Sheaf re-import completeness + S3 SigV4 fix (v0.2.2)#74
Merged
Conversation
…re-import The Sheaf importer only consumed system/members/fronts/groups/tags/ custom_fields, so journals, content revisions, messages, polls, reminders and the notification config (watch tokens + channels + rules) silently vanished on re-import even though the exporter emitted them. Add importer sections for each, in dependency order, remapping old export IDs to the freshly minted ones (bio/journal revision targets, poll option/vote refs, channel group/member rules, reminder channel and scope members). Add per-section import selectors (journals, messages, polls, reminders, notifications) to the options schema, runner, preview counts and the import UI. Notes on restored references: - journal/revision authorship re-points at the importing user; poll audit-log actor is nulled (old-instance account UUIDs are meaningless here). - notification channels land pending_registration: recipient subscriptions, activation hashes and webhook secrets are omitted by the exporter and not reconstructed, so nothing dispatches until the owner re-activates. - delete_confirmation is deliberately not restored to avoid locking destructive actions on an account without the matching TOTP enrolment. - reminders attach to a channel (NOT NULL FK), so they ride the notifications toggle and are skipped with a warning if their channel didn't import.
S3 only serves a presigned GET for an SSE-KMS-encrypted object (incl. objects covered by a bucket-default KMS encryption policy) when the URL is signed with SigV4. The boto3 clients weren't pinning a signature version, so presigning could fall back to SigV2 and S3 rejected the download with "requests specifying Server Side Encryption with AWS KMS managed keys require AWS Signature Version 4". Pin signature_version=s3v4 on both the export-artefact client and the image storage client. Harmless for non-KMS buckets and MinIO, which already speak SigV4.
Import completeness (journals, messages, polls, reminders, notification config round-trip on re-import) and the S3 SigV4 pin for KMS-encrypted export downloads. Also corrects the web lockfile version, which had drifted from package.json since v0.2.0.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
The Sheaf-to-Sheaf re-import was only consuming system / members / fronts / groups / tags / custom fields, so journals (and their edit history), board messages, polls, reminders, and the notification config silently vanished on re-import even though the export had always carried them. This makes the importer round-trip the full export, adds per-section selectors, and fixes the KMS export-download bug found while testing. Tagged v0.2.2.
Import completeness
pending_registrationso nothing dispatches to external recipients until the owner re-activates. Webhook secrets and recipient subscriptions are not carried by the export and are not reconstructed.delete_confirmationis intentionally not restored (it would otherwise lock destructive actions on an account without the matching TOTP enrolment). Safety toggles, grace period, and retention caps are restored.S3 SigV4 fix
s3v4(harmless for non-KMS buckets and MinIO).Release
Tests
journals=offwhile journal revisions do not).46 passedacross the import suite; ruff / tsc / eslint clean.Migrations
None. The importer writes into existing tables.