Skip to content

v1.142.1

Choose a tag to compare

@github-actions github-actions released this 09 Jul 11:45
3b44d83

What's Changed

This release hardens the AWS packages (awsopt, awssecretcache, sqs, s3) around a single set of conventions: exported sentinel errors matchable with errors.Is, response/input guards that return errors instead of panicking, skipping AWS config load when a client is injected, and expanded docs with runnable examples.

⚠️ This release contains breaking changes in every package below. See the Breaking changes section before upgrading.

awsopt — partition-agnostic region extraction

  • Reworked WithRegionFromURL to extract the region as the right-most region-shaped host label instead of anchoring on .amazonaws.com, so standard, dual-stack (api.aws), China (amazonaws.com.cn), GovCloud, ISO (c2s.ic.gov, sc2s.sgov.gov), VPC interface endpoints, and future partitions all resolve with no code changes.
  • Endpoint URLs are now parsed with net/url (host only; scheme optional; userinfo, port, and path ignored; case-insensitive), replacing the endpoint-extraction regexp with a small region-shape check.
  • Candidate labels are validated against the AWS region shape, so a service name or the vpce label never becomes a bogus region.
  • Fixed VPC interface endpoint region resolution and scheme-less endpoints whose path/query contains ://.
  • Documented that Options must be built from a single goroutine, then shared read-only.

awssecretcache — sentinel errors and nil/empty-secret guards

  • Added exported sentinel errors ErrEmptySecret and ErrEmptySecretID (wrapped with %w).
  • Guarded against a nil GetSecretValueOutput so GetSecretData, GetSecretBinary, and GetSecretString return ErrEmptySecret instead of panicking.
  • Skipped the AWS config load when a client is injected via WithSecretsManagerClient.
  • Rejected an empty secret id up front with ErrEmptySecretID instead of a guaranteed-failing upstream call.
  • Documented %w wrapping (typed SDK errors stay matchable via errors.As; context/abort errors via errors.Is), edge behavior on New, and added a runnable Example.

sqs — sentinel errors, nil-response guards, client injection, URL-derived region

  • Added exported sentinel errors (ErrInvalidQueueURL, ErrMissingMessageGroupID, ErrUnexpectedMessageGroupID, ErrDedupIDNotAllowed, ErrInvalidDedupID, ErrNilEncodeFunc, ErrNilDecodeFunc, ErrInvalidWaitTime, ErrInvalidVisibilityTimeout, ErrQueueNotResponding).
  • Added WithSQSClient to inject a custom implementation, skipping AWS config load when set.
  • Derived the AWS region from the queue URL via awsopt.WithRegionFromURL when no explicit region is set (an explicit WithAWSOptions region still wins).
  • Validated the queue URL and FIFO message-group constraints before loading AWS config, so misconfiguration fails fast.
  • Guarded against nil ReceiveMessage/GetQueueAttributes output in Receive and HealthCheck.
  • Wrapped encode/decode errors with %w, documented concurrency safety, and added a runnable Example.

s3 — sentinel errors, nil-response guards, client injection, health check, object metadata

  • Added exported sentinel errors (ErrEmptyBucketName, ErrEmptyKey, ErrEmptyObjectBody, ErrBucketNotResponding).
  • Added WithS3Client to inject a custom implementation, skipping AWS config load when set.
  • Added HealthCheck, probing bucket reachability and access via HeadBucket (requires s3:ListBucket).
  • Exposed object metadata on Object (ContentType, ContentLength, ETag, LastModified, plus Bucket and Key).
  • Added ListObjects returning per-object metadata (ObjectInfo with Key, Size, LastModified, ETag); ListKeys is now a thin projection over it sharing a single pagination path.
  • Defaulted a nil Put reader to http.NoBody, validated bucket/key before calling AWS, and stopped pagination when the continuation token does not advance (prevents an infinite loop against non-conformant endpoints).
  • Guarded against nil GetObject/ListObjectsV2 output, documented concurrency safety, and added a runnable Example.

Maintenance

  • Updated dependencies and bumped version.

⚠️ Breaking changes

awsopt

  • When the URL carries no region and no defaultRegion is given, WithRegionFromURL now adds no region option and defers to the SDK's canonical resolution (AWS_REGION, then AWS_DEFAULT_REGION, then the shared config file, then IMDS) instead of substituting a hardcoded us-east-2 default.
  • Region resolution no longer requires an amazonaws.com host: any host carrying a region-shaped label yields that region, so the host is no longer verified to be AWS-owned.

awssecretcache

  • GetSecretBinary and GetSecretString now return ErrEmptySecret when the response holds no value, instead of an empty value with a nil error (an explicitly empty ""/[]byte is still returned as a real value).
  • GetSecretData, GetSecretBinary, and GetSecretString now return ErrEmptySecretID for an empty key instead of attempting an upstream lookup.

sqs

  • New now returns ErrUnexpectedMessageGroupID when a message group ID is supplied for a standard (non-FIFO) queue instead of silently ignoring it.
  • New now validates the queue URL and returns ErrInvalidQueueURL for an empty or malformed URL instead of failing only on first use.
  • The region is now derived from the queue URL and takes precedence over the AWS_REGION environment variable (an explicit WithAWSOptions region still wins).
  • Package errors are now exported sentinel values and several error message texts changed.

s3

  • The S3 interface gains a HeadBucket method; existing implementations (including test mocks) must provide it.
  • New now returns ErrEmptyBucketName for an empty bucket name instead of failing only on first use.
  • Get, Put, and Delete now return ErrEmptyKey for an empty key instead of issuing an AWS request.
  • Package errors are now exported sentinel values, and the wrapped list error text changed from "cannot list s3 keys" to "cannot list s3 objects".

Full Changelog: v1.141.0...v1.142.1