poc impersonate

Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2023-02-21 15:24:53 +03:00
130 changed files with 1222 additions and 2459 deletions
--- a/.docker/Dockerfile
+++ b/.docker/Dockerfile
@ -1,7 +1,7 @@
 FROM golang:1.19 as builder

 ARG BUILD=now
-ARG REPO=git.frostfs.info/TrueCloudLab/frostfs-s3-gw
+ARG REPO=github.com/TrueCloudLab/frostfs-s3-gw
 ARG VERSION=dev

 WORKDIR /src
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@ -1,45 +0,0 @@
---
-name: Bug report
-about: Create a report to help us improve
-title: ''
-labels: community, triage, bug
-assignees: ''
-
---
-
-<!--- Provide a general summary of the issue in the Title above -->
-
-## Expected Behavior
-<!--- If you're describing a bug, tell us what should happen -->
-<!--- If you're suggesting a change/improvement, tell us how it should work -->
-
-## Current Behavior
-<!--- If describing a bug, tell us what happens instead of the expected behavior -->
-<!--- If suggesting a change/improvement, explain the difference from current behavior -->
-
-## Possible Solution
-<!--- Not obligatory -->
-<!--- If no reason/fix/additions for the bug can be suggested, -->
-<!--- uncomment the following phrase: -->
-
-<!--- No fix can be suggested by a QA engineer. Further solutions shall be up to developers. -->
-
-## Steps to Reproduce (for bugs)
-<!--- Provide a link to a live example, or an unambiguous set of steps to -->
-<!--- reproduce this bug. -->
-
-1.
-
-## Context
-<!--- How has this issue affected you? What are you trying to accomplish? -->
-<!--- Providing context helps us come up with a solution that is most useful in the real world -->
-
-## Regression
-<!-- Is this issue a regression? (Yes / No) -->
-<!-- If Yes, optionally please include version or commit id or PR# that caused this regression, if you have these details. -->
-
-## Your Environment
-<!--- Include as many relevant details about the environment you experienced the bug in -->
-* Version used:
-* Server setup and configuration:
-* Operating System and version (`uname -a`):
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@ -1 +0,0 @@
-blank_issues_enabled: false
--- a/.github/ISSUE_TEMPLATE/feature_request.md
+++ b/.github/ISSUE_TEMPLATE/feature_request.md
@ -1,20 +0,0 @@
---
-name: Feature request
-about: Suggest an idea for this project
-title: ''
-labels: community, triage
-assignees: ''
-
---
-
-## Is your feature request related to a problem? Please describe.
-<!--- A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] -->
-
-## Describe the solution you'd like
-<!--- A clear and concise description of what you want to happen. -->
-
-## Describe alternatives you've considered
-<!--- A clear and concise description of any alternative solutions or features you've considered. -->
-
-## Additional context
-<!--- Add any other context or screenshots about the feature request here. -->
--- a/.gitignore
+++ b/.gitignore
@ -28,3 +28,4 @@ debian/files
 debian/*.log
 debian/*.substvars
 debian/frostfs-s3-gw/
+
--- a/.gitlint
+++ b/.gitlint
@ -1,11 +0,0 @@
-[general]
-fail-without-commits=True
-regex-style-search=True
-contrib=CC1
-
-[title-match-regex]
-regex=^\[\#[0-9Xx]+\]\s
-
-[ignore-by-title]
-regex=^Release(.*)
-ignore=title-match-regex
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -1,45 +0,0 @@
-ci:
-  autofix_prs: false
-
-repos:
-  - repo: https://github.com/jorisroovers/gitlint
-    rev:  v0.19.1
-    hooks:
-      - id: gitlint
-        stages: [commit-msg]
-      - id: gitlint-ci
-
-  - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.4.0
-    hooks:
-      - id: check-added-large-files
-      - id: check-case-conflict
-      - id: check-executables-have-shebangs
-      - id: check-shebang-scripts-are-executable
-      - id: check-merge-conflict
-      - id: check-json
-      - id: check-xml
-      - id: check-yaml
-      - id: trailing-whitespace
-        args: [--markdown-linebreak-ext=md]
-      - id: end-of-file-fixer
-        exclude: ".key$"
-
-  - repo: https://github.com/shellcheck-py/shellcheck-py
-    rev: v0.9.0.2
-    hooks:
-      - id: shellcheck
-
-  - repo: https://github.com/golangci/golangci-lint
-    rev: v1.51.2
-    hooks:
-      - id: golangci-lint
-
-  - repo: local
-    hooks:
-      -   id: go-unit-tests
-          name: go unit tests
-          entry: make test
-          pass_filenames: false
-          types: [go]
-          language: system
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -6,15 +6,12 @@ This document outlines major changes between releases.

 ### Fixed
 - Get empty bucket CORS from frostfs (TrueCloudLab#36)
- Don't count pool error on client abort (#35)

 ### Added
 - Return container name in `head-bucket` response (TrueCloudLab#18)
 - Billing metrics (TrueCloudLab#5)
 - Multiple configs support (TrueCloudLab#21)
 - Bucket name resolving policy (TrueCloudLab#25)
- Support string `Action` and `Resource` fields in `bucketPolicy.Statement` (TrueCloudLab#32)
- Add new `kludge.use_default_xmlns_for_complete_multipart` config param (TrueCloudLab#40)

 ### Changed
 - Update neo-go to v0.101.0 (#14)
@ -24,9 +21,6 @@ This document outlines major changes between releases.
 - Return error on invalid LocationConstraint (TrueCloudLab#23)
 - Place billing metrics to separate url path (TrueCloudLab#26)
 - Add generated deb builder files to .gitignore, and fix typo (TrueCloudLab#28)
- Limit number of objects to delete at one time (TrueCloudLab#37)
- CompleteMultipartUpload handler now sends whitespace characters to keep alive client's connection (#60)
- Support new system attributes (#64)

 ## [0.26.0] - 2022-12-28

@ -91,7 +85,7 @@ If you configure application using `.yaml` file change:
 ### Changed
 - GitHub actions update (#710)
 - Makefile help (#725)
- Optimized object tags setting (#669)
+- Optimized object tags setting (#669) 
 - Improved logging (#728)
 - Unified unit test names (#617)
 - Improved docs (#732)
@ -156,7 +150,7 @@ If you configure application using environment variables change:
 * `S3_GW_LISTEN_DOMAINS_N` -> `S3_GW_LISTEN_DOMAINS` (use it as array variable)

 If you configure application using `.yaml` file change:
-* `wallet` -> `wallet.path`
+* `wallet` -> `wallet.path` 
 * `address` -> `wallet.address`
 * `listen_domains.n` -> `listen_domains` (use it as array param)

@ -179,8 +173,8 @@ If you configure application using `.yaml` file change:
 - Rely on string sanitizing from zap (#498)

 ### Updating from v0.22.0
-1. To enable pprof use `pprof.enabled` instead of `pprof` in config.
-To enable prometheus metrics use `prometheus.enabled` instead of `metrics` in config.
+1. To enable pprof use `pprof.enabled` instead of `pprof` in config. 
+To enable prometheus metrics use `prometheus.enabled` instead of `metrics` in config. 
 If you are using the command line flags you can skip this step.

 ## [0.22.0] - 2022-07-25
@ -202,7 +196,7 @@ Tree service support
 - Cache type cast error logging (#465)
 - `docker/*` target in Makefile (#471)
 - Pre signed requests (#529)
- Tagging and ACL notifications (#361)
+- Tagging and ACL notifications (#361) 
 - AWSv4 signer package to improve compatibility with S3 clients (#528)
 - Extension mimetype detector (#289)
 - Default params documentation (#592)
@ -236,7 +230,7 @@ Tree service support
 - Obtainment of ETag value (#431)

 ### Changed
- Authmate doesn't parse session context anymore, now it accepts application defined
+- Authmate doesn't parse session context anymore, now it accepts application defined 
  flexible structure with container ID in human-readable format (#428)

 ## [0.20.0] - 2022-04-29
@ -246,19 +240,19 @@ Tree service support
 - Support of basic notifications (#357, #358, #359)

 ### Changed
- Logger behavior: now it writes to stderr instead of stdout, app name and
-  version are always presented and fixed, all user options except of `level` are
+- Logger behavior: now it writes to stderr instead of stdout, app name and 
+  version are always presented and fixed, all user options except of `level` are 
  dropped (#380)
 - Improved docs, added config examples (#396, #398)
 - Updated NeoFS SDK (#365, #409)

 ### Fixed
 - Added check of `SetEACL` tokens before processing of requests (#347)
- Authmate: returned lost session tokens when a parameter `--session-token` is
+- Authmate: returned lost session tokens when a parameter `--session-token` is 
  omitted (#387)
 - Error when a bucket hasn't a settings file (#389)
 - Response to a request to delete not existing object (#392)
- Replaced gate key in ACL Grantee by key of bearer token issuer (#395)
+- Replaced gate key in ACL Grantee by key of bearer token issuer (#395) 
 - Missing attach of bearer token to requests to put system object (#399)
 - Deletion of system object while CompleteMultipartUpload (#400)
 - Improved English in docs and comments (#405)
@ -285,7 +279,7 @@ Tree service support
 - Updated NeoFS SDK to v1.0.0-rc.3 (#297, #333, #346, #376)
 - Authmate: changed session token rules handling (#329, #336, #338, #352)
 - Changed status code for some failed requests (#308)
- GetBucketLocation returns policy name used at bucket creation (#301)
+- GetBucketLocation returns policy name used at bucket creation (#301) 

 ### Fixed
 - Waiting for bucket to be deleted (#366)
@ -305,7 +299,7 @@ Tree service support
 ## [0.18.0] - 2021-12-16

 ### Added
- Support for MultipartUpload (#186, #187)
+- Support for MultipartUpload (#186, #187) 
 - CORS support (#217)
 - Authmate supports setting of tokens lifetime in a more convenient format (duration) (#258)
 - Generation of a random key for `--no-sign-request` (#276)
@ -334,10 +328,10 @@ With this release we introduce [ceph-based](https://github.com/ceph/s3-tests) S3
 * POST uploading support (#190)
 * Delete marker support (#248)
 * Expiration for access box (#255)
-* AWS CLI credential generating by authmate (#241)
+* AWS CLI credential generating by authmate (#241) 

 ### Changed
-* Default placement policy is now configurable (#218)
+* Default placement policy is now configurable (#218) 
 * README is split into different files (#210)
 * Unified error handling (#89, #149, #184)
 * Authmate issue-secret response contains container id (#163)
@ -382,7 +376,7 @@ cryptography with NEP-6 wallet support.
 * Support of time-based conditional CopyObject and GetObject (#94)

 ### Changed
- * Accesskey format: now `0` used as a delimiter between container ID and object
+ * Accesskey format: now `0` used as a delimiter between container ID and object 
   ID instead of `_` (#164)
 * Accessbox is encoded in protobuf format (#48)
 * Authentication uses secp256r1 instead of ed25519 (#75)
--- a/CREDITS.md
+++ b/CREDITS.md
@ -16,4 +16,4 @@ In chronological order:
 - Elizaveta Chichindaeva
 - Stanislav Bogatyrev
 - Anastasia Prasolova
- Leonard Liubich
+- Leonard Liubich
--- a/14
+++ b/14
@ -16,14 +16,14 @@ REPO_BASENAME = $(shell basename `go list -m`)
 HUB_IMAGE ?= "truecloudlab/$(REPO_BASENAME)"
 HUB_TAG ?= "$(shell echo ${VERSION} | sed 's/^v//')"

-.PHONY: all $(BINS) $(BINDIR) dep docker/ test cover format image image-push dirty-image lint docker/lint pre-commit unpre-commit version clean protoc
+.PHONY: all $(BINS) $(BINDIR) dep docker/ test cover format image image-push dirty-image lint docker/lint version clean protoc

 # .deb package versioning
 OS_RELEASE = $(shell lsb_release -cs)
 PKG_VERSION ?= $(shell echo $(VERSION) | sed "s/^v//" | \
 			sed -E "s/(.*)-(g[a-fA-F0-9]{6,8})(.*)/\1\3~\2/" | \
 			sed "s/-/~/")-${OS_RELEASE}
-.PHONY: debpackage debclean
+.PHONY: debpackage debclean			

 # Make all binaries
 all: $(BINS)
@ -115,14 +115,6 @@ docker/lint:
 	--env HOME=/src \
 	golangci/golangci-lint:v$(LINT_VERSION) bash -c 'cd /src/ && make lint'

-# Activate pre-commit hooks
-pre-commit:
-	pre-commit install -t pre-commit -t commit-msg
-
-# Deactivate pre-commit hooks
-unpre-commit:
-	pre-commit uninstall -t pre-commit -t commit-msg
-
 # Show current version
 version:
 	@echo $(VERSION)
@ -151,6 +143,6 @@ debpackage:
 	dpkg-buildpackage --no-sign -b

 debclean:
-	dh clean
+	dh clean	

 include help.mk
--- a/README.md
+++ b/README.md
@ -6,7 +6,9 @@
 </p>

 ---
-[![Report](https://goreportcard.com/badge/git.frostfs.info/TrueCloudLab/frostfs-s3-gw)](https://goreportcard.com/report/git.frostfs.info/TrueCloudLab/frostfs-s3-gw)
+[![Report](https://goreportcard.com/badge/github.com/TrueCloudLab/frostfs-s3-gw)](https://goreportcard.com/report/github.com/TrueCloudLab/frostfs-s3-gw)
+![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/TrueCloudLab/frostfs-s3-gw?sort=semver)
+![License](https://img.shields.io/github/license/TrueCloudLab/frostfs-s3-gw.svg?style=popout)

 # FrostFS S3 Gateway

@ -14,7 +16,7 @@ FrostFS S3 gateway provides API compatible with Amazon S3 cloud storage service.

 ## Installation

-```go get -u git.frostfs.info/TrueCloudLab/frostfs-s3-gw```
+```go get -u github.com/TrueCloudLab/frostfs-s3-gw```

 Or you can call `make` to build it from the cloned repository (the binary will
 end up in `bin/frostfs-s3-gw` with authmate helper in `bin/frostfs-s3-authmate`).
@ -66,7 +68,7 @@ $ S3_GW_PEERS_0_ADDRESS=grpcs://192.168.130.72:8080 \

 ## Domains

-By default, s3-gw enable only `path-style access`.
+By default, s3-gw enable only `path-style access`. 
 To be able to use both: `virtual-hosted-style` and `path-style` access you must configure `listen_domains`:

 ```shell
@ -100,6 +102,6 @@ Also, you can configure domains using `.env` variables or `yaml` file.
 - [AWS S3 API compatibility](./docs/aws_s3_compat.md)
 - [AWS S3 Compatibility test results](./docs/s3_test_results.md)

-## Credits
+## Credits 

 Please see [CREDITS](CREDITS.md) for details.
--- a/api/auth/center.go
+++ b/api/auth/center.go
@ -14,12 +14,12 @@ import (
 	"strings"
 	"time"

-	v4 "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth/signer/v4"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/cache"
-	apiErrors "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/tokens"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
+	v4 "github.com/TrueCloudLab/frostfs-s3-gw/api/auth/signer/v4"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/cache"
+	apiErrors "github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
+	"github.com/TrueCloudLab/frostfs-s3-gw/creds/tokens"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
 	"github.com/aws/aws-sdk-go/aws/credentials"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 )
--- a/api/auth/center_test.go
+++ b/api/auth/center_test.go
@ -5,7 +5,7 @@ import (
 	"testing"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
 	"github.com/stretchr/testify/require"
 )

--- a/api/cache/access_control.go
+++ b/api/cache/access_control.go
@ -4,7 +4,7 @@ import (
 	"fmt"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
+	"github.com/TrueCloudLab/frostfs-sdk-go/user"
 	"github.com/bluele/gcache"
 	"go.uber.org/zap"
 )
--- a/api/cache/accessbox.go
+++ b/api/cache/accessbox.go
@ -4,8 +4,8 @@ import (
 	"fmt"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
 	"github.com/bluele/gcache"
 	"go.uber.org/zap"
 )
--- a/api/cache/buckets.go
+++ b/api/cache/buckets.go
@ -4,7 +4,7 @@ import (
 	"fmt"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
 	"github.com/bluele/gcache"
 	"go.uber.org/zap"
 )
--- a/api/cache/cache_test.go
+++ b/api/cache/cache_test.go
@ -3,10 +3,10 @@ package cache
 import (
 	"testing"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
-	cidtest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id/test"
-	oidtest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id/test"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
+	cidtest "github.com/TrueCloudLab/frostfs-sdk-go/container/id/test"
+	oidtest "github.com/TrueCloudLab/frostfs-sdk-go/object/id/test"
 	"github.com/stretchr/testify/require"
 	"go.uber.org/zap"
 	"go.uber.org/zap/zaptest/observer"
--- a/api/cache/names.go
+++ b/api/cache/names.go
@ -4,7 +4,7 @@ import (
 	"fmt"
 	"time"

-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
 	"github.com/bluele/gcache"
 	"go.uber.org/zap"
 )
--- a/api/cache/objects.go
+++ b/api/cache/objects.go
@ -4,8 +4,8 @@ import (
 	"fmt"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
 	"github.com/bluele/gcache"
 	"go.uber.org/zap"
 )
--- a/api/cache/objects_test.go
+++ b/api/cache/objects_test.go
@ -4,9 +4,9 @@ import (
 	"testing"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
-	objecttest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/test"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
+	objecttest "github.com/TrueCloudLab/frostfs-sdk-go/object/test"
 	"github.com/stretchr/testify/require"
 	"go.uber.org/zap"
 )
--- a/api/cache/objectslist.go
+++ b/api/cache/objectslist.go
@ -6,8 +6,8 @@ import (
 	"strings"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	cid "github.com/TrueCloudLab/frostfs-sdk-go/container/id"
 	"github.com/bluele/gcache"
 	"go.uber.org/zap"
 )
--- a/api/cache/objectslist_test.go
+++ b/api/cache/objectslist_test.go
@ -4,9 +4,9 @@ import (
 	"testing"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	cidtest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id/test"
-	oidtest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id/test"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	cidtest "github.com/TrueCloudLab/frostfs-sdk-go/container/id/test"
+	oidtest "github.com/TrueCloudLab/frostfs-sdk-go/object/id/test"
 	"github.com/stretchr/testify/require"
 	"go.uber.org/zap"
 )
--- a/api/cache/system.go
+++ b/api/cache/system.go
@ -4,7 +4,7 @@ import (
 	"fmt"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
 	"github.com/bluele/gcache"
 	"go.uber.org/zap"
 )
--- a/api/data/info.go
+++ b/api/data/info.go
@ -4,9 +4,9 @@ import (
 	"encoding/xml"
 	"time"

-	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
+	cid "github.com/TrueCloudLab/frostfs-sdk-go/container/id"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/user"
 )

 const (
--- a/api/data/tree.go
+++ b/api/data/tree.go
@ -4,9 +4,9 @@ import (
 	"strconv"
 	"time"

-	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
+	cid "github.com/TrueCloudLab/frostfs-sdk-go/container/id"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/user"
 )

 const (
--- a/api/handler/acl.go
+++ b/api/handler/acl.go
@ -14,15 +14,15 @@ import (
 	"strconv"
 	"strings"

-	v2acl "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/acl"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/eacl"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
+	v2acl "github.com/TrueCloudLab/frostfs-api-go/v2/acl"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-sdk-go/eacl"
+	"github.com/TrueCloudLab/frostfs-sdk-go/object"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/session"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"go.uber.org/zap"
 )
@ -158,90 +158,6 @@ func (s ServiceRecord) ToEACLRecord() *eacl.Record {
 	return serviceRecord
 }

-var (
-	errInvalidStatement = stderrors.New("invalid statement")
-	errInvalidPrincipal = stderrors.New("invalid principal")
-)
-
-func (s *statement) UnmarshalJSON(data []byte) error {
-	var statementMap map[string]interface{}
-	if err := json.Unmarshal(data, &statementMap); err != nil {
-		return err
-	}
-
-	sidField, ok := statementMap["Sid"]
-	if ok {
-		if s.Sid, ok = sidField.(string); !ok {
-			return errInvalidStatement
-		}
-	}
-
-	effectField, ok := statementMap["Effect"]
-	if ok {
-		if s.Effect, ok = effectField.(string); !ok {
-			return errInvalidStatement
-		}
-	}
-
-	principalField, ok := statementMap["Principal"]
-	if ok {
-		principalMap, ok := principalField.(map[string]interface{})
-		if !ok {
-			return errInvalidPrincipal
-		}
-
-		awsField, ok := principalMap["AWS"]
-		if ok {
-			if s.Principal.AWS, ok = awsField.(string); !ok {
-				return fmt.Errorf("%w: 'AWS' field must be string", errInvalidPrincipal)
-			}
-		}
-
-		canonicalUserField, ok := principalMap["CanonicalUser"]
-		if ok {
-			if s.Principal.CanonicalUser, ok = canonicalUserField.(string); !ok {
-				return errInvalidPrincipal
-			}
-		}
-	}
-
-	actionField, ok := statementMap["Action"]
-	if ok {
-		switch actionField := actionField.(type) {
-		case []interface{}:
-			s.Action = make([]string, len(actionField))
-			for i, action := range actionField {
-				if s.Action[i], ok = action.(string); !ok {
-					return errInvalidStatement
-				}
-			}
-		case string:
-			s.Action = []string{actionField}
-		default:
-			return errInvalidStatement
-		}
-	}
-
-	resourceField, ok := statementMap["Resource"]
-	if ok {
-		switch resourceField := resourceField.(type) {
-		case []interface{}:
-			s.Resource = make([]string, len(resourceField))
-			for i, action := range resourceField {
-				if s.Resource[i], ok = action.(string); !ok {
-					return errInvalidStatement
-				}
-			}
-		case string:
-			s.Resource = []string{resourceField}
-		default:
-			return errInvalidStatement
-		}
-	}
-
-	return nil
-}
-
 func (h *handler) GetBucketACLHandler(w http.ResponseWriter, r *http.Request) {
 	reqInfo := api.GetReqInfo(r.Context())

--- a/api/handler/acl_test.go
+++ b/api/handler/acl_test.go
@ -13,14 +13,14 @@ import (
 	"net/http"
 	"testing"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/eacl"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
+	"github.com/TrueCloudLab/frostfs-sdk-go/bearer"
+	"github.com/TrueCloudLab/frostfs-sdk-go/eacl"
+	"github.com/TrueCloudLab/frostfs-sdk-go/object"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/session"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/stretchr/testify/require"
 )
@ -1352,85 +1352,6 @@ func TestBucketPolicy(t *testing.T) {
 	}
 }

-func TestBucketPolicyUnmarshal(t *testing.T) {
-	for _, tc := range []struct {
-		name   string
-		policy string
-	}{
-		{
-			name: "action/resource array",
-			policy: `
-{
-	"Version": "2012-10-17",
-	"Statement": [{
-		"Principal": {
-			"AWS": "arn:aws:iam::111122223333:role/JohnDoe"
-		},
-		"Effect": "Allow",
-		"Action": [
-			"s3:GetObject",
-			"s3:GetObjectVersion"
-		],
-		"Resource": [
-			"arn:aws:s3:::DOC-EXAMPLE-BUCKET/*",
-			"arn:aws:s3:::DOC-EXAMPLE-BUCKET2/*"
-		]
-	}]
-}
-`,
-		},
-		{
-			name: "action/resource string",
-			policy: `
-{
-	"Version": "2012-10-17",
-	"Statement": [{
-		"Principal": {
-			"AWS": "arn:aws:iam::111122223333:role/JohnDoe"
-		},
-		"Effect": "Deny",
-		"Action": "s3:GetObject",
-		"Resource": "arn:aws:s3:::DOC-EXAMPLE-BUCKET/*"
-	}]
-}
-`,
-		},
-	} {
-		t.Run(tc.name, func(t *testing.T) {
-			bktPolicy := &bucketPolicy{}
-			err := json.Unmarshal([]byte(tc.policy), bktPolicy)
-			require.NoError(t, err)
-		})
-	}
-}
-
-func TestPutBucketPolicy(t *testing.T) {
-	bktPolicy := `
-{
-	"Version": "2012-10-17",
-	"Statement": [{
-		"Principal": {
-			"AWS": "*"
-		},
-		"Effect": "Deny",
-		"Action": "s3:GetObject",
-		"Resource": "arn:aws:s3:::bucket-for-policy/*"
-	}]
-}
-`
-	hc := prepareHandlerContext(t)
-	bktName := "bucket-for-policy"
-
-	box, _ := createAccessBox(t)
-	createBucket(t, hc, bktName, box)
-
-	w, r := prepareTestPayloadRequest(hc, bktName, "", bytes.NewReader([]byte(bktPolicy)))
-	ctx := context.WithValue(r.Context(), api.BoxData, box)
-	r = r.WithContext(ctx)
-	hc.Handler().PutBucketPolicyHandler(w, r)
-	assertStatus(hc.t, w, http.StatusOK)
-}
-
 func getBucketPolicy(hc *handlerContext, bktName string) *bucketPolicy {
 	w, r := prepareTestRequest(hc, bktName, "", nil)
 	hc.Handler().GetBucketPolicyHandler(w, r)
--- a/api/handler/api.go
+++ b/api/handler/api.go
@ -1,14 +1,12 @@
 package handler

 import (
-	"encoding/xml"
 	"errors"
-	"io"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-sdk-go/netmap"
 	"go.uber.org/zap"
 )

@ -27,24 +25,18 @@ type (

 	// Config contains data which handler needs to keep.
 	Config struct {
-		Policy                     PlacementPolicy
-		XMLDecoder                 XMLDecoderProvider
-		DefaultMaxAge              int
-		NotificatorEnabled         bool
-		CopiesNumber               uint32
-		ResolveZoneList            []string
-		IsResolveListAllow         bool // True if ResolveZoneList contains allowed zones
-		CompleteMultipartKeepalive time.Duration
+		Policy             PlacementPolicy
+		DefaultMaxAge      int
+		NotificatorEnabled bool
+		CopiesNumber       uint32
+		ResolveZoneList    []string
+		IsResolveListAllow bool // True if ResolveZoneList contains allowed zones
 	}

 	PlacementPolicy interface {
 		Default() netmap.PlacementPolicy
 		Get(string) (netmap.PlacementPolicy, bool)
 	}
-
-	XMLDecoderProvider interface {
-		NewCompleteMultipartDecoder(io.Reader) *xml.Decoder
-	}
 )

 const (
--- a/api/handler/attributes.go
+++ b/api/handler/attributes.go
@ -6,10 +6,10 @@ import (
 	"strconv"
 	"strings"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
 	"go.uber.org/zap"
 )

--- a/api/handler/attributes_test.go
+++ b/api/handler/attributes_test.go
@ -4,7 +4,7 @@ import (
 	"strings"
 	"testing"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
 	"github.com/stretchr/testify/require"
 )

--- a/api/handler/copy.go
+++ b/api/handler/copy.go
@ -6,12 +6,12 @@ import (
 	"regexp"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/auth"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-sdk-go/session"
 	"go.uber.org/zap"
 )

--- a/api/handler/copy_test.go
+++ b/api/handler/copy_test.go
@ -6,7 +6,7 @@ import (
 	"net/url"
 	"testing"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
 	"github.com/stretchr/testify/require"
 )

--- a/api/handler/cors.go
+++ b/api/handler/cors.go
@ -5,9 +5,9 @@ import (
 	"strconv"
 	"strings"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
 	"go.uber.org/zap"
 )

--- a/api/handler/cors_test.go
+++ b/api/handler/cors_test.go
@ -6,7 +6,7 @@ import (
 	"strings"
 	"testing"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
 )

 func TestCORSOriginWildcard(t *testing.T) {
--- a/api/handler/delete.go
+++ b/api/handler/delete.go
@ -6,20 +6,17 @@ import (
 	"strconv"
 	"strings"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
-	apistatus "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client/status"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
+	apistatus "github.com/TrueCloudLab/frostfs-sdk-go/client/status"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/session"
 	"go.uber.org/zap"
 	"go.uber.org/zap/zapcore"
 )

-// limitation of AWS https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjects.html
-const maxObjectsToDelete = 1000
-
 // DeleteObjectsRequest -- xml carrying the object key names which should be deleted.
 type DeleteObjectsRequest struct {
 	// Element to enable quiet mode for the request
@ -179,11 +176,6 @@ func (h *handler) DeleteMultipleObjectsHandler(w http.ResponseWriter, r *http.Re
 		return
 	}

-	if len(requested.Objects) == 0 || len(requested.Objects) > maxObjectsToDelete {
-		h.logAndSendError(w, "number of objects to delete must be greater than 0 and less or equal to 1000", reqInfo, errors.GetAPIError(errors.ErrMalformedXML))
-		return
-	}
-
 	removed := make(map[string]*layer.VersionedObject)
 	toRemove := make([]*layer.VersionedObject, 0, len(requested.Objects))
 	for _, obj := range requested.Objects {
--- a/api/handler/delete_test.go
+++ b/api/handler/delete_test.go
@ -6,8 +6,8 @@ import (
 	"net/url"
 	"testing"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
 	"github.com/stretchr/testify/require"
 )

--- a/api/handler/encryption_test.go
+++ b/api/handler/encryption_test.go
@ -12,8 +12,8 @@ import (
 	"strings"
 	"testing"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
 	"github.com/stretchr/testify/require"
 )

--- a/api/handler/get.go
+++ b/api/handler/get.go
@ -8,10 +8,10 @@ import (
 	"strings"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
 	"go.uber.org/zap"
 )

--- a/api/handler/get_test.go
+++ b/api/handler/get_test.go
@ -8,9 +8,9 @@ import (
 	"testing"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
 	"github.com/stretchr/testify/require"
 )

--- a/api/handler/handlers_test.go
+++ b/api/handler/handlers_test.go
@ -13,16 +13,15 @@ import (
 	"testing"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/resolver"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/pkg/service/tree"
-	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/resolver"
+	cid "github.com/TrueCloudLab/frostfs-sdk-go/container/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/netmap"
+	"github.com/TrueCloudLab/frostfs-sdk-go/object"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/user"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/stretchr/testify/require"
 	"go.uber.org/zap"
@ -64,12 +63,6 @@ func (p *placementPolicyMock) Get(string) (netmap.PlacementPolicy, bool) {
 	return netmap.PlacementPolicy{}, false
 }

-type xmlDecoderProviderMock struct{}
-
-func (p *xmlDecoderProviderMock) NewCompleteMultipartDecoder(r io.Reader) *xml.Decoder {
-	return xml.NewDecoder(r)
-}
-
 func prepareHandlerContext(t *testing.T) *handlerContext {
 	key, err := keys.NewPrivateKey()
 	require.NoError(t, err)
@ -89,7 +82,7 @@ func prepareHandlerContext(t *testing.T) *handlerContext {
 		Caches:      layer.DefaultCachesConfigs(zap.NewExample()),
 		AnonKey:     layer.AnonymousKey{Key: key},
 		Resolver:    testResolver,
-		TreeService: NewTreeServiceMock(t),
+		TreeService: layer.NewTreeService(),
 	}

 	var pp netmap.PlacementPolicy
@ -100,8 +93,7 @@ func prepareHandlerContext(t *testing.T) *handlerContext {
 		log: l,
 		obj: layer.NewLayer(l, tp, layerCfg),
 		cfg: &Config{
-			Policy:     &placementPolicyMock{defaultPolicy: pp},
-			XMLDecoder: &xmlDecoderProviderMock{},
+			Policy: &placementPolicyMock{defaultPolicy: pp},
 		},
 	}

@ -114,12 +106,6 @@ func prepareHandlerContext(t *testing.T) *handlerContext {
 	}
 }

-func NewTreeServiceMock(t *testing.T) *tree.Tree {
-	memCli, err := tree.NewTreeServiceClientMemory()
-	require.NoError(t, err)
-	return tree.NewTree(memCli)
-}
-
 func createTestBucket(hc *handlerContext, bktName string) *data.BucketInfo {
 	_, err := hc.MockedPool().CreateContainer(hc.Context(), layer.PrmContainerCreate{
 		Creator: hc.owner,
--- a/api/handler/head.go
+++ b/api/handler/head.go
@ -4,10 +4,10 @@ import (
 	"bytes"
 	"net/http"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
 	"go.uber.org/zap"
 )

--- a/api/handler/head_test.go
+++ b/api/handler/head_test.go
@ -6,10 +6,10 @@ import (
 	"testing"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/eacl"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
+	"github.com/TrueCloudLab/frostfs-sdk-go/bearer"
+	"github.com/TrueCloudLab/frostfs-sdk-go/eacl"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/stretchr/testify/require"
 )
--- a/api/handler/info.go
+++ b/api/handler/info.go
@ -3,7 +3,7 @@ package handler
 import (
 	"net/http"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
 )

 func (h *handler) GetBucketLocationHandler(w http.ResponseWriter, r *http.Request) {
--- a/api/handler/list.go
+++ b/api/handler/list.go
@ -4,8 +4,8 @@ import (
 	"net/http"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-sdk-go/user"
 )

 const maxObjectList = 1000 // Limit number of objects in a listObjectsResponse/listObjectsVersionsResponse.
--- a/api/handler/locking.go
+++ b/api/handler/locking.go
@ -8,10 +8,10 @@ import (
 	"strconv"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	apiErrors "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	apiErrors "github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
 )

 const (
--- a/api/handler/locking_test.go
+++ b/api/handler/locking_test.go
@ -10,9 +10,9 @@ import (
 	"testing"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	apiErrors "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	apiErrors "github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
 	"github.com/stretchr/testify/require"
 )

--- a/api/handler/multipart_upload.go
+++ b/api/handler/multipart_upload.go
@ -2,17 +2,16 @@ package handler

 import (
 	"encoding/xml"
-	"fmt"
-	"io"
 	"net/http"
 	"net/url"
 	"strconv"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-sdk-go/session"
 	"github.com/google/uuid"
 	"go.uber.org/zap"
 )
@ -373,6 +372,8 @@ func (h *handler) CompleteMultipartUploadHandler(w http.ResponseWriter, r *http.
 	}

 	var (
+		sessionTokenSetEACL *session.Container
+
 		uploadID   = r.URL.Query().Get(uploadIDHeaderName)
 		uploadInfo = &layer.UploadInfoParams{
 			UploadID: uploadID,
@ -383,7 +384,7 @@ func (h *handler) CompleteMultipartUploadHandler(w http.ResponseWriter, r *http.
 	)

 	reqBody := new(CompleteMultipartUpload)
-	if err = h.cfg.XMLDecoder.NewCompleteMultipartDecoder(r.Body).Decode(reqBody); err != nil {
+	if err = xml.NewDecoder(r.Body).Decode(reqBody); err != nil {
 		h.logAndSendError(w, "could not read complete multipart upload xml", reqInfo,
 			errors.GetAPIError(errors.ErrMalformedXML), additional...)
 		return
@ -398,51 +399,10 @@ func (h *handler) CompleteMultipartUploadHandler(w http.ResponseWriter, r *http.
 		Parts: reqBody.Parts,
 	}

-	// Next operations might take some time, so we want to keep client's
-	// connection alive. To do so, gateway sends periodic white spaces
-	// back to the client the same way as Amazon S3 service does.
-	stopPeriodicResponseWriter := periodicXMLWriter(w, h.cfg.CompleteMultipartKeepalive)
-
-	// Start complete multipart upload which may take some time to fetch object
-	// and re-upload it part by part.
-	objInfo, err := h.completeMultipartUpload(r, c, bktInfo, reqInfo)
-
-	// Stop periodic writer as complete multipart upload is finished
-	// successfully or not.
-	headerIsWritten := stopPeriodicResponseWriter()
-
-	responseWriter := api.EncodeToResponse
-	errLogger := h.logAndSendError
-	// Do not send XML and HTTP headers if periodic writer was invoked at this point.
-	if headerIsWritten {
-		responseWriter = api.EncodeToResponseNoHeader
-		errLogger = h.logAndSendErrorNoHeader
-	}
-
-	if err != nil {
-		errLogger(w, "complete multipart error", reqInfo, err, additional...)
-		return
-	}
-
-	response := CompleteMultipartUploadResponse{
-		Bucket: objInfo.Bucket,
-		ETag:   objInfo.HashSum,
-		Key:    objInfo.Name,
-	}
-
-	// Here we previously set api.AmzVersionID header for versioned bucket.
-	// It is not possible after #60, because of periodic white
-	// space XML writer to keep connection with the client.
-
-	if err = responseWriter(w, response); err != nil {
-		errLogger(w, "something went wrong", reqInfo, err)
-	}
-}
-
-func (h *handler) completeMultipartUpload(r *http.Request, c *layer.CompleteMultipartParams, bktInfo *data.BucketInfo, reqInfo *api.ReqInfo) (*data.ObjectInfo, error) {
 	uploadData, extendedObjInfo, err := h.obj.CompleteMultipartUpload(r.Context(), c)
 	if err != nil {
-		return nil, fmt.Errorf("could not complete multipart upload: %w", err)
+		h.logAndSendError(w, "could not complete multipart upload", reqInfo, err, additional...)
+		return
 	}
 	objInfo := extendedObjInfo.ObjectInfo

@ -457,22 +417,21 @@ func (h *handler) completeMultipartUpload(r *http.Request, c *layer.CompleteMult
 			NodeVersion: extendedObjInfo.NodeVersion,
 		}
 		if _, err = h.obj.PutObjectTagging(r.Context(), tagPrm); err != nil {
-			return nil, fmt.Errorf("could not put tagging file of completed multipart upload: %w", err)
+			h.logAndSendError(w, "could not put tagging file of completed multipart upload", reqInfo, err, additional...)
+			return
 		}
 	}

 	if len(uploadData.ACLHeaders) != 0 {
-		sessionTokenSetEACL, err := getSessionTokenSetEACL(r.Context())
-		if err != nil {
-			return nil, fmt.Errorf("couldn't get eacl token: %w", err)
-		}
 		key, err := h.bearerTokenIssuerKey(r.Context())
 		if err != nil {
-			return nil, fmt.Errorf("couldn't get gate key: %w", err)
+			h.logAndSendError(w, "couldn't get gate key", reqInfo, err)
+			return
 		}
 		acl, err := parseACLHeaders(r.Header, key)
 		if err != nil {
-			return nil, fmt.Errorf("could not parse acl: %w", err)
+			h.logAndSendError(w, "could not parse acl", reqInfo, err)
+			return
 		}

 		resInfo := &resourceInfo{
@ -481,10 +440,12 @@ func (h *handler) completeMultipartUpload(r *http.Request, c *layer.CompleteMult
 		}
 		astObject, err := aclToAst(acl, resInfo)
 		if err != nil {
-			return nil, fmt.Errorf("could not translate acl of completed multipart upload to ast: %w", err)
+			h.logAndSendError(w, "could not translate acl of completed multipart upload to ast", reqInfo, err, additional...)
+			return
 		}
 		if _, err = h.updateBucketACL(r, astObject, bktInfo, sessionTokenSetEACL); err != nil {
-			return nil, fmt.Errorf("could not update bucket acl while completing multipart upload: %w", err)
+			h.logAndSendError(w, "could not update bucket acl while completing multipart upload", reqInfo, err, additional...)
+			return
 		}
 	}

@ -498,7 +459,24 @@ func (h *handler) completeMultipartUpload(r *http.Request, c *layer.CompleteMult
 		h.log.Error("couldn't send notification: %w", zap.Error(err))
 	}

-	return objInfo, nil
+	bktSettings, err := h.obj.GetBucketSettings(r.Context(), bktInfo)
+	if err != nil {
+		h.logAndSendError(w, "could not get bucket settings", reqInfo, err)
+	}
+
+	response := CompleteMultipartUploadResponse{
+		Bucket: objInfo.Bucket,
+		ETag:   objInfo.HashSum,
+		Key:    objInfo.Name,
+	}
+
+	if bktSettings.VersioningEnabled() {
+		w.Header().Set(api.AmzVersionID, objInfo.VersionID())
+	}
+
+	if err = api.EncodeToResponse(w, response); err != nil {
+		h.logAndSendError(w, "something went wrong", reqInfo, err)
+	}
 }

 func (h *handler) ListMultipartUploadsHandler(w http.ResponseWriter, r *http.Request) {
@ -703,53 +681,3 @@ func encodeListPartsToResponse(info *layer.ListPartsInfo, params *layer.ListPart
 		Parts:            info.Parts,
 	}
 }
-
-// periodicXMLWriter creates go routine to write xml header and whitespaces
-// over time to avoid connection drop from the client. To work properly,
-// pass `http.ResponseWriter` with implemented `http.Flusher` interface.
-// Returns stop function which returns boolean if writer has been used
-// during goroutine execution. To disable writer, pass 0 duration value.
-func periodicXMLWriter(w io.Writer, dur time.Duration) (stop func() bool) {
-	if dur == 0 { // 0 duration disables periodic writer
-		return func() bool { return false }
-	}
-
-	whitespaceChar := []byte(" ")
-	closer := make(chan struct{})
-	done := make(chan struct{})
-	headerWritten := false
-
-	go func() {
-		defer close(done)
-
-		tick := time.NewTicker(dur)
-		defer tick.Stop()
-
-		for {
-			select {
-			case <-tick.C:
-				if !headerWritten {
-					_, err := w.Write([]byte(xml.Header))
-					headerWritten = err == nil
-				}
-				_, err := w.Write(whitespaceChar)
-				if err != nil {
-					return // is there anything we can do better than ignore error?
-				}
-				if buffered, ok := w.(http.Flusher); ok {
-					buffered.Flush()
-				}
-			case <-closer:
-				return
-			}
-		}
-	}()
-
-	stop = func() bool {
-		close(closer)
-		<-done // wait for goroutine to stop
-		return headerWritten
-	}
-
-	return stop
-}
--- a/api/handler/multipart_upload_test.go
+++ b/api/handler/multipart_upload_test.go
@ -1,48 +0,0 @@
-package handler
-
-import (
-	"bytes"
-	"encoding/xml"
-	"testing"
-	"time"
-
-	"github.com/stretchr/testify/require"
-)
-
-func TestPeriodicWriter(t *testing.T) {
-	const dur = 100 * time.Millisecond
-	const whitespaces = 8
-	expected := []byte(xml.Header)
-	for i := 0; i < whitespaces; i++ {
-		expected = append(expected, []byte(" ")...)
-	}
-
-	t.Run("writes data", func(t *testing.T) {
-		buf := bytes.NewBuffer(nil)
-		stop := periodicXMLWriter(buf, dur)
-
-		// N number of whitespaces + half durations to guarantee at least N writes in buffer
-		time.Sleep(whitespaces*dur + dur/2)
-		require.True(t, stop())
-		require.Equal(t, expected, buf.Bytes())
-
-		t.Run("no additional data after stop", func(t *testing.T) {
-			time.Sleep(2 * dur)
-			require.Equal(t, expected, buf.Bytes())
-		})
-	})
-
-	t.Run("does not write data", func(t *testing.T) {
-		buf := bytes.NewBuffer(nil)
-		stop := periodicXMLWriter(buf, dur)
-		time.Sleep(dur / 2)
-		require.False(t, stop())
-		require.Empty(t, buf.Bytes())
-
-		t.Run("disabled", func(t *testing.T) {
-			stop = periodicXMLWriter(buf, 0)
-			require.False(t, stop())
-			require.Empty(t, buf.Bytes())
-		})
-	})
-}
--- a/api/handler/not_support.go
+++ b/api/handler/not_support.go
@ -3,8 +3,8 @@ package handler
 import (
 	"net/http"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
 )

 func (h *handler) DeleteBucketPolicyHandler(w http.ResponseWriter, r *http.Request) {
--- a/api/handler/notifications.go
+++ b/api/handler/notifications.go
@ -8,11 +8,11 @@ import (
 	"strings"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-sdk-go/bearer"
 	"github.com/google/uuid"
 )

--- a/api/handler/notifications_test.go
+++ b/api/handler/notifications_test.go
@ -3,8 +3,8 @@ package handler
 import (
 	"testing"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
 	"github.com/stretchr/testify/require"
 )

--- a/api/handler/object_list.go
+++ b/api/handler/object_list.go
@ -6,11 +6,11 @@ import (
 	"strconv"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
 )

 // ListObjectsV1Handler handles objects listing requests for API version 1.
--- a/api/handler/object_list_test.go
+++ b/api/handler/object_list_test.go
@ -6,7 +6,7 @@ import (
 	"strconv"
 	"testing"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
 	"github.com/stretchr/testify/require"
 )

--- a/api/handler/put.go
+++ b/api/handler/put.go
@ -16,15 +16,15 @@ import (
 	"strings"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer/encryption"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/eacl"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/auth"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer/encryption"
+	"github.com/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
+	"github.com/TrueCloudLab/frostfs-sdk-go/eacl"
+	"github.com/TrueCloudLab/frostfs-sdk-go/session"
 	"go.uber.org/zap"
 )

--- a/api/handler/put_test.go
+++ b/api/handler/put_test.go
@ -8,8 +8,8 @@ import (
 	"testing"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
 	"github.com/stretchr/testify/require"
 )

--- a/api/handler/tagging.go
+++ b/api/handler/tagging.go
@ -8,10 +8,10 @@ import (
 	"strings"
 	"unicode"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
 	"go.uber.org/zap"
 )

--- a/api/handler/unimplemented.go
+++ b/api/handler/unimplemented.go
@ -3,8 +3,8 @@ package handler
 import (
 	"net/http"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
 )

 func (h *handler) SelectObjectContentHandler(w http.ResponseWriter, r *http.Request) {
--- a/api/handler/util.go
+++ b/api/handler/util.go
@ -7,11 +7,11 @@ import (
 	"strconv"
 	"strings"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-sdk-go/session"
 	"go.uber.org/zap"
 )

@ -29,19 +29,6 @@ func (h *handler) logAndSendError(w http.ResponseWriter, logText string, reqInfo
 	h.log.Error("call method", fields...)
 }

-func (h *handler) logAndSendErrorNoHeader(w http.ResponseWriter, logText string, reqInfo *api.ReqInfo, err error, additional ...zap.Field) {
-	api.WriteErrorResponseNoHeader(w, reqInfo, transformToS3Error(err))
-	fields := []zap.Field{
-		zap.String("request_id", reqInfo.RequestID),
-		zap.String("method", reqInfo.API),
-		zap.String("bucket", reqInfo.BucketName),
-		zap.String("object", reqInfo.ObjectName),
-		zap.String("description", logText),
-		zap.Error(err)}
-	fields = append(fields, additional...)
-	h.log.Error("call method", fields...)
-}
-
 func transformToS3Error(err error) error {
 	if _, ok := err.(errors.Error); ok {
 		return err
--- a/api/handler/versioning.go
+++ b/api/handler/versioning.go
@ -4,10 +4,10 @@ import (
 	"encoding/xml"
 	"net/http"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
 )

 func (h *handler) PutBucketVersioningHandler(w http.ResponseWriter, r *http.Request) {
--- a/api/layer/cache.go
+++ b/api/layer/cache.go
@ -1,11 +1,11 @@
 package layer

 import (
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/cache"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/cache"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	cid "github.com/TrueCloudLab/frostfs-sdk-go/container/id"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/user"
 	"go.uber.org/zap"
 )

--- a/api/layer/compound.go
+++ b/api/layer/compound.go
@ -4,8 +4,8 @@ import (
 	"context"
 	errorsStd "errors"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
 )

 func (n *layer) GetObjectTaggingAndLock(ctx context.Context, objVersion *ObjectVersion, nodeVersion *data.NodeVersion) (map[string]string, *data.LockInfo, error) {
--- a/api/layer/container.go
+++ b/api/layer/container.go
@ -5,15 +5,15 @@ import (
 	"fmt"
 	"strconv"

-	v2container "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/container"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
-	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/eacl"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
+	v2container "github.com/TrueCloudLab/frostfs-api-go/v2/container"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-sdk-go/client"
+	"github.com/TrueCloudLab/frostfs-sdk-go/container"
+	cid "github.com/TrueCloudLab/frostfs-sdk-go/container/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/eacl"
+	"github.com/TrueCloudLab/frostfs-sdk-go/session"
 	"go.uber.org/zap"
 )

--- a/api/layer/cors.go
+++ b/api/layer/cors.go
@ -8,8 +8,8 @@ import (
 	"fmt"
 	"io"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
 	"go.uber.org/zap"
 )

--- a/api/layer/frostfs.go
+++ b/api/layer/frostfs.go
@ -7,16 +7,16 @@ import (
 	"io"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/acl"
-	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/eacl"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
+	"github.com/TrueCloudLab/frostfs-sdk-go/bearer"
+	"github.com/TrueCloudLab/frostfs-sdk-go/container"
+	"github.com/TrueCloudLab/frostfs-sdk-go/container/acl"
+	cid "github.com/TrueCloudLab/frostfs-sdk-go/container/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/eacl"
+	"github.com/TrueCloudLab/frostfs-sdk-go/netmap"
+	"github.com/TrueCloudLab/frostfs-sdk-go/object"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/session"
+	"github.com/TrueCloudLab/frostfs-sdk-go/user"
 )

 // PrmContainerCreate groups parameters of FrostFS.CreateContainer operation.
--- a/api/layer/layer.go
+++ b/api/layer/layer.go
@ -11,18 +11,18 @@ import (
 	"strings"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer/encryption"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
-	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/eacl"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer/encryption"
+	"github.com/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
+	"github.com/TrueCloudLab/frostfs-sdk-go/bearer"
+	cid "github.com/TrueCloudLab/frostfs-sdk-go/container/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/eacl"
+	"github.com/TrueCloudLab/frostfs-sdk-go/netmap"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/session"
+	"github.com/TrueCloudLab/frostfs-sdk-go/user"
 	"github.com/nats-io/nats.go"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"go.uber.org/zap"
@ -329,10 +329,8 @@ func (n *layer) Owner(ctx context.Context) user.ID {

 func (n *layer) prepareAuthParameters(ctx context.Context, prm *PrmAuth, bktOwner user.ID) {
 	if bd, ok := ctx.Value(api.BoxData).(*accessbox.Box); ok && bd != nil && bd.Gate != nil && bd.Gate.BearerToken != nil {
-		if bktOwner.Equals(bearer.ResolveIssuer(*bd.Gate.BearerToken)) {
-			prm.BearerToken = bd.Gate.BearerToken
-			return
-		}
+		prm.BearerToken = bd.Gate.BearerToken
+		return
 	}

 	prm.PrivateKey = &n.anonKey.Key.PrivateKey
--- a/api/layer/locking_test.go
+++ b/api/layer/locking_test.go
@ -4,8 +4,7 @@ import (
 	"testing"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/object"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
 	"github.com/stretchr/testify/require"
 )

@ -44,10 +43,10 @@ func TestObjectLockAttributes(t *testing.T) {

 	expEpoch := false
 	for _, attr := range lockObj.Attributes() {
-		if attr.Key() == object.SysAttributeExpEpoch {
+		if attr.Key() == AttributeExpirationEpoch {
 			expEpoch = true
 		}
 	}

-	require.Truef(t, expEpoch, "system header __SYSTEM__EXPIRATION_EPOCH presence")
+	require.Truef(t, expEpoch, "system header __NEOFS__EXPIRATION_EPOCH presence")
 }
--- a/api/layer/multipart_upload.go
+++ b/api/layer/multipart_upload.go
@ -11,12 +11,12 @@ import (
 	"strings"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer/encryption"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer/encryption"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/user"
 	"github.com/minio/sio"
 	"go.uber.org/zap"
 )
--- a/api/layer/neofs_mock.go
+++ b/api/layer/neofs_mock.go
@ -10,18 +10,18 @@ import (
 	"io"
 	"time"

-	objectv2 "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/object"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/checksum"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
-	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/eacl"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
+	objectv2 "github.com/TrueCloudLab/frostfs-api-go/v2/object"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
+	"github.com/TrueCloudLab/frostfs-sdk-go/bearer"
+	"github.com/TrueCloudLab/frostfs-sdk-go/checksum"
+	"github.com/TrueCloudLab/frostfs-sdk-go/container"
+	cid "github.com/TrueCloudLab/frostfs-sdk-go/container/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/eacl"
+	"github.com/TrueCloudLab/frostfs-sdk-go/object"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/session"
+	"github.com/TrueCloudLab/frostfs-sdk-go/user"
 )

 type TestFrostFS struct {
--- a/api/layer/notifications.go
+++ b/api/layer/notifications.go
@ -7,8 +7,8 @@ import (
 	errorsStd "errors"
 	"fmt"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
 	"go.uber.org/zap"
 )

--- a/api/layer/object.go
+++ b/api/layer/object.go
@ -14,14 +14,14 @@ import (
 	"strings"
 	"sync"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/cache"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	apiErrors "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
-	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/cache"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	apiErrors "github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-sdk-go/client"
+	cid "github.com/TrueCloudLab/frostfs-sdk-go/container/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/object"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
 	"github.com/minio/sio"
 	"github.com/panjf2000/ants/v2"
 	"go.uber.org/zap"
--- a/api/layer/system_object.go
+++ b/api/layer/system_object.go
@ -9,14 +9,14 @@ import (
 	"strconv"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/object"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
 )

 const (
-	AttributeComplianceMode = ".s3-compliance-mode"
+	AttributeComplianceMode  = ".s3-compliance-mode"
+	AttributeExpirationEpoch = "__NEOFS__EXPIRATION_EPOCH"
 )

 type PutLockInfoParams struct {
@ -238,7 +238,7 @@ func (n *layer) attributesFromLock(ctx context.Context, lock *data.ObjectLock) (
 	}

 	if lock.LegalHold != nil && lock.LegalHold.Enabled {
-		// todo: (@KirillovDenis) reconsider this when FrostFS will support Legal Hold https://git.frostfs.info/TrueCloudLab/frostfs-contract/issues/2
+		// todo: (@KirillovDenis) reconsider this when FrostFS will support Legal Hold https://github.com/TrueCloudLab/frostfs-contract/issues/2
 		// Currently lock object must have an expiration epoch.
 		// Besides we need to override retention expiration epoch since legal hold cannot be deleted yet.
 		expEpoch = math.MaxUint64
@ -246,7 +246,7 @@ func (n *layer) attributesFromLock(ctx context.Context, lock *data.ObjectLock) (

 	if expEpoch != 0 {
 		result = append(result, [2]string{
-			object.SysAttributeExpEpoch, strconv.FormatUint(expEpoch, 10),
+			AttributeExpirationEpoch, strconv.FormatUint(expEpoch, 10),
 		})
 	}

--- a/api/layer/tagging.go
+++ b/api/layer/tagging.go
@ -4,12 +4,12 @@ import (
 	"context"
 	errorsStd "errors"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	cid "github.com/TrueCloudLab/frostfs-sdk-go/container/id"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/user"
 	"go.uber.org/zap"
 )

--- a/api/layer/tree_mock.go
+++ b/api/layer/tree_mock.go
@ -6,8 +6,8 @@ import (
 	"sort"
 	"strings"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
 )

 type TreeServiceMock struct {
--- a/api/layer/tree_service.go
+++ b/api/layer/tree_service.go
@ -4,8 +4,8 @@ import (
 	"context"
 	"errors"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
 )

 // TreeService provide interface to interact with tree service using s3 data models.
--- a/api/layer/util.go
+++ b/api/layer/util.go
@ -9,11 +9,11 @@ import (
 	"strings"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer/encryption"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer/encryption"
+	"github.com/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
+	"github.com/TrueCloudLab/frostfs-sdk-go/object"
 )

 type (
--- a/api/layer/util_test.go
+++ b/api/layer/util_test.go
@ -6,11 +6,11 @@ import (
 	"testing"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/checksum"
-	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-sdk-go/checksum"
+	cid "github.com/TrueCloudLab/frostfs-sdk-go/container/id"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/user"
 	"github.com/stretchr/testify/require"
 )

--- a/api/layer/versioning.go
+++ b/api/layer/versioning.go
@ -4,7 +4,7 @@ import (
 	"context"
 	"sort"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
 )

 func (n *layer) ListObjectVersions(ctx context.Context, p *ListObjectVersionsParams) (*ListObjectVersionsInfo, error) {
--- a/api/layer/versioning_test.go
+++ b/api/layer/versioning_test.go
@ -5,13 +5,13 @@ import (
 	"context"
 	"testing"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
-	bearertest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer/test"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
+	bearertest "github.com/TrueCloudLab/frostfs-sdk-go/bearer/test"
+	"github.com/TrueCloudLab/frostfs-sdk-go/object"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/user"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/stretchr/testify/require"
 	"go.uber.org/zap"
--- a/api/max_clients.go
+++ b/api/max_clients.go
@ -4,7 +4,7 @@ import (
 	"net/http"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
 )

 type (
--- a/api/metrics.go
+++ b/api/metrics.go
@ -9,8 +9,8 @@ import (
 	"sync/atomic"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
+	"github.com/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
+	"github.com/TrueCloudLab/frostfs-sdk-go/bearer"
 	"github.com/prometheus/client_golang/prometheus"
 )

@ -286,12 +286,6 @@ func (w *responseWrapper) Flush() {
 	}
 }

-func (w *writeCounter) Flush() {
-	if f, ok := w.ResponseWriter.(http.Flusher); ok {
-		f.Flush()
-	}
-}
-
 func (w *writeCounter) Write(p []byte) (int, error) {
 	n, err := w.ResponseWriter.Write(p)
 	atomic.AddUint64(&w.countBytes, uint64(n))
--- a/api/metrics_collector.go
+++ b/api/metrics_collector.go
@ -1,7 +1,7 @@
 package api

 import (
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/version"
+	"github.com/TrueCloudLab/frostfs-s3-gw/internal/version"
 	"github.com/prometheus/client_golang/prometheus"
 )

--- a/api/notifications/controller.go
+++ b/api/notifications/controller.go
@ -7,8 +7,8 @@ import (
 	"sync"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/handler"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/handler"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
 	"github.com/nats-io/nats.go"
 	"go.uber.org/zap"
 )
--- a/api/resolver/resolver.go
+++ b/api/resolver/resolver.go
@ -6,9 +6,9 @@ import (
 	"fmt"
 	"sync"

-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
-	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/ns"
+	"github.com/TrueCloudLab/frostfs-sdk-go/container"
+	cid "github.com/TrueCloudLab/frostfs-sdk-go/container/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/ns"
 )

 const (
--- a/api/response.go
+++ b/api/response.go
@ -7,8 +7,8 @@ import (
 	"net/http"
 	"strconv"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/version"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/internal/version"
 	"github.com/google/uuid"
 )

@ -133,13 +133,6 @@ func WriteErrorResponse(w http.ResponseWriter, reqInfo *ReqInfo, err error) int
 	return code
 }

-// WriteErrorResponseNoHeader writes XML encoded error to the response body.
-func WriteErrorResponseNoHeader(w http.ResponseWriter, reqInfo *ReqInfo, err error) {
-	errorResponse := getAPIErrorResponse(reqInfo, err)
-	encodedErrorResponse := EncodeResponse(errorResponse)
-	WriteResponseBody(w, encodedErrorResponse)
-}
-
 // If none of the http routes match respond with appropriate errors.
 func errorResponseHandler(w http.ResponseWriter, r *http.Request) {
 	desc := fmt.Sprintf("Unknown API request at %s", r.URL.Path)
@ -179,11 +172,6 @@ func WriteResponse(w http.ResponseWriter, statusCode int, response []byte, mType
 		return
 	}

-	WriteResponseBody(w, response)
-}
-
-// WriteResponseBody writes response into w.
-func WriteResponseBody(w http.ResponseWriter, response []byte) {
 	_, _ = w.Write(response)
 	if flusher, ok := w.(http.Flusher); ok {
 		flusher.Flush()
@ -200,30 +188,13 @@ func EncodeResponse(response interface{}) []byte {
 	return bytesBuffer.Bytes()
 }

-// EncodeResponseNoHeader encodes response without setting xml.Header.
-// Should be used with periodicXMLWriter which sends xml.Header to the client
-// with whitespaces to keep connection alive.
-func EncodeResponseNoHeader(response interface{}) []byte {
-	var bytesBuffer bytes.Buffer
-	_ = xml.NewEncoder(&bytesBuffer).Encode(response)
-	return bytesBuffer.Bytes()
-}
-
 // EncodeToResponse encodes the response into ResponseWriter.
 func EncodeToResponse(w http.ResponseWriter, response interface{}) error {
 	w.WriteHeader(http.StatusOK)

 	if _, err := w.Write(xmlHeader); err != nil {
 		return fmt.Errorf("write headers: %w", err)
-	}
-
-	return EncodeToResponseNoHeader(w, response)
-}
-
-// EncodeToResponseNoHeader encodes the response into ResponseWriter without
-// header status.
-func EncodeToResponseNoHeader(w http.ResponseWriter, response interface{}) error {
-	if err := xml.NewEncoder(w).Encode(response); err != nil {
+	} else if err = xml.NewEncoder(w).Encode(response); err != nil {
 		return fmt.Errorf("encode xml response: %w", err)
 	}

--- a/api/router.go
+++ b/api/router.go
@ -5,8 +5,8 @@ import (
 	"net/http"
 	"sync"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/auth"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/data"
 	"github.com/google/uuid"
 	"github.com/gorilla/mux"
 	"go.uber.org/zap"
@ -117,12 +117,6 @@ func (lrw *logResponseWriter) WriteHeader(code int) {
 	})
 }

-func (lrw *logResponseWriter) Flush() {
-	if f, ok := lrw.ResponseWriter.(http.Flusher); ok {
-		f.Flush()
-	}
-}
-
 func setRequestID(h http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		// generate random UUIDv4
--- a/api/user_auth.go
+++ b/api/user_auth.go
@ -4,8 +4,8 @@ import (
 	"context"
 	"net/http"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/auth"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/errors"
 	"github.com/gorilla/mux"
 	"go.uber.org/zap"
 )
--- a/authmate/authmate.go
+++ b/authmate/authmate.go
@ -11,17 +11,17 @@ import (
 	"os"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/cache"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/tokens"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
-	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
-	frostfsecdsa "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/crypto/ecdsa"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/eacl"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/cache"
+	"github.com/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
+	"github.com/TrueCloudLab/frostfs-s3-gw/creds/tokens"
+	"github.com/TrueCloudLab/frostfs-sdk-go/bearer"
+	cid "github.com/TrueCloudLab/frostfs-sdk-go/container/id"
+	frostfsecdsa "github.com/TrueCloudLab/frostfs-sdk-go/crypto/ecdsa"
+	"github.com/TrueCloudLab/frostfs-sdk-go/eacl"
+	"github.com/TrueCloudLab/frostfs-sdk-go/netmap"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/session"
+	"github.com/TrueCloudLab/frostfs-sdk-go/user"
 	"github.com/google/uuid"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"go.uber.org/zap"
@ -349,11 +349,12 @@ func buildBearerToken(key *keys.PrivateKey, table *eacl.Table, lifetime lifetime
 	user.IDFromKey(&ownerID, (ecdsa.PublicKey)(*gateKey))

 	var bearerToken bearer.Token
-	bearerToken.SetEACLTable(*table)
+	bearerToken.SetEACLTable(*eacl.NewTable())
 	bearerToken.ForUser(ownerID)
 	bearerToken.SetExp(lifetime.Exp)
 	bearerToken.SetIat(lifetime.Iat)
 	bearerToken.SetNbf(lifetime.Iat)
+	bearerToken.SetImpersonate(true)

 	err := bearerToken.Sign(key.PrivateKey)
 	if err != nil {
--- a/authmate/session_tokens.go
+++ b/authmate/session_tokens.go
@ -4,9 +4,9 @@ import (
 	"encoding/json"
 	"fmt"

-	apisession "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/session"
-	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
+	apisession "github.com/TrueCloudLab/frostfs-api-go/v2/session"
+	cid "github.com/TrueCloudLab/frostfs-sdk-go/container/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/session"
 )

 type (
--- a/authmate/session_tokens_test.go
+++ b/authmate/session_tokens_test.go
@ -3,7 +3,7 @@ package authmate
 import (
 	"testing"

-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
+	"github.com/TrueCloudLab/frostfs-sdk-go/session"
 	"github.com/stretchr/testify/require"
 )

--- a/cmd/s3-authmate/main.go
+++ b/cmd/s3-authmate/main.go
@ -13,13 +13,13 @@ import (
 	"syscall"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/authmate"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/frostfs"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/version"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/wallet"
-	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/authmate"
+	"github.com/TrueCloudLab/frostfs-s3-gw/internal/frostfs"
+	"github.com/TrueCloudLab/frostfs-s3-gw/internal/version"
+	"github.com/TrueCloudLab/frostfs-s3-gw/internal/wallet"
+	cid "github.com/TrueCloudLab/frostfs-sdk-go/container/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/pool"
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/credentials"
 	"github.com/aws/aws-sdk-go/aws/session"
@ -245,7 +245,7 @@ func issueSecret() *cli.Command {
 			},
 			&cli.DurationFlag{
 				Name: "lifetime",
-				Usage: `Lifetime of tokens. For example 50h30m (note: max time unit is an hour so to set a day you should use 24h).
+				Usage: `Lifetime of tokens. For example 50h30m (note: max time unit is an hour so to set a day you should use 24h). 
 It will be ceil rounded to the nearest amount of epoch.`,
 				Required:    false,
 				Destination: &lifetimeFlag,
@ -394,7 +394,7 @@ Note to override credentials you must provide both access key and secret key.`,
 		Flags: []cli.Flag{
 			&cli.DurationFlag{
 				Name: "lifetime",
-				Usage: `Lifetime of presigned URL. For example 50h30m (note: max time unit is an hour so to set a day you should use 24h).
+				Usage: `Lifetime of presigned URL. For example 50h30m (note: max time unit is an hour so to set a day you should use 24h). 
 It will be ceil rounded to the nearest amount of epoch.`,
 				Required:    false,
 				Destination: &lifetimeFlag,
--- a/cmd/s3-gw/app.go
+++ b/cmd/s3-gw/app.go
@ -13,28 +13,23 @@ import (
 	"syscall"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/auth"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/cache"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/handler"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/notifications"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/resolver"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/frostfs"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/frostfs/services"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/version"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/wallet"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/xml"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/metrics"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/pkg/service/tree"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/auth"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/cache"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/handler"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/layer"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/notifications"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/resolver"
+	"github.com/TrueCloudLab/frostfs-s3-gw/internal/frostfs"
+	"github.com/TrueCloudLab/frostfs-s3-gw/internal/version"
+	"github.com/TrueCloudLab/frostfs-s3-gw/internal/wallet"
+	"github.com/TrueCloudLab/frostfs-s3-gw/metrics"
+	"github.com/TrueCloudLab/frostfs-sdk-go/netmap"
+	"github.com/TrueCloudLab/frostfs-sdk-go/pool"
 	"github.com/gorilla/mux"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/spf13/viper"
 	"go.uber.org/zap"
-	"google.golang.org/grpc"
-	"google.golang.org/grpc/credentials/insecure"
 )

 type (
@ -62,9 +57,8 @@ type (
 	}

 	appSettings struct {
-		logLevel   zap.AtomicLevel
-		policies   *placementPolicy
-		xmlDecoder *xml.DecoderProvider
+		logLevel zap.AtomicLevel
+		policies *placementPolicy
 	}

 	Logger struct {
@ -114,12 +108,10 @@ func (a *App) initLayer(ctx context.Context) {
 	a.initResolver()

 	treeServiceEndpoint := a.cfg.GetString(cfgTreeServiceEndpoint)
-	grpcDialOpt := grpc.WithTransportCredentials(insecure.NewCredentials())
-	treeGRPCClient, err := services.NewTreeServiceClientGRPC(ctx, treeServiceEndpoint, a.key, grpcDialOpt)
+	treeService, err := frostfs.NewTreeClient(ctx, treeServiceEndpoint, a.key)
 	if err != nil {
 		a.log.Fatal("failed to create tree service", zap.Error(err))
 	}
-	treeService := tree.NewTree(treeGRPCClient)
 	a.log.Info("init tree service", zap.String("endpoint", treeServiceEndpoint))

 	// prepare random key for anonymous requests
@ -160,9 +152,8 @@ func newAppSettings(log *Logger, v *viper.Viper) *appSettings {
 	}

 	return &appSettings{
-		logLevel:   log.lvl,
-		policies:   policies,
-		xmlDecoder: xml.NewDecoderProvider(v.GetBool(cfgKludgeUseDefaultXMLNSForCompleteMultipartUpload)),
+		logLevel: log.lvl,
+		policies: policies,
 	}
 }

@ -466,8 +457,6 @@ func (a *App) updateSettings() {
 	if err := a.settings.policies.update(getDefaultPolicyValue(a.cfg), a.cfg.GetString(cfgPolicyRegionMapFile)); err != nil {
 		a.log.Warn("policies won't be updated", zap.Error(err))
 	}
-
-	a.settings.xmlDecoder.UseDefaultNamespaceForCompleteMultipart(a.cfg.GetBool(cfgKludgeUseDefaultXMLNSForCompleteMultipartUpload))
 }

 func (a *App) startServices() {
@ -636,7 +625,6 @@ func (a *App) initHandler() {
 		DefaultMaxAge:      handler.DefaultMaxAge,
 		NotificatorEnabled: a.cfg.GetBool(cfgEnableNATS),
 		CopiesNumber:       handler.DefaultCopiesNumber,
-		XMLDecoder:         a.settings.xmlDecoder,
 	}

 	if a.cfg.IsSet(cfgDefaultMaxAge) {
@ -660,8 +648,6 @@ func (a *App) initHandler() {
 		cfg.ResolveZoneList = a.cfg.GetStringSlice(cfgResolveBucketDeny)
 	}

-	cfg.CompleteMultipartKeepalive = a.cfg.GetDuration(cfgKludgeCompleteMultipartUploadKeepalive)
-
 	var err error
 	a.api, err = handler.New(a.log, a.obj, a.nc, cfg)
 	if err != nil {
--- a/cmd/s3-gw/app_settings.go
+++ b/cmd/s3-gw/app_settings.go
@ -10,9 +10,9 @@ import (
 	"strings"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/resolver"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/version"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/resolver"
+	"github.com/TrueCloudLab/frostfs-s3-gw/internal/version"
+	"github.com/TrueCloudLab/frostfs-sdk-go/pool"
 	"github.com/spf13/pflag"
 	"github.com/spf13/viper"
 	"go.uber.org/zap"
@ -113,10 +113,6 @@ const ( // Settings.
 	// Application.
 	cfgApplicationBuildTime = "app.build_time"

-	// Kludge.
-	cfgKludgeUseDefaultXMLNSForCompleteMultipartUpload = "kludge.use_default_xmlns_for_complete_multipart"
-	cfgKludgeCompleteMultipartUploadKeepalive          = "kludge.complete_multipart_keepalive"
-
 	// Command line args.
 	cmdHelp      = "help"
 	cmdVersion   = "version"
@ -257,10 +253,6 @@ func newSettings() *viper.Viper {
 	v.SetDefault(cfgPProfAddress, "localhost:8085")
 	v.SetDefault(cfgPrometheusAddress, "localhost:8086")

-	// kludge
-	v.SetDefault(cfgKludgeUseDefaultXMLNSForCompleteMultipartUpload, false)
-	v.SetDefault(cfgKludgeCompleteMultipartUploadKeepalive, 10*time.Second)
-
 	// Bind flags
 	if err := bindFlags(v, flags); err != nil {
 		panic(fmt.Errorf("bind flags: %w", err))
--- a/config/config.env
+++ b/config/config.env
@ -127,8 +127,3 @@ S3_GW_ALLOWED_ACCESS_KEY_ID_PREFIXES=Ck9BHsgKcnwfCTUSFm6pxhoNS4cBqgN2NQ8zVgPjqZD
 # List of container NNS zones which are allowed or restricted to resolve with HEAD request
 S3_GW_RESOLVE_BUCKET_ALLOW=container
 # S3_GW_RESOLVE_BUCKET_DENY=
-
-# Enable using default xml namespace `http://s3.amazonaws.com/doc/2006-03-01/` when parse`CompleteMultipartUpload` xml body.
-S3_GW_KLUDGE_USE_DEFAULT_XMLNS_FOR_COMPLETE_MULTIPART=false
-# Set timeout between whitespace transmissions during CompleteMultipartUpload processing.
-S3_GW_KLUDGE_COMPLETE_MULTIPART_KEEPALIVE=10s
--- a/config/config.yaml
+++ b/config/config.yaml
@ -149,9 +149,3 @@ resolve_bucket:
  allow:
    - container
  deny:
-
-kludge:
-  # Enable using default xml namespace `http://s3.amazonaws.com/doc/2006-03-01/` when parse`CompleteMultipartUpload` xml body.
-  use_default_xmlns_for_complete_multipart: false
-  # Set timeout between whitespace transmissions during CompleteMultipartUpload processing.
-  complete_multipart_keepalive: 10s
--- a/creds/accessbox/accessbox.go
+++ b/creds/accessbox/accessbox.go
@ -10,9 +10,9 @@ import (
 	"fmt"
 	"io"

-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
+	"github.com/TrueCloudLab/frostfs-sdk-go/bearer"
+	"github.com/TrueCloudLab/frostfs-sdk-go/netmap"
+	"github.com/TrueCloudLab/frostfs-sdk-go/session"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"golang.org/x/crypto/chacha20poly1305"
 	"golang.org/x/crypto/hkdf"
--- a/creds/accessbox/accessbox.pb.go
+++ b/creds/accessbox/accessbox.pb.go
@ -1,7 +1,7 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.28.1
-// 	protoc        v3.21.12
+// 	protoc        v3.15.8
 // source: creds/accessbox/accessbox.proto

 package accessbox
@ -290,12 +290,11 @@ var file_creds_accessbox_accessbox_proto_rawDesc = []byte{
 	0x0c, 0x52, 0x0b, 0x62, 0x65, 0x61, 0x72, 0x65, 0x72, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x24,
 	0x0a, 0x0d, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x73, 0x18,
 	0x03, 0x20, 0x03, 0x28, 0x0c, 0x52, 0x0d, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x54, 0x6f,
-	0x6b, 0x65, 0x6e, 0x73, 0x42, 0x46, 0x5a, 0x44, 0x67, 0x69, 0x74, 0x2e, 0x66, 0x72, 0x6f, 0x73,
-	0x74, 0x66, 0x73, 0x2e, 0x69, 0x6e, 0x66, 0x6f, 0x2f, 0x54, 0x72, 0x75, 0x65, 0x43, 0x6c, 0x6f,
-	0x75, 0x64, 0x4c, 0x61, 0x62, 0x2f, 0x66, 0x72, 0x6f, 0x73, 0x74, 0x66, 0x73, 0x2d, 0x73, 0x33,
-	0x2d, 0x67, 0x77, 0x2f, 0x63, 0x72, 0x65, 0x64, 0x73, 0x2f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x62,
-	0x6f, 0x78, 0x3b, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x62, 0x6f, 0x78, 0x62, 0x06, 0x70, 0x72,
-	0x6f, 0x74, 0x6f, 0x33,
+	0x6b, 0x65, 0x6e, 0x73, 0x42, 0x40, 0x5a, 0x3e, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63,
+	0x6f, 0x6d, 0x2f, 0x54, 0x72, 0x75, 0x65, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x4c, 0x61, 0x62, 0x2f,
+	0x66, 0x72, 0x6f, 0x73, 0x74, 0x66, 0x73, 0x2d, 0x73, 0x33, 0x2d, 0x67, 0x77, 0x2f, 0x63, 0x72,
+	0x65, 0x64, 0x73, 0x2f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x62, 0x6f, 0x78, 0x3b, 0x61, 0x63, 0x63,
+	0x65, 0x73, 0x73, 0x62, 0x6f, 0x78, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }

 var (
--- a/creds/accessbox/accessbox.proto
+++ b/creds/accessbox/accessbox.proto
@ -2,7 +2,7 @@ syntax = "proto3";

 package accessbox;

-option go_package = "git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/tokenbox;accessbox";
+option go_package = "github.com/TrueCloudLab/frostfs-s3-gw/creds/tokenbox;accessbox";



@ -27,3 +27,4 @@ message Tokens {
    bytes bearerToken = 2 [json_name = "bearerToken"];
    repeated bytes sessionTokens = 3 [json_name = "sessionTokens"];
 }
+
--- a/creds/accessbox/bearer_token_test.go
+++ b/creds/accessbox/bearer_token_test.go
@ -3,10 +3,10 @@ package accessbox
 import (
 	"testing"

-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
-	frostfsecdsa "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/crypto/ecdsa"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/eacl"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
+	"github.com/TrueCloudLab/frostfs-sdk-go/bearer"
+	frostfsecdsa "github.com/TrueCloudLab/frostfs-sdk-go/crypto/ecdsa"
+	"github.com/TrueCloudLab/frostfs-sdk-go/eacl"
+	"github.com/TrueCloudLab/frostfs-sdk-go/session"
 	"github.com/google/uuid"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/stretchr/testify/require"
--- a/creds/tokens/credentials.go
+++ b/creds/tokens/credentials.go
@ -7,11 +7,11 @@ import (
 	"strconv"
 	"time"

-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/cache"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
-	cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
-	oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
-	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
+	"github.com/TrueCloudLab/frostfs-s3-gw/api/cache"
+	"github.com/TrueCloudLab/frostfs-s3-gw/creds/accessbox"
+	cid "github.com/TrueCloudLab/frostfs-sdk-go/container/id"
+	oid "github.com/TrueCloudLab/frostfs-sdk-go/object/id"
+	"github.com/TrueCloudLab/frostfs-sdk-go/user"
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 )

--- a/debian/control
+++ b/debian/control
@ -5,8 +5,8 @@ Maintainer: TrueCloudLab <tech@frostfs.info>
 Build-Depends: debhelper-compat (= 13), git, devscripts
 Standards-Version: 4.5.1
 Homepage: http://frostfs.info/
-Vcs-Git: https://git.frostfs.info/TrueCloudLab/frostfs-s3-gw.git
-Vcs-Browser: https://git.frostfs.info/TrueCloudLab/frostfs-s3-gw
+Vcs-Git: https://github.com/TrueCloudLab/frostfs-s3-gw.git
+Vcs-Browser: https://github.com/TrueCloudLab/frostfs-s3-gw

 Package: frostfs-s3-gw
 Architecture: any
--- a/Show more
+++ b/Show more