feat(vet): add cargo vet and remove time crate (#395)

Add `cargo vet`, and remove `time`, which `cargo deny` identified as
vulnerable under
[RUSTSEC-2026-0009](/rustsec/advisory-db/blob/main/crates/time/RUSTSEC-2026-0009.md).
It also had maintenance issues, and has way too many unsafe blocks.

In order to fully excise `time`, we replaced `bat` and `octocrab`, which
necessitated the creation of `jp_github`.

Cargo binstall was also rebuilding itself every run, without proper
caching ("Cache save failed."), so it was removed. 

---------

Co-authored-by: Jay Oster <jay@blipjoy.com>

Author: rxgrant

.config/jp/tools/Cargo.toml

@@ -28,14 +28,7 @@ grep-regex = { workspace = true }
 grep-searcher = { workspace = true }
 ignore = { workspace = true }
 indoc = { workspace = true }
-octocrab = { workspace = true, features = [
-    "default-client",
-    "follow-redirect",
-    "retry",
-    "rustls",
-    "rustls-ring",
-    "timeout",
-] }
+jp_github = { workspace = true }
 quick-xml = { workspace = true, features = ["encoding", "serialize"] }
 reqwest = { workspace = true, features = [
     "charset",
@@ -48,7 +41,7 @@ serde = { workspace = true, features = ["std", "derive", "alloc"] }
 serde_json = { workspace = true, features = ["std", "preserve_order", "alloc"] }
 similar = { workspace = true, features = ["text", "unicode", "inline"] }
 strip-ansi-escapes = { workspace = true }
-time = { workspace = true, features = ["serde-human-readable"] }
+chrono = { workspace = true }
 tokio = { workspace = true, features = ["full"] }
 url = { workspace = true, features = ["serde", "std"] }
 

.config/jp/tools/src/github.rs

@@ -82,14 +82,14 @@ async fn auth() -> Result<(), Box<dyn std::error::Error + Send + Sync + 'static>
             "unable to get auth token. Set `JP_GITHUB_TOKEN` or `GITHUB_TOKEN` to a valid token."
         })?;
 
-    let octocrab = octocrab::Octocrab::builder()
+    let octocrab = jp_github::Octocrab::builder()
         .personal_token(token)
         .build()
         .map_err(|err| format!("unable to create github client: {err:#}"))?;
 
-    octocrab::initialise(octocrab);
+    jp_github::initialise(octocrab);
 
-    if octocrab::instance().current().user().await.is_err() {
+    if jp_github::instance().current().user().await.is_err() {
         return Err(
             "Unable to authenticate with github. This might be because the token is expired. \
              Either set `JP_GITHUB_TOKEN` or `GITHUB_TOKEN` to a valid token."
@@ -100,9 +100,9 @@ async fn auth() -> Result<(), Box<dyn std::error::Error + Send + Sync + 'static>
     Ok(())
 }
 
-fn handle_404(error: octocrab::Error, msg: impl Into<String>) -> Error {
+fn handle_404(error: jp_github::Error, msg: impl Into<String>) -> Error {
     match error {
-        octocrab::Error::GitHub { source, .. } if source.status_code.as_u16() == 404 => {
+        jp_github::Error::GitHub { source, .. } if source.status_code.as_u16() == 404 => {
             msg.into().into()
         }
         _ => Box::new(error) as Error,

.config/jp/tools/src/github/create_issue_bug.rs

@@ -9,6 +9,7 @@ use crate::{
     util::OneOrMany,
 };
 
+#[allow(clippy::too_many_arguments)]
 pub(crate) async fn github_create_issue_bug(
     title: String,
     description: String,
@@ -94,7 +95,7 @@ pub(crate) async fn github_create_issue_bug(
         _ => return Err("Invalid complexity, must be one of `low`, `medium`, or `high`.".into()),
     }
 
-    let issue = octocrab::instance()
+    let issue = jp_github::instance()
         .issues(ORG, REPO)
         .create(&title)
         .body(&body)
@@ -109,13 +110,13 @@ pub(crate) async fn github_create_issue_bug(
 }
 
 async fn check_labels(as_ref: Option<&[String]>) -> Result<()> {
-    let page = octocrab::instance()
+    let page = jp_github::instance()
         .issues(ORG, REPO)
         .list_labels_for_repo()
         .send()
         .await?;
 
-    let labels = octocrab::instance().all_pages(page).await?;
+    let labels = jp_github::instance().all_pages(page).await?;
 
     let mut invalid_labels = vec![];
     for label in as_ref.into_iter().flatten() {
@@ -161,13 +162,13 @@ async fn check_labels(as_ref: Option<&[String]>) -> Result<()> {
 }
 
 async fn check_assignees(assignees: Option<&[String]>) -> Result<()> {
-    let page = octocrab::instance()
+    let page = jp_github::instance()
         .repos(ORG, REPO)
         .list_collaborators()
         .send()
         .await?;
 
-    let collaborators = octocrab::instance().all_pages(page).await?;
+    let collaborators = jp_github::instance().all_pages(page).await?;
 
     let mut invalid_assignees = vec![];
     for assignee in assignees.into_iter().flatten() {

.config/jp/tools/src/github/create_issue_enhancement.rs

@@ -89,7 +89,7 @@ pub(crate) async fn github_create_issue_enhancement(
         _ => return Err("Invalid complexity, must be one of `low`, `medium`, or `high`.".into()),
     }
 
-    let issue = octocrab::instance()
+    let issue = jp_github::instance()
         .issues(ORG, REPO)
         .create(&title)
         .body(&body)
@@ -104,13 +104,13 @@ pub(crate) async fn github_create_issue_enhancement(
 }
 
 async fn check_labels(as_ref: Option<&[String]>) -> Result<()> {
-    let page = octocrab::instance()
+    let page = jp_github::instance()
         .issues(ORG, REPO)
         .list_labels_for_repo()
         .send()
         .await?;
 
-    let labels = octocrab::instance().all_pages(page).await?;
+    let labels = jp_github::instance().all_pages(page).await?;
 
     let mut invalid_labels = vec![];
     for label in as_ref.into_iter().flatten() {
@@ -156,13 +156,13 @@ async fn check_labels(as_ref: Option<&[String]>) -> Result<()> {
 }
 
 async fn check_assignees(assignees: Option<&[String]>) -> Result<()> {
-    let page = octocrab::instance()
+    let page = jp_github::instance()
         .repos(ORG, REPO)
         .list_collaborators()
         .send()
         .await?;
 
-    let collaborators = octocrab::instance().all_pages(page).await?;
+    let collaborators = jp_github::instance().all_pages(page).await?;
 
     let mut invalid_assignees = vec![];
     for assignee in assignees.into_iter().flatten() {

.config/jp/tools/src/github/issues.rs

@@ -1,4 +1,4 @@
-use time::OffsetDateTime;
+use chrono::{DateTime, Utc};
 use url::Url;
 
 use super::auth;
@@ -26,14 +26,12 @@ async fn get_issue(number: u64) -> Result<String> {
         url: Url,
         labels: Vec<String>,
         author: String,
-        #[serde(with = "time::serde::rfc3339")]
-        created_at: OffsetDateTime,
-        #[serde(with = "time::serde::rfc3339::option")]
-        closed_at: Option<OffsetDateTime>,
+        created_at: DateTime<Utc>,
+        closed_at: Option<DateTime<Utc>>,
         linked_pull_request: Option<Url>,
     }
 
-    let issue = octocrab::instance()
+    let issue = jp_github::instance()
         .issues(ORG, REPO)
         .get(number)
         .await
@@ -46,11 +44,8 @@ async fn get_issue(number: u64) -> Result<String> {
         url: issue.html_url,
         labels: issue.labels.into_iter().map(|label| label.name).collect(),
         author: issue.user.login,
-        created_at: OffsetDateTime::from_unix_timestamp(issue.created_at.timestamp())?,
-        closed_at: issue
-            .closed_at
-            .map(|t| OffsetDateTime::from_unix_timestamp(t.timestamp()))
-            .transpose()?,
+        created_at: issue.created_at,
+        closed_at: issue.closed_at,
         linked_pull_request: issue.pull_request.map(|pr| pr.html_url),
     })
 }
@@ -68,40 +63,33 @@ async fn get_issues() -> Result<String> {
         url: Url,
         labels: Vec<String>,
         author: String,
-        #[serde(with = "time::serde::rfc3339")]
-        created_at: OffsetDateTime,
-        #[serde(with = "time::serde::rfc3339::option")]
-        closed_at: Option<OffsetDateTime>,
+        created_at: DateTime<Utc>,
+        closed_at: Option<DateTime<Utc>>,
         linked_pull_request: Option<Url>,
     }
 
-    let page = octocrab::instance()
+    let page = jp_github::instance()
         .issues(ORG, REPO)
         .list()
         .per_page(100)
         .send()
         .await?;
 
-    let issue = octocrab::instance()
+    let issue = jp_github::instance()
         .all_pages(page)
         .await?
         .into_iter()
-        .map(|issue| {
-            Ok(Issue {
-                number: issue.number,
-                title: issue.title,
-                url: issue.html_url,
-                labels: issue.labels.into_iter().map(|label| label.name).collect(),
-                author: issue.user.login,
-                created_at: OffsetDateTime::from_unix_timestamp(issue.created_at.timestamp())?,
-                closed_at: issue
-                    .closed_at
-                    .map(|t| OffsetDateTime::from_unix_timestamp(t.timestamp()))
-                    .transpose()?,
-                linked_pull_request: issue.pull_request.map(|pr| pr.html_url),
-            })
+        .map(|issue| Issue {
+            number: issue.number,
+            title: issue.title,
+            url: issue.html_url,
+            labels: issue.labels.into_iter().map(|label| label.name).collect(),
+            author: issue.user.login,
+            created_at: issue.created_at,
+            closed_at: issue.closed_at,
+            linked_pull_request: issue.pull_request.map(|pr| pr.html_url),
         })
-        .collect::<Result<_>>()?;
+        .collect();
 
     to_xml(Issues { issue })
 }