aws s3 cp does not honor request_checksum_calculation = WHEN_REQUIRED
#327
Assignees
Comments
This was referenced Jan 17, 2025
metadaddy
added a commit
to metadaddy/s3transfer
that referenced
this issue
Jan 18, 2025
metadaddy
added a commit
to metadaddy/s3transfer
that referenced
this issue
Jan 18, 2025
This was referenced Jan 21, 2025
Merged
|
Hey @metadaddy, Thank you for creating this issue! I've opened PRs with changes very similar to yours. I've include some formatting and changelog entry information need for releasing a new patch version of s3transfer.
Our team will work on getting this PR merged and released as soon as possible! |
|
Thanks, @jonathan343 - I closed my PR (#328). Should I close this issue, since your PRs are both merged now, or wait until they are released in a new version of |
|
Our daily automated release is currently in progress for both the version of s3transfer used by boto3/AWS CLI v1 and the version vendored in the AWS CLI v2. Once those complete, would you be able to confirm using the new versions successfully address your issue? If so, we can close this out once that's been verified. |
|
Update: Please provide an update here if you're able to confirm this fix addresses the issue on your end. Thanks! |
|
Hey there! |
|
Awesome, thanks for verifying! I'll close this issue now that we've confirmed the issue is resolved. If there are any additional questions or concerns, feel free to reopen this issue or create a new one. Thank you all for the help! |
|
Thanks, @jonathan343. I can confirm that |
renovate bot
added a commit
to Nextdoor/gogo
that referenced
this issue
Jan 27, 2025
This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [boto3](https://redirect.github.com/boto/boto3) | `==1.36.2` -> `==1.36.6` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [botocore](https://redirect.github.com/boto/botocore) | `==1.36.2` -> `==1.36.6` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [s3transfer](https://redirect.github.com/boto/s3transfer) | `==0.11.1` -> `==0.11.2` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>boto/boto3 (boto3)</summary> ### [`v1.36.6`](https://redirect.github.com/boto/boto3/blob/HEAD/CHANGELOG.rst#1366) [Compare Source](https://redirect.github.com/boto/boto3/compare/1.36.5...1.36.6) \====== - api-change:`cloudtrail`: \[`botocore`] This release introduces the SearchSampleQueries API that allows users to search for CloudTrail Lake sample queries. - api-change:`eks`: \[`botocore`] Adds support for UpdateStrategies in EKS Managed Node Groups. - api-change:`healthlake`: \[`botocore`] Added new authorization strategy value 'SMART_ON_FHIR' for CreateFHIRDatastore API to support Smart App 2.0 - api-change:`ssm`: \[`botocore`] Systems Manager doc-only update for January, 2025. - api-change:`sso-oidc`: \[`botocore`] Fixed typos in the descriptions. - api-change:`transfer`: \[`botocore`] Added CustomDirectories as a new directory option for storing inbound AS2 messages, MDN files and Status files. ### [`v1.36.5`](https://redirect.github.com/boto/boto3/blob/HEAD/CHANGELOG.rst#1365) [Compare Source](https://redirect.github.com/boto/boto3/compare/1.36.4...1.36.5) \====== - api-change:`ec2`: \[`botocore`] Added "future" allocation type for future dated capacity reservation ### [`v1.36.4`](https://redirect.github.com/boto/boto3/blob/HEAD/CHANGELOG.rst#1364) [Compare Source](https://redirect.github.com/boto/boto3/compare/1.36.3...1.36.4) \====== - api-change:`bedrock-agent-runtime`: \[`botocore`] Adds multi-turn input support for an Agent node in an Amazon Bedrock Flow - api-change:`glue`: \[`botocore`] Docs Update for timeout changes - api-change:`medialive`: \[`botocore`] AWS Elemental MediaLive adds a new feature, ID3 segment tagging, in CMAF Ingest output groups. It allows customers to insert ID3 tags into every output segment, controlled by a newly added channel schedule action Id3SegmentTagging. - api-change:`workspaces-thin-client`: \[`botocore`] Rename WorkSpaces Web to WorkSpaces Secure Browser ### [`v1.36.3`](https://redirect.github.com/boto/boto3/blob/HEAD/CHANGELOG.rst#1363) [Compare Source](https://redirect.github.com/boto/boto3/compare/1.36.2...1.36.3) \====== - api-change:`batch`: \[`botocore`] Documentation-only update: clarified the description of the shareDecaySeconds parameter of the FairsharePolicy data type, clarified the description of the priority parameter of the JobQueueDetail data type. - api-change:`cognito-idp`: \[`botocore`] corrects the dual-stack endpoint configuration for cognitoidp - api-change:`connect`: \[`botocore`] Added DeleteContactFlowVersion API and the CAMPAIGN flow type - api-change:`emr-serverless`: \[`botocore`] Increasing entryPoint in SparkSubmit to accept longer script paths. New limit is 4kb. - api-change:`iotsitewise`: \[`botocore`] AWS IoT SiteWise now supports ingestion and querying of Null (all data types) and NaN (double type) values of bad or uncertain data quality. New partial error handling prevents data loss during ingestion. Enabled by default for new customers; existing customers can opt-in. - api-change:`logs`: \[`botocore`] Documentation-only update to address doc errors - api-change:`quicksight`: \[`botocore`] Added `DigitGroupingStyle` in ThousandsSeparator to allow grouping by `LAKH`( Indian Grouping system ) currency. Support LAKH and `CRORE` currency types in Column Formatting. - api-change:`sns`: \[`botocore`] This release adds support for the topic attribute FifoThroughputScope for SNS FIFO topics. For details, see the documentation history in the Amazon Simple Notification Service Developer Guide. </details> <details> <summary>boto/botocore (botocore)</summary> ### [`v1.36.6`](https://redirect.github.com/boto/botocore/blob/HEAD/CHANGELOG.rst#1366) [Compare Source](https://redirect.github.com/boto/botocore/compare/1.36.5...1.36.6) \====== - api-change:`cloudtrail`: This release introduces the SearchSampleQueries API that allows users to search for CloudTrail Lake sample queries. - api-change:`eks`: Adds support for UpdateStrategies in EKS Managed Node Groups. - api-change:`healthlake`: Added new authorization strategy value 'SMART_ON_FHIR' for CreateFHIRDatastore API to support Smart App 2.0 - api-change:`ssm`: Systems Manager doc-only update for January, 2025. - api-change:`sso-oidc`: Fixed typos in the descriptions. - api-change:`transfer`: Added CustomDirectories as a new directory option for storing inbound AS2 messages, MDN files and Status files. ### [`v1.36.5`](https://redirect.github.com/boto/botocore/blob/HEAD/CHANGELOG.rst#1365) [Compare Source](https://redirect.github.com/boto/botocore/compare/1.36.4...1.36.5) \====== - api-change:`ec2`: Added "future" allocation type for future dated capacity reservation ### [`v1.36.4`](https://redirect.github.com/boto/botocore/blob/HEAD/CHANGELOG.rst#1364) [Compare Source](https://redirect.github.com/boto/botocore/compare/1.36.3...1.36.4) \====== - api-change:`bedrock-agent-runtime`: Adds multi-turn input support for an Agent node in an Amazon Bedrock Flow - api-change:`glue`: Docs Update for timeout changes - api-change:`medialive`: AWS Elemental MediaLive adds a new feature, ID3 segment tagging, in CMAF Ingest output groups. It allows customers to insert ID3 tags into every output segment, controlled by a newly added channel schedule action Id3SegmentTagging. - api-change:`workspaces-thin-client`: Rename WorkSpaces Web to WorkSpaces Secure Browser ### [`v1.36.3`](https://redirect.github.com/boto/botocore/blob/HEAD/CHANGELOG.rst#1363) [Compare Source](https://redirect.github.com/boto/botocore/compare/1.36.2...1.36.3) \====== - api-change:`batch`: Documentation-only update: clarified the description of the shareDecaySeconds parameter of the FairsharePolicy data type, clarified the description of the priority parameter of the JobQueueDetail data type. - api-change:`cognito-idp`: corrects the dual-stack endpoint configuration for cognitoidp - api-change:`connect`: Added DeleteContactFlowVersion API and the CAMPAIGN flow type - api-change:`emr-serverless`: Increasing entryPoint in SparkSubmit to accept longer script paths. New limit is 4kb. - api-change:`iotsitewise`: AWS IoT SiteWise now supports ingestion and querying of Null (all data types) and NaN (double type) values of bad or uncertain data quality. New partial error handling prevents data loss during ingestion. Enabled by default for new customers; existing customers can opt-in. - api-change:`logs`: Documentation-only update to address doc errors - api-change:`quicksight`: Added `DigitGroupingStyle` in ThousandsSeparator to allow grouping by `LAKH`( Indian Grouping system ) currency. Support LAKH and `CRORE` currency types in Column Formatting. - api-change:`sns`: This release adds support for the topic attribute FifoThroughputScope for SNS FIFO topics. For details, see the documentation history in the Amazon Simple Notification Service Developer Guide. </details> <details> <summary>boto/s3transfer (s3transfer)</summary> ### [`v0.11.2`](https://redirect.github.com/boto/s3transfer/blob/HEAD/CHANGELOG.rst#0112) [Compare Source](https://redirect.github.com/boto/s3transfer/compare/0.11.1...0.11.2) \====== - bugfix:upload: Only set a default checksum if the `request_checksum_calculation` config is set to `when_supported`. Fixes `boto/s3transfer#327 <https://github.com/boto/s3transfer/issues/327>`\__. </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 5am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/Nextdoor/gogo). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xMjUuMSIsInVwZGF0ZWRJblZlciI6IjM5LjEyNS4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When using the AWS CLI with a third-party S3-compatible service, such as Backblaze B2,
aws s3 cpsends thex-amz-sdk-checksum-algorithmandx-amz-checksum-crc64nvmeheaders, even ifrequest_checksum_calculationis set toWHEN_REQUIREDin the configuration.Data Integrity Protections for Amazon S3 states that, when
request_checksum_calculationis set toWHEN_REQUIRED, 'Checksum validation is performed only when required by the API operation.'.aws/configRunning the CLI:
This is happening because S3 Transfer Manager ensures that
ChecksumAlgorithmis set, either to the user-specified value, orCRC64NVME(see theset_default_checksum_algorithm()function, added just a couple of days ago).Now, in Botocore's
resolve_request_checksum_algorithm()function,request_checksum_requiredevaluates toFalse, as you might expect, but, sinceChecksumAlgorithmis set in the incoming params,if algorithm_member and algorithm_member in params:evaluates toTrueand the checksum headers are calculated and sent in the request.I think
TransferManager._add_operation_defaults()should only callset_default_checksum_algorithm()ifrequest_checksum_calculationis set toWHEN_SUPPORTED. Something like this:See aws/aws-cli#9214 for more context.
The text was updated successfully, but these errors were encountered: