chore: bump reva to latest edge

changelog/unreleased/unifi-logging.md

@@ -0,0 +1,5 @@
+Bugfix: Unifi logging
+
+We fixed some cases where we did not use the correct logger.
+
+https://github.com/owncloud/ocis/pull/10743/

go.mod

@@ -17,7 +17,7 @@ require (
 	github.com/cenkalti/backoff v2.2.1+incompatible
 	github.com/coreos/go-oidc/v3 v3.11.0
 	github.com/cs3org/go-cs3apis v0.0.0-20241105092511-3ad35d174fc1
-	github.com/cs3org/reva/v2 v2.26.8
+	github.com/cs3org/reva/v2 v2.26.9-0.20241211090933-830f2a7e3cff
 	github.com/davidbyttow/govips/v2 v2.15.0
 	github.com/dhowden/tag v0.0.0-20240417053706-3d75831295e8
 	github.com/dutchcoders/go-clamd v0.0.0-20170520113014-b970184f4d9e

go.sum

@@ -255,8 +255,10 @@ github.com/crewjam/saml v0.4.14 h1:g9FBNx62osKusnFzs3QTN5L9CVA/Egfgm+stJShzw/c=
 github.com/crewjam/saml v0.4.14/go.mod h1:UVSZCf18jJkk6GpWNVqcyQJMD5HsRugBPf4I1nl2mME=
 github.com/cs3org/go-cs3apis v0.0.0-20241105092511-3ad35d174fc1 h1:RU6LT6mkD16xZs011+8foU7T3LrPvTTSWeTQ9OgfhkA=
 github.com/cs3org/go-cs3apis v0.0.0-20241105092511-3ad35d174fc1/go.mod h1:DedpcqXl193qF/08Y04IO0PpxyyMu8+GrkD6kWK2MEQ=
-github.com/cs3org/reva/v2 v2.26.8 h1:MTqEPfyYxtwgew1Yo35MasfFkI8afTIHSTr+mwX9Gh0=
-github.com/cs3org/reva/v2 v2.26.8/go.mod h1:fJWmn7EkttWOWphZfiKdFOcHuthcUsU55aSN1VeTOhU=
+github.com/cs3org/reva/v2 v2.26.8-0.20241203081301-17f339546533 h1:QshDjljk44ASolJwlHxE9e7u+Slgdi/VfPKYvbfFu2g=
+github.com/cs3org/reva/v2 v2.26.8-0.20241203081301-17f339546533/go.mod h1:fJWmn7EkttWOWphZfiKdFOcHuthcUsU55aSN1VeTOhU=
+github.com/cs3org/reva/v2 v2.26.9-0.20241211090933-830f2a7e3cff h1:B/mzU2NOgpukrpBQ9exVFfkFam/56QFVt2d1BNSK3dI=
+github.com/cs3org/reva/v2 v2.26.9-0.20241211090933-830f2a7e3cff/go.mod h1:fJWmn7EkttWOWphZfiKdFOcHuthcUsU55aSN1VeTOhU=
 github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4=
 github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg=
 github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4=

vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/eventsmiddleware/conversion.go

@@ -23,6 +23,7 @@ import (
 
 	group "github.com/cs3org/go-cs3apis/cs3/identity/group/v1beta1"
 	user "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
+	ocmcore "github.com/cs3org/go-cs3apis/cs3/ocm/core/v1beta1"
 	collaboration "github.com/cs3org/go-cs3apis/cs3/sharing/collaboration/v1beta1"
 	link "github.com/cs3org/go-cs3apis/cs3/sharing/link/v1beta1"
 	provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
@@ -191,6 +192,26 @@ func LinkRemoved(r *link.RemovePublicShareResponse, req *link.RemovePublicShareR
 	}
 }
 
+func OCMCoreShareCreated(r *ocmcore.CreateOCMCoreShareResponse, req *ocmcore.CreateOCMCoreShareRequest, executant *user.User) events.OCMCoreShareCreated {
+	var permissions *provider.ResourcePermissions
+	for _, p := range req.GetProtocols() {
+		if p.GetWebdavOptions() != nil {
+			permissions = p.GetWebdavOptions().GetPermissions().GetPermissions()
+			break
+		}
+	}
+	return events.OCMCoreShareCreated{
+		ShareID:       r.GetId(),
+		Executant:     executant.GetId(),
+		Sharer:        req.GetSender(),
+		GranteeUserID: req.GetShareWith(),
+		ItemID:        req.GetResourceId(),
+		ResourceName:  req.GetName(),
+		CTime:         r.GetCreated(),
+		Permissions:   permissions,
+	}
+}
+
 // FileTouched converts the response to an event
 func FileTouched(r *provider.TouchFileResponse, req *provider.TouchFileRequest, spaceOwner *user.UserId, executant *user.User) events.FileTouched {
 	return events.FileTouched{

vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/eventsmiddleware/events.go

@@ -23,6 +23,7 @@ import (
 	"fmt"
 
 	user "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
+	ocmcore "github.com/cs3org/go-cs3apis/cs3/ocm/core/v1beta1"
 	rpc "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1"
 	collaboration "github.com/cs3org/go-cs3apis/cs3/sharing/collaboration/v1beta1"
 	link "github.com/cs3org/go-cs3apis/cs3/sharing/link/v1beta1"
@@ -112,6 +113,10 @@ func NewUnary(m map[string]interface{}) (grpc.UnaryServerInterceptor, int, error
 			} else {
 				ev = LinkAccessFailed(v, req.(*link.GetPublicShareByTokenRequest), executant)
 			}
+		case *ocmcore.CreateOCMCoreShareResponse:
+			if isSuccess(v) {
+				ev = OCMCoreShareCreated(v, req.(*ocmcore.CreateOCMCoreShareRequest), executant)
+			}
 		case *provider.AddGrantResponse:
 			// TODO: update CS3 APIs
 			// FIXME these should be part of the RemoveGrantRequest object

vendor/github.com/cs3org/reva/v2/internal/grpc/services/gateway/ocmshareprovider.go

@@ -85,11 +85,37 @@ func (s *svc) RemoveOCMShare(ctx context.Context, req *ocm.RemoveOCMShareRequest
 		}, nil
 	}
 
+	getShareRes, err := c.GetOCMShare(ctx, &ocm.GetOCMShareRequest{
+		Ref: req.Ref,
+	})
+	if err != nil {
+		return nil, errors.Wrap(err, "gateway: error calling GetOCMShare")
+	}
+	if getShareRes.Status.Code != rpc.Code_CODE_OK {
+		res := &ocm.RemoveOCMShareResponse{
+			Status: status.NewInternal(ctx,
+				"error getting ocm share when committing to the storage"),
+		}
+		return res, nil
+	}
+	share := getShareRes.Share
+
 	res, err := c.RemoveOCMShare(ctx, req)
 	if err != nil {
 		return nil, errors.Wrap(err, "gateway: error calling RemoveOCMShare")
 	}
 
+	// remove the grant from the storage provider
+	status, err := s.removeGrant(ctx, share.GetResourceId(), share.GetGrantee(), share.GetAccessMethods()[0].GetWebdavOptions().GetPermissions(), nil)
+	if err != nil {
+		return nil, errors.Wrap(err, "gateway: error removing grant from storage")
+	}
+	if status.Code != rpc.Code_CODE_OK {
+		return &ocm.RemoveOCMShareResponse{
+			Status: status,
+		}, err
+	}
+
 	return res, nil
 }
 

vendor/github.com/cs3org/reva/v2/pkg/events/ocmcore.go

@@ -0,0 +1,46 @@
+// Copyright 2018-2024 CERN
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// In applying this license, CERN does not waive the privileges and immunities
+// granted to it by virtue of its status as an Intergovernmental Organization
+// or submit itself to any jurisdiction.
+
+package events
+
+import (
+	"encoding/json"
+
+	user "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
+	provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
+	types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1"
+)
+
+// OCMCoreShareCreated is emitted when an ocm share is received
+type OCMCoreShareCreated struct {
+	ShareID       string
+	Executant     *user.UserId
+	Sharer        *user.UserId
+	GranteeUserID *user.UserId
+	ItemID        string
+	ResourceName  string
+	Permissions   *provider.ResourcePermissions
+	CTime         *types.Timestamp
+}
+
+// Unmarshal to fulfill umarshaller interface
+func (OCMCoreShareCreated) Unmarshal(v []byte) (interface{}, error) {
+	e := OCMCoreShareCreated{}
+	err := json.Unmarshal(v, &e)
+	return e, err
+}

vendor/github.com/cs3org/reva/v2/pkg/logger/logger.go

@@ -91,7 +91,7 @@ func parseLevel(v string) zerolog.Level {
 
 func InitLoggerOrDie(v interface{}, logLevel string) *zerolog.Logger {
 	conf := ParseLogConfOrDie(v, logLevel)
-	log, err := FromConfig(conf)
+	log, err := fromConfig(conf)
 	if err != nil {
 		fmt.Fprintf(os.Stderr, "error creating logger, exiting ...")
 		os.Exit(1)
@@ -125,7 +125,7 @@ type LogConf struct {
 	Level  string `mapstructure:"level"`
 }
 
-func FromConfig(conf *LogConf) (*zerolog.Logger, error) {
+func fromConfig(conf *LogConf) (*zerolog.Logger, error) {
 	if conf.Level == "" {
 		conf.Level = zerolog.DebugLevel.String()
 	}

vendor/github.com/cs3org/reva/v2/pkg/ocm/storage/received/ocm.go

@@ -33,7 +33,6 @@ import (
 
 	gateway "github.com/cs3org/go-cs3apis/cs3/gateway/v1beta1"
 	userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
-	userv1beta1 "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
 	rpc "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1"
 	ocmpb "github.com/cs3org/go-cs3apis/cs3/sharing/ocm/v1beta1"
 	provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
@@ -539,7 +538,7 @@ func (d *driver) ListStorageSpaces(ctx context.Context, filters []*provider.List
 						OpaqueId: storagespace.FormatResourceID(root),
 					},
 					SpaceType: "mountpoint",
-					Owner: &userv1beta1.User{
+					Owner: &userpb.User{
 						Id: share.Grantee.GetUserId(),
 					},
 					Root: root,
@@ -558,7 +557,7 @@ func (d *driver) ListStorageSpaces(ctx context.Context, filters []*provider.List
 						OpaqueId: storagespace.FormatResourceID(root),
 					},
 					SpaceType: "mountpoint",
-					Owner: &userv1beta1.User{
+					Owner: &userpb.User{
 						Id: share.Grantee.GetUserId(),
 					},
 					Root: root,

vendor/github.com/cs3org/reva/v2/pkg/storage/fs/posix/tree/tree.go

@@ -108,7 +108,7 @@ func New(lu node.PathLookup, bs Blobstore, um usermapper.Mapper, trashbin *trash
 		trashbin:   trashbin,
 		options:    o,
 		idCache:    cache,
-		propagator: propagator.New(lu, &o.Options),
+		propagator: propagator.New(lu, &o.Options, log),
 		scanQueue:  scanQueue,
 		scanDebouncer: NewScanDebouncer(o.ScanDebounceDelay, func(item scanItem) {
 			scanQueue <- item

vendor/github.com/cs3org/reva/v2/pkg/storage/utils/ace/ace.go

@@ -215,10 +215,6 @@ func FromGrant(g *provider.Grant) *ACE {
 }
 
 func UserAce(id *userpb.UserId) string {
-	if id.GetType() == userpb.UserType_USER_TYPE_FEDERATED {
-		return "u:" + id.OpaqueId + "@" + id.Idp
-	}
-
 	return "u:" + id.OpaqueId
 }
 

vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/decomposedfs.go

@@ -132,6 +132,10 @@ type Decomposedfs struct {
 
 // NewDefault returns an instance with default components
 func NewDefault(m map[string]interface{}, bs tree.Blobstore, es events.Stream, log *zerolog.Logger) (storage.FS, error) {
+	if log == nil {
+		log = &zerolog.Logger{}
+	}
+
 	o, err := options.New(m)
 	if err != nil {
 		return nil, err
@@ -156,7 +160,7 @@ func NewDefault(m map[string]interface{}, bs tree.Blobstore, es events.Stream, l
 		microstore.Table(o.IDCache.Table),
 		store.DisablePersistence(o.IDCache.DisablePersistence),
 		store.Authentication(o.IDCache.AuthUsername, o.IDCache.AuthPassword),
-	))
+	), log)
 
 	permissionsSelector, err := pool.PermissionsSelector(o.PermissionsSVC, pool.WithTLSMode(o.PermTLSMode))
 	if err != nil {
@@ -178,6 +182,10 @@ func NewDefault(m map[string]interface{}, bs tree.Blobstore, es events.Stream, l
 // New returns an implementation of the storage.FS interface that talks to
 // a local filesystem.
 func New(o *options.Options, aspects aspects.Aspects, log *zerolog.Logger) (storage.FS, error) {
+	if log == nil {
+		log = &zerolog.Logger{}
+	}
+
 	err := aspects.Tree.Setup()
 	if err != nil {
 		log.Error().Err(err).Msg("could not setup tree")
@@ -238,7 +246,7 @@ func New(o *options.Options, aspects aspects.Aspects, log *zerolog.Logger) (stor
 		spaceTypeIndex:  spaceTypeIndex,
 		log:             log,
 	}
-	fs.sessionStore = upload.NewSessionStore(fs, aspects, o.Root, o.AsyncFileUploads, o.Tokens)
+	fs.sessionStore = upload.NewSessionStore(fs, aspects, o.Root, o.AsyncFileUploads, o.Tokens, log)
 	if err = fs.trashbin.Setup(fs); err != nil {
 		return nil, err
 	}

vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/tree/propagator/async.go

@@ -27,7 +27,6 @@ import (
 	"time"
 
 	"github.com/cs3org/reva/v2/pkg/appctx"
-	"github.com/cs3org/reva/v2/pkg/logger"
 	"github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/lookup"
 	"github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/metadata"
 	"github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/metadata/prefixes"
@@ -49,6 +48,7 @@ type AsyncPropagator struct {
 	treeTimeAccounting bool
 	propagationDelay   time.Duration
 	lookup             node.PathLookup
+	log                *zerolog.Logger
 }
 
 // Change represents a change to the tree
@@ -58,16 +58,15 @@ type Change struct {
 }
 
 // NewAsyncPropagator returns a new AsyncPropagator instance
-func NewAsyncPropagator(treeSizeAccounting, treeTimeAccounting bool, o options.AsyncPropagatorOptions, lookup node.PathLookup) AsyncPropagator {
+func NewAsyncPropagator(treeSizeAccounting, treeTimeAccounting bool, o options.AsyncPropagatorOptions, lookup node.PathLookup, log *zerolog.Logger) AsyncPropagator {
 	p := AsyncPropagator{
 		treeSizeAccounting: treeSizeAccounting,
 		treeTimeAccounting: treeTimeAccounting,
 		propagationDelay:   o.PropagationDelay,
 		lookup:             lookup,
+		log:                log,
 	}
 
-	log := logger.New()
-
 	log.Info().Msg("async propagator starting up...")
 
 	// spawn a goroutine that watches for stale .processing dirs and fixes them

vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/tree/propagator/propagator.go

@@ -30,6 +30,7 @@ import (
 	"github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/node"
 	"github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/options"
 	"github.com/pkg/errors"
+	"github.com/rs/zerolog"
 	"go.opentelemetry.io/otel"
 	"go.opentelemetry.io/otel/trace"
 )
@@ -44,10 +45,10 @@ type Propagator interface {
 	Propagate(ctx context.Context, node *node.Node, sizediff int64) error
 }
 
-func New(lookup node.PathLookup, o *options.Options) Propagator {
+func New(lookup node.PathLookup, o *options.Options, log *zerolog.Logger) Propagator {
 	switch o.Propagator {
 	case "async":
-		return NewAsyncPropagator(o.TreeSizeAccounting, o.TreeTimeAccounting, o.AsyncPropagatorOptions, lookup)
+		return NewAsyncPropagator(o.TreeSizeAccounting, o.TreeTimeAccounting, o.AsyncPropagatorOptions, lookup, log)
 	default:
 		return NewSyncPropagator(o.TreeSizeAccounting, o.TreeTimeAccounting, lookup)
 	}

vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/tree/tree.go

@@ -42,6 +42,7 @@ import (
 	"github.com/cs3org/reva/v2/pkg/utils"
 	"github.com/google/uuid"
 	"github.com/pkg/errors"
+	"github.com/rs/zerolog"
 	"go-micro.dev/v4/store"
 	"go.opentelemetry.io/otel"
 	"go.opentelemetry.io/otel/trace"
@@ -76,13 +77,13 @@ type Tree struct {
 type PermissionCheckFunc func(rp *provider.ResourcePermissions) bool
 
 // New returns a new instance of Tree
-func New(lu node.PathLookup, bs Blobstore, o *options.Options, cache store.Store) *Tree {
+func New(lu node.PathLookup, bs Blobstore, o *options.Options, cache store.Store, log *zerolog.Logger) *Tree {
 	return &Tree{
 		lookup:     lu,
 		blobstore:  bs,
 		options:    o,
 		idCache:    cache,
-		propagator: propagator.New(lu, o),
+		propagator: propagator.New(lu, o, log),
 	}
 }
 

vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/upload/session.go

@@ -27,7 +27,6 @@ import (
 	"time"
 
 	"github.com/google/renameio/v2"
-	"github.com/rogpeppe/go-internal/lockedfile"
 	tusd "github.com/tus/tusd/v2/pkg/handler"
 
 	userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
@@ -35,7 +34,6 @@ import (
 	typespb "github.com/cs3org/go-cs3apis/cs3/types/v1beta1"
 	"github.com/cs3org/reva/v2/pkg/appctx"
 	ctxpkg "github.com/cs3org/reva/v2/pkg/ctx"
-	"github.com/cs3org/reva/v2/pkg/logger"
 	"github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/node"
 	"github.com/cs3org/reva/v2/pkg/utils"
 )
@@ -49,12 +47,7 @@ type OcisSession struct {
 
 // Context returns a context with the user, logger and lockid used when initiating the upload session
 func (s *OcisSession) Context(ctx context.Context) context.Context { // restore logger from file info
-	log, _ := logger.FromConfig(&logger.LogConf{
-		Output: "stderr", // TODO use config from decomposedfs
-		Mode:   "json",   // TODO use config from decomposedfs
-		Level:  s.info.Storage["LogLevel"],
-	})
-	sub := log.With().Int("pid", os.Getpid()).Logger()
+	sub := s.store.log.With().Int("pid", os.Getpid()).Logger()
 	ctx = appctx.WithLogger(ctx, &sub)
 	ctx = ctxpkg.ContextSetLockID(ctx, s.lockID())
 	ctx = ctxpkg.ContextSetUser(ctx, s.executantUser())
@@ -84,14 +77,6 @@ func (s *OcisSession) Purge(ctx context.Context) error {
 	_, span := tracer.Start(ctx, "Purge")
 	defer span.End()
 	sessionPath := sessionPath(s.store.root, s.info.ID)
-	f, err := lockedfile.OpenFile(sessionPath+".lock", os.O_RDWR|os.O_TRUNC|os.O_CREATE, 0600)
-	if err != nil {
-		return err
-	}
-	defer func() {
-		f.Close()
-		os.Remove(sessionPath + ".lock")
-	}()
 	if err := os.Remove(sessionPath); err != nil {
 		return err
 	}
@@ -127,11 +112,6 @@ func (s *OcisSession) Persist(ctx context.Context) error {
 	if err != nil {
 		return err
 	}
-	f, err := lockedfile.OpenFile(sessionPath+".lock", os.O_RDWR|os.O_TRUNC|os.O_CREATE, 0600)
-	if err != nil {
-		return err
-	}
-	defer f.Close()
 	return renameio.WriteFile(sessionPath, d, 0600)
 }
 

vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/upload/store.go

@@ -28,6 +28,7 @@ import (
 	"regexp"
 	"strconv"
 	"strings"
+	"syscall"
 	"time"
 
 	provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
@@ -44,6 +45,7 @@ import (
 	"github.com/google/uuid"
 	"github.com/pkg/errors"
 	"github.com/rogpeppe/go-internal/lockedfile"
+	"github.com/rs/zerolog"
 	tusd "github.com/tus/tusd/v2/pkg/handler"
 )
 
@@ -65,10 +67,11 @@ type OcisStore struct {
 	async             bool
 	tknopts           options.TokenOptions
 	disableVersioning bool
+	log               *zerolog.Logger
 }
 
 // NewSessionStore returns a new OcisStore
-func NewSessionStore(fs storage.FS, aspects aspects.Aspects, root string, async bool, tknopts options.TokenOptions) *OcisStore {
+func NewSessionStore(fs storage.FS, aspects aspects.Aspects, root string, async bool, tknopts options.TokenOptions, log *zerolog.Logger) *OcisStore {
 	return &OcisStore{
 		fs:                fs,
 		lu:                aspects.Lookup,
@@ -79,6 +82,7 @@ func NewSessionStore(fs storage.FS, aspects aspects.Aspects, root string, async
 		tknopts:           tknopts,
 		disableVersioning: aspects.DisableVersioning,
 		um:                aspects.UserMapper,
+		log:               log,
 	}
 }
 
@@ -129,24 +133,19 @@ func (store OcisStore) Get(ctx context.Context, id string) (*OcisSession, error)
 		store: store,
 		info:  tusd.FileInfo{},
 	}
-	lock, err := lockedfile.Open(sessionPath + ".lock")
-	if err != nil {
-		if errors.Is(err, iofs.ErrNotExist) {
-			// Interpret os.ErrNotExist as 404 Not Found
-			err = tusd.ErrNotFound
-		}
-		return nil, err
-	}
-	defer lock.Close()
 	data, err := os.ReadFile(sessionPath)
 	if err != nil {
+		// handle stale NFS file handles that can occur when the file is deleted betwenn the ATTR and FOPEN call of os.ReadFile
+		if pathErr, ok := err.(*os.PathError); ok && pathErr.Err == syscall.ESTALE {
+			appctx.GetLogger(ctx).Info().Str("session", id).Err(err).Msg("treating stale file handle as not found")
+			err = tusd.ErrNotFound
+		}
 		if errors.Is(err, iofs.ErrNotExist) {
 			// Interpret os.ErrNotExist as 404 Not Found
 			err = tusd.ErrNotFound
 		}
 		return nil, err
 	}
-	lock.Close() // release lock asap
 
 	if err := json.Unmarshal(data, &session.info); err != nil {
 		return nil, err

vendor/modules.txt

@@ -367,7 +367,7 @@ github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1
 github.com/cs3org/go-cs3apis/cs3/storage/registry/v1beta1
 github.com/cs3org/go-cs3apis/cs3/tx/v1beta1
 github.com/cs3org/go-cs3apis/cs3/types/v1beta1
-# github.com/cs3org/reva/v2 v2.26.8
+# github.com/cs3org/reva/v2 v2.26.9-0.20241211090933-830f2a7e3cff
 ## explicit; go 1.22.0
 github.com/cs3org/reva/v2/cmd/revad/internal/grace
 github.com/cs3org/reva/v2/cmd/revad/runtime