Skip to content

Commit d149cf1

Browse files
cratelyncratelyn
committed
chore(deps): address RUSTSEC-2025-0014
this commit replaces `humantime`, which is no longer maintained, with `jiff`. see this error when `main` today is built: ``` error[unmaintained]: humantime is unmaintained ┌─ /linkerd/linkerd2-proxy/Cargo.lock:78:1 │ 78 │ humantime 2.1.0 registry+https://github.com/rust-lang/crates.io-index │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ unmaintained advisory detected │ ├ ID: RUSTSEC-2025-0014 ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2025-0014 ├ Latest `humantime` crates.io release is four years old and GitHub repository has not seen commits in four years. Question about maintenance status has not gotten any reaction from maintainer: chronotope/humantime#31 ## Possible alternatives * [jiff](https://crates.io/crates/jiff) provides same kind of functionality ├ Announcement: chronotope/humantime#31 ├ Solution: No safe upgrade is available! ├ humantime v2.1.0 └── linkerd-http-access-log v0.1.0 └── linkerd-app-inbound v0.1.0 ├── linkerd-app v0.1.0 │ ├── linkerd-app-integration v0.1.0 │ └── linkerd2-proxy v0.1.0 ├── linkerd-app-admin v0.1.0 │ ├── linkerd-app v0.1.0 (*) │ └── (dev) linkerd-app-integration v0.1.0 (*) └── linkerd-app-gateway v0.1.0 └── linkerd-app v0.1.0 (*) advisories FAILED, bans ok, licenses ok, sources ok ``` see: * rustsec/advisory-db#2249. * chronotope/humantime#31. Signed-off-by: katelyn martin <[email protected]>
1 parent ed42c2a commit d149cf1

File tree

3 files changed

+54
-10
lines changed

3 files changed

+54
-10
lines changed

Cargo.lock

Lines changed: 51 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -945,12 +945,6 @@ version = "1.0.3"
945945
source = "registry+https://github.com/rust-lang/crates.io-index"
946946
checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9"
947947

948-
[[package]]
949-
name = "humantime"
950-
version = "2.1.0"
951-
source = "registry+https://github.com/rust-lang/crates.io-index"
952-
checksum = "9a3a5bfb195931eeb336b2a7b4d761daec841b97f947d34394601737a7bba5e4"
953-
954948
[[package]]
955949
name = "hyper"
956950
version = "0.14.32"
@@ -1213,6 +1207,47 @@ dependencies = [
12131207
"libc",
12141208
]
12151209

1210+
[[package]]
1211+
name = "jiff"
1212+
version = "0.2.4"
1213+
source = "registry+https://github.com/rust-lang/crates.io-index"
1214+
checksum = "d699bc6dfc879fb1bf9bdff0d4c56f0884fc6f0d0eb0fba397a6d00cd9a6b85e"
1215+
dependencies = [
1216+
"jiff-static",
1217+
"jiff-tzdb-platform",
1218+
"log",
1219+
"portable-atomic",
1220+
"portable-atomic-util",
1221+
"serde",
1222+
"windows-sys 0.52.0",
1223+
]
1224+
1225+
[[package]]
1226+
name = "jiff-static"
1227+
version = "0.2.4"
1228+
source = "registry+https://github.com/rust-lang/crates.io-index"
1229+
checksum = "8d16e75759ee0aa64c57a56acbf43916987b20c77373cb7e808979e02b93c9f9"
1230+
dependencies = [
1231+
"proc-macro2",
1232+
"quote",
1233+
"syn",
1234+
]
1235+
1236+
[[package]]
1237+
name = "jiff-tzdb"
1238+
version = "0.1.3"
1239+
source = "registry+https://github.com/rust-lang/crates.io-index"
1240+
checksum = "962e1dfe9b2d75a84536cf5bf5eaaa4319aa7906c7160134a22883ac316d5f31"
1241+
1242+
[[package]]
1243+
name = "jiff-tzdb-platform"
1244+
version = "0.1.2"
1245+
source = "registry+https://github.com/rust-lang/crates.io-index"
1246+
checksum = "a63c62e404e7b92979d2792352d885a7f8f83fd1d0d31eea582d77b2ceca697e"
1247+
dependencies = [
1248+
"jiff-tzdb",
1249+
]
1250+
12161251
[[package]]
12171252
name = "jobserver"
12181253
version = "0.1.32"
@@ -1665,7 +1700,7 @@ version = "0.1.0"
16651700
dependencies = [
16661701
"futures-core",
16671702
"http",
1668-
"humantime",
1703+
"jiff",
16691704
"linkerd-identity",
16701705
"linkerd-proxy-transport",
16711706
"linkerd-stack",
@@ -3122,6 +3157,15 @@ version = "1.11.0"
31223157
source = "registry+https://github.com/rust-lang/crates.io-index"
31233158
checksum = "350e9b48cbc6b0e028b0473b114454c6316e57336ee184ceab6e53f72c178b3e"
31243159

3160+
[[package]]
3161+
name = "portable-atomic-util"
3162+
version = "0.2.4"
3163+
source = "registry+https://github.com/rust-lang/crates.io-index"
3164+
checksum = "d8a2f0d8d040d7848a709caf78912debcc3f33ee4b3cac47d73d1e1069e83507"
3165+
dependencies = [
3166+
"portable-atomic",
3167+
]
3168+
31253169
[[package]]
31263170
name = "powerfmt"
31273171
version = "0.2.0"

linkerd/http/access-log/Cargo.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ publish = false
99
[dependencies]
1010
futures-core = "0.3"
1111
http = { workspace = true }
12-
humantime = "2"
12+
jiff = { version = "0.2", features = ["std"] }
1313
pin-project = "1"
1414
tokio = { version = "1", features = ["time"] }
1515
tracing = "0.1"

linkerd/http/access-log/src/lib.rs

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -210,6 +210,6 @@ where
210210
}
211211

212212
#[inline]
213-
fn now() -> humantime::Rfc3339Timestamp {
214-
humantime::format_rfc3339(SystemTime::now())
213+
fn now() -> String {
214+
jiff::Timestamp::now().to_string()
215215
}

0 commit comments

Comments
 (0)