Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix security audit - get rid of chrono and use time directly #2376

Merged
merged 4 commits into from
Mar 8, 2022
Merged

Fix security audit - get rid of chrono and use time directly #2376

merged 4 commits into from
Mar 8, 2022

Conversation

AurelienFT
Copy link
Contributor

@AurelienFT AurelienFT commented Mar 4, 2022
edited
Loading

Chrono still use a very old version of time (0.1 now it's 0.3). They have a PR running since months for updating but it seems that there is communication problems that lead to long time development. The PR : chronotope/chrono#639

This break our CI like a lot of others projects that use cargo audit. A lot of projects that use chrono to do things that are now implemented in the new version of time has switched to use time directly instead of using tokio. Some examples :

So as we also only use chrono to make things that now possible in time which is more maintained I suggest in this PR a change to use time instead of chrono. So that it will fix our CI and make us use a more maintained dependency.

Fix #2374

@AurelienFT AurelienFT requested a review from damip March 6, 2022 23:49
AureliaDolo
AureliaDolo previously approved these changes Mar 7, 2022
View reviewed changes
Copy link
Contributor

@AureliaDolo AureliaDolo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just the clippy warning left to fix and LGTM

By the way if you have an idea to better implement days_hours_mins_secs

@AurelienFT
Copy link
Contributor Author

Just the clippy warning left to fix and LGTM

By the way if you have an idea to better implement days_hours_mins_secs

Good catch ! Fixed ! Thank you.

AureliaDolo
AureliaDolo previously approved these changes Mar 7, 2022
View reviewed changes
Copy link
Contributor

@AureliaDolo AureliaDolo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

And I'm wondering why there is an unwrap in to_utc_string but eh

adrien-zinger
adrien-zinger suggested changes Mar 8, 2022
View reviewed changes
massa-time/src/lib.rs Outdated Show resolved Hide resolved
@AurelienFT
Copy link
Contributor Author

bors merge

@bors
Copy link
Contributor

bors bot commented Mar 8, 2022

Build succeeded:

@bors bors bot merged commit 4e3c498 into main Mar 8, 2022
@bors bors bot deleted the fix/remove_chrono branch March 8, 2022 23:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adrien-zinger adrien-zinger adrien-zinger approved these changes

@AureliaDolo AureliaDolo AureliaDolo approved these changes

@yvan-sraka yvan-sraka Awaiting requested review from yvan-sraka

@damip damip Awaiting requested review from damip

Assignees

@AurelienFT AurelienFT

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

CI fail on security audit
3 participants
@AurelienFT @adrien-zinger @AureliaDolo