Plug leak in handleCompleteMultipartUpload

In jclouds 2.6.0 BlobStore.getBlob returns an InputStream instead of a ByteSource for the filesystem. Previously the call site leaked the former since it only consumed the BlobMetadata. Instead call BlobStore.blobMedata which does not include the payload. Fixes JCLOUDS-1626.
Bump org.junit.jupiter:junit-jupiter from 5.9.0 to 5.10.2
2024-03-03 13:13:08 +09:00 · 2024-03-02 09:30:28 +09:00 · 2024-03-02 09:30:20 +09:00 · 2024-03-02 09:30:11 +09:00 · 2024-03-02 09:30:02 +09:00 · 2024-03-02 09:28:45 +09:00
--- a/pom.xml
+++ b/pom.xml
@ -297,7 +297,7 @@
      <plugin>
        <groupId>com.github.spotbugs</groupId>
        <artifactId>spotbugs-maven-plugin</artifactId>
-        <version>4.8.3.0</version>
+        <version>4.8.3.1</version>
        <configuration>
          <effort>Max</effort>
          <omitVisitors>CrossSiteScripting,DefaultEncodingDetector,FindNullDeref</omitVisitors>
@ -363,7 +363,7 @@
    <java.version>11</java.version>
    <jclouds.version>2.6.0-SNAPSHOT</jclouds.version>
    <jetty.version>11.0.20</jetty.version>
-    <slf4j.version>2.0.11</slf4j.version>
+    <slf4j.version>2.0.12</slf4j.version>
    <shade.prefix>${project.groupId}.shaded</shade.prefix>
    <surefire.version>3.0.0</surefire.version>
  </properties>
@ -399,7 +399,7 @@
    <dependency>
      <groupId>ch.qos.logback</groupId>
      <artifactId>logback-classic</artifactId>
-      <version>1.4.14</version>
+      <version>1.5.1</version>
    </dependency>
    <dependency>
      <groupId>javax.xml.bind</groupId>
@ -416,14 +416,14 @@
    <dependency>
      <groupId>org.junit.jupiter</groupId>
      <artifactId>junit-jupiter</artifactId>
-      <version>5.9.0</version>
+      <version>5.10.2</version>
      <!-- Required for S3ProxyExtension -->
      <scope>provided</scope>
    </dependency>
    <dependency>
      <groupId>com.fasterxml.jackson.dataformat</groupId>
      <artifactId>jackson-dataformat-xml</artifactId>
-      <version>2.13.3</version>
+      <version>2.16.1</version>
    </dependency>
    <dependency>
      <groupId>com.github.spotbugs</groupId>
--- a/src/main/java/org/gaul/s3proxy/S3ProxyHandler.java
+++ b/src/main/java/org/gaul/s3proxy/S3ProxyHandler.java
@ -2253,7 +2253,7 @@ public class S3ProxyHandler {
        PutOptions options;
        if (Quirks.MULTIPART_REQUIRES_STUB.contains(getBlobStoreType(
                blobStore))) {
-            metadata = blobStore.getBlob(containerName, uploadId).getMetadata();
+            metadata = blobStore.blobMetadata(containerName, uploadId);
            BlobAccess access = blobStore.getBlobAccess(containerName,
                    uploadId);
            options = new PutOptions().setBlobAccess(access);
@ -2632,6 +2632,7 @@ public class S3ProxyHandler {
                blobName, uploadId, createFakeBlobMetadata(blobStore),
                new PutOptions());

+        // TODO: Blob can leak on precondition failures.
        Blob blob = blobStore.getBlob(sourceContainerName, sourceBlobName,
                options);
        if (blob == null) {
Autor	SHA1	Wiadomość	Data
Andrew Gaul	ec12ae0fe5	Plug leak in handleCompleteMultipartUpload In jclouds 2.6.0 BlobStore.getBlob returns an InputStream instead of a ByteSource for the filesystem. Previously the call site leaked the former since it only consumed the BlobMetadata. Instead call BlobStore.blobMedata which does not include the payload. Fixes JCLOUDS-1626.	2024-03-03 13:13:08 +09:00
dependabot[bot]	b147909ff3	Bump org.junit.jupiter:junit-jupiter from 5.9.0 to 5.10.2 Bumps [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit5) from 5.9.0 to 5.10.2. - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.9.0...r5.10.2) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-03-02 09:30:28 +09:00
dependabot[bot]	ae7a20f845	Bump com.fasterxml.jackson.dataformat:jackson-dataformat-xml Bumps [com.fasterxml.jackson.dataformat:jackson-dataformat-xml](https://github.com/FasterXML/jackson-dataformat-xml) from 2.13.3 to 2.16.1. - [Commits](https://github.com/FasterXML/jackson-dataformat-xml/compare/jackson-dataformat-xml-2.13.3...jackson-dataformat-xml-2.16.1) --- updated-dependencies: - dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-xml dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-03-02 09:30:20 +09:00
dependabot[bot]	2bdd10ca88	Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.3.0 to 4.8.3.1 Bumps [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.8.3.0 to 4.8.3.1. - [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases) - [Commits](https://github.com/spotbugs/spotbugs-maven-plugin/compare/spotbugs-maven-plugin-4.8.3.0...spotbugs-maven-plugin-4.8.3.1) --- updated-dependencies: - dependency-name: com.github.spotbugs:spotbugs-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-03-02 09:30:11 +09:00
dependabot[bot]	fcda97197a	Bump ch.qos.logback:logback-classic from 1.4.14 to 1.5.1 Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.4.14 to 1.5.1. - [Commits](https://github.com/qos-ch/logback/compare/v_1.4.14...v_1.5.1) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-classic dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-03-02 09:30:02 +09:00
dependabot[bot]	ede9777a5f	Bump slf4j.version from 2.0.11 to 2.0.12 Bumps `slf4j.version` from 2.0.11 to 2.0.12. Updates `org.slf4j:slf4j-api` from 2.0.11 to 2.0.12 Updates `org.slf4j:jcl-over-slf4j` from 2.0.11 to 2.0.12 --- updated-dependencies: - dependency-name: org.slf4j:slf4j-api dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:jcl-over-slf4j dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-03-02 09:28:45 +09:00