpaceLeftOnDevice (HTTP 507 Insufficient
Storage) to s3err. Update all call sites in the posix backend that
could return ENOSPC and return the new error when the underlying
filesystem has no space remaining.

Fixes #2093
 2026-04-28 10:34:48 -07:00
dependabot[bot]
fbe2a4ba10 chore(deps): bump the dev-dependencies group with 7 updates 
Bumps the dev-dependencies group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/aws/aws-sdk-go-v2/feature/s3/transfermanager](https://github.com/aws/aws-sdk-go-v2) | `0.1.17` | `0.1.18` |
| [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.99.1` | `1.100.0` |
| [github.com/aws/smithy-go](https://github.com/aws/smithy-go) | `1.25.0` | `1.25.1` |
| [github.com/gofiber/fiber/v2](https://github.com/gofiber/fiber) | `2.52.12` | `2.52.13` |
| [github.com/rabbitmq/amqp091-go](https://github.com/rabbitmq/amqp091-go) | `1.10.0` | `1.11.0` |
| [github.com/segmentio/kafka-go](https://github.com/segmentio/kafka-go) | `0.4.50` | `0.4.51` |
| [github.com/mattn/go-isatty](https://github.com/mattn/go-isatty) | `0.0.21` | `0.0.22` |


Updates `github.com/aws/aws-sdk-go-v2/feature/s3/transfermanager` from 0.1.17 to 0.1.18
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/feature/s3/transfermanager/v0.1.17...feature/s3/transfermanager/v0.1.18)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.99.1 to 1.100.0
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.99.1...service/s3/v1.100.0)

Updates `github.com/aws/smithy-go` from 1.25.0 to 1.25.1
- [Release notes](https://github.com/aws/smithy-go/releases)
- [Changelog](https://github.com/aws/smithy-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/smithy-go/compare/v1.25.0...v1.25.1)

Updates `github.com/gofiber/fiber/v2` from 2.52.12 to 2.52.13
- [Release notes](https://github.com/gofiber/fiber/releases)
- [Commits](https://github.com/gofiber/fiber/compare/v2.52.12...v2.52.13)

Updates `github.com/rabbitmq/amqp091-go` from 1.10.0 to 1.11.0
- [Release notes](https://github.com/rabbitmq/amqp091-go/releases)
- [Changelog](https://github.com/rabbitmq/amqp091-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rabbitmq/amqp091-go/compare/v1.10.0...v1.11.0)

Updates `github.com/segmentio/kafka-go` from 0.4.50 to 0.4.51
- [Release notes](https://github.com/segmentio/kafka-go/releases)
- [Commits](https://github.com/segmentio/kafka-go/compare/v0.4.50...v0.4.51)

Updates `github.com/mattn/go-isatty` from 0.0.21 to 0.0.22
- [Commits](https://github.com/mattn/go-isatty/compare/v0.0.21...v0.0.22)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/feature/s3/transfermanager
  dependency-version: 0.1.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-version: 1.100.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/smithy-go
  dependency-version: 1.25.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/gofiber/fiber/v2
  dependency-version: 2.52.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/rabbitmq/amqp091-go
  dependency-version: 1.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: github.com/segmentio/kafka-go
  dependency-version: 0.4.51
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/mattn/go-isatty
  dependency-version: 0.0.22
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-28 00:16:43 +00:00
Ben McClelland
be5b3c411f Merge pull request #2011 from versity/sis/putobject-meta-property-permissions 
fix: check PutObjectTagging/LegalHold/Retention permissions on PutObject,CopyObject and CreateMultipartUpload
 2026-04-27 14:42:41 -07:00
niksis02
8d5b2be0b2 fix: check PutObjectTagging/LegalHold/Retention permissions on PutObject,CopyObject and CreateMultipartUpload 
Fixes #1986

When a client includes tagging, legal hold, or retention headers in a PutObject, CopyObject or CreateMultipartUpload request, the corresponding bucket policy permissions must be verified in addition to s3:PutObject:

`X-Amz-Tagging` - `s3:PutObjectTagging`
`X-Amz-Object-Lock-Legal-Hold` - `s3:PutObjectLegalHold`
`X-Amz-Object-Lock-Mode` - `s3:PutObjectRetention`

Previously, only s3:PutObject was checked, allowing users to set tagging, legal hold, and retention without having the required permissions. Now each action permission is check, if user tries to add them.

For CopyObject these permissions are checked on destination object.
 2026-04-28 01:05:34 +04:00
Ben McClelland
b7b5a347ae Merge pull request #2092 from versity/dependabot/go_modules/github.com/Azure/go-ntlmssp-0.1.1 
chore(deps): bump github.com/Azure/go-ntlmssp from 0.1.0 to 0.1.1
 2026-04-23 19:31:54 -07:00
dependabot[bot]
cd3f2ffed8 chore(deps): bump github.com/Azure/go-ntlmssp from 0.1.0 to 0.1.1 
Bumps [github.com/Azure/go-ntlmssp](https://github.com/Azure/go-ntlmssp) from 0.1.0 to 0.1.1.
- [Release notes](https://github.com/Azure/go-ntlmssp/releases)
- [Commits](https://github.com/Azure/go-ntlmssp/compare/v0.1.0...v0.1.1)

---
updated-dependencies:
- dependency-name: github.com/Azure/go-ntlmssp
  dependency-version: 0.1.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-23 21:25:56 +00:00
Ben McClelland
8a4c68a814 Merge pull request #2062 from versity/test/bats_tagging 
test: test tagging, shellcheck fix, speedup
 2026-04-23 08:14:53 -07:00
alice nodelman
79d03b2cb4 Merge branch 'main' into test/bats_tagging 2026-04-22 15:00:49 -07:00
Ben McClelland
7e4779e59b Merge pull request #2077 from versity/ben/sidecar-test 
test: add github actions functional tests for posix sidecar option
v1.4.1 		2026-04-22 14:08:44 -07:00
Ben McClelland
0767d87387 test: add github actions functional tests for posix sidecar option 
Enough people are making use of sidecar that we need to add
a CI test to make sure we have some coverage with this mode.

This add a couple small functional test fixes found wtih
enabling sidecar tests as well.
 2026-04-22 13:23:46 -07:00
Ben McClelland
ddf2aca7c2 Merge pull request #2076 from versity/ben/sidecar-fixes 
fix: add explicit sidecar metadata cleanup on object/bucket deletion
 2026-04-22 13:22:37 -07:00
Ben McClelland
6cc7f58164 Merge pull request #2088 from versity/ben/disable-mc 
test: disable downloads of mc from minio site
 2026-04-22 13:22:18 -07:00
Ben McClelland
8c49a3335e fix: add explicit sidecar metadata cleanup on object/bucket deletion 
Unlike xattr metadata which is tied to the filesystem object and removed
automatically, sidecar metadata lives in a parallel directory tree and
must be deleted explicitly. Add DeleteAttributes calls after removing
bucket directories, null-version files, and versioned object files.

Also add an os.Stat existence check in GetObjectTagging and
PutObjectTagging when no versionId is given, since sidecar's
StoreAttribute/RetrieveAttribute do not naturally return ErrNotExist
for missing objects the way xattr operations do.
 2026-04-22 11:55:11 -07:00
Ben McClelland
e621c36ac3 test: disable downloads of mc from minio site 2026-04-22 11:53:54 -07:00
Ben McClelland
630ff7f2a6 Merge pull request #2087 from versity/ben/disable-mc 
test: disable mc client tests from test matrix
 2026-04-22 11:52:09 -07:00
Ben McClelland
db77882ec6 test: disable mc client tests from test matrix 
The dl.min.io download site has been having stability issues
possibly related to github action runners getting rate limited.
Disable these for now until we can find a better place to host
this client.
 2026-04-22 11:29:26 -07:00
Ben McClelland
4021c092d9 Merge pull request #2084 from versity/ben/docker-args 
fix: docker entrypoint move VGW_ARGS before backend subcommand
 2026-04-22 10:01:50 -07:00
Ben McClelland
8e8fac6afd fix: docker entrypoint move VGW_ARGS before backend subcommand 
Global flags must appear before the backend subcommand in the
versitygw CLI. Previously VGW_ARGS was appended after the backend,
causing global flags to be silently ignored.

Reorder argument assembly to: VGW_ARGS <backend> VGW_BACKEND_ARG VGW_BACKEND_ARGS

Fixes #2082
 2026-04-22 08:13:11 -07:00
Antoine POPINEAU
41fc459213 feat: history back/forward actions on explorer and modals 
Most actions within each page is stateless (show modals) or change the
URL hash. As it is, those are not tracked and using the back button has
no effect.

This commits implements two things:

 - Tracking of the URL hash in the explorer to move from bucket/folders
   on history change.
 - Add a history state when a modal is open, so the back button closes
   the modal.
 2026-04-21 18:43:32 -07:00
Ben McClelland
24338b39ff Merge pull request #2066 from versity/ben/paginated-explorer 
feat: add server-side pagination for webui object explorer
 2026-04-21 15:36:58 -07:00