Merge pull request #2110 from jpgrayson/fix/gix-date-parse-raw

fix(gix-date): add parse_raw()

Author: Byron

Cargo.lock

@@ -19,7 +19,7 @@ doctest = false
 serde = ["dep:serde", "bstr/serde", "gix-date/serde"]
 
 [dependencies]
-gix-date = { version = "^0.10.4", path = "../gix-date" }
+gix-date = { version = "^0.10.5", path = "../gix-date" }
 gix-utils = { version = "^0.3.0", path = "../gix-utils" }
 
 thiserror = "2.0.0"

gix-actor/Cargo.toml

@@ -30,7 +30,7 @@ zip = ["dep:zip"]
 gix-worktree-stream = { version = "^0.22.0", path = "../gix-worktree-stream" }
 gix-object = { version = "^0.50.1", path = "../gix-object" }
 gix-path = { version = "^0.10.20", path = "../gix-path", optional = true }
-gix-date = { version = "^0.10.4", path = "../gix-date" }
+gix-date = { version = "^0.10.5", path = "../gix-date" }
 
 flate2 = { version = "1.1.1", optional = true, default-features = false, features = ["zlib-rs"] }
 zip = { version = "4.3.0", optional = true, default-features = false, features = ["deflate-flate2"] }

gix-archive/Cargo.toml

@@ -14,7 +14,7 @@ rust-version = "1.70"
 gix-commitgraph = { version = "^0.29.0", path = "../gix-commitgraph" }
 gix-revwalk = { version = "^0.21.0", path = "../gix-revwalk" }
 gix-trace = { version = "^0.1.13", path = "../gix-trace" }
-gix-date = { version = "^0.10.4", path = "../gix-date" }
+gix-date = { version = "^0.10.5", path = "../gix-date" }
 gix-diff = { version = "^0.53.0", path = "../gix-diff", default-features = false, features = ["blob"] }
 gix-object = { version = "^0.50.1", path = "../gix-object" }
 gix-hash = { version = "^0.19.0", path = "../gix-hash" }

gix-blame/Cargo.toml

@@ -25,7 +25,7 @@ gix-path = { version = "^0.10.20", path = "../gix-path" }
 gix-command = { version = "^0.6.2", path = "../gix-command" }
 gix-config-value = { version = "^0.15.1", path = "../gix-config-value" }
 gix-prompt = { version = "^0.11.1", path = "../gix-prompt" }
-gix-date = { version = "^0.10.4", path = "../gix-date" }
+gix-date = { version = "^0.10.5", path = "../gix-date" }
 gix-trace = { version = "^0.1.13", path = "../gix-trace" }
 
 thiserror = "2.0.0"

gix-credentials/Cargo.toml

@@ -2,7 +2,7 @@ lints.workspace = true
 
 [package]
 name = "gix-date"
-version = "0.10.4"
+version = "0.10.5"
 repository = "https://github.com/GitoxideLabs/gitoxide"
 license = "MIT OR Apache-2.0"
 description = "A crate of the gitoxide project parsing dates the way git does"

gix-date/CHANGELOG.md

@@ -165,7 +165,7 @@ pub(crate) mod function {
             Time::new(val, 0)
         } else if let Some(val) = relative::parse(input, now).transpose()? {
             Time::new(val.timestamp().as_second(), val.offset().seconds())
-        } else if let Some(val) = parse_header(input) {
+        } else if let Some(val) = parse_raw(input) {
             // Format::Raw
             val
         } else {
@@ -236,6 +236,52 @@ pub(crate) mod function {
         Some(time)
     }
 
+    /// Strictly parse the raw commit header format like `1745582210 +0200`.
+    ///
+    /// Some strict rules include:
+    ///
+    /// - The timezone offset must be present.
+    /// - The timezone offset must have a sign; either `+` or `-`.
+    /// - The timezone offset hours must be less than or equal to 14.
+    /// - The timezone offset minutes must be exactly 0, 15, 30, or 45.
+    /// - The timezone offset seconds may be present, but 0 is the only valid value.
+    /// - Only whitespace may suffix the timezone offset.
+    ///
+    /// But this function isn't perfectly strict insofar as it allows arbitrary
+    /// whitespace before and after the seconds and offset components.
+    ///
+    /// The goal is to only accept inputs that _unambiguously_ look like
+    /// git's raw date format.
+    fn parse_raw(input: &str) -> Option<Time> {
+        let mut split = input.split_whitespace();
+        let seconds = split.next()?.parse::<SecondsSinceUnixEpoch>().ok()?;
+        let offset_str = split.next()?;
+        if split.next().is_some() {
+            return None;
+        }
+        let offset_len = offset_str.len();
+        if offset_len != 5 && offset_len != 7 {
+            return None;
+        }
+        let sign: i32 = match offset_str.get(..1)? {
+            "-" => Some(-1),
+            "+" => Some(1),
+            _ => None,
+        }?;
+        let hours: u8 = offset_str.get(1..3)?.parse().ok()?;
+        let minutes: u8 = offset_str.get(3..5)?.parse().ok()?;
+        let offset_seconds: u8 = if offset_len == 7 {
+            offset_str.get(5..7)?.parse().ok()?
+        } else {
+            0
+        };
+        if hours > 14 || (minutes != 0 && minutes != 15 && minutes != 30 && minutes != 45) || offset_seconds != 0 {
+            return None;
+        }
+        let offset: i32 = sign * ((hours as i32) * 3600 + (minutes as i32) * 60);
+        Time { seconds, offset }.into()
+    }
+
     /// This is just like `Zoned::strptime`, but it allows parsing datetimes
     /// whose weekdays are inconsistent with the date. While the day-of-week
     /// still must be parsed, it is otherwise ignored. This seems to be
@@ -252,6 +298,75 @@ pub(crate) mod function {
         static P: rfc2822::DateTimeParser = rfc2822::DateTimeParser::new().relaxed_weekday(true);
         P.parse_zoned(input)
     }
+
+    #[cfg(test)]
+    mod tests {
+        use super::*;
+
+        #[test]
+        fn parse_raw_valid() {
+            // These examples show how it's more loose than it has to be,
+            // merely as a side effect of the implementation.
+            for (valid, expected_seconds, expected_offset) in [
+                ("12345 +0000", 12345, 0),
+                ("-1234567 +0000", -1234567, 0),
+                ("+1234567 -000000", 1234567, 0),
+                ("   +0    -000000    ", 0, 0),
+                ("\t-0\t-0000\t", 0, 0),
+                ("\n-0\r\n-0000\n", 0, 0),
+            ] {
+                assert_eq!(
+                    parse_raw(valid),
+                    Some(Time {
+                        seconds: expected_seconds,
+                        offset: expected_offset
+                    }),
+                    "should succeed: '{valid}'"
+                );
+            }
+        }
+
+        #[test]
+        fn parse_raw_invalid() {
+            for (bad_date_str, message) in [
+                ("123456 !0600", "invalid sign - must be + or -"),
+                ("123456 0600", "missing offset sign"),
+                ("123456 +060", "positive offset too short"),
+                ("123456 -060", "negative offset too short"),
+                ("123456 +06000", "not enough offset seconds"),
+                ("123456 --060", "duplicate offset sign with correct offset length"),
+                ("123456 -+060", "multiple offset signs with correct offset length"),
+                ("123456 --0600", "multiple offset signs, but incorrect offset length"),
+                ("123456 +-06000", "multiple offset signs with correct offset length"),
+                ("123456 +-0600", "multiple offset signs with incorrect offset length"),
+                ("123456 +-060", "multiple offset signs with correct offset length"),
+                ("123456 +10030", "invalid offset length with one 'second' field"),
+                ("123456 06000", "invalid offset length, missing sign"),
+                ("123456 +0600 extra", "extra field past offset"),
+                ("123456 +0600 2005", "extra field past offset that looks like year"),
+                ("123456+0600", "missing space between unix timestamp and offset"),
+                (
+                    "123456 + 600",
+                    "extra spaces between sign and offset (which also is too short)",
+                ),
+                ("123456 -1500", "negative offset hours out of bounds"),
+                ("123456 +1500", "positive offset hours out of bounds"),
+                ("123456 +6600", "positive offset hours out of bounds"),
+                ("123456 +0660", "invalid offset minutes"),
+                ("123456 +060010", "positive offset seconds is allowed but only if zero"),
+                ("123456 -060010", "negative offset seconds is allowed but only if zero"),
+                ("123456 +0075", "positive offset minutes invalid"),
+                ("++123456 +0000", "duplicate timestamp sign"),
+                ("--123456 +0000", "duplicate timestamp sign"),
+                ("1234567 -+1+1+0", "unsigned offset parsing rejects '+'"),
+            ] {
+                assert!(
+                    parse_raw(bad_date_str).is_none(),
+                    "should fail: '{bad_date_str}': {message}"
+                );
+            }
+        }
+    }
 }
 
 mod relative {

gix-date/Cargo.toml

@@ -101,7 +101,7 @@ mod write_to {
             assert_eq!(output.as_bstr(), expected);
             assert_eq!(time.size(), output.len());
 
-            let actual = gix_date::parse(&output.as_bstr().to_string(), None).expect("round-trippable");
+            let actual = output.as_bstr().to_string().parse::<Time>().expect("round-trippable");
             assert_eq!(time, actual);
         }
         Ok(())

gix-date/src/parse.rs

@@ -83,22 +83,27 @@ fn raw() -> gix_testtools::Result {
     );
 
     assert_eq!(
-        gix_date::parse("1313584730 +051800", None)?,
+        gix_date::parse("1313584730 +051500", None)?,
         Time {
             seconds: 1313584730,
-            offset: 19080,
+            offset: 18900,
         },
         "seconds for time-offsets work as well"
     );
 
     assert_eq!(
-        gix_date::parse("1313584730 +051842", None)?,
+        gix_date::parse("1313584730 -0230", None)?,
         Time {
             seconds: 1313584730,
-            offset: 19122,
+            offset: -150 * 60,
         },
     );
 
+    assert!(gix_date::parse("1313584730 +1500", None).is_err());
+    assert!(gix_date::parse("1313584730 +000001", None).is_err());
+    assert!(gix_date::parse("1313584730 +0001", None).is_err());
+    assert!(gix_date::parse("1313584730 +000100", None).is_err());
+
     let expected = Time {
         seconds: 1660874655,
         offset: -28800,