mirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-09-22 22:21:13 +02:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
12,484 Commits 4 Branches 522 Tags
Commit Graph

12484 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alex
160f8a901b
Update Console UI to latest version (#21294)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details
2025-05-21 08:59:37 -07:00
jiuker
ef9b03fbf5
fix: unable to get net.Interface cause panic (#21277)
Some checks failed
VulnCheck / Analysis (push) Has been cancelled
Details
Lock Threads / action (push) Has been cancelled
Details
2025-05-16 07:28:04 -07:00
Andreas Auernhammer
1d50cae43d
remove support for FIPS 140-2 with boringcrypto (#21292) 
This commit removes FIPS 140-2 related code for the following
reasons:
 - FIPS 140-2 is a compliance, not a security requirement. Being
   FIPS 140-2 compliant has no security implication on its own.
   From a tech. perspetive, a FIPS 140-2 compliant implementation
   is not necessarily secure and a non-FIPS 140-2 compliant implementation
   is not necessarily insecure. It depends on the concret design and
   crypto primitives/constructions used.
 - The boringcrypto branch used to achieve FIPS 140-2 compliance was never
   officially supported by the Go team and is now in maintainance mode.
   It is replaced by a built-in FIPS 140-3 module. It will be removed
   eventually. Ref: https://github.com/golang/go/issues/69536
 - FIPS 140-2 modules are no longer re-certified after Sep. 2026.
   Ref: https://csrc.nist.gov/projects/cryptographic-module-validation-program

Signed-off-by: Andreas Auernhammer <github@aead.dev>
 2025-05-16 07:27:42 -07:00
Klaus Post
c0a33952c6
Allow FTPS to force TLS (#21251)
Some checks failed
VulnCheck / Analysis (push) Has been cancelled
Details
Lock Threads / action (push) Has been cancelled
Details 
Fixes #21249

Example params: `-ftp=force-tls=true -ftp="tls-private-key=ftp/private.key" -ftp="tls-public-cert=ftp/public.crt"`

If MinIO is set up for TLS those certs will be used.
 2025-05-09 13:10:19 -07:00
Alex
8cad40a483
Update UI console to the latest version (#21278) 
Signed-off-by: Benjamin Perez <benjamin@bexsoft.net>
 2025-05-09 13:09:54 -07:00
Harshavardhana
6d18dba9a2
return error for AppendObject() API (#21272)
Some checks failed
VulnCheck / Analysis (push) Has been cancelled
Details
Lock Threads / action (push) Has been cancelled
Details
2025-05-07 08:37:12 -07:00
jiuker
9ea14c88d8
cleanup: use NewWithOptions replace the Deprecated one (#21243)
Some checks failed
VulnCheck / Analysis (push) Has been cancelled
Details
Lock Threads / action (push) Has been cancelled
Details
2025-04-29 08:35:51 -07:00
jiuker
30a1261c22
fix: track object and bucket for exipreAll (#21241)
Some checks failed
VulnCheck / Analysis (push) Has been cancelled
Details
2025-04-27 21:19:38 -07:00
Matt Lloyd
0e017ab071
feat: support nats nkey seed auth (#21231)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details
2025-04-26 21:30:57 -07:00
Harshavardhana
f14198e3dc update with newer pkger release
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details
2025-04-26 17:44:22 -07:00
Burkov Egor
93c389dbc9
typo: return actual error from RemoveRemoteTargetsForEndpoint (#21238)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details
2025-04-26 01:43:10 -07:00
jiuker
ddd9a84cd7
allow concurrent aborts on active uploadParts() (#21229)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details 
allow aborting on active uploads in progress, however fail these
uploads subsequently during commit phase and return appropriate errors
 2025-04-24 22:41:04 -07:00
Celis
b7540169a2
Add documentation for replication_max_lrg_workers (#21236)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details
2025-04-24 16:34:26 -07:00
Klaus Post
f01374950f
Use go mod tool to install tools for go generate (#21232) 
Use go tool for generators

* Use go.mod tool section
* Install tools with go generate
* Update dependencies
* Remove madmin fork.
 2025-04-24 16:34:11 -07:00
Taran Pelkey
18aceae620
Fix nil dereference in adding service account (#21235) 
Fixes #21234
 2025-04-24 11:14:00 -07:00
Andreas Auernhammer
427826abc5
update minio/kms-go/kms SDK (#21233)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details 
Signed-off-by: Andreas Auernhammer <github@aead.dev>
 2025-04-24 08:33:57 -07:00
Harshavardhana
2780778c10 Revert "Fix: Change TTFB metric type to histogram (#20999)"
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details 
This reverts commit 8d223e07fb7f8593ae56dfd2f4a0688fe1ee8a17.
 2025-04-23 13:56:18 -07:00
Shubhendu
2d8ba15b9e
Correct spelling (#21225)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details
2025-04-23 08:13:23 -07:00
Minio Trusted
bd6dd55e7f Update yaml files to latest version RELEASE.2025-04-22T22-12-26Z
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details
2025-04-22 22:34:07 +00:00
Matt Lloyd
0d7408fc99
feat: support nats tls handshake first (#21008) RELEASE.2025-04-22T22-12-26Z 2025-04-22 15:12:26 -07:00
jiuker
864f80e226
fix: batch expiry job doesn't report delete marker in batch-status (#21183)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details
2025-04-22 04:16:32 -07:00
Harshavardhana
0379d6a37f fix: permissions for docker-compose
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details
2025-04-21 09:24:31 -07:00
Harshavardhana
43aa8e4259
support autogenerated credentials for KMS_SECRET_KEY properly (#21223) 
we had a chicken and egg problem with this feature even
when used with kes the credentials generation would
not work in correct sequence causing setup/deployment
disruptions.

This PR streamlines all of this properly to ensure that
this functionality works as advertised.
 2025-04-21 09:23:51 -07:00
Harshavardhana
e2ed696619 fix: docker-compose link since latest release
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details
2025-04-20 10:05:30 -07:00
Klaus Post
fb3f67a597
Fix shared error buffer (#21203)
Some checks failed
VulnCheck / Analysis (push) Has been cancelled
Details
Lock Threads / action (push) Has been cancelled
Details 
v.cancelFn(RemoteErr(m.Payload)) would use an already returned buffer.

Simplify code a bit as well by returning on errors.
 2025-04-18 02:10:55 -07:00
dependabot[bot]
7ee75368e0
build(deps): bump github.com/nats-io/nats-server/v2 from 2.9.23 to 2.10.27 (#21191)
Some checks failed
VulnCheck / Analysis (push) Has been cancelled
Details
Lock Threads / action (push) Has been cancelled
Details 
build(deps): bump github.com/nats-io/nats-server/v2

Bumps [github.com/nats-io/nats-server/v2](https://github.com/nats-io/nats-server) from 2.9.23 to 2.10.27.
- [Release notes](https://github.com/nats-io/nats-server/releases)
- [Changelog](https://github.com/nats-io/nats-server/blob/main/.goreleaser.yml)
- [Commits](https://github.com/nats-io/nats-server/compare/v2.9.23...v2.10.27)

---
updated-dependencies:
- dependency-name: github.com/nats-io/nats-server/v2
  dependency-version: 2.10.27
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-17 04:45:51 -07:00
dependabot[bot]
1d6478b8ae
build(deps): bump golang.org/x/net from 0.34.0 to 0.38.0 in /docs/debugging/s3-verify (#21199) 
build(deps): bump golang.org/x/net in /docs/debugging/s3-verify

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.34.0 to 0.38.0.
- [Commits](https://github.com/golang/net/compare/v0.34.0...v0.38.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.38.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-17 04:45:33 -07:00
dependabot[bot]
0581001b6f
build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 (#21200) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.37.0 to 0.38.0.
- [Commits](https://github.com/golang/net/compare/v0.37.0...v0.38.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.38.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-17 04:45:15 -07:00
dependabot[bot]
479303e7e9
build(deps): bump golang.org/x/crypto from 0.32.0 to 0.35.0 in /docs/debugging/inspect (#21192)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details
2025-04-16 14:54:16 -07:00
Burkov Egor
89aec6804b
typo: fix return of checkDiskFatalErrs (#21121)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details
2025-04-16 08:20:41 -07:00
Taran Pelkey
eb33bc6bf5 Add New Accesskey Info and OpenID Accesskey List API endpoints (#21097)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details
2025-04-16 00:34:24 -07:00
dependabot[bot]
3310f740f0
build(deps): bump golang.org/x/crypto from 0.32.0 to 0.35.0 in /docs/debugging/s3-verify (#21185)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details 
build(deps): bump golang.org/x/crypto in /docs/debugging/s3-verify

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.32.0 to 0.35.0.
- [Commits](https://github.com/golang/crypto/compare/v0.32.0...v0.35.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.35.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-15 07:00:14 -07:00
Burkov Egor
4595293ca0
typo: fix error msg for decoding XL headers (#21120)
Some checks failed
VulnCheck / Analysis (push) Has been cancelled
Details
Lock Threads / action (push) Has been cancelled
Details
2025-04-10 08:55:43 -07:00
Klaus Post
02a67cbd2a
Fix buffered streams missing final entries (#21122) 
On buffered streams the final entries could be missing, if a lot 
are delivered when stream ends.

Fixes end-of-stream cancelling return of final entries by canceling
with the StreamEOF error.
 2025-04-10 08:29:19 -07:00
Harshavardhana
2b34e5b9ae
move to go1.24 (#21114)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details
2025-04-09 07:28:39 -07:00
Minio Trusted
a6258668a6 Update yaml files to latest version RELEASE.2025-04-08T15-41-24Z
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details
2025-04-08 19:37:51 +00:00
Krishnan Parthasarathi
d0cada583f
ilm: Expect objects with only free versions when scanning (#21112)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details
RELEASE.2025-04-08T15-41-24Z 		2025-04-08 08:41:24 -07:00
Harshavardhana
0bd8f06b62 fix: healing to list, purge dangling objects (#621)
Some checks failed
VulnCheck / Analysis (push) Has been cancelled
Details
Lock Threads / action (push) Has been cancelled
Details 
in a specific corner case when you only have dangling
objects with single shard left over, we end up a situation
where healing is unable to list this dangling object to
purge due to the fact that listing logic expected only
`len(disks)/2+1` - where as when you make this choice you
end up with a situation that the drive where this object
is present is not part of your expected disks list, causing
it to be never listed and ignored into perpetuity.

change the logic such that HealObjects() would be able
to listAndHeal() per set properly on all its drives, since
there is really no other way to do this cleanly, however
instead of "listing" on all erasure sets simultaneously, we
list on '3' at a time. So in a large enough cluster this is
fairly staggered.
 2025-04-04 06:49:12 -07:00
Harshavardhana
6640be3bed fix: listParts crash when partNumberMarker is expected (#620) 
fixes https://github.com/minio/minio/issues/21098
 2025-04-04 06:44:38 -07:00
Anis Eleuch
eafeb27e90
decom: Ignore orphan delete markers in verification stage (#21106)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details 
To make sure that no objects were skipped for any reason,
decommissioning does a second phase of listing to check if there
are some objects that need to be decommissioned. However, the code
forgot to skip orphan delete markers since the decom code already
skips it.

Make the code ignore delete markers in in the verification phase.

Co-authored-by: Anis Eleuch <anis@min.io>
 2025-04-03 15:07:24 -07:00
Minio Trusted
f2c9eb0f79 Update yaml files to latest version RELEASE.2025-04-03T14-56-28Z 2025-04-03 18:57:40 +00:00
爱折腾的小竹同学
f2619d1f62
Fix description error in README (#21099)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details 
There is prefix in json, but not in the equivalent command line. Although the role of prefix has been explained in the previous example, I think it should be supplemented.
RELEASE.2025-04-03T14-56-28Z 		2025-04-03 07:56:28 -07:00
Harshavardhana
8c70975283
make sure to validate signature unsigned trailer stream (#21103) 
This is a security incident fix, it would seem like since
the implementation of unsigned payload trailer on PUTs,
we do not validate the signature of the incoming request.

The signature can be invalid and is totally being ignored,
this in-turn allows any arbitrary secret to upload objects
given the user has "WRITE" permissions on the bucket, since
acces-key is a public information in general exposes these
potential users with WRITE on the bucket to be used by any
arbitrary client to make a fake request to MinIO the signature
under Authorization: header is totally ignored.

A test has been added to cover this scenario and fail
appropriately.
 2025-04-03 07:55:52 -07:00
Krishnan Parthasarathi
01447d2438
Fix evaluation of NewerNoncurrentVersions (#21096)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details 
- Move VersionPurgeStatus into replication package
- ilm: Evaluate policy w/ obj retention/replication
- lifecycle: Use Evaluator to enforce ILM in scanner
- Unit tests covering ILM, replication and retention
- Simplify NewEvaluator constructor
 2025-04-02 23:45:06 -07:00
Shubhendu
07f31e574c
Try reconnect IAM systems if failed initially (#20333)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details 
Fixes: https://github.com/minio/minio/issues/20118

Signed-off-by: Shubhendu Ram Tripathi <shubhendu@minio.io>
 2025-04-02 10:29:33 -07:00
iamsagar99
8d223e07fb
Fix: Change TTFB metric type to histogram (#20999)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details
2025-04-01 22:48:58 -07:00
Harshavardhana
4041a8727c start publishing latest-cicd images 2025-04-01 20:53:54 -07:00
Klaus Post
5f243fde9a
Fix anonymous unsigned trailing headers (#21095)
Some checks are pending
VulnCheck / Analysis (push) Waiting to run
Details 
Do not fail on anonymous requests with trailing headers.

Fixes #21005

With modified minio-go (will send PR):

```
<DEBUG> PUT /tbb/mc.exe HTTP/1.1
Host: 127.0.0.1:9001
User-Agent: MinIO (windows; amd64) minio-go/v7.0.90 mc/DEVELOPMENT.GOGET
Content-Length: 44301288
Accept-Encoding: zstd,gzip
Content-Encoding: aws-chunked
Content-Type: application/x-msdownload
X-Amz-Content-Sha256: STREAMING-UNSIGNED-PAYLOAD-TRAILER
X-Amz-Date: 20250401T150402Z
X-Amz-Decoded-Content-Length: 44295168
X-Amz-Trailer: x-amz-checksum-crc32

mc: <DEBUG> HTTP/1.1 200 OK
Content-Length: 0
Accept-Ranges: bytes
Date: Tue, 01 Apr 2025 15:04:02 GMT
Etag: "46273a30f232dc015ead1c0da8925c98"
Server: MinIO
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
Vary: Accept-Encoding
X-Amz-Checksum-Crc32: wElc/A==
X-Amz-Id-2: 7987905dee74cdeb212432486a178e511309594cee7cb75f892cd53e35f09ea4
X-Amz-Request-Id: 18323A0F322B41C8
X-Content-Type-Options: nosniff
X-Ratelimit-Limit: 2478
X-Ratelimit-Remaining: 2478
X-Xss-Protection: 1; mode=block
```

Tested on multipart uploads as well.
 2025-04-01 11:23:27 -07:00
Burkov Egor
a0e3f1cc18
internal: add handling of KVS config parse (#21079) 2025-04-01 08:28:26 -07:00
Name
b1bc641105
chore(all): replace map key deletion loop with clear() (#21082) 2025-04-01 08:28:06 -07:00