NeoFS Finally Cleans Up Its Token Mess: Session v2 Gets House Arrest in Both Gateways While S3 Multipart Breaks Free From the 300-Part Dungeon

Neo SPCC dropped some fresh炖 of both NeoFS access gateways this week. REST Gateway v0.17.0 and S3 Gateway v0.43.0 are now live, bringing session token v2 support to the masses and wrapping up the coordinated upgrade cycle that kicked off with NeoFS Node v0.52.0. It's giving "full house renovation" vibes, but for your decentralized storage tokens.

Session token v2 has been lurking in NeoFS Node since v0.51.0, but now both gateways are officially on board. The new format ditches the old mixed session and bearer token approach, giving developers more granular control over container and object operations. Think of it as Marie Kondo tidying up your token drawer—finally, everything sparks joy in its own lane.

REST Gateway v0.17.0

The headline feature? Container attribute management API. This bad boy exposes REST endpoints for GET and PUT operations on container attributes—metadata key-value pairs that dictate container behavior and permissions. Previously, you needed direct protocol interaction to touch these. Now any app with REST access can play in this sandbox. It's basically giving your attributes a glow-up and opening a public gallery.

Other tidbits include comprehensive session v2 token validation and a fix for that pesky panic triggered by invalid HTTP bearer tokens in production. Some deprecated endpoints and configuration options got the boot, including search and container put APIs, plus container_ops_poll_interval and container_ops_timeout. The neo-go dependency bumped from v0.116.0 to v0.118.0. Out with the old, in with the new—just like that stack of shirts you swear you'll organize someday.

S3 Gateway v0.43.0

This release is all about the multipart upload glow-up. The team completely redesigned the object mapping architecture, fixing a long-standing bug that blocked uploads exceeding 300 parts and squashing errors when fetching individual parts from multipart objects. The 300-part barrier was basically the storage equivalent of that friend who always says "we should hang out sometime" but never commits.

The new hierarchical structure introduces part-level and object-level split chains, cutting out several intermediate metadata attributes from the old system. Translation: the infamous 300-part ceiling is gone. Large file uploads through the S3 interface just