Commit Graph

2550 Commits

Author SHA1 Message Date
Ben McClelland 12f3d3a1e2 Merge pull request #2117 from versity/test/dockerfile_prep
test: dockerfile, run script updates, README updates
2026-05-06 13:39:00 -07:00
Ben McClelland c6e795f91f Merge pull request #2114 from versity/sis/unsupported-sigv2
fix: reject SigV2 requests
2026-05-06 13:38:14 -07:00
niksis02 e69d073273 fix: reject SigV2 requests
The gateway currently supports only Signature Version 4 (SigV4) authorization. Deprecated AWS SigV2 requests are now rejected with an AWS-specific `InvalidRequest` error for both Authorization-header requests and query-string requests(presigned URLs).

This also fixes SigV4 Authorization-header handling for date headers. SigV4 accepts two date headers: `Date` and `X-Amz-Date`. `X-Amz-Date` takes precedence, but when it is missing, `Date` should be used. The gateway now uses the `Date` header with lower precedence when `X-Amz-Date` is not present. No SDK integration test was added for this case because the SDK always sets `X-Amz-Date`, and this behavior is not configurable.
2026-05-06 23:43:10 +04:00
Ben McClelland cb609e40a6 feat: replace webui client-side name filter with server-side prefix filter
Remove the client-side search that filtered already-loaded objects by
name. Replace it with a prefix input that is appended to the current
path prefix and passed directly to the S3 ListObjectsV2 API, so
filtering is performed server-side and works correctly across all pages.

Fixes #2091
2026-05-06 12:34:52 -07:00
Luke McCrone 0136a0ba84 test: dockerfile, run script updates, README updates 2026-05-06 14:44:50 -03:00
Ben McClelland 79441fa48e Merge pull request #2115 from versity/ben/sidecar-test
chore: fix sidecar flag in runtests to correctly pass test option
2026-05-06 09:04:42 -07:00
Ben McClelland e1578f6a8f Merge pull request #2104 from versity/test/snia_prep
test: add test tags
2026-05-06 09:03:03 -07:00
Ben McClelland e4fa31c91d chore: fix sidecar flag in runtests to correctly pass test option
There was a typo in the runtests script that was preventing
passing the correct sidecar option to the tests.
2026-05-06 08:24:50 -07:00
Luke McCrone 317767b15b test: add test tags 2026-05-05 19:07:56 -03:00
Ben McClelland 31f1fbe875 Merge pull request #2110 from versity/dependabot/go_modules/dev-dependencies-25347e5731
chore(deps): bump the dev-dependencies group with 19 updates
2026-05-04 19:13:47 -07:00
dependabot[bot] 325ab6e183 chore(deps): bump the dev-dependencies group with 19 updates
Bumps the dev-dependencies group with 19 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.41.6` | `1.41.7` |
| [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.32.16` | `1.32.17` |
| [github.com/aws/aws-sdk-go-v2/credentials](https://github.com/aws/aws-sdk-go-v2) | `1.19.15` | `1.19.16` |
| [github.com/aws/aws-sdk-go-v2/feature/s3/transfermanager](https://github.com/aws/aws-sdk-go-v2) | `0.1.18` | `0.1.20` |
| [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.100.0` | `1.100.1` |
| [github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream](https://github.com/aws/aws-sdk-go-v2) | `1.7.9` | `1.7.10` |
| [github.com/aws/aws-sdk-go-v2/feature/ec2/imds](https://github.com/aws/aws-sdk-go-v2) | `1.18.22` | `1.18.23` |
| [github.com/aws/aws-sdk-go-v2/internal/configsources](https://github.com/aws/aws-sdk-go-v2) | `1.4.22` | `1.4.23` |
| [github.com/aws/aws-sdk-go-v2/internal/endpoints/v2](https://github.com/aws/aws-sdk-go-v2) | `2.7.22` | `2.7.23` |
| [github.com/aws/aws-sdk-go-v2/internal/v4a](https://github.com/aws/aws-sdk-go-v2) | `1.4.23` | `1.4.24` |
| [github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding](https://github.com/aws/aws-sdk-go-v2) | `1.13.8` | `1.13.9` |
| [github.com/aws/aws-sdk-go-v2/service/internal/checksum](https://github.com/aws/aws-sdk-go-v2) | `1.9.14` | `1.9.15` |
| [github.com/aws/aws-sdk-go-v2/service/internal/presigned-url](https://github.com/aws/aws-sdk-go-v2) | `1.13.22` | `1.13.23` |
| [github.com/aws/aws-sdk-go-v2/service/internal/s3shared](https://github.com/aws/aws-sdk-go-v2) | `1.19.22` | `1.19.23` |
| [github.com/aws/aws-sdk-go-v2/service/signin](https://github.com/aws/aws-sdk-go-v2) | `1.0.10` | `1.0.11` |
| [github.com/aws/aws-sdk-go-v2/service/sso](https://github.com/aws/aws-sdk-go-v2) | `1.30.16` | `1.30.17` |
| [github.com/aws/aws-sdk-go-v2/service/ssooidc](https://github.com/aws/aws-sdk-go-v2) | `1.35.20` | `1.35.21` |
| [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2) | `1.42.0` | `1.42.1` |
| [github.com/klauspost/compress](https://github.com/klauspost/compress) | `1.18.5` | `1.18.6` |


Updates `github.com/aws/aws-sdk-go-v2` from 1.41.6 to 1.41.7
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.41.6...v1.41.7)

Updates `github.com/aws/aws-sdk-go-v2/config` from 1.32.16 to 1.32.17
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.32.16...config/v1.32.17)

Updates `github.com/aws/aws-sdk-go-v2/credentials` from 1.19.15 to 1.19.16
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/credentials/v1.19.15...credentials/v1.19.16)

Updates `github.com/aws/aws-sdk-go-v2/feature/s3/transfermanager` from 0.1.18 to 0.1.20
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/feature/s3/transfermanager/v0.1.18...feature/s3/transfermanager/v0.1.20)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.100.0 to 1.100.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.100.0...service/s3/v1.100.1)

Updates `github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream` from 1.7.9 to 1.7.10
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/account/v1.7.9...service/account/v1.7.10)

Updates `github.com/aws/aws-sdk-go-v2/feature/ec2/imds` from 1.18.22 to 1.18.23
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/config/v1.18.23/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.18.22...config/v1.18.23)

Updates `github.com/aws/aws-sdk-go-v2/internal/configsources` from 1.4.22 to 1.4.23
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/internal/v4a/v1.4.22...internal/v4a/v1.4.23)

Updates `github.com/aws/aws-sdk-go-v2/internal/endpoints/v2` from 2.7.22 to 2.7.23
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/internal/endpoints/v2.7.22...internal/endpoints/v2.7.23)

Updates `github.com/aws/aws-sdk-go-v2/internal/v4a` from 1.4.23 to 1.4.24
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/internal/v4a/v1.4.23...internal/v4a/v1.4.24)

Updates `github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding` from 1.13.8 to 1.13.9
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/mq/v1.13.8...service/mq/v1.13.9)

Updates `github.com/aws/aws-sdk-go-v2/service/internal/checksum` from 1.9.14 to 1.9.15
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/grafana/v1.9.14...service/grafana/v1.9.15)

Updates `github.com/aws/aws-sdk-go-v2/service/internal/presigned-url` from 1.13.22 to 1.13.23
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/credentials/v1.13.22...credentials/v1.13.23)

Updates `github.com/aws/aws-sdk-go-v2/service/internal/s3shared` from 1.19.22 to 1.19.23
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/simspaceweaver/v1.19.22...service/simspaceweaver/v1.19.23)

Updates `github.com/aws/aws-sdk-go-v2/service/signin` from 1.0.10 to 1.0.11
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/internal/v4a/v1.0.10...internal/v4a/v1.0.11)

Updates `github.com/aws/aws-sdk-go-v2/service/sso` from 1.30.16 to 1.30.17
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/acm/v1.30.16...service/acm/v1.30.17)

Updates `github.com/aws/aws-sdk-go-v2/service/ssooidc` from 1.35.20 to 1.35.21
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/pi/v1.35.20...service/pi/v1.35.21)

Updates `github.com/aws/aws-sdk-go-v2/service/sts` from 1.42.0 to 1.42.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.42.0...service/s3/v1.42.1)

Updates `github.com/klauspost/compress` from 1.18.5 to 1.18.6
- [Release notes](https://github.com/klauspost/compress/releases)
- [Commits](https://github.com/klauspost/compress/compare/v1.18.5...v1.18.6)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-version: 1.41.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.32.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/credentials
  dependency-version: 1.19.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/feature/s3/transfermanager
  dependency-version: 0.1.20
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-version: 1.100.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream
  dependency-version: 1.7.10
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/feature/ec2/imds
  dependency-version: 1.18.23
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/internal/configsources
  dependency-version: 1.4.23
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/internal/endpoints/v2
  dependency-version: 2.7.23
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/internal/v4a
  dependency-version: 1.4.24
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding
  dependency-version: 1.13.9
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/internal/checksum
  dependency-version: 1.9.15
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/internal/presigned-url
  dependency-version: 1.13.23
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/internal/s3shared
  dependency-version: 1.19.23
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/signin
  dependency-version: 1.0.11
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sso
  dependency-version: 1.30.17
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/ssooidc
  dependency-version: 1.35.21
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
  dependency-version: 1.42.1
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/klauspost/compress
  dependency-version: 1.18.6
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-05-05 01:08:35 +00:00
Ben McClelland 21da1d7e70 Merge pull request #2097 from versity/dependabot/go_modules/dev-dependencies-3789651bc5
chore(deps): bump the dev-dependencies group with 7 updates
2026-05-04 16:24:32 -07:00
Ben McClelland bb3cdd9cb6 fix: skip integration tests not compatible in sidecar
A few tests are not yet compatible with sidecar mode. Add a test
option to skip these when running sidecar tests.
2026-05-04 16:05:29 -07:00
niksis02 d2fa265fb8 feat: support sha512, md5, xxhash3, xxhash64, xxhash128 data integrity checksums
Integrate the new S3 checksum types in the gateway, including `SHA512`, `MD5`, `XXHASH64`, `XXHASH3`, and `XXHASH128`. This adds checksum calculation, validation, schema handling, and test coverage for the expanded checksum support.

These external packages have been used:
- `github.com/zeebo/xxh3` for `XXHASH3` and `XXHASH128`
- `github.com/cespare/xxhash/v2` for `XXHASH64`

Adjust integration tests because `aws-sdk-go-v2/service/s3` does not support automatic checksum calculation for the new checksum algorithms and returns an SDK-level error when only the checksum algorithm is provided. Only precalculated checksum values are acceptable for these checksum types.

References:
- `https://github.com/aws/aws-sdk-go-v2/issues/3404`
- `https://github.com/aws/aws-sdk-go-v2/issues/3403`
2026-05-04 08:50:39 -07:00
Ben McClelland 6731179e12 Merge pull request #2107 from versity/sis/unsigned-streaming-payload-caching-fix
fix: remove unsigned chunk reader caching
2026-05-04 08:42:33 -07:00
Yevgeniy Miretskiy d1fba07fe6 feat: add custom route and middleware options
Add options for embedders to register Fiber routes and middleware before the S3 route table is initialized.

WithRoute registers a top-level route with explicit method and path matching. WithMiddleware registers prefix middleware that can handle a request or call ctx.Next() to continue into the S3 stack.

Add coverage for route registration order when a top-level route and catch-all middleware are both configured.
2026-05-04 08:41:16 -07:00
niksis02 27971f2a20 fix: remove unsigned chunk reader caching
Closes #1273

Rewrite UnsignedChunkReader to stream the payload bytes directly into the caller buffer instead of allocating and stashing full chunks. With this implementation, no stash is held by the reader and the chunk reader doesn't allocate any memory.

Make debug logging more descriptive, which records reader state on all error paths and logs read progress whenever a Read call fills the caller buffer.

Some unit tests were added to cover the main moving parts of the reader flow.
2026-05-02 01:14:38 +04:00
Ben McClelland 40c02dd31e Merge pull request #2106 from dyld-w/dyld-w/admin-cors-create-bucket
fix: apply CORS middleware to admin CreateBucket route
2026-05-01 13:12:32 -07:00
Dylan Dellett-Wion e6aa9de052 fix: apply CORS middleware to admin CreateBucket route
The PATCH /:bucket/create admin route was missing
middlewares.ApplyDefaultCORS, while every other admin PATCH route
applies it. The OPTIONS preflight handler already sets CORS headers,
so browsers pass preflight but block the actual response for lacking
Access-Control-Allow-Origin. This caused the WebUI bucket-creation
flow to fail with ERR_FAILED even though the server returned 201.

Fixes #2105. Introduced in #1739 when the endpoint was added.

Co-Authored-By: Claude <noreply@anthropic.com>
2026-04-30 21:06:55 -04:00
Ben McClelland 437d46857d Merge pull request #2089 from versity/test/rest_get_object_queries
@lrm25 test: GetObject - add query tests, go/bats improved header/object rep…
2026-04-30 12:52:17 -07:00
Ben McClelland 42c34c1162 Merge pull request #2101 from versity/ben/scoutfs-move-blocks
fix: scoutfs multipart alignment check for last part
2026-04-30 11:47:05 -07:00
Ben McClelland dd27c6cd27 fix: scoutfs multipart alignment check for last part
The MoveData() requires that all but the last part be 4k aligned.
We accidentally were including the alignment check for the last
part causing large uploads where the total object was not a
multiple of 4k to fallback to copying the last part. For very large
part sizes this was triggering timeouts in some clients.
2026-04-30 08:19:14 -07:00
Ben McClelland f895ba5d17 Merge pull request #2096 from versity/ben/enospc
feat: add new ErrNoSpaceLeftOnDevice API error for ENOSPC errors
2026-04-29 13:48:02 -07:00
Luke McCrone 9a21c5a1e0 test: GetObject - add query tests, go/bats improved header/object reply handling 2026-04-28 21:10:09 -03:00
Ben McClelland 8ae566d44e feat: add new ErrNoSpaceLeftOnDevice API error for ENOSPC errors
Add a new non-AWS error ErrNoSpaceLeftOnDevice (HTTP 507 Insufficient
Storage) to s3err. Update all call sites in the posix backend that
could return ENOSPC and return the new error when the underlying
filesystem has no space remaining.

Fixes #2093
2026-04-28 10:34:48 -07:00
dependabot[bot] fbe2a4ba10 chore(deps): bump the dev-dependencies group with 7 updates
Bumps the dev-dependencies group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/aws/aws-sdk-go-v2/feature/s3/transfermanager](https://github.com/aws/aws-sdk-go-v2) | `0.1.17` | `0.1.18` |
| [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.99.1` | `1.100.0` |
| [github.com/aws/smithy-go](https://github.com/aws/smithy-go) | `1.25.0` | `1.25.1` |
| [github.com/gofiber/fiber/v2](https://github.com/gofiber/fiber) | `2.52.12` | `2.52.13` |
| [github.com/rabbitmq/amqp091-go](https://github.com/rabbitmq/amqp091-go) | `1.10.0` | `1.11.0` |
| [github.com/segmentio/kafka-go](https://github.com/segmentio/kafka-go) | `0.4.50` | `0.4.51` |
| [github.com/mattn/go-isatty](https://github.com/mattn/go-isatty) | `0.0.21` | `0.0.22` |


Updates `github.com/aws/aws-sdk-go-v2/feature/s3/transfermanager` from 0.1.17 to 0.1.18
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/feature/s3/transfermanager/v0.1.17...feature/s3/transfermanager/v0.1.18)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.99.1 to 1.100.0
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.99.1...service/s3/v1.100.0)

Updates `github.com/aws/smithy-go` from 1.25.0 to 1.25.1
- [Release notes](https://github.com/aws/smithy-go/releases)
- [Changelog](https://github.com/aws/smithy-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/smithy-go/compare/v1.25.0...v1.25.1)

Updates `github.com/gofiber/fiber/v2` from 2.52.12 to 2.52.13
- [Release notes](https://github.com/gofiber/fiber/releases)
- [Commits](https://github.com/gofiber/fiber/compare/v2.52.12...v2.52.13)

Updates `github.com/rabbitmq/amqp091-go` from 1.10.0 to 1.11.0
- [Release notes](https://github.com/rabbitmq/amqp091-go/releases)
- [Changelog](https://github.com/rabbitmq/amqp091-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rabbitmq/amqp091-go/compare/v1.10.0...v1.11.0)

Updates `github.com/segmentio/kafka-go` from 0.4.50 to 0.4.51
- [Release notes](https://github.com/segmentio/kafka-go/releases)
- [Commits](https://github.com/segmentio/kafka-go/compare/v0.4.50...v0.4.51)

Updates `github.com/mattn/go-isatty` from 0.0.21 to 0.0.22
- [Commits](https://github.com/mattn/go-isatty/compare/v0.0.21...v0.0.22)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/feature/s3/transfermanager
  dependency-version: 0.1.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-version: 1.100.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: github.com/aws/smithy-go
  dependency-version: 1.25.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/gofiber/fiber/v2
  dependency-version: 2.52.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/rabbitmq/amqp091-go
  dependency-version: 1.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: github.com/segmentio/kafka-go
  dependency-version: 0.4.51
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: github.com/mattn/go-isatty
  dependency-version: 0.0.22
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-04-28 00:16:43 +00:00
Ben McClelland be5b3c411f Merge pull request #2011 from versity/sis/putobject-meta-property-permissions
fix: check PutObjectTagging/LegalHold/Retention permissions on PutObject,CopyObject and CreateMultipartUpload
2026-04-27 14:42:41 -07:00
niksis02 8d5b2be0b2 fix: check PutObjectTagging/LegalHold/Retention permissions on PutObject,CopyObject and CreateMultipartUpload
Fixes #1986

When a client includes tagging, legal hold, or retention headers in a PutObject, CopyObject or CreateMultipartUpload request, the corresponding bucket policy permissions must be verified in addition to s3:PutObject:

`X-Amz-Tagging` - `s3:PutObjectTagging`
`X-Amz-Object-Lock-Legal-Hold` - `s3:PutObjectLegalHold`
`X-Amz-Object-Lock-Mode` - `s3:PutObjectRetention`

Previously, only s3:PutObject was checked, allowing users to set tagging, legal hold, and retention without having the required permissions. Now each action permission is check, if user tries to add them.

For CopyObject these permissions are checked on destination object.
2026-04-28 01:05:34 +04:00
Ben McClelland b7b5a347ae Merge pull request #2092 from versity/dependabot/go_modules/github.com/Azure/go-ntlmssp-0.1.1
chore(deps): bump github.com/Azure/go-ntlmssp from 0.1.0 to 0.1.1
2026-04-23 19:31:54 -07:00
dependabot[bot] cd3f2ffed8 chore(deps): bump github.com/Azure/go-ntlmssp from 0.1.0 to 0.1.1
Bumps [github.com/Azure/go-ntlmssp](https://github.com/Azure/go-ntlmssp) from 0.1.0 to 0.1.1.
- [Release notes](https://github.com/Azure/go-ntlmssp/releases)
- [Commits](https://github.com/Azure/go-ntlmssp/compare/v0.1.0...v0.1.1)

---
updated-dependencies:
- dependency-name: github.com/Azure/go-ntlmssp
  dependency-version: 0.1.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-04-23 21:25:56 +00:00
Ben McClelland 8a4c68a814 Merge pull request #2062 from versity/test/bats_tagging
test: test tagging, shellcheck fix, speedup
2026-04-23 08:14:53 -07:00
alice nodelman 79d03b2cb4 Merge branch 'main' into test/bats_tagging 2026-04-22 15:00:49 -07:00
Ben McClelland 7e4779e59b Merge pull request #2077 from versity/ben/sidecar-test
test: add github actions functional tests for posix sidecar option
v1.4.1
2026-04-22 14:08:44 -07:00
Ben McClelland 0767d87387 test: add github actions functional tests for posix sidecar option
Enough people are making use of sidecar that we need to add
a CI test to make sure we have some coverage with this mode.

This add a couple small functional test fixes found wtih
enabling sidecar tests as well.
2026-04-22 13:23:46 -07:00
Ben McClelland ddf2aca7c2 Merge pull request #2076 from versity/ben/sidecar-fixes
fix: add explicit sidecar metadata cleanup on object/bucket deletion
2026-04-22 13:22:37 -07:00
Ben McClelland 6cc7f58164 Merge pull request #2088 from versity/ben/disable-mc
test: disable downloads of mc from minio site
2026-04-22 13:22:18 -07:00
Ben McClelland 8c49a3335e fix: add explicit sidecar metadata cleanup on object/bucket deletion
Unlike xattr metadata which is tied to the filesystem object and removed
automatically, sidecar metadata lives in a parallel directory tree and
must be deleted explicitly. Add DeleteAttributes calls after removing
bucket directories, null-version files, and versioned object files.

Also add an os.Stat existence check in GetObjectTagging and
PutObjectTagging when no versionId is given, since sidecar's
StoreAttribute/RetrieveAttribute do not naturally return ErrNotExist
for missing objects the way xattr operations do.
2026-04-22 11:55:11 -07:00
Ben McClelland e621c36ac3 test: disable downloads of mc from minio site 2026-04-22 11:53:54 -07:00
Ben McClelland 630ff7f2a6 Merge pull request #2087 from versity/ben/disable-mc
test: disable mc client tests from test matrix
2026-04-22 11:52:09 -07:00
Ben McClelland db77882ec6 test: disable mc client tests from test matrix
The dl.min.io download site has been having stability issues
possibly related to github action runners getting rate limited.
Disable these for now until we can find a better place to host
this client.
2026-04-22 11:29:26 -07:00
Ben McClelland 4021c092d9 Merge pull request #2084 from versity/ben/docker-args
fix: docker entrypoint move VGW_ARGS before backend subcommand
2026-04-22 10:01:50 -07:00
Ben McClelland 8e8fac6afd fix: docker entrypoint move VGW_ARGS before backend subcommand
Global flags must appear before the backend subcommand in the
versitygw CLI. Previously VGW_ARGS was appended after the backend,
causing global flags to be silently ignored.

Reorder argument assembly to: VGW_ARGS <backend> VGW_BACKEND_ARG VGW_BACKEND_ARGS

Fixes #2082
2026-04-22 08:13:11 -07:00
Antoine POPINEAU 41fc459213 feat: history back/forward actions on explorer and modals
Most actions within each page is stateless (show modals) or change the
URL hash. As it is, those are not tracked and using the back button has
no effect.

This commits implements two things:

 - Tracking of the URL hash in the explorer to move from bucket/folders
   on history change.
 - Add a history state when a modal is open, so the back button closes
   the modal.
2026-04-21 18:43:32 -07:00
Ben McClelland 24338b39ff Merge pull request #2066 from versity/ben/paginated-explorer
feat: add server-side pagination for webui object explorer
2026-04-21 15:36:58 -07:00
Luke McCrone 29f378ea5e test: initial bats test tagging system, shellcheck fix 2026-04-21 18:48:40 -03:00
Ben McClelland 545a9e9a12 feat: add server-side pagination for webui object explorer
The object listing now fetches pages from S3 directly using ListObjectsV2
continuation tokens rather than loading all objects at once. Users can
navigate forward and back with first/prev/next buttons and choose how many
rows to show per page (10/20/50/100/1000, defaulting to 10), which keeps
the listing fast and responsive even in buckets with thousands of objects.

Pagination resets automatically when navigating into a folder, running a
search, or changing page size. While a search is active, forward navigation
is disabled since search filters within the current page only, and the item
count shows "(filtered)" to make that clear. When versioning is enabled,
delete-marker rows are scoped to the current page's key range so they don't
bleed in from adjacent pages.

Fixes #2055
2026-04-21 09:06:51 -07:00
Ben McClelland 640a7c516d Merge pull request #2068 from versity/ben/socket-permissions 2026-04-21 06:15:58 -07:00
Ben McClelland df76a9959b Merge pull request #2067 from versity/ben/bucket-listing 2026-04-21 06:15:24 -07:00
Ben McClelland 0dc074acbf feat: add --socket-perm option for UNIX socket file permissions
Add a --socket-perm flag (VGW_SOCKET_PERM env var) to control the
file-mode permissions on file-backed UNIX domain sockets. This allows
operators to limit access permission without relying on process umask.
The option applies to S3, admin, and WebUI sockets and has no effect
on TCP/IP addresses or Linux abstract namespace sockets.

Fixes #2010
2026-04-20 19:07:08 -07:00
Ben McClelland fcb540e067 feat: in webui add bucket favorites and direct-navigation to explorer
Users may have access to buckets that don't appear in their owned-bucket
list. Previously there was no way to reach those buckets from the explorer
without knowing and manually editing the URL.

This adds a "go to bucket by name" input to the buckets view. Typing a
name and pressing Enter (or clicking Open) navigates to the bucket if
the user has permissions to allow it.

To avoid re-typing bucket names on every visit, users can now save buckets
to a favorites panel that persists in localStorage. Favorites are keyed by
access key so different users sharing the same browser each see only their
own list. Any bucket in the owned list can be starred directly from its row.
Favorites chips are clickable with the same access check, and a hover ×
removes them. The panel hides itself automatically when the list is empty.
2026-04-20 18:33:03 -07:00