fix: S3 Phase 2 round-2 review – versioned blob keys, HEAD+Range, presign expiry, 416 headers

[Copilot]

Addresses six correctness issues identified in the second review of the S3 Phase 2 implementation.

Versioned blob keys (chunk collision + complete race)

uploadPart pre-allocates its commit timestamp before writing any chunks and embeds it as PartVersion in both the part descriptor and blob keys via a new s3keys.VersionedBlobKey(). Concurrent re-UploadPart for the same partNo now writes to a distinct key space, so chunk data referenced by an in-progress CompleteMultipartUpload is immutable per attempt.

// key: blobPrefix | bucket | generation | object | uploadID | partNo | chunkNo | partVersion
func VersionedBlobKey(..., partVersion uint64) []byte
// partVersion==0 → identical to BlobKey (backward-compatible with putObject data)

appendPartBlobKeys and cleanupPartBlobsAsync use the version stored in the manifest/descriptor, so cleanup stays consistent.

HEAD + Range

getObject now splits HEAD and GET control flow. A ranged HEAD returns 206 Partial Content + Content-Range / partial Content-Length with no body; previously always 200.

Content-Range header on 416 responses

GET and HEAD with an unsatisfiable range now set Content-Range: bytes */<totalSize> before writing the 416 body, per RFC 9110 §14.2.

Presigned URL X-Amz-Expires required

checkPresignExpiry returns AuthorizationQueryParametersError when X-Amz-Expires is absent, matching AWS SigV4 semantics. The clock-skew fallback is removed.

TODO_s3_review_fixes.md item 2

Corrected to reflect the actual non-blocking select/skip behavior rather than the previously claimed blocking wait.

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.