Skip to content

Update Rust crate chrono to v0.4.43 - abandoned #83

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
renovate wants to merge 483 commits into
base: main
Choose a base branch
from
Open

Update Rust crate chrono to v0.4.43 - abandoned #83

renovate wants to merge 483 commits into from

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Jan 19, 2026

This PR contains the following updates:

Package Type Update Change
chrono dependencies patch 0.4.420.4.43

Release Notes

chronotope/chrono (chrono)

v0.4.43: 0.4.43

Compare Source

What's Changed

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

smart--petea and others added 30 commits March 2, 2024 16:36
@smart--petea
30-access-policies client admin
b9e6284
@smart--petea
30-access-policies removed src/routes/stack/service.rs
de85d4b
@smart--petea
30-access-policies owner logic for POST /stack/:id
618c30e
@smart--petea
30-access-policies admin, GET /stack/:id
b599b98
@smart--petea
30-access-policies GET /stack, GET /admin/stack/user/:id
15b890b
delete action for project/cloud/server, require review and optimizati…
9f92af2 
…on (duplicates etc)
form fields fix for server/cloud
aca9fdc
@smart--petea
30-access-policies /stack/:id/deploy
98b5a7d
@smart--petea
Merge pull request #36 from trydirect/30-access-policies
a193104 
30 access policies
cloud update testing
4c152e9
project update fix, request_json updates, body_into_form moved to form
4cc5471
icon attrs
b46620a
@smart--petea
30-access-polices working on the general JsonConfig
5fad9d9
@smart--petea
30-access-polices json errors
810bb6a
@smart--petea
30-access-policies json message for errors
a83071a
@smart--petea
30-access-policies json debug command. sketch
b402c83
payload fix for deploy command
2cf6a75
@smart--petea
30-access-policies read payload from file
d708f82
@smart--petea
30-access-policies - json debug command
fd47bfc
deploy function re-factoring, rabbitmq listener non-functional yet
d89fb33
mq listener, added futures_lite::stream::StraemExt
0cf6105
merge issue-33 to dev
d5d5a76
slight refactoring, deref() for subforms
9450ef4
mq listener, read queue and update status
f665d5d
mq listener, read queue and update status
d4d21b4
fix warnings
dc6c54f
fix restart policy for service
3e367ee
import fixes
858ab0e
@smart--petea
30 merge with dev
3bdf56c
@smart--petea
30-access-policies
d68bc5e
vsilent and others added 26 commits January 13, 2026 15:14
command_queue fix
9c0a6f7
Removed push logic from create.rs,Removed VaultClient dependency, we …
6769848 
…don't push anything to agent
casbin rule for enqueu endpoint
7494535
@claude
Fix: Add Casbin agent role permissions for Status Panel
4522654 
Problem:
Status Panel agents authenticate with 'agent' role but get 403
when accessing /api/v1/agent/commands/report endpoint.

Root Cause:
- Agent authentication (f_agent.rs) creates pseudo-user with role 'agent'
- Earlier migration (20251222160220) added agent permissions
- However, permissions may be missing on remote server

Solution:
- Create idempotent migration ensuring agent role has necessary permissions
- Grant 'agent' role access to:
  * POST /api/v1/agent/commands/report (command reporting)
  * GET /api/v1/agent/commands/wait/:deployment_hash (command polling)
- Ensure agent role inherits from group_anonymous

This allows Status Panel agents to report command results without
requiring per-agent Casbin rules, leveraging Vault token management
for authentication.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
match report from agent by column id not command_id
1074ab6
fetch by command_id not by id
624f46f
sqlx files
af45537
User auth cache, compress internal requests
9a036ac
cache cookies
6d82d3f
STACKER_AGENT_POLL_TIMEOUT_SECS, STACKER_AGENT_POLL_INTERVAL_SECS con…
0187e24 
…fig settings
casbin_reload config driven
4ea47ac
sqlx files for offline build
e7aedbe
updated changelog and readme
e8b99ce
defaults
8b750de
self-hosted build disabled
8046d52
Added next_poll_secs to the response body metadata for the agent wait…
5beb4ad 
… endpoin,part of meta
@vsilent @github-advanced-security
Potential fix for code scanning alert no. 14: Cleartext transmission …
7aad273 
…of sensitive information

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
test fix, vault v1
746a5a6
Merge branch 'feature-performance-improvements' of https://github.com…
cb54da4 
…/trydirect/stacker into feature-performance-improvements

merge fix
skip when Postgres isn’t reachable, so these won’t fail in CI without…
ebbf0d8 
… a DB
Fixed the missing fixture by switching the test to an existing mock p…
098e8dc 
…ayload and removing the unused import.
fix blocked requests by removed that mutex and switched to Rc<RefCell…
61629ea 
…> so requests are no longer serialized
fix docker.yml copy dist, npm fix
2ddd365
@vsilent
Merge pull request #79 from trydirect/feature-performance-improvements
7d93d66 
Feature performance improvements
@vsilent
Simplify README by removing banner details
72c5037 
Removed redundant information about the banner's visibility.
@renovate
Update Rust crate chrono to v0.4.43
396cfb9
@renovate renovate bot changed the title Update Rust crate chrono to v0.4.43 Update Rust crate chrono to v0.4.43 - abandoned Jan 19, 2026
@renovate
Copy link
Contributor Author

renovate bot commented Jan 19, 2026

Autoclosing Skipped

This PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error.

@gitguardian
Copy link

gitguardian bot commented Jan 19, 2026

⚠️ GitGuardian has uncovered 2 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secrets in your pull request
GitGuardian id GitGuardian status Secret Commit Filename
24149610 Triggered Bearer Token 0a8b589 src/connectors/admin_service/jwt.rs View secret
10008470 Triggered Generic High Entropy Secret d89fb33 tests/mock_data/deploy2.json View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secrets safely. Learn here the best practices.
  3. Revoke and rotate these secrets.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 19, 2026
View reviewed changes
src/helpers/cloud/security.rs
Ok(cipher_vec)
}

#[tracing::instrument(name = "decrypt.")]

Check failure

Code scanning / CodeQL

Cleartext logging of sensitive information High

This operation writes
self.user_id
Loading
to a log file.

Copilot Autofix

AI 1 day ago

In general, to fix cleartext logging of sensitive information, avoid logging the sensitive value entirely, or, if absolutely necessary, log only non-sensitive metadata or a redacted/hashed form. For tracing spans, configure instrumentation so that self and any sensitive arguments are not automatically recorded.

For this specific code:

  • Remove or sanitize the explicit debug prints that include rkey, the nonce, the token, and the encrypted data, because all of these relate to sensitive crypto operations and identifiers.
  • Adjust the #[tracing::instrument] annotation on decrypt so that it does not capture self (and thus self.user_id) into span fields. The standard way in tracing is to use skip(self, encrypted_data) on the attribute, which preserves the span for observability but omits the sensitive data.
  • These changes can be confined to src/helpers/cloud/security.rs within the shown methods: encrypt and decrypt. No new methods are required; only removal of certain eprintln! lines and modification of the attribute on decrypt.

Concretely:

  • In encrypt, delete the eprintln! lines that log nonce, token, and cipher_vec. They are purely diagnostic and not required for encryption to function.
  • In decrypt, delete the eprintln! lines that log rkey, nonce, and encrypted_data.
  • Change the #[tracing::instrument(name = "decrypt.")] line to #[tracing::instrument(name = "decrypt.", skip(self, encrypted_data))] so that the span is created without automatically logging the contents of self or the encrypted payload.

No additional imports are needed, as tracing::instrument is already in use via the attribute.

Suggested changeset 1
src/helpers/cloud/security.rs

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/helpers/cloud/security.rs b/src/helpers/cloud/security.rs
--- a/src/helpers/cloud/security.rs
+++ b/src/helpers/cloud/security.rs
@@ -94,10 +94,8 @@
         let cipher = Aes256Gcm::new(&key);
         // eprintln!("encrypt: Cipher str {cipher:?}");
         let nonce = Aes256Gcm::generate_nonce(&mut OsRng); // 96-bits; unique per message
-        eprintln!("Nonce bytes {nonce:?}");
         // let nonce_b64: String = general_purpose::STANDARD.encode(nonce);
         // eprintln!("Nonce b64 {nonce_b64:?}");
-        eprintln!("token {token:?}");
 
         let cipher_vec = cipher
             .encrypt(&nonce, token.as_ref())
@@ -107,11 +103,10 @@
         // self.save(cipher_vec.clone());
         self.save(nonce.as_slice());
 
-        eprintln!("Cipher {cipher_vec:?}");
         Ok(cipher_vec)
     }
 
-    #[tracing::instrument(name = "decrypt.")]
+    #[tracing::instrument(name = "decrypt.", skip(self, encrypted_data))]
     pub fn decrypt(&mut self, encrypted_data: Vec<u8>) -> Result<String, String> {
         let sec_key = std::env::var("SECURITY_KEY")
             .expect("SECURITY_KEY environment variable is not set")
@@ -119,16 +111,15 @@
         let key: &Key<Aes256Gcm> = Key::<Aes256Gcm>::from_slice(&sec_key.as_bytes());
         // eprintln!("decrypt: Key str {key:?}");
         let rkey = format!("{}_{}_{}", self.user_id, self.provider, self.field);
-        eprintln!("decrypt: Key str {rkey:?}");
         self.get(rkey);
         // eprintln!("decrypt: nonce b64:decoded {nonce:?}");
 
         let nonce = Nonce::from_slice(self.nonce.as_slice());
-        eprintln!("decrypt: nonce {nonce:?}");
+        // eprintln!("decrypt: nonce {nonce:?}");
 
         let cipher = Aes256Gcm::new(&key);
         // eprintln!("decrypt: Cipher str {cipher:?}");
-        eprintln!("decrypt: str {encrypted_data:?}");
+        // eprintln!("decrypt: str {encrypted_data:?}");
 
         let plaintext = cipher
             .decrypt(&nonce, encrypted_data.as_ref())
EOF
@@ -94,10 +94,8 @@
let cipher = Aes256Gcm::new(&key);
// eprintln!("encrypt: Cipher str {cipher:?}");
let nonce = Aes256Gcm::generate_nonce(&mut OsRng); // 96-bits; unique per message
eprintln!("Nonce bytes {nonce:?}");
// let nonce_b64: String = general_purpose::STANDARD.encode(nonce);
// eprintln!("Nonce b64 {nonce_b64:?}");
eprintln!("token {token:?}");

let cipher_vec = cipher
.encrypt(&nonce, token.as_ref())
@@ -107,11 +103,10 @@
// self.save(cipher_vec.clone());
self.save(nonce.as_slice());

eprintln!("Cipher {cipher_vec:?}");
Ok(cipher_vec)
}

#[tracing::instrument(name = "decrypt.")]
#[tracing::instrument(name = "decrypt.", skip(self, encrypted_data))]
pub fn decrypt(&mut self, encrypted_data: Vec<u8>) -> Result<String, String> {
let sec_key = std::env::var("SECURITY_KEY")
.expect("SECURITY_KEY environment variable is not set")
@@ -119,16 +111,15 @@
let key: &Key<Aes256Gcm> = Key::<Aes256Gcm>::from_slice(&sec_key.as_bytes());
// eprintln!("decrypt: Key str {key:?}");
let rkey = format!("{}_{}_{}", self.user_id, self.provider, self.field);
eprintln!("decrypt: Key str {rkey:?}");
self.get(rkey);
// eprintln!("decrypt: nonce b64:decoded {nonce:?}");

let nonce = Nonce::from_slice(self.nonce.as_slice());
eprintln!("decrypt: nonce {nonce:?}");
// eprintln!("decrypt: nonce {nonce:?}");

let cipher = Aes256Gcm::new(&key);
// eprintln!("decrypt: Cipher str {cipher:?}");
eprintln!("decrypt: str {encrypted_data:?}");
// eprintln!("decrypt: str {encrypted_data:?}");

let plaintext = cipher
.decrypt(&nonce, encrypted_data.as_ref())
Copilot is powered by AI and may make mistakes. Always verify output.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@smart--petea @vsilent