NeoFS Gateways Level Up: Session Token v2 Gets Full Support, Multipart Uploads Shed Their 300-Part Prison

Neo SPCC just rolled out fresh builds for both NeoFS access gateways—REST Gateway v0.17.0 and S3 Gateway v0.43.0. The main attraction? Full session token v2 support, because apparently the old hybrid session-and-bearer token situation wasn't chaotic enough for the average degen developer. Both releases are built on NeoFS SDK Go RC18 and require Go 1.25 or higher to compile. Think of this as the grand finale of the coordinated upgrade trilogy that started with NeoFS Node v0.52.0. The whole squad's finally reunited.

REST Gateway v0.17.0

Container attribute management just became accessible to the masses. The new API drops GET and PUT endpoints for container attributes—key-value metadata that governs container behavior and permissions. Before this update, you basically needed a direct line to the protocol to tinker with these. Now even the most basic REST-friendly application can get in on the action. Democracy, ho.

The release also ships with comprehensive session v2 token validation and squashes a particularly nasty production bug where malformed HTTP bearer tokens triggered a panic. Nothing says "production-ready" quite like your gateway having an existential crisis over bad auth headers.

Deprecated endpoints (search and container put APIs) and configuration options (container_ops_poll_interval and container_ops_timeout) have been removed in a housecleaning that was probably overdue. On the dependency front, neo-go got bumped from v0.116.0 to v0.118.0—keeping those dependencies fresh like produce you actually remember to eat.

S3 Gateway v0.43.0

The multipart upload object mapping got a full redesign. This wasn't some casual refactor—the previous architecture contained a notorious bug that bricked uploads exceeding 300 parts. For those doing quick math, that's roughly 1.5 TB if you're using the maximum part size, which isn't exactly giving you room to upload the entire blockchain state as a single file.

The fresh hierarchical structure introduces part-level and object-level split chains, cutting out several intermediate metadata attributes from the old system like a surgeon removing appendix. The infamous 300-part constraint? Obliterated. Individual parts now carry proper metadata and payload hashes, which is always reassuring when you're trusting your data to distributed systems.

Also worth flagging: maximum single part size took a humble step down from 5 GB to 4 GB to actually reflect NeoFS's real-world capabilities. Minimum part size remains locked at 5 MiB per the S3 spec. For operators who were MacGyvering workarounds for this discrepancy, remember that vanilla AWS S3 lets you go up to 5 GB per part—so there's that.

Session token v2 authentication support is baked in, and container_ops_poll_interval has been yeeted