You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
The time crate is the underlying crate which chrono uses for its various operations. Unfortunately, chrono is unmaintained and older versions of the time crate have security vulnerabilites[0] which are unfixed in chrono[1]. The medallion code does not use any chrono-specific features and all uses of it could be trivially replaced with the underlying time structs. Note that this change adds calls to `expect`. Where these calls are made, the previous chrono functions also panicked internally if out-of-range values were passed. We noticed this issue while doing a similar refactoring in a program that also uses medallion[2]. [0]: https://rustsec.org/advisories/RUSTSEC-2020-0071.html [1]: https://rustsec.org/advisories/RUSTSEC-2020-0159.html [2]: https://cl.tvl.fyi/c/depot/+/5311 |
1 year ago | |
---|---|---|
.. | ||
crypt.rs | 3 years ago | |
header.rs | 3 years ago | |
lib.rs | 1 year ago | |
payload.rs | 1 year ago |