chore: move this project to V4

.github/workflows/python-integ.yml

@@ -31,7 +31,7 @@ jobs:
         uses: actions/cache@v5
         with:
           path: ~/.cache/uv
-          key: ${{ runner.os }}-uv-${{ hashFiles('./test-server/python-v3-server/**/pyproject.toml') }}
+          key: ${{ runner.os }}-uv-${{ hashFiles('./test-server/python-v4-server/**/pyproject.toml') }}
           restore-keys: |
             ${{ runner.os }}-uv-
 

pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "amazon-s3-encryption-client-python"
-version = "0.1.0"
+version = "3.0.0"
 description = "This library provides an S3 client that supports client-side encryption."
 authors = [
     {name = "AWS Crypto Tools", email = "aws-crypto-tools@amazon.com"}

src/s3_encryption/__init__.py

@@ -1,6 +1,6 @@
 # Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
 # SPDX-License-Identifier: Apache-2.0
-"""Top-level S3 Encryption Client v3 for Python package."""
+"""Top-level S3 Encryption Client v4 for Python package."""
 
 import io
 import threading

test-server/README.md

@@ -28,8 +28,8 @@ make ci
 # Start Python and Java servers in parallel
 make start-servers
 
-# Start only the Python S3EC V3 server
-make start-python-v3-server
+# Start only the Python S3EC V4 server
+make start-python-v4-server
 
 # Run Java tests
 make run-tests

test-server/java-tests/src/it/java/software/amazon/encryption/s3/KeyCommitmentPolicyEncryptFailureTests.java

@@ -31,7 +31,7 @@
  * with the commitment policy is rejected by the S3EC — either at client creation
  * or at PutObject time.
  *
- * Currently scoped to Python V3 only. Other languages can be enabled by
+ * Currently scoped to Python V4 only. Other languages can be enabled by
  * switching the MethodSource to a broader provider (e.g. improvedClientsForTest).
  */
 @DisplayName("Key Commitment Policy — Encrypt Failures")
@@ -42,7 +42,7 @@ public class KeyCommitmentPolicyEncryptFailureTests {
         .build();
 
     @ParameterizedTest(name = "{0}: REQUIRE_ENCRYPT_ALLOW_DECRYPT with non-committing GCM MUST fail to encrypt")
-    @MethodSource("software.amazon.encryption.s3.TestUtils#pythonV3ClientForTest")
+    @MethodSource("software.amazon.encryption.s3.TestUtils#pythonV4ClientForTest")
     void require_encrypt_allow_decrypt_with_non_committing_gcm_must_fail(
         TestUtils.LanguageServerTarget language
     ) {
@@ -58,7 +58,7 @@ void require_encrypt_allow_decrypt_with_non_committing_gcm_must_fail(
     }
 
     @ParameterizedTest(name = "{0}: REQUIRE_ENCRYPT_REQUIRE_DECRYPT with non-committing GCM MUST fail to encrypt")
-    @MethodSource("software.amazon.encryption.s3.TestUtils#pythonV3ClientForTest")
+    @MethodSource("software.amazon.encryption.s3.TestUtils#pythonV4ClientForTest")
     void require_encrypt_require_decrypt_with_non_committing_gcm_must_fail(
         TestUtils.LanguageServerTarget language
     ) {
@@ -74,7 +74,7 @@ void require_encrypt_require_decrypt_with_non_committing_gcm_must_fail(
     }
 
     @ParameterizedTest(name = "{0}: FORBID_ENCRYPT_ALLOW_DECRYPT with committing GCM MUST fail to encrypt")
-    @MethodSource("software.amazon.encryption.s3.TestUtils#pythonV3ClientForTest")
+    @MethodSource("software.amazon.encryption.s3.TestUtils#pythonV4ClientForTest")
     void forbid_encrypt_allow_decrypt_with_committing_gcm_must_fail(
         TestUtils.LanguageServerTarget language
     ) {

test-server/java-tests/src/it/java/software/amazon/encryption/s3/TestUtils.java

@@ -65,8 +65,8 @@ public class TestUtils {
     public static final String JAVA_V3_TRANSITION = "Java-V3-Transition";
     public static final String JAVA_V4 = "Java-V4";
 
-    // No Python S3EC versions are released. Only test V3 as the "vN+1" version.
-    public static final String PYTHON_V3 = "Python-V3";
+    // No Python S3EC versions are released. Only test V4 as the "vN+1" version.
+    public static final String PYTHON_V4 = "Python-V4";
 
     public static final String GO_V3_TRANSITION = "Go-V3-Transition";
     public static final String GO_V4 = "Go-V4";
@@ -101,7 +101,7 @@ public class TestUtils {
     // Languages that reject caller-provided encryption context when the
     // wrapping algorithm is KmsV1 ("kms").
     public static final Set<String> KMSV1_ENCRYPTION_CONTEXT_UNSUPPORTED =
-      Set.of(PYTHON_V3);
+      Set.of(PYTHON_V4);
 
     public static final Set<String> RE_ENCRYPT_SUPPORTED =
       Set.of(JAVA_V3_TRANSITION, JAVA_V4);
@@ -131,11 +131,11 @@ public class TestUtils {
 
     // Go does not write with instruction files
     public static final Set<String> INSTRUCTION_FILE_PUT_UNSUPPORTED =
-      Set.of(GO_V3_TRANSITION, GO_V4, PYTHON_V3);
+      Set.of(GO_V3_TRANSITION, GO_V4, PYTHON_V4);
 
     // Not implemented yet in Python.
     public static final Set<String> INSTRUCTION_FILE_GET_UNSUPPORTED =
-      Set.of(PYTHON_V3);
+      Set.of(PYTHON_V4);
 
     // Languages that support custom instruction file suffix on GetObject
     // Only Java, Ruby, and PHP servers have been updated with this feature
@@ -163,7 +163,7 @@ public class TestUtils {
     public static final Set<String> IMPROVED_VERSIONS =
         Set.of(
             JAVA_V4,
-            PYTHON_V3,
+            PYTHON_V4,
             GO_V4,
             NET_V4,
             CPP_V3,
@@ -175,7 +175,7 @@ public class TestUtils {
 
     static {
         final Map<String, LanguageServerTarget> servers = new LinkedHashMap<>();
-        servers.put(PYTHON_V3, new LanguageServerTarget(PYTHON_V3, "8081"));
+        servers.put(PYTHON_V4, new LanguageServerTarget(PYTHON_V4, "8081"));
         servers.put(CPP_V2_TRANSITION, new LanguageServerTarget(CPP_V2_TRANSITION, "8097"));
         servers.put(CPP_V3, new LanguageServerTarget(CPP_V3, "8091"));
         servers.put(GO_V4, new LanguageServerTarget(GO_V4, "8089"));
@@ -367,13 +367,13 @@ public static Stream<Arguments> improvedClientsForTest() {
     }
 
     /**
-     * Get stream of arguments for the Python V3 client only.
+     * Get stream of arguments for the Python V4 client only.
      * Other languages can be added to this set as their commitment policy
      * validation is confirmed.
      */
-    public static Stream<Arguments> pythonV3ClientForTest() {
+    public static Stream<Arguments> pythonV4ClientForTest() {
         return serverMap.values().stream()
-            .filter(target -> PYTHON_V3.equals(target.getLanguageName()))
+            .filter(target -> PYTHON_V4.equals(target.getLanguageName()))
             .map(Arguments::of);
     }
 

test-server/python-v3-server/Makefile → test-server/python-v4-server/Makefile

@@ -6,20 +6,20 @@ PID_FILE := server.pid
 PORT := 8081
 
 build-server:
-	@echo "Building Python V3 server..."
+	@echo "Building Python V4 server..."
 	python -m venv .venv
 	.venv/bin/python -m ensurepip
 	.venv/bin/python -m pip install -e .
 	.venv/bin/python -m pip install -e ../..
 
 start-server:
-	@echo "Starting Python V3 server..."
+	@echo "Starting Python V4 server..."
 	AWS_ACCESS_KEY_ID="$$AWS_ACCESS_KEY_ID" \
 	AWS_SECRET_ACCESS_KEY="$$AWS_SECRET_ACCESS_KEY" \
 	AWS_SESSION_TOKEN="$$AWS_SESSION_TOKEN" \
 	AWS_REGION="us-west-2" \
 	.venv/bin/python src/main.py > server.log 2>&1 & echo $$! > $(PID_FILE)
-	@echo "Python V3 server starting..."
+	@echo "Python V4 server starting..."
 
 stop-server:
 	@echo "Stopping server on port $(PORT)..."