mbutrovich commented on code in PR #2584:
URL: https://github.com/apache/iceberg-rust/pull/2584#discussion_r3414598284
##########
crates/iceberg/src/scan/task.rs:
##########
@@ -118,6 +118,13 @@ pub struct FileScanTask {
/// Whether this scan task should treat column names as case-sensitive
when binding predicates.
pub case_sensitive: bool,
+
+ /// Key metadata for encrypted data files (Parquet Modular Encryption).
+ /// When present, the reader uses this to build `FileDecryptionProperties`.
+ #[serde(default)]
+ #[serde(skip_serializing_if = "Option::is_none")]
+ #[builder(default)]
+ pub key_metadata: Option<Box<[u8]>>,
Review Comment:
`FileScanTask` derives `Serialize`, so with `StandardKeyMetadata` the
plaintext DEK serializes into the plan when a task ships to a worker.
`skip_serializing_if` (line 125) only covers the `None` case. Is that an
acceptable trust boundary here, or worth a field doc note? (A pluggable
key-resolution hook in the reader would also address it, since the task would
then carry only a key reference rather than the DEK.)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
