From 3f58fa786c3187cc19002a05119474beeb35d9a1 Mon Sep 17 00:00:00 2001 From: Markus Kohlhase Date: Tue, 19 Jul 2022 01:25:01 +0200 Subject: [PATCH 1/2] Remove unmentained chrono dependency --- CHANGES.md | 25 +++++++++++++++++++++++++ Cargo.toml | 1 - src/lib.rs | 1 - src/opencage.rs | 18 ++++++++++++++---- 4 files changed, 39 insertions(+), 6 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index b83c526..4e514d1 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,5 +1,30 @@ # Changes +## unreleased + +- Remove unmaintained `chrono` dependency + +### Breaking Changes + +Due to security issues caused by the unmaintained `chrono` crate +the `NaiveDateTime` was replaces by a `UnixTime` type: + +```diff +- use chrono::NaiveDateTime; +- use geocoding::opencage::Timestamp; ++ use geocoding::opencage::{Timestamp, UnixTime}; + + let created_http = "Mon, 16 May 2022 14:52:47 GMT".to_string(); + + let ts_in_seconds = 1_652_712_767_i64; +- let created_unix = NaiveDateTime::from_timestamp(ts_in_seconds, 0); ++ let created_unix = UnixTime::from_seconds(ts_in_seconds); + + let timestamp = Timestamp { created_http, created_unix }; + ++ assert_eq!(ts_in_seconds, created_unix.as_seconds()); +``` + ## 0.4.0 - Switch GeoAdmin API to WGS84 diff --git a/Cargo.toml b/Cargo.toml index 6f1a7b9..05ddd0d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -17,7 +17,6 @@ serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" reqwest = { version = "0.11", default-features = false, features = ["default-tls", "blocking", "json"] } hyper = "0.14.11" -chrono = { version = "0.4", features = ["serde"] } [features] default = ["reqwest/default"] diff --git a/src/lib.rs b/src/lib.rs index addd8ae..4793e57 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -27,7 +27,6 @@ static UA_STRING: &str = "Rust-Geocoding"; -use chrono; pub use geo_types::{Coordinate, Point}; use num_traits::Float; use reqwest::blocking::Client; diff --git a/src/opencage.rs b/src/opencage.rs index 87c2a80..f21f1d6 100644 --- a/src/opencage.rs +++ b/src/opencage.rs @@ -24,8 +24,6 @@ //! // "Carrer de Calatrava, 68, 08017 Barcelone, Espagne" //! println!("{:?}", res.unwrap()); //! ``` -use crate::chrono::naive::serde::ts_seconds::deserialize as from_ts; -use crate::chrono::NaiveDateTime; use crate::DeserializeOwned; use crate::GeocodingError; use crate::InputBounds; @@ -608,8 +606,20 @@ pub struct Status { #[derive(Debug, Serialize, Deserialize)] pub struct Timestamp { pub created_http: String, - #[serde(deserialize_with = "from_ts")] - pub created_unix: NaiveDateTime, + pub created_unix: UnixTime, +} + +/// Primitive unix timestamp +#[derive(Debug, Clone, Copy, Serialize, Deserialize)] +pub struct UnixTime(i64); + +impl UnixTime { + pub const fn as_seconds(self) -> i64 { + self.0 + } + pub const fn from_seconds(seconds: i64) -> Self { + Self(seconds) + } } /// Bounding-box metadata From df68b141e8cc9b36a6c6a04bc0b4800ef7b70d54 Mon Sep 17 00:00:00 2001 From: Markus Kohlhase Date: Mon, 29 Aug 2022 12:55:16 +0200 Subject: [PATCH 2/2] Remove reqwest default-tls feature --- CHANGES.md | 1 + Cargo.toml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGES.md b/CHANGES.md index 4e514d1..1a9c3a5 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -3,6 +3,7 @@ ## unreleased - Remove unmaintained `chrono` dependency +- Remove `default-tls` feature from `reqwest` dependency ### Breaking Changes diff --git a/Cargo.toml b/Cargo.toml index 05ddd0d..431a6bb 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -15,7 +15,7 @@ geo-types = "0.7" num-traits = "0.2" serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" -reqwest = { version = "0.11", default-features = false, features = ["default-tls", "blocking", "json"] } +reqwest = { version = "0.11", default-features = false, features = ["blocking", "json"] } hyper = "0.14.11" [features]