Dependabot/cargo/dependencies 0520#12
Merged
Merged
Conversation
* chore: remove opendal audit blocker Agent-Logs-Url: https://github.com/s3s-project/s3s/sessions/66b3faa2-10ca-43e3-b2e9-76e8159b3805 Co-authored-by: Nugine <30099658+Nugine@users.noreply.github.com> * chore: restore opendal test with upstream fix Agent-Logs-Url: https://github.com/s3s-project/s3s/sessions/7c8d2897-e06a-499e-8ff6-155d16594bab Co-authored-by: Nugine <30099658+Nugine@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Nugine <30099658+Nugine@users.noreply.github.com>
Bumps [lxml](https://github.com/lxml/lxml) from 5.3.1 to 6.1.0. - [Release notes](https://github.com/lxml/lxml/releases) - [Changelog](https://github.com/lxml/lxml/blob/master/CHANGES.txt) - [Commits](lxml/lxml@lxml-5.3.1...lxml-6.1.0) --- updated-dependencies: - dependency-name: lxml dependency-version: 6.1.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…t#576) Bumps [rustls-webpki](https://github.com/rustls/webpki) from 0.103.12 to 0.103.13. - [Release notes](https://github.com/rustls/webpki/releases) - [Commits](rustls/webpki@v/0.103.12...v/0.103.13) --- updated-dependencies: - dependency-name: rustls-webpki dependency-version: 0.103.13 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [openssl](https://github.com/rust-openssl/rust-openssl) from 0.10.76 to 0.10.78. - [Release notes](https://github.com/rust-openssl/rust-openssl/releases) - [Commits](rust-openssl/rust-openssl@openssl-v0.10.76...openssl-v0.10.78) --- updated-dependencies: - dependency-name: openssl dependency-version: 0.10.78 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* feat(s3s-fs): support conditional copy in copy_object * fix(s3s-fs): address conditional copy review feedback * fix(s3s-fs): apply review feedback on copy_object precondition handling and ETag derivation Agent-Logs-Url: https://github.com/s3s-project/s3s/sessions/cc65f831-7a90-40b4-85d8-8b7d1a31a1cf Co-authored-by: Nugine <30099658+Nugine@users.noreply.github.com> * fix --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Nugine <30099658+Nugine@users.noreply.github.com>
…ect#581) * ci: pin s3-tests e2e revision Agent-Logs-Url: https://github.com/s3s-project/s3s/sessions/6d3a763a-ed67-4a3c-b40f-436c8e523371 Co-authored-by: Nugine <30099658+Nugine@users.noreply.github.com> * ci: centralize s3-tests revision Agent-Logs-Url: https://github.com/s3s-project/s3s/sessions/229e0023-9e60-4e6d-87e9-babbe81025ea Co-authored-by: Nugine <30099658+Nugine@users.noreply.github.com> * ci: trim centralized s3-tests ref Agent-Logs-Url: https://github.com/s3s-project/s3s/sessions/229e0023-9e60-4e6d-87e9-babbe81025ea Co-authored-by: Nugine <30099658+Nugine@users.noreply.github.com> * ci: document centralized s3-tests ref Agent-Logs-Url: https://github.com/s3s-project/s3s/sessions/229e0023-9e60-4e6d-87e9-babbe81025ea Co-authored-by: Nugine <30099658+Nugine@users.noreply.github.com> * ci: share s3-tests ref loader Agent-Logs-Url: https://github.com/s3s-project/s3s/sessions/229e0023-9e60-4e6d-87e9-babbe81025ea Co-authored-by: Nugine <30099658+Nugine@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Nugine <30099658+Nugine@users.noreply.github.com>
…#578) Bumps the dependencies group with 10 updates: | Package | From | To | | --- | --- | --- | | [bytestring](https://github.com/actix/actix-net) | `1.5.0` | `1.5.1` | | [indexmap](https://github.com/indexmap-rs/indexmap) | `2.13.1` | `2.14.0` | | [uuid](https://github.com/uuid-rs/uuid) | `1.23.0` | `1.23.1` | | [tokio](https://github.com/tokio-rs/tokio) | `1.51.0` | `1.52.1` | | [axum](https://github.com/tokio-rs/axum) | `0.8.8` | `0.8.9` | | [reqwest](https://github.com/seanmonstar/reqwest) | `0.13.2` | `0.13.3` | | [clap](https://github.com/clap-rs/clap) | `4.6.0` | `4.6.1` | | [aws-sdk-s3](https://github.com/awslabs/aws-sdk-rust) | `1.128.0` | `1.129.0` | | [aws-sdk-sts](https://github.com/awslabs/aws-sdk-rust) | `1.101.0` | `1.102.0` | | [aws-smithy-runtime-api](https://github.com/smithy-lang/smithy-rs) | `1.11.6` | `1.12.0` | Updates `bytestring` from 1.5.0 to 1.5.1 - [Release notes](https://github.com/actix/actix-net/releases) - [Commits](actix/actix-net@bytestring-v1.5.0...bytestring-v1.5.1) Updates `indexmap` from 2.13.1 to 2.14.0 - [Changelog](https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md) - [Commits](indexmap-rs/indexmap@2.13.1...2.14.0) Updates `uuid` from 1.23.0 to 1.23.1 - [Release notes](https://github.com/uuid-rs/uuid/releases) - [Commits](uuid-rs/uuid@v1.23.0...v1.23.1) Updates `tokio` from 1.51.0 to 1.52.1 - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](tokio-rs/tokio@tokio-1.51.0...tokio-1.52.1) Updates `axum` from 0.8.8 to 0.8.9 - [Release notes](https://github.com/tokio-rs/axum/releases) - [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md) - [Commits](tokio-rs/axum@axum-v0.8.8...axum-v0.8.9) Updates `reqwest` from 0.13.2 to 0.13.3 - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](seanmonstar/reqwest@v0.13.2...v0.13.3) Updates `clap` from 4.6.0 to 4.6.1 - [Release notes](https://github.com/clap-rs/clap/releases) - [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md) - [Commits](clap-rs/clap@clap_complete-v4.6.0...clap_complete-v4.6.1) Updates `aws-sdk-s3` from 1.128.0 to 1.129.0 - [Release notes](https://github.com/awslabs/aws-sdk-rust/releases) - [Commits](https://github.com/awslabs/aws-sdk-rust/commits) Updates `aws-sdk-sts` from 1.101.0 to 1.102.0 - [Release notes](https://github.com/awslabs/aws-sdk-rust/releases) - [Commits](https://github.com/awslabs/aws-sdk-rust/commits) Updates `aws-smithy-runtime-api` from 1.11.6 to 1.12.0 - [Release notes](https://github.com/smithy-lang/smithy-rs/releases) - [Changelog](https://github.com/smithy-lang/smithy-rs/blob/main/CHANGELOG.md) - [Commits](https://github.com/smithy-lang/smithy-rs/commits) --- updated-dependencies: - dependency-name: bytestring dependency-version: 1.5.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: indexmap dependency-version: 2.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: uuid dependency-version: 1.23.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: tokio dependency-version: 1.52.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: axum dependency-version: 0.8.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: reqwest dependency-version: 0.13.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: clap dependency-version: 4.6.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: aws-sdk-s3 dependency-version: 1.129.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: aws-sdk-sts dependency-version: 1.102.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: aws-smithy-runtime-api dependency-version: 1.12.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the dependencies group with 1 update: [actions/upload-pages-artifact](https://github.com/actions/upload-pages-artifact). Updates `actions/upload-pages-artifact` from 4 to 5 - [Release notes](https://github.com/actions/upload-pages-artifact/releases) - [Commits](actions/upload-pages-artifact@v4...v5) --- updated-dependencies: - dependency-name: actions/upload-pages-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…es (s3s-project#580) * Initial plan * fix: make s3s-aws aws-sdk-s3 features explicit Agent-Logs-Url: https://github.com/s3s-project/s3s/sessions/6b9c669a-1e52-47cd-9ed9-b0587726def3 Co-authored-by: Nugine <30099658+Nugine@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Nugine <30099658+Nugine@users.noreply.github.com>
Bumps [openssl](https://github.com/rust-openssl/rust-openssl) from 0.10.78 to 0.10.79. - [Release notes](https://github.com/rust-openssl/rust-openssl/releases) - [Commits](rust-openssl/rust-openssl@openssl-v0.10.78...openssl-v0.10.79) --- updated-dependencies: - dependency-name: openssl dependency-version: 0.10.79 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.6.3 to 2.7.0. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](urllib3/urllib3@2.6.3...2.7.0) --- updated-dependencies: - dependency-name: urllib3 dependency-version: 2.7.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* fix: allow raw URI path SigV4 fallback * test: cover presigned raw URI path fallback * fix: satisfy clippy for raw path signature fallback * fix: improve raw URI path signature verification and add tests for fallback scenarios --------- Co-authored-by: overtrue <anzhengchao@gmail.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…ject#586) * fix(s3s-fs): honor MetadataDirective::Replace in copy_object `copy_object` previously ignored both `input.metadata_directive` and the request's metadata fields, unconditionally copying the source's metadata sidecar to the destination. Real S3 honors the directive: when `metadata_directive == REPLACE`, the destination's metadata is built fresh from the request (`metadata`, `content_type`, `content_encoding`, `content_disposition`, `content_language`, `cache_control`, `expires`, `website_redirect_location`) and the source's metadata is dropped. This matters in particular for the in-place metadata-update pattern (`CopyObject` same bucket+key with `MetadataDirective: REPLACE`), which is the canonical AWS-side way to rotate an object's metadata without rewriting its bytes — until this fix s3s-fs silently preserved the old metadata regardless of what the caller asked for. The default (header absent) and explicit `COPY` continue to copy the sidecar verbatim, matching prior behaviour. Includes two regression tests: - `test_copy_object_metadata_directive_replace` — REPLACE installs the request's `content_type` and `x-amz-meta-*` on the destination. - `test_copy_object_metadata_directive_copy_ignores_request_fields` — COPY propagates source metadata and ignores the request override. Both validated empirically: the REPLACE test fails on `main` with `left: "application/octet-stream", right: "application/pdf"` and passes after the fix. See https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html for the documented contract. Signed-off-by: Roland From <rfedorov@linkentools.com> * add tests --------- Signed-off-by: Roland From <rfedorov@linkentools.com> Co-authored-by: Nugine <nugine@foxmail.com>
) * feat(s3s-fs): support If-Match conditional on PutObject Honor the `If-Match` header on `PutObject` so clients can perform compare-and-swap writes against the stored ETag. Mirrors the existing `If-None-Match` handling and the `copy_object` precondition pattern: absent objects fail with `PreconditionFailed`, and an explicit ETag condition falls back to MD5 only when no stored ETag is available. * Update CHANGELOG to remove s3s-fs note Removed the note about honoring `If-Match` on `PutObject` for compare-and-swap writes under s3s-fs. * add tests --------- Co-authored-by: Nugine <nugine@foxmail.com>
…#585) * fix(s3s-fs): preserve content on CopyObject self-replace `copy_object` calls `tokio::fs::copy(&src_path, &dst_path)`, which internally opens dst with `O_TRUNC` *before* it begins reading src. When src and dst resolve to the same path (a CopyObject self-replace — the canonical AWS pattern for updating an object's metadata in place via `MetadataDirective: REPLACE`), the destination file is truncated to zero bytes before any data is read. The subsequent reads from src then return an empty stream, so the file ends up empty. The same shape applies to the metadata sidecar copy a few lines later: `fs::copy(src_metadata_path, dst_metadata_path)` with src == dst would zero the JSON sidecar in place. Fix: detect `src_path == dst_path` (and the metadata-sidecar counterpart) and skip the `fs::copy` entirely — the bytes are already in place, only the surrounding state (etag, internal info, optional new metadata) needs updating. Includes a regression test that PUTs an object, copies it onto itself, and asserts the content survives. Without the fix the test fails with `body checksum mismatch ... expected 5d81f958 but it was 00000000`. Signed-off-by: Roland From <rfedorov@linkentools.com> * fix(s3s-fs): update self-replace copy timestamp Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fmt --------- Signed-off-by: Roland From <rfedorov@linkentools.com> Co-authored-by: Nugine <nugine@foxmail.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Agent-Logs-Url: https://github.com/s3s-project/s3s/sessions/3a694a7d-b7c9-4e47-8635-b6b7bd9291d5 Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Nugine <30099658+Nugine@users.noreply.github.com>
Bumps [idna](https://github.com/kjd/idna) from 3.10 to 3.15. - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.md) - [Commits](kjd/idna@v3.10...v3.15) --- updated-dependencies: - dependency-name: idna dependency-version: '3.15' dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Collaborator
Author
|
@copilot resolve the merge conflicts in this pull request |
There was a problem hiding this comment.
Pull request overview
This PR updates workspace dependencies and CI tooling, while also introducing functional changes across SigV4 signature verification, s3s-fs conditional semantics, and the s3-tests E2E baseline pinning.
Changes:
- Bump Rust and Python dependencies (workspace crates, lockfiles, and GitHub Actions).
- Pin
ceph/s3-teststo a fixed revision and reuse that pin in both CI and local E2E scripts. - Extend SigV4 verification to optionally accept signatures computed against the raw URI path; enhance
s3s-fsCopyObject/PutObjectbehaviors (metadata directive + conditional headers) and add integration tests.
Reviewed changes
Copilot reviewed 16 out of 18 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
Cargo.toml |
Workspace dependency version bumps and feature adjustments (notably opendal, AWS SDK crates). |
Cargo.lock |
Lockfile refresh reflecting updated Rust dependency graph. |
crates/s3s-aws/Cargo.toml |
Refines aws-sdk-s3 features/default-features for the s3s-aws crate. |
crates/s3s-fs/Cargo.toml |
Adjusts opendal features/default-features for s3s-fs. |
crates/s3s-fs/src/s3.rs |
Implements conditional copy handling, metadata directive semantics, self-replace safety, and PutObject conditional handling. |
crates/s3s-fs/tests/it_aws.rs |
Adds AWS SDK integration tests for If-Match and conditional copy + metadata directive behaviors. |
crates/s3s-wasm/Cargo.toml |
Updates wasm-bindgen-test dev-dependency. |
crates/s3s/src/ops/mod.rs |
Threads both decoded and raw URI path into signature checking context. |
crates/s3s/src/ops/signature.rs |
Adds raw-path fallback verification for SigV4 (header + presigned) and extends tests. |
crates/s3s/src/ops/tests.rs |
Updates tests to match SignatureContext lifetime changes (borrowed paths). |
crates/s3s/src/sig_v4/methods.rs |
Introduces canonical request builders that can preserve raw URI paths. |
pyproject.toml |
Raises lxml minimum version requirement. |
uv.lock |
Updates Python dependency lock entries (idna, lxml, urllib3, etc.). |
scripts/e2e-s3tests.sh |
Uses pinned S3TESTS_REF to fetch a stable s3-tests revision. |
scripts/s3tests.env |
Stores the pinned ceph/s3-tests revision for CI/E2E usage. |
scripts/source-s3tests-ref.sh |
Shared helper to load S3TESTS_REF from env or scripts/s3tests.env. |
.github/workflows/ci.yml |
Clones s3-tests at the pinned revision for reproducible E2E. |
.github/workflows/docs.yml |
Updates GitHub Pages artifact upload action version. |
- Cargo.lock: Keep HEAD (Dependabot-updated) versions for all conflicting packages - methods.rs: Add both raw_uri_path and payload params to create_presigned_canonical_request_with_uri_mode - signature.rs: Integrate origin/main payload-based presigned URL verification with HEAD raw URI path fallback; add v4_presigned_url_invalid_content_sha256_returns_checksum_mismatch test Co-authored-by: houseme <4829346+houseme@users.noreply.github.com>
Resolved the merge conflicts in commit 9db44a2:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.