[BLOCKS MPL 1.5.2+ UPGRADE] chore: Bump MPL submodule version, fix verification

DynamoDbEncryption/dafny/DynamoDbEncryptionTransforms/src/QueryTransform.dfy

@@ -92,16 +92,6 @@ module QueryTransform {
       var decryptRes := tableConfig.itemEncryptor.DecryptItem(decryptInput);
       var decrypted :- MapError(decryptRes);
 
-      // If the decrypted result was plaintext, i.e. has no parsedHeader
-      // then this is expected IFF the table config allows plaintext read
-      assert decrypted.parsedHeader.None? ==>
-          && EncOps.IsPlaintextItem(encryptedItems[x])
-          && !tableConfig.plaintextOverride.FORBID_PLAINTEXT_WRITE_FORBID_PLAINTEXT_READ?
-          && (
-               || tableConfig.plaintextOverride.FORBID_PLAINTEXT_WRITE_ALLOW_PLAINTEXT_READ?
-               || tableConfig.plaintextOverride.FORCE_PLAINTEXT_WRITE_ALLOW_PLAINTEXT_READ?
-             );
-
       if keyId.KeyId? && decrypted.parsedHeader.Some? {
         :- Need(|decrypted.parsedHeader.value.encryptedDataKeys| == 1, E("Query result has more than one Encrypted Data Key"));
         if decrypted.parsedHeader.value.encryptedDataKeys[0].keyProviderInfo == keyIdUtf8 {

DynamoDbEncryption/dafny/DynamoDbEncryptionTransforms/src/ScanTransform.dfy

@@ -90,16 +90,6 @@ module ScanTransform {
       var decryptRes := tableConfig.itemEncryptor.DecryptItem(decryptInput);
       var decrypted :- MapError(decryptRes);
 
-      // If the decrypted result was plaintext, i.e. has no parsedHeader
-      // then this is expected IFF the table config allows plaintext read
-      assert decrypted.parsedHeader.None? ==>
-          && EncOps.IsPlaintextItem(encryptedItems[x])
-          && !tableConfig.plaintextOverride.FORBID_PLAINTEXT_WRITE_FORBID_PLAINTEXT_READ?
-          && (
-               || tableConfig.plaintextOverride.FORBID_PLAINTEXT_WRITE_ALLOW_PLAINTEXT_READ?
-               || tableConfig.plaintextOverride.FORCE_PLAINTEXT_WRITE_ALLOW_PLAINTEXT_READ?
-             );
-
       if keyId.KeyId? && decrypted.parsedHeader.Some? {
         :- Need(|decrypted.parsedHeader.value.encryptedDataKeys| == 1, E("Scan result has more than one Encrypted Data Key"));
         if decrypted.parsedHeader.value.encryptedDataKeys[0].keyProviderInfo == keyIdUtf8 {

DynamoDbEncryption/dafny/DynamoDbEncryptionTransforms/test/TestFixtures.dfy

@@ -243,6 +243,7 @@ module TestFixtures {
     ensures fresh(encryption)
     ensures fresh(encryption.Modifies)
   {
+    expect sortKey.None? || DDB.IsValid_KeySchemaAttributeName(sortKey.value);
     var keyring := GetKmsKeyring();
     encryption :- expect DynamoDbEncryptionTransforms.DynamoDbEncryptionTransforms(
       DynamoDbTablesEncryptionConfig(

project.properties

@@ -1,4 +1,4 @@
-projectJavaVersion=3.6.2
+projectJavaVersion=3.6.2-SNAPSHOT
 mplDependencyJavaVersion=1.5.1
 dafnyVersion=4.2.0
 dafnyVerifyVersion=4.7.0