Skip to content

fix(deps): bump multistore to the non-S3 streaming-upload guard#166

Closed
alukach wants to merge 1 commit into
mainfrom
fix/multistore-non-s3-streaming-guard
Closed

fix(deps): bump multistore to the non-S3 streaming-upload guard#166
alukach wants to merge 1 commit into
mainfrom
fix/multistore-non-s3-streaming-guard

Conversation

@alukach

@alukach alukach commented Jun 26, 2026

Copy link
Copy Markdown
Contributor

What

Bump the multistore git-branch pin in Cargo.lock from 71b1513a71e51edd.

main builds against the fix/decode-aws-chunked-writes branch of multistore via the temporary [patch.crates-io] block (added in #162). That branch got a follow-up fix from a 4-agent review, and this bumps the lock to pick it up.

Why

The pinned commit (71b1513a) had a bug: a default aws-cli/SDK aws-chunked PutObject to a non-S3 backend (azure — which is enabled here) reached the S3-only seed-signing path (build_streaming_forward) with no backend-type guard, so it mis-routed into S3 SigV4 signing instead of being rejected. UploadPart already guarded this earlier; PutObject did not.

71e51edd (multistore#92):

  • guards the streaming path on is_s3_backend() and rejects non-S3 streaming uploads with InvalidRequest;
  • removes a dead/unreachable Internal re-read of x-amz-content-sha256;
  • adds a non-S3 rejection regression test and strengthens the UploadPart test.

Verification

Pre-commit hook built the wasm worker against 71e51edd and ran the full data.source.coop suite (green). multistore-side: clippy -D warnings clean, 111 tests, wasm cf-workers compiles.

Note

This is a lock bump against the temporary git-branch patch. Once multistore #92 ships in a release, the [patch.crates-io] block should be dropped and the multistore* deps bumped to the released version (see the TODO in Cargo.toml).

🤖 Generated with Claude Code

@alukach @claude
fix(deps): bump multistore to the non-S3 streaming-upload guard
be878f3 
main pins the multistore aws-chunked branch at 71b1513a (the original
stream-resign commit). Bump to 71e51edd, which adds a 4-agent-review fix:
a default aws-chunked PUT to a non-S3 backend (azure) was mis-routing into
the S3-only seed-signing path instead of being rejected. Also drops a dead
re-read and adds regression tests.

multistore PR: developmentseed/multistore#92

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@claude

claude Bot commented Jun 26, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Claude finished @alukach's task in 19s —— View job

✅ No blocking issues — safe to merge.

  • Cargo.lock only: all five multistore* crates consistently bumped from 71b1513a71e51edd on the same fix/decode-aws-chunked-writes branch. The diff is exactly what a cargo update --precise against a single git source produces — no partial update, no stray version drift.
  • The upstream fix (is_s3_backend() guard + InvalidRequest rejection for non-S3 streaming uploads) directly addresses the described mis-routing bug and is a safe, additive guard with a regression test on the multistore side.
  • No logic changes in this repo; nothing to review beyond correctness of the hash bump.

@github-actions

github-actions Bot commented Jun 26, 2026

Copy link
Copy Markdown

🚀 Latest commit deployed to https://source-data-proxy-pr-166.source-coop.workers.dev

  • Date: 2026-06-26T04:57:31Z
  • Commit: 68c614f

@alukach alukach closed this Jun 26, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

fix

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@alukach