Skip to content

Releases: ebogdum/callfs

v1.4.0

11 Apr 05:10
@ebogdum ebogdum
v1.4.0
edd0474
This commit was signed with the committer’s verified signature.
ebogdum
GPG key ID: 63B1F6DCFC463B0F
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.4.0 Latest
Latest

Full Changelog: v1.3.0...v1.4.0

Assets 11
Loading

v1.3.0

11 Apr 04:24
@github-actions github-actions
v1.3.0
eef8256
This commit was signed with the committer’s verified signature.
ebogdum
GPG key ID: 63B1F6DCFC463B0F
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.3.0

Breaking Changes

  • Authorization model replaced: Removed Unix-style UID/GID permission system. Authorization is now based on an owner string field (the app user ID). App users have no relationship to OS users. The Metadata struct no longer has UID or GID fields; use Owner instead.
  • API response headers changed: X-CallFS-UID and X-CallFS-GID headers replaced with X-CallFS-Owner.
  • JSON response format changed: File listing uid/gid integer fields replaced with owner string field.
  • Database schema migration: SQLite schema replaces uid/gid INTEGER columns with owner TEXT. Postgres migration 003_replace_uid_gid_with_owner adds owner column and drops uid/gid.

New Features

  • Owner-based access control: files and directories track their creator via the Owner field. Owners have full access; other authenticated users can read files and create children in directories; admin users (root, internal-proxy) bypass all checks.
  • Engine.GetMetadataUncached() for bypassing the metadata cache when fresh data is needed.

Bug Fixes

  • Raft stale reads: Fixed ListChildren on follower nodes returning partially-replicated results. Followers now forward to the leader for consistent reads.
  • Cross-server Content-Length mismatch: Fixed empty responses when reading files after concurrent cross-server writes.
  • S3/MinIO SSE error: Fixed 500 errors on S3 file creation with MinIO due to default SSE config.
  • Integration test fixes: Fixed env-var override test (scratch container), test framework assertion counter.

Tests

  • 16 new unit tests for auth (authenticator + authorizer).
  • All 35 Docker-based integration test suites pass.

Documentation

  • Comprehensive audit of all 12 documentation files. Fixed 23 discrepancies.

Full Changelog: v1.2.0...v1.3.0

Loading

v1.2.0

02 Apr 17:02
@ebogdum ebogdum
v1.2.0
9ae118c
This commit was signed with the committer’s verified signature.
ebogdum
GPG key ID: 63B1F6DCFC463B0F
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.2.0

What's Changed

Features

  • Reed-Solomon erasure coding with parallel multi-server shard download
  • New /v1/shards/{path}/{index} endpoint for individual shard retrieval

Documentation Fixes

  • Corrected authentication description from "JWT" to "API key" across all Swagger/OpenAPI specs
  • Added missing /v1/shards and /v1/files/ws (WebSocket) endpoints to API specs
  • Documented erasure coding headers (X-CallFS-Erasure-*) alongside query parameters
  • Added missing CLI flags (--api-endpoint, --internal-secret) for cluster join
  • Added external_url, logging config, and validation notes to minimal config example
  • Documented rate limiting (link generation: 100 req/s, downloads: 10 req/s)
  • Corrected feature comparison table for MinIO, SeaweedFS, and Ceph RGW
  • Removed premature contact info from Swagger specs

Fixes

  • Fixed Dockerfile Go version from 1.21 to 1.24 (matching go.mod)
  • Hardened auth, rate limiting, distributed locking, error handling, and path sanitization

Dependencies

  • Bumped golang.org/x/crypto to v0.45.0
  • Bumped github.com/go-viper/mapstructure/v2 to v2.4.0

Full Changelog: v1.1.0...v1.2.0

Loading

v1.1.0

02 Apr 17:02
@ebogdum ebogdum
v1.1.0
557e16b
This commit was signed with the committer’s verified signature.
ebogdum
GPG key ID: 63B1F6DCFC463B0F
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.1.0

What's Changed

Features

  • Raft metadata mode for fully self-contained clusters with no external dependencies
  • Multi-store metadata configuration (PostgreSQL, SQLite, Redis, Raft)

Fixes

  • Critical security and data integrity fixes
  • Hardened infrastructure and runtime paths

Full Changelog: v1.0.0...v1.1.0

Loading

Release v1.0.0

14 Jul 20:29
@ebogdum ebogdum
v1.0.0
f88bf29
This commit was signed with the committer’s verified signature.
ebogdum
GPG key ID: 63B1F6DCFC463B0F
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Release v1.0.0

Version v1.0.0 not found in changelog. Extracting latest changes...

[0.1.0] - 2025-07-13

Added

  • Initial public release of CallFS
  • REST API filesystem with GET, POST, PUT, HEAD, DELETE operations
  • Multiple storage backends: Local filesystem and S3
  • Multi-server architecture with transparent internal routing
  • Secure single-use links with HMAC signatures
  • Distributed locking with Redis backend
  • In-memory metadata caching with TTL and LRU eviction
  • Prometheus metrics integration
  • Rate limiting for API endpoints
  • API key authentication
  • Unix socket authorization for local access
  • Comprehensive logging with structured JSON output
  • Security headers middleware (CSP, HSTS, etc.)
  • Request ID tracking across requests
  • OpenAPI/Swagger documentation
  • Docker and Docker Compose support
  • Comprehensive test coverage
  • CI/CD workflows for GitHub Actions
  • Security scanning and code quality checks

Security

  • Added security headers middleware
  • Implemented proper error handling to prevent information leakage
  • Added rate limiting to prevent abuse
  • Secure file path handling to prevent directory traversal attacks

Documentation

  • Installation guide
  • Configuration reference
  • API documentation with OpenAPI spec
  • Developer guide
  • Troubleshooting guide
  • Contributing guidelines
  • Code of conduct
  • Security policy
Loading