* Bump org.gaul:modernizer-maven-plugin from 2.7.0 to 2.9.0 Bumps [org.gaul:modernizer-maven-plugin](https://github.com/gaul/modernizer-maven-plugin) from 2.7.0 to 2.9.0. - [Release notes](https://github.com/gaul/modernizer-maven-plugin/releases) - [Commits](gaul/modernizer-maven-plugin@modernizer-maven-plugin-2.7.0...modernizer-maven-plugin-2.9.0) --- updated-dependencies: - dependency-name: org.gaul:modernizer-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.puppycrawl.tools:checkstyle from 10.16.0 to 10.17.0 Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 10.16.0 to 10.17.0. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](checkstyle/checkstyle@checkstyle-10.16.0...checkstyle-10.17.0) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.github.spotbugs:spotbugs-annotations from 4.8.3 to 4.8.5 Bumps [com.github.spotbugs:spotbugs-annotations](https://github.com/spotbugs/spotbugs) from 4.8.3 to 4.8.5. - [Release notes](https://github.com/spotbugs/spotbugs/releases) - [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md) - [Commits](spotbugs/spotbugs@4.8.3...4.8.5) --- updated-dependencies: - dependency-name: com.github.spotbugs:spotbugs-annotations dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.sonatype.plugins:nexus-staging-maven-plugin Bumps org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.13 to 1.7.0. --- updated-dependencies: - dependency-name: org.sonatype.plugins:nexus-staging-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * configure maximum-timeskew with environment variable * Rebase s3-tests References gaul/s3-tests#2. * Update s3-tests to latest * Bump com.github.spotbugs:spotbugs-annotations from 4.8.5 to 4.8.6 Bumps [com.github.spotbugs:spotbugs-annotations](https://github.com/spotbugs/spotbugs) from 4.8.5 to 4.8.6. - [Release notes](https://github.com/spotbugs/spotbugs/releases) - [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md) - [Commits](spotbugs/spotbugs@4.8.5...4.8.6) --- updated-dependencies: - dependency-name: com.github.spotbugs:spotbugs-annotations dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.fasterxml.jackson.dataformat:jackson-dataformat-xml Bumps [com.fasterxml.jackson.dataformat:jackson-dataformat-xml](https://github.com/FasterXML/jackson-dataformat-xml) from 2.17.0 to 2.17.1. - [Commits](FasterXML/jackson-dataformat-xml@jackson-dataformat-xml-2.17.0...jackson-dataformat-xml-2.17.1) --- updated-dependencies: - dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-xml dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.junit.jupiter:junit-jupiter from 5.10.2 to 5.10.3 Bumps [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit5) from 5.10.2 to 5.10.3. - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](junit-team/junit-framework@r5.10.2...r5.10.3) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.3.1 to 4.8.6.1 Bumps [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.8.3.1 to 4.8.6.1. - [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases) - [Commits](spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.8.3.1...spotbugs-maven-plugin-4.8.6.1) --- updated-dependencies: - dependency-name: com.github.spotbugs:spotbugs-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Look up HTTP headers while ignoring case OpenStack Swift uses lower-case headers. Fixes gaul#664. * Use var in foreach loops with Map.Entry types * Use var for Immutable builders * Add middleware to override storage class This is best-effort and some storage classes do not map exactly, particularly for non-S3 object stores. Fixes gaul#625. * Bump org.eclipse.jetty:jetty-servlet from 11.0.20 to 11.0.22 Bumps org.eclipse.jetty:jetty-servlet from 11.0.20 to 11.0.22. --- updated-dependencies: - dependency-name: org.eclipse.jetty:jetty-servlet dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.fasterxml.jackson.dataformat:jackson-dataformat-xml Bumps [com.fasterxml.jackson.dataformat:jackson-dataformat-xml](https://github.com/FasterXML/jackson-dataformat-xml) from 2.17.1 to 2.17.2. - [Commits](FasterXML/jackson-dataformat-xml@jackson-dataformat-xml-2.17.1...jackson-dataformat-xml-2.17.2) --- updated-dependencies: - dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-xml dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.6.1 to 4.8.6.2 Bumps [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.8.6.1 to 4.8.6.2. - [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases) - [Commits](spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.8.6.1...spotbugs-maven-plugin-4.8.6.2) --- updated-dependencies: - dependency-name: com.github.spotbugs:spotbugs-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.assertj:assertj-core from 3.25.3 to 3.26.3 Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.25.3 to 3.26.3. - [Release notes](https://github.com/assertj/assertj/releases) - [Commits](assertj/assertj@assertj-build-3.25.3...assertj-build-3.26.3) --- updated-dependencies: - dependency-name: org.assertj:assertj-core dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Adds feature allowing Access-Control-Expose-Headers configuration * Adds test * Fixes styling * Fixes modernizer issue * remove timestamp validation for requests that use query string authentication * fix time skew validation for presigned urls * Prefer immutable collections where possible * Replace uses of Maps.immutableEntry with Map.entry The latter does not support null keys or values so this cannot replace all uses. * README: Adobe s3mock * Allow x-amz-user-agent header * Bump ch.qos.logback:logback-classic from 1.5.6 to 1.5.7 Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.6 to 1.5.7. - [Commits](qos-ch/logback@v_1.5.6...v_1.5.7) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-classic dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.eclipse.jetty:jetty-servlet from 11.0.22 to 11.0.23 Bumps org.eclipse.jetty:jetty-servlet from 11.0.22 to 11.0.23. --- updated-dependencies: - dependency-name: org.eclipse.jetty:jetty-servlet dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.puppycrawl.tools:checkstyle from 10.17.0 to 10.18.1 Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 10.17.0 to 10.18.1. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](checkstyle/checkstyle@checkstyle-10.17.0...checkstyle-10.18.1) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump slf4j.version from 2.0.13 to 2.0.16 Bumps `slf4j.version` from 2.0.13 to 2.0.16. Updates `org.slf4j:slf4j-api` from 2.0.13 to 2.0.16 Updates `org.slf4j:jcl-over-slf4j` from 2.0.13 to 2.0.16 --- updated-dependencies: - dependency-name: org.slf4j:slf4j-api dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:jcl-over-slf4j dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Enforce limit when deleting multiple objects Found via s3-tests. * Add ETag to failed conditional GETs Found via s3-tests. References apache/jclouds#209. * Bump upload-artifact and download-artifact to v4 References gaul#685. * Rebase s3-tests * S3Proxy 2.3.0 release Fixes gaul#677. * Bump to 2.4.0-SNAPSHOT * Bump ch.qos.logback:logback-classic from 1.5.7 to 1.5.8 Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.7 to 1.5.8. - [Commits](qos-ch/logback@v_1.5.7...v_1.5.8) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-classic dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.junit.jupiter:junit-jupiter from 5.10.3 to 5.11.1 Bumps [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit5) from 5.10.3 to 5.11.1. - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](junit-team/junit-framework@r5.10.3...r5.11.1) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.fasterxml.jackson.dataformat:jackson-dataformat-xml Bumps [com.fasterxml.jackson.dataformat:jackson-dataformat-xml](https://github.com/FasterXML/jackson-dataformat-xml) from 2.17.2 to 2.18.0. - [Commits](FasterXML/jackson-dataformat-xml@jackson-dataformat-xml-2.17.2...jackson-dataformat-xml-2.18.0) --- updated-dependencies: - dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-xml dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.6.2 to 4.8.6.4 Bumps [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.8.6.2 to 4.8.6.4. - [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases) - [Commits](spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.8.6.2...spotbugs-maven-plugin-4.8.6.4) --- updated-dependencies: - dependency-name: com.github.spotbugs:spotbugs-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Allow Last-Modified header to be optional * Update deprecated methods * Explicitly use project.version This addresses a Maven warning: The expression ${version} is deprecated. Please use ${project.version} instead. * Disable warnings for missing Javadoc * Close InputStream Found via Coverity. * Add azureblob-sdk provider backed by Azure SDK This may replace the jclouds azureblob provider. The implementation lacks some error codes and options. Fixes gaul#606. * Address Checkstyle warnings * Replace Guava collections with Java 9 equivalents * Support SSL setup via SSLContext in S3Proxy.Builder * Push tags and latest to Docker Hub Fixes gaul#704. * Allow setting service-path config when running via Docker * Set outputLength correctly on open ended range requests to encryptedBlobStore Open ended ranged requests to encrypted files resulted in incorrect Content-Length headers in the response because of a bug in the Decryption class. In EncryptedBlobStore the length is set to -1 by default. On open-ended ranged GET requests this value is passed to the Decryption constructor, which in turn only sets outputLength if an offset is given without a length, but -1 is used to represent no length given. After this change the outputLength is set correctly in this constructor. Fixes gaul#698. * Write to OutputStream in azureblobsdk stageBlock requires an InputStream that supports marks which the socket does not support and wrapping in a BufferedInputStream would require extra memory. Fixes gaul#708. * Add azureblob-sdk to Quirks References gaul#606. * Write to OutputStream in azureblobsdk uploadWithResponse requires an InputStream that supports marks which the socket does not support and wrapping in a BufferedInputStream would require extra memory. Fixes gaul#708. * Add mapping for NO_SUCH_KEY for azureblob-sdk References gaul#606. * Do not set Tier for RELATIVE_PATH in azureblob-sdk References gaul#606. * Ignore CONTAINER_NOT_FOUND when deleting a bucket Reference gaul#606. * Handle BUCKET_ALREADY_OWNED_BY_YOU in azureblob-sdk References gaul#606. * Always overwrite in uploadPart in azureblob-sdk References gaul#606. * Opt into custom Azure logic with azureblob-sdk References gaul#606. * Revert "Write to OutputStream in azureblobsdk" This reverts commit 6939e6f. References gaul#708. * Allow overriding the endpoint in azureblob-sdk This allows testing with Azurite. References gaul#700. * Add configuration for Azurite References gaul#700. * Allow overriding test configuration at run-time References gaul#700. * Disable retries for AwsSdkTest This prevents long test run-times for unexpected HTTP 500 errors. * Implement copyBlob for azureblob-sdk References gaul#606. * Skip copy blob tests on Azurite References gaul#606. * Add workarounds for azureblob-sdk tests References gaul#606. * Support condition get object in azureblob-sdk References gaul#606. * Fix Checkstyle violations * Translate Azure errors in AzureBlobStore This addresses a layering violation and may make AzureBlobStore more useful to non-S3Proxy users. References gaul#606. * Avoid type duplication with type inference Replaced via: find -name \*.java | xargs sed -i 's/^$ *$$[^ ].*$ $[^ ]*$ = new \2/\1var \3 = new \2/' * Skip failing azureblob-sdk multipart tests References gaul#700. References gaul#708. * Remove unused imports Follows on to 49e468a. * Handle missing buckets and keys in azureblob-sdk Found via s3-tests. References gaul#606. * Handle non-empty delete container in azureblob-sdk Found via s3-tests. References gaul#606. * Disable retries for azureblob-sdk It is better to let the client retry. * Emit 501 for initiateMultipartUpload in azureblob-sdk The SDK lacks a method to upload a part with a non-repeatable payload. References gaul#708. * Update s3-tests submodule for multipart tags References gaul#700. * Split s3-tests tags per-line for readability * Add Last-Modified to azureblob-sdk getBlob Also ETag and creation date. References gaul#606. * Include Content-MD5 in azureblob-sdk putBlob References gaul#606. Fixes gaul#576. * Add middleware to replace user metadata This is useful when keys and values must conform to some subset of values, e.g., Azure's C# identifiers. Fixes gaul#466. * Bump copyright year * Ignore x-amz-te: append-md5 request header This header requests that the server add a trailing MD5 checksum to the response body. However, if the X-Amz-Transfer-Encoding: append-md5 response header is missing then the AWS Java SDK v2 will ignore its absence. So ignoring the request header works for now. Fixes gaul#414. * Bump ch.qos.logback:logback-classic from 1.5.8 to 1.5.12 Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.8 to 1.5.12. - [Commits](qos-ch/logback@v_1.5.8...v_1.5.12) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-classic dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.fasterxml.jackson.dataformat:jackson-dataformat-xml Bumps [com.fasterxml.jackson.dataformat:jackson-dataformat-xml](https://github.com/FasterXML/jackson-dataformat-xml) from 2.18.0 to 2.18.1. - [Commits](FasterXML/jackson-dataformat-xml@jackson-dataformat-xml-2.18.0...jackson-dataformat-xml-2.18.1) --- updated-dependencies: - dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-xml dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.google.auto.service:auto-service from 1.0-rc3 to 1.1.1 Bumps [com.google.auto.service:auto-service](https://github.com/google/auto) from 1.0-rc3 to 1.1.1. - [Release notes](https://github.com/google/auto/releases) - [Commits](https://github.com/google/auto/commits/auto-service-1.1.1) --- updated-dependencies: - dependency-name: com.google.auto.service:auto-service dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.junit.jupiter:junit-jupiter from 5.11.1 to 5.11.3 Bumps [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit5) from 5.11.1 to 5.11.3. - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](junit-team/junit-framework@r5.11.1...r5.11.3) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Ignore part checksums in CompleteMultipartUpload The intent of these are to correlate with the headers from previous UploadPart requests. S3Proxy ignores these elements for now since none of the storage backends support them. References gaul#656. * Use marker when listing blobs in azureblob-sdk References gaul#606. * Run Maven tests against azureblob-sdk in CI References gaul#700. * Add support for getBlob ranges in azureblob-sdk References gaul#606. * Add test for replacing a multi-part upload References gaul#468. * Handle invalid container names References gaul#606. * Handle invalid MD5 hashes References gaul#606. * Handle missing container in more places References gaul#606. * Update s3-tests with azureblob tags * Consolidate azureblob-sdk error handling References gaul#606. * Handle deleting missing container in azureblob-sdk References gaul#606. * Clarify state of azureblob-sdk References gaul#606. * Allow overriding s3proxy.conf for s3-tests * Add test for getting a range * Handle non-existent blob in UserMetadataReplacer Fixes gaul#720. * Allow copyBlob lastModified to be null This matches getBlob and other call sites. * fix handleCompleteMultipartUpload bug * Upgrade to Jetty 11.0.24 Release notes: https://github.com/jetty/jetty.project/releases/tag/jetty-11.0.24 Fixes gaul#723. * Allow to use Azure managed identities for azureblob-sdk backend * Add NIO.2 BlobStore This will enable multiple backends, e.g., jimfs (in-memory), filesystem, and possibly stranger things like Hadoop. Currently only configured to use jimfs. Fixes gaul#697. * S3Proxy 2.4.0 release * Bump to 2.5.0-SNAPSHOT * Prohibit object operations on non-existent containers Found via s3-tests. References gaul#697. * Support container and blob access control Found via s3-tests. References gaul#697. * Add creation and last modified times to getBlob Found via s3-tests. References gaul#697. * Add ETag and Tier to getBlob and list Found via s3-tests. References gaul#697. * Support list markers in transient-nio2 References gaul#697. * Treat empty delimiter as if it is not specified Found by s3-tests. References gaul#697. * Handle list marker after last key in transient-nio2 Found by s3-tests. References gaul#697. * Enforce correct MD5 hash in transient-nio2 putBlob Found via s3-tests. References gaul#697. * Handle conditional get in transient-nio2 Found by s3-tests. References gaul#697. * Skip s3-tests which fail on transient-nio2 References gaul#697. * Run s3-tests against transient-nio2 References gaul#697. * S3Proxy 2.4.1 release * Bump to 2.5.0-SNAPSHOT * Clarify transient-nio2 status * Prefer Java 9 InputStream.readAllBytes * Skip tests which fail on google-cloud-storage * Bump com.azure:azure-identity from 1.13.3 to 1.14.2 Bumps [com.azure:azure-identity](https://github.com/Azure/azure-sdk-for-java) from 1.13.3 to 1.14.2. - [Release notes](https://github.com/Azure/azure-sdk-for-java/releases) - [Commits](Azure/azure-sdk-for-java@azure-identity_1.13.3...azure-identity_1.14.2) --- updated-dependencies: - dependency-name: com.azure:azure-identity dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.google.guava:guava from 32.0.0-jre to 33.3.1-jre Bumps [com.google.guava:guava](https://github.com/google/guava) from 32.0.0-jre to 33.3.1-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.azure:azure-storage-blob from 12.28.0 to 12.29.0 Bumps [com.azure:azure-storage-blob](https://github.com/Azure/azure-sdk-for-java) from 12.28.0 to 12.29.0. - [Release notes](https://github.com/Azure/azure-sdk-for-java/releases) - [Commits](Azure/azure-sdk-for-java@azure-storage-blob_12.28.0...azure-storage-blob_12.29.0) --- updated-dependencies: - dependency-name: com.azure:azure-storage-blob dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.puppycrawl.tools:checkstyle from 10.18.1 to 10.20.2 Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 10.18.1 to 10.20.2. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](checkstyle/checkstyle@checkstyle-10.18.1...checkstyle-10.20.2) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Handle google-cloud-storage 412 * Add filesystem-nio2 blobstore This uses the same code paths as transient-nio2 and will replace the jclouds filesystem blobstore. * Fix stopping condition when deleting parent dirs * Include root when checking list prefix * Explicitly set BlobAccess during putBlob This matches completeMultipartUpload. * filesystem-nio2 requires the MPU stub blob * Add filesystem-nio2 to CI * Fix listing on filesystem-nio2 blobstore * Add filesystem directory for filesystem-nio2 CI * Add azurite exclusions to s3-tests References gaul#700. * Fix error-prone warnings * More consistently use Path objects This improves compatibility on Windows. References gaul#740. * Replace backslash path separator on Windows References gaul#740. * Eagerly check baseDir in FilesystemNio2BlobStore * Check for null BlobAccessType in azureblob-sdk References gaul#606. * Update s3-tests References gaul#700. * Fix Checkstyle violation Regression introduced in fef17b0. * Run s3-tests against Azurite in CI Fixes gaul#700. * Clean up MPU test litter in testPartNumberMarker Minio seems to persist this after deleting a bucket. * Add Minio to CI Skip tests which fail with 2.6.0 but will succeed with 2.6.1. * Allow overriding log level in run-s3-tests.sh * Update s3-tests * Clean up tags in s3-tests Fix an off-by-one error in NIO.2 previously hidden by incorrect tags. * S3Proxy 2.5.0 release * Bump to 2.5.1-SNAPSHOT * Clarify filesystem-nio2 status * Upgrade to commons-fileupload2 This indirectly addresses a CVE in commons-io that does not affect S3Proxy. * Require Mavne 3.6.3 This addresses a warning due to plugins that require a newer version: [ERROR] Project requires an incorrect minimum version of Maven. [ERROR] Update the pom.xml to contain maven-enforcer-plugin to [ERROR] force the Maven version which is needed to build this project. [ERROR] See https://maven.apache.org/enforcer/enforcer-rules/requireMavenVersion.html [ERROR] Using the minimum version of Maven: 3.2.5 * Prefer Path over File Found via modernizer-maven-plugin 3.0.0. * Upgrade to modernizer-maven-plugin 3.0.0 Release notes: https://github.com/gaul/modernizer-maven-plugin/releases/tag/modernizer-maven-plugin-3.0.0 * Bump org.assertj:assertj-core from 3.26.3 to 3.27.1 Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.26.3 to 3.27.1. - [Release notes](https://github.com/assertj/assertj/releases) - [Commits](assertj/assertj@assertj-build-3.26.3...assertj-build-3.27.1) --- updated-dependencies: - dependency-name: org.assertj:assertj-core dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.google.guava:guava from 33.3.1-jre to 33.4.0-jre Bumps [com.google.guava:guava](https://github.com/google/guava) from 33.3.1-jre to 33.4.0-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.junit.jupiter:junit-jupiter from 5.11.3 to 5.11.4 Bumps [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit5) from 5.11.3 to 5.11.4. - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](junit-team/junit-framework@r5.11.3...r5.11.4) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.6.4 to 4.8.6.6 Bumps [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.8.6.4 to 4.8.6.6. - [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases) - [Commits](spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.8.6.4...spotbugs-maven-plugin-4.8.6.6) --- updated-dependencies: - dependency-name: com.github.spotbugs:spotbugs-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.fasterxml.jackson.dataformat:jackson-dataformat-xml Bumps [com.fasterxml.jackson.dataformat:jackson-dataformat-xml](https://github.com/FasterXML/jackson-dataformat-xml) from 2.18.1 to 2.18.2. - [Commits](FasterXML/jackson-dataformat-xml@jackson-dataformat-xml-2.18.1...jackson-dataformat-xml-2.18.2) --- updated-dependencies: - dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-xml dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Support IRSA for aws-s3 provider * Fix Checkstyle and Modernizer warnings * Add Minio config to run-s3-tests.sh * Use ubuntu-24.04-arm GitHub runner * Upgrade to modernizer-maven-plugin 3.1.0 This improves local variable suppressions. * Remove dependency on commons-codec * Remove explicit dependency on Apache commons-io commons-fileupload2-javax exposes this as an implicit dependency but S3Proxy can replace its uses with Guava and modern Java. * feat: Support json logging * Prefer log replacement over concatenation * Ignore new AWS checksum headers Previously newer versions of aws-cli could not put objects. Fixes gaul#760. Fixes gaul#765. * Change Docker storage backend to filesystem-nio2 * Upgrade to jclouds 2.7.0 Release notes: https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12354430&styleName=Html&projectId=12314430&Create=Create&atl_token=A5KQ-2QAV-T4JA-FDED_bf4746c9b07e36572e23ca1006c18330c5ea778e_lin Fixes gaul#468. Fixes gaul#708. Fixes gaul#746. * Update storage tiers to include COOL and COLD * Run s3-tests against minio * Recommend to use filesystem-nio2 storage backend * Prevent parent path traversal in filesystem-nio2 Reported-by: Nico Waisman <nico@xbow.com> * Bump com.amazonaws:aws-java-sdk-sts from 1.12.261 to 1.12.780 Bumps [com.amazonaws:aws-java-sdk-sts](https://github.com/aws/aws-sdk-java) from 1.12.261 to 1.12.780. - [Changelog](https://github.com/aws/aws-sdk-java/blob/master/CHANGELOG.md) - [Commits](aws/aws-sdk-java@1.12.261...1.12.780) --- updated-dependencies: - dependency-name: com.amazonaws:aws-java-sdk-sts dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump ch.qos.logback:logback-classic from 1.5.12 to 1.5.16 Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.12 to 1.5.16. - [Commits](qos-ch/logback@v_1.5.12...v_1.5.16) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-classic dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.puppycrawl.tools:checkstyle from 10.20.2 to 10.21.2 Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 10.20.2 to 10.21.2. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](checkstyle/checkstyle@checkstyle-10.20.2...checkstyle-10.21.2) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.azure:azure-identity from 1.14.2 to 1.15.0 Bumps [com.azure:azure-identity](https://github.com/Azure/azure-sdk-for-java) from 1.14.2 to 1.15.0. - [Release notes](https://github.com/Azure/azure-sdk-for-java/releases) - [Commits](Azure/azure-sdk-for-java@azure-identity_1.14.2...azure-core_1.15.0) --- updated-dependencies: - dependency-name: com.azure:azure-identity dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.github.spotbugs:spotbugs-annotations from 4.8.6 to 4.9.0 Bumps [com.github.spotbugs:spotbugs-annotations](https://github.com/spotbugs/spotbugs) from 4.8.6 to 4.9.0. - [Release notes](https://github.com/spotbugs/spotbugs/releases) - [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md) - [Commits](spotbugs/spotbugs@4.8.6...4.9.0) --- updated-dependencies: - dependency-name: com.github.spotbugs:spotbugs-annotations dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Upgrade to aws-java-sdk-s3 1.12.780 * Allow Dependabot updates to Maven plugins * Bump actions/setup-python from 4 to 5 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4 to 5. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v4...v5) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump docker/setup-qemu-action from 2 to 3 Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2 to 3. - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@v2...v3) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump docker/build-push-action from 5 to 6 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5 to 6. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@v5...v6) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump docker/metadata-action from 4.0.1 to 5.6.1 Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 4.0.1 to 5.6.1. - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](docker/metadata-action@v4.0.1...v5.6.1) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump org.assertj:assertj-core from 3.27.1 to 3.27.3 Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.27.1 to 3.27.3. - [Release notes](https://github.com/assertj/assertj/releases) - [Commits](assertj/assertj@assertj-build-3.27.1...assertj-build-3.27.3) --- updated-dependencies: - dependency-name: org.assertj:assertj-core dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * S3Proxy 2.6.0 release * Bump to 2.6.1-SNAPSHOT * Update copyright year to 2025 * Allow null localIdentify with bucket locators This can be null when using none authorization. Regression from 4976e17. Fixes gaul#781. * docker: Match s3proxy.v4-max-non-chunked-request-size default (128 MB) - gaul#594 changed the hardcoded default value of `v4MaxNonChunkedRequestSize` to 128 MB - The 128 MB default only kicks in if the `s3proxy.v4-max-non-chunked-request-size` config is not set - However, when using the Docker image (in k8s, for example), if you don't explicitly override the `S3PROXY_V4_MAX_NON_CHUNKED_REQ_SIZE` env variable, the `run-docker-container.sh` sets this env var [1] to a default of 33554432 bytes (~32 MB) - This commit changes this defualt to 128 MB, to match the default value defined in the code itself This change makes it such that an un-initiated user running s3Proxy via Docker / k8s does not run into an error of the form: 400 MaxMessageLengthExceeded Your request was too big , when uploading a file between 32 - 128 MB. [1] https://github.com/gaul/s3proxy/blob/master/src/main/resources/run-docker-container.sh#L26 * Bump ch.qos.logback:logback-classic from 1.5.16 to 1.5.17 Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.16 to 1.5.17. - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](qos-ch/logback@v_1.5.16...v_1.5.17) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-classic dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.6.6 to 4.9.1.0 Bumps [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.8.6.6 to 4.9.1.0. - [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases) - [Commits](spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.8.6.6...spotbugs-maven-plugin-4.9.1.0) --- updated-dependencies: - dependency-name: com.github.spotbugs:spotbugs-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.azure:azure-identity from 1.15.0 to 1.15.3 Bumps [com.azure:azure-identity](https://github.com/Azure/azure-sdk-for-java) from 1.15.0 to 1.15.3. - [Release notes](https://github.com/Azure/azure-sdk-for-java/releases) - [Commits](Azure/azure-sdk-for-java@azure-core_1.15.0...azure-identity_1.15.3) --- updated-dependencies: - dependency-name: com.azure:azure-identity dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump com.github.spotbugs:spotbugs-annotations from 4.9.0 to 4.9.2 Bumps [com.github.spotbugs:spotbugs-annotations](https://github.com/spotbugs/spotbugs) from 4.9.0 to 4.9.2. - [Release notes](https://github.com/spotbugs/spotbugs/releases) - [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md) - [Commits](spotbugs/spotbugs@4.9.0...4.9.2) --- updated-dependencies: - dependency-name: com.github.spotbugs:spotbugs-annotations dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Bump docker/metadata-action from 5.6.1 to 5.7.0 Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 5.6.1 to 5.7.0. - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](docker/metadata-action@v5.6.1...v5.7.0) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Pin Azurite version and update s3-tests References gaul#793. * Docker: Use dumb-init as init system PID 1 is special in Linux kernels; do not start the `java` process as PID 1. Instead, use dumb-init [1] as the init system and start it at PID 1. This is generally done for two main reasons [1]: - Signal handling When k8s terminates a Pod, it sends a SIGTERM to PID 1 in the containers. When a non-PID-1 process receives SIGTERM and it does not register a SIGTERM handler, the kernel will fall back to the default behavior for a SIGTERM signal: killing the process. However, this is not the case for PID 1; the kernel does not fallback to killing the PID 1 process if no SIGTERM handler is registered. This means that the SIGTERM will have no effect on the process. k8s will wait for `terminationGracePeriodSeconds` (default: 30 seconds) and only then SIGKILL the process (having wasted 30 seconds where nothing useful was happening). With `Java` as PID 1 though, I don't run into this issue. Even though s3Proxy does not register a SIGTERM handler, it seems like the JVM does react to the SIGTERM and immediately kills s3Proxy. Still, let's use dumb-init as a best-practice. Init-systems like dumb-init take the responsibliity for properly registering signal handlers and passing signals to children processes correctly. - Orphaned processes Any running process that becomes an orphan (parent process dies) is adopted by PID 1. This means PID 1 is responsible for cleaning up (reaping) the orphan process after it has terminated (become zombie /defunct) However, Java as PID 1 will not know about these zombie processes and will not reap them. Using dumb-init will reap such processes. This is a non-breaking change; users of the docker image do not need any action on their part. [1] https://engineeringblog.yelp.com/2016/01/dumb-init-an-init-for-docker.html [2] https://daveiscoding.hashnode.dev/why-do-you-need-an-init-process-inside-your-docker-container-pid-1 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Timur Saikaliev <timur.saikaliev@stein-pilz.com> Co-authored-by: Andrew Gaul <andrew@gaul.org> Co-authored-by: twickline <twickline@axon.com> Co-authored-by: sullis <github@seansullivan.com> Co-authored-by: losfair <zhy20000919@hotmail.com> Co-authored-by: Bernhard Stiftner <stiftner@m2n.at> Co-authored-by: Fernando Jiménez Moreno <ferjmoreno@gmail.com> Co-authored-by: ptemarvelde <45282601+ptemarvelde@users.noreply.github.com> Co-authored-by: zhaoshihao <1140448242@qq.com> Co-authored-by: David Herman <herman.david@protonmail.com> Co-authored-by: TQ <tianqiu.huang@enterprisedb.com> Co-authored-by: Ryan Faircloth <ryan@dss-i.com> Co-authored-by: Musab Shakeel <musabshakeel@gmail.com>

Bump Jetty 11.0.23 to fix know vulnerabilities #723

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions