Skip to content

Update Rust crate time to 0.2.23 [SECURITY] #70

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update Rust crate time to 0.2.23 [SECURITY] #70

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Aug 13, 2025

This PR contains the following updates:

Package Type Update Change
time (source) dependencies minor 0.1.42 -> 0.2.23

GitHub Vulnerability Alerts

CVE-2020-26235

Impact

Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

The affected functions from time 0.2.7 through 0.2.22 are:

  • time::UtcOffset::local_offset_at
  • time::UtcOffset::try_local_offset_at
  • time::UtcOffset::current_local_offset
  • time::UtcOffset::try_current_local_offset
  • time::OffsetDateTime::now_local
  • time::OffsetDateTime::try_now_local

The affected functions in time 0.1 (all versions) are:

  • at
  • at_utc
  • now

Non-Unix targets (including Windows and wasm) are unaffected.

Patches

In some versions of time, the internal method that determines the local offset has been modified to always return None on the affected operating systems. This has the effect of returning an Err on the try_* methods and UTC on the non-try_* methods. In later versions, time will attempt to determine the number of threads running in the process. If the process is single-threaded, the call will proceed as its safety invariant is upheld.

Users and library authors with time in their dependency tree must perform cargo update, which will pull in the updated, unaffected code.

Users of time 0.1 do not have a patch and must upgrade to an unaffected version: time 0.2.23 or greater or the 0.3 series.

Workarounds

Library authors must ensure that the program only has one running thread at the time of calling any affected method. Binary authors may do the same and/or ensure that no other thread is actively mutating the environment.

References

time-rs/time#293.

Release Notes

time-rs/time (time)

v0.2.23

Compare Source

Compatibility notes

Due to #​293, any method that requires knowledge of the local offset will now
fail on Linux. For try_ methods, this means returning an error. For others,
it means assuming UTC.

Deprecated
  • UtcOffset::timestamp (moved to UtcOffset::unix_timestamp)
  • UtcOffset::timestamp_nanos (moved to UtcOffset::unix_timestamp_nanos)
  • date (moved to macros::date)
  • time (moved to macros::time)
  • offset (moved to macros::offset)
  • OffsetDateTime::now_local (assumes UTC if unable to be determined)
  • UtcOffset::local_offset_at (assumes UTC if unable to be determined)
  • UtcOffset::current_local_offset (assumes UTC if unable to be determined)

v0.2.22

Compare Source

Fixed
  • Solaris & Illumos now successfully build.
  • Duration::new could previously result in an inconsistent internal state. This led to some odd
    situations where a Duration could be both positive and negative. This has been fixed such that
    the internal state maintains its invariants.

v0.2.21

Compare Source

Changed
  • Implementation details of some error types have been exposed. This means that data about a
    component being out of range can be directly obtained, while an invalid offset or conversion error
    is guaranteed to be a zero-sized type.
  • The following functions are const fn on rustc ≥ 1.46:
    • Date::try_from_iso_ywd
    • Date::iso_year_week
    • Date::week
    • Date::sunday_based_week
    • Date::monday_based_week
    • Date::try_with_hms
    • Date::try_with_hms_milli
    • Date::try_with_hms_micro
    • Date::try_with_hms_nano
    • PrimitiveDateTime::iso_year_week
    • PrimitiveDateTime::week
    • PrimitiveDateTime::sunday_based_week
    • PrimitiveDateTime::monday_based_week
    • util::weeks_in_year

v0.2.20

Compare Source

Added
  • OffsetDateTime::timestamp_nanos
  • OffsetDateTime::from_unix_timestamp_nanos
Fixed

A bug with far-reaching consequences has been fixed. See #​276 for complete details, but the gist is
that the constructing a Date from a valid Julian day may result in an invalid value or even panic.
As a consequence of implementation details, this affects nearly all arithmetic with Dates (and as
a result also PrimitiveDateTimes and OffsetDateTimes).

Improvements
  • Document how to construct an OffsetDateTime from a timestamp-nanosecond pair

v0.2.19

Compare Source

Fixed
  • The build script now declares a dependency on the COMPILING_UNDER_CARGO_WEB environment
    variable.
  • Parsing the %D specifier no longer requires padding on the month. Previously,
    Err(InvalidMonth) was incorrectly returned.
  • A std::time::Duration that is larger than time::Duration::max_value() now correctly returns
    Ordering::Greater when compared.
  • Multiplying and assigning an integer by Sign::Zero now sets the integer to be zero. This
    previously left the integer unmodified.

v0.2.18

Compare Source

Changed
  • The following functions are const fn on rustc ≥ 1.46:
    • Date::try_from_ymd
    • Date::try_from_yo
    • Time::try_from_hms
    • Time::try_from_hms_milli
    • Time::try_from_hms_micro
    • Time::try_from_hms_nano
  • An error module has been created where all existing error types are contained. The Error
    suffix has been dropped from these types.
  • An ext module has been created where extension traits are contained.
  • A util module has been created where utility functions are contained.
  • error::ComponentRange now implements Copy.

For back-compatibility, all items that were moved to newly-contained modules have been re-exported
from their previous locations (and in the case of the error module, with their previous name).

Fixes

Parsing format::Rfc3339 now correctly handles the UTC offset (#​274).

v0.2.17

Compare Source

Changed

The following functions are const fn on rustc ≥ 1.46:

  • Date::year
  • Date::month
  • Date::day
  • Date::month_day
  • Date::ordinal
  • Date::as_ymd
  • Date::as_yo
  • Date::julian_day
  • Duration::checked_div
  • PrimitiveDateTime::year
  • PrimitiveDateTime::month
  • PrimitiveDateTime::day
  • PrimitiveDateTime::month_day
  • PrimitiveDateTime::ordinal
  • Weekday::previous
  • Weekday::next
Improvements
  • size_of::<Date>() has been reduced from 8 to 4. As a consequence,
    size_of::<PrimitiveDatetime>() went from 16 to 12 and size_of::<OffsetDateTime>() from 20
    to 16. This change also results in a performance improvement of approximately 30% on the
    Date::year and Date::ordinal methods.
  • cfg-if has been removed as a dependency.
Fixed
  • cfg flags passed to rustc will no longer collide with other crates (at least unless they're
    doing something very stupid).
  • The crate will successfully compile with any combination of feature flags. Previously, some
    combinations would fail.

v0.2.16

Compare Source

Added

OffsetDateTimes can now be represented as Unix timestamps with serde. To do this, you can use the
time::serde::timestamp and time::serde::timestamp::option modules.

v0.2.15

Compare Source

Fixed

cargo-web support works, and is now explicitly checked in CI. A previous change was made that made
a method call ambiguous.

v0.2.14

Compare Source

Fixed

Adding/subtracting a core::time::Duration now correctly takes subsecond values into account. This
also affects PrimitiveDateTime and OffsetDateTime.

v0.2.13

Compare Source

Fixed

Panicking APIs are re-exposed.

v0.2.12

Compare Source

Fixed

Subtracting Instants can correctly result in a negative duration, rather than resulting in the
absolute value of it.

v0.2.11

Compare Source

Added
  • OffsetDateTime::now_utc
Deprecated
  • OffsetDateTime::now due to the offset not being clear from the method name alone.
Fixed

Dates are now uniformly random when using the rand crate. Previously, both the year and day
within the year were uniform, but this meant that any given day in a leap year was slightly less
likely to be chosen than a day in a non-leap year.

Changed
  • MSRV is lowered to 1.32.0.

v0.2.10

Compare Source

Added
  • Support for formatting and parsing OffsetDateTimes as RFC3339.
  • Lazy formatting. To avoid exposing implementation details, we're just returning impl Display,
    rather than a concrete type.
  • Add support for Illumos.
Fixed
  • Deprecated APIs from time v0.1 are public again. They were previously hidden by accident in 0.2.9.

v0.2.9

Compare Source

Added
  • Support for formatting and parsing OffsetDateTimes as RFC3339.
  • Lazy formatting. To avoid exposing implementation details, we're just returning impl Display,
    rather than a concrete type.
  • Add support for Illumos.
Fixed
  • Deprecated APIs from time v0.1 are public again. They were previously hidden by accident in 0.2.9.

v0.2.8

Compare Source

Added
  • cargo_web support has been added for getting a local offset. A general catch-all defaulting to
    UTC has also been added.
  • Error::source has been implemented for the wrapper time::Error.
  • UtcOffset::try_local_offset, UtcOffset::try_current_local_offset,
    OffsetDateTime::try_now_local() provide fallible alternatives when the default of UTC is not
    desired. To facilitate this change, IndeterminateOffsetError has been added.
  • Support for parsing and formatting subsecond nanoseconds.
Changed
  • #[non_exhaustive] is simulated on compilers prior to 1.40.0.

v0.2.7

Compare Source

Added
  • Display has been implemented for Date, OffsetDateTime, PrimitiveDateTime, Time,
    UtcOffset, and Weekday.
  • Hash is now derived for Duration.
  • SystemTime can be converted to and from OffsetDateTime. The following trait implementations
    have been made for interoperability:
    • impl Sub<SystemTime> for OffsetDateTime
    • impl Sub<OffsetDateTime> for SystemTime
    • impl PartialEq<SystemTime> for OffsetDateTime
    • impl PartialEq<OffsetDateTime> for SystemTime
    • impl PartialOrd<SystemTime> for OffsetDateTime
    • impl PartialOrd<OffsetDateTime> for SystemTime
    • impl From<SystemTime> for OffsetDateTime
    • impl From<OffsetDateTime> for SystemTime
  • All structs now impl Duration<T> for Standard, allowing usage with the rand crate. This is
    gated behind the rand feature flag.
  • Documentation can now be built on stable. Some annotations will be missing if you do this.
  • NumericalDuration has been implemented for f32 and f64. NumericalStdDuration and
    NumericalStdDurationShort have been implemented for f64 only.
  • UtcOffset::local_offset_at(OffsetDateTime), which will obtain the system's local offset at the
    provided moment in time.
    • OffsetDateTime::now_local() is equivalent to calling
      OffsetDateTime::now().to_offset(UtcOffset::local_offset_at(OffsetDateTime::now())) (but more
      efficient).
    • UtcOffset::current_local_offset() will return the equivalent of
      OffsetDateTime::now_local().offset().
Changed
  • All formatting and parsing methods now accept impl AsRef<str> as parameters, rather than just
    &str. time::validate_format_string does this as well.
  • The requirement of a Date being between the years -100,000 and +100,000 (inclusive) is now
    strictly enforced.
  • Overflow checks for Duration are now enabled by default. This behavior is the identical to what
    the standard library does.
  • The time, date, and offset macros have been added to the prelude.
Deprecated

  • Sign has been deprecated in its entirety, along with Duration::sign.

    To obtain the sign of a Duration, you can use the Duration::is_positive,
    Duration::is_negative, and Duration::is_zero methods.

  • A number of functions and trait implementations that implicitly assumed a timezone (generally UTC)
    have been deprecated. These are:

    • Date::today
    • Time::now
    • PrimitiveDateTime::now
    • PrimitiveDateTime::unix_epoch
    • PrimitiveDateTime::from_unix_timestamp
    • PrimitiveDateTime::timestamp
    • impl Sub<SystemTime> for PrimitiveDateTime
    • impl Sub<PrimitiveDateTime> for SystemTime
    • impl PartialEq<SystemTime> for PrimitiveDateTime
    • impl PartialEq<PrimitiveDateTime> for SystemTime>
    • impl PartialOrd<SystemTime> for PrimitiveDateTime
    • impl PartialOrd<PrimitiveDateTime> for SystemTime>
    • impl From<SystemTime> for PrimitiveDateTime
    • impl From<PrimitiveDateTime> for SystemTime
Fixed
  • Avoid panics when parsing an empty string (#​215).
  • The nanoseconds component of a Duration is now always in range. Previously, it was possible (via
    addition and/or subtraction) to obtain a value that was not internally consistent.
  • Time::parse erroneously returned an InvalidMinute error when it was actually the second that
    was invalid.
  • Date::parse("0000-01-01", "%Y-%m-%d") incorrectly returned an Err (#​221).

v0.2.6

Compare Source

Bug fixes

v0.2.5 introduces a major inconsistency, not just in its behavior for PrimitiveDateTime::using_offset, but also changes its signature, rendering it incapable of being used in const contexts.

Both the behavior and the function signature have been fixed, while still fixing the underlying issue. PrimitiveDateTime::using_offset mentions in the docs that the PrimitiveDateTime is assumed to be UTC, and is converted to the provided offset. This was the previous behavior.

The following functionality had bugs that were fixed (from v0.2.4):

  • OffsetDateTime::timestamp
  • OffsetDateTime::parse
  • Equality, comparison for OffsetDateTime — Subsecond values were not checked previously. They also relied on the faulty timestamp implementation.
  • Hashing of OffsetDateTime — Same as equality and comparison. Additionally, hashes would collide with PrimitiveDateTime if the underlying UTC was the same.
  • Subtraction of two OffsetDateTimes previously disregarded the subsecond values.

All of these changes are now checked in CI, so regressions will be caught.

v0.2.5

Compare Source

Bug fixes

PrimitiveDateTime::using_offset was poorly defined, leading to an ambiguity that cause some methods to treat the existing datetime as UTC, while others treated it as the time in the provided offset. This release ensures that the behavior is what I intended — the datetime is assumed to be in the provided offset.

NB: This release has been yanked from crates.io due to major back-compatibility issues. These have been fixed in 0.2.6.

v0.2.4

Compare Source

v0.2.4 is identical to v0.2.3 with the exception of the breaking change, which has been reverted. v0.2.4 is backwards-compatible with v0.2.2.

v0.2.3

Compare Source

v0.2.3 has been yanked from crates.io. The breaking change (with regard to feature flags) should not have been made. By yanking this version, any existing code will continue to work, while new code will not have potential backwards-incompatible behavior. The change was reverted in v0.2.4.

Additions
  • time!, date!, offset! macros
  • Top-level parse function, allowing for type inference.
  • time::Result<T> alias to time::Result<T, time::Error>
Deprecated

Panicking APIs have been deprecated in favor of the new macros.

Changes

Minimum supported Rust version is now 1.34, changed from 1.40. This permits a number of crates to upgrade without breaking MSRV.

Bug fixes

A number of parsing methods used unchecked constructors. This was because the values should have been checked prior. They are now.

Breaking changes

The "std" feature has been renamed to "alloc", which disables the standard library. This was necessary to bring MSRV down to 1.34.

v0.2.2

Compare Source

Fixed
  • #​316, where the build script was wrongly unable to determine the correct compiler version
  • Dependencies have been bumped to the latest patch version, ensuring compatibility.

v0.2.1

Compare Source

Fixed
  • The build script now declares a dependency on the COMPILING_UNDER_CARGO_WEB environment
    variable.
  • Parsing the %D specifier no longer requires padding on the month. Previously,
    Err(InvalidMonth) was incorrectly returned.
  • A std::time::Duration that is larger than time::Duration::max_value() now correctly returns
    Ordering::Greater when compared.
  • Multiplying and assigning an integer by Sign::Zero now sets the integer to be zero. This
    previously left the integer unmodified.

v0.2.0

See #​190 for major details. This is essentially a new crate compared to v0.1, and only has a few methods for back-compatibility where trivially feasible.

Minimum supported Rust version: 1.40.0

v0.1.44

Compare Source

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants