Update Cargo.lock with 22 changed files (#2727)#2738
Conversation
Automatic checkpoint to preserve work in progress. Tests and implementation saved before refactoring phase.
…once) deployed_pt() re-parsed the compile-time-constant SIMARD_BUILD_TIMESTAMP (RFC3339), re-ran the America/Los_Angeles DST conversion, and re-allocated the display string on every /api/status request. The value is fixed for the process lifetime, so memoize it with LazyLock and return the cached &'static str — eliminating the redundant per-request parse, timezone lookup, format, and heap allocation. Mirrors the parse-once SENTINEL_SESSION_ID pattern in goal_curation. Behavior and JSON output are unchanged; all three tested helpers remain intact. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
… auth Closes the two converging review recommendations (Security + Philosophy) that the pure-helper unit tests could not reach, in one end-to-end test against the real build_router(): - Security: an unauthenticated GET /api/status is denied with 401, so the additive `deployed` field never leaks past the auth layer. - Philosophy: the private status() handler actually wires `deployed` into the response JSON when the compile-time build timestamp is present (the single json!() insertion the unit tests can't exercise); the surfaced value equals deployed_pt() and carries the DST-aware PST/PDT shape. Runs the router over an ephemeral loopback server speaking raw HTTP/1.1 — no new test dependency, no production-code change. Authenticates via the deterministic SIMARD_DASHBOARD_TOKEN bearer path and carries the cognitive_memory serial key per the enforced env-mutation contract. Explicitly did NOT replace LazyLock with a plain fn (review WON'T DO: acceptable, matches SENTINEL_SESSION_ID precedent, net-negative churn). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
rysweet
left a comment
There was a problem hiding this comment.
Step 17b — Comprehensive Code Review (#2738 / issue #2727)
Verdict: Changes needed before merge — one blocking CI failure is caused by this PR. The feature code itself is well-designed, correct, and fully tested; the blocker is a supply-chain gate, not the implementation.
(Posted as a COMMENT review — GitHub does not allow the PR author to formally request changes on their own PR.)
🔴 Blocking — caused by this PR
1. cargo-vet fails: 3 new dependencies are unvetted.
The three crates this PR pulls in have no safe-to-deploy entry in supply-chain/config.toml:
Vetting Failed!
3 unvetted dependencies:
chrono-tz:0.10.4 missing ["safe-to-deploy"]
phf:0.12.1 missing ["safe-to-deploy"]
phf_shared:0.12.1 missing ["safe-to-deploy"]
phf/phf_shared are already exempted at 0.11.3, but cargo-vet is version-specific and chrono-tz 0.10.4 brings in the new 0.12.1 line. Fix: add exemptions (or real audits) for these three crate@version pairs to supply-chain/config.toml, e.g.:
[[exemptions.chrono-tz]]
version = "0.10.4"
criteria = "safe-to-deploy"
[[exemptions.phf]]
version = "0.12.1"
criteria = "safe-to-deploy"
[[exemptions.phf_shared]]
version = "0.12.1"
criteria = "safe-to-deploy"(Preferred long-term: cargo vet certify/import a trusted audit rather than a bare exemption.) This is the only red check attributable to the PR's changes.
🟠 Red on the PR, but not caused by this change (still blocks merge)
2. cargo-deny / cargo-audit fail on RUSTSEC-2026-0204.
The advisory is in crossbeam-epoch 0.9.18, pulled via moka → rustyclawd-tools → simard — a pre-existing dependency untouched by this PR (a newly published advisory, yanked/vulnerability = "deny" in deny.toml):
error[vulnerability]: Invalid pointer dereference in fmt::Pointer impl … (crossbeam-epoch 0.9.18)
Solution: Upgrade to >=0.9.20 (cargo update -p crossbeam-epoch)
advisories FAILED, bans ok, licenses ok, sources ok
Not this PR's regression, but it will keep the checks red. Resolve out-of-band with cargo update -p crossbeam-epoch (→ ≥0.9.20) or a justified ignore in deny.toml. Worth a one-line note in the PR so reviewers don't chase it as a chrono-tz problem.
✅ Code quality — approved on the merits
Checklist results against the changed feature files (build.rs, routes.rs, part_01.rs, tests_routes_a.rs):
- No TODOs / stubs /
unimplemented!/ swallowed errors / strayunwrap/panicin production code. Errors degrade cleanly (option_env!→None→ field omitted). - Logic correctness — good. All timezone/DST logic is centralized in
format_deployed_ptusing the%Ztoken overchrono_tz::America::Los_Angeles, soPST/PDTand the ±offset are chosen from the tz database per-instant — nothing is hardcoded. Server-side formatting keeps the browser free of tz math. - Edge cases — well covered. Tests pin summer→PDT, winter→PST, and both DST transition edges (spring-forward, fall-back) with fixed UTC instants, plus format-shape and the end-to-end env/
Nonedegradation path. - Security — verified. The new integration test asserts unauthenticated
GET /api/status→401, sodeployedcan't bypassrequire_auth. Header render usestextContent(notinnerHTML) → no XSS. - Back-compat — verified.
deployedis strictly additive; omitted (not faked/empty) when the build timestamp is absent; JS guards withd.deployed ? … : ''.#header-versionspan reused, inheriting existing.75rem/#8b949estyling. - Test coverage — adequate. 63 lib tests incl. the new integration test;
build+coverageCI checks pass.
🟡 Minor / non-blocking notes (optional)
build.rstimestamp freshness semantics.SIMARD_BUILD_TIMESTAMPis captured whenbuild.rsruns, andbuild.rsonly re-runs on the existingrerun-if-changedtriggers (.git/HEAD, refs) orSOURCE_DATE_EPOCHchange. An incrementalcargo buildthat changes only source (no new commit) won't refresh it, sodeployedreflects the last build-script invocation, not that exact rebuild. This matches the existingSIMARD_BUILD_NUMBERbehavior and is fine for the "a build is a deploy (new commit)" model — just documenting the boundary. If per-rebuild freshness is ever required, addprintln!("cargo:rerun-if-changed=build.rs");won't suffice; you'd need an always-changing trigger.- Doc example version drift (cosmetic).
docs/reference/dashboard-header-deployment-datetime.mdshowsv0.27.0.1234while the crate is now0.28.0. Illustrative only. - PR title ("Update Cargo.lock with 22 changed files") is auto-generated and doesn't describe the feature; consider retitling to the #2727 deployment-datetime feature for a cleaner history.
Bottom line: implementation is solid and complete. Unblock by adding the three cargo-vet exemptions (PR-caused) and clearing the pre-existing crossbeam-epoch advisory; then all gates go green.
| # conversion (chrono alone has no DST-aware named zones). `=`-pinned to match | ||
| # the repo convention (e.g. `chrono = "=0.4.44"`); the pin is what makes the | ||
| # %Z abbreviation reproducible and lets the PST/PDT unit tests act as a guard. | ||
| chrono-tz = "=0.10.4" |
There was a problem hiding this comment.
🔴 cargo-vet blocker: adding chrono-tz 0.10.4 pulls in phf 0.12.1 + phf_shared 0.12.1, and none of the three have a safe-to-deploy entry, so cargo vet fails (only phf 0.11.3 is currently exempted). Add exemptions/audits for chrono-tz@0.10.4, phf@0.12.1, phf_shared@0.12.1 in supply-chain/config.toml to turn the check green.
Step 17d — Philosophy Guardian ReviewVerdict: ✅ PASS (philosophy-compliant) — no code changes required. Reviewed the actual branch diff for #2727 (10 files, +761/-14): Compliance against core principles
Verification
Non-blocking notes (cosmetic — not philosophy violations)
Conclusion: Implementation is complete, correct, and aligned with the development philosophy. The "Philosophy check passed" checklist item can be marked done. |
…0.12 for cargo-vet The dashboard header timezone feature (issue #2727) introduces chrono-tz 0.10.4, which pulls in phf 0.12.1 and phf_shared 0.12.1. These were failing the cargo-vet supply-chain CI check as unvetted. Added safe-to-deploy exemptions consistent with the existing phf 0.11.3 / phf_shared 0.11.3 exemptions already in the config. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
PR Review — Step 17e: Blocking Issues Addressed ✅Scope: Dashboard header timezone/build display (issue #2727). Reviewed Code quality ✔
🔴 Blocking issue found — and FIXED in
|
rysweet
left a comment
There was a problem hiding this comment.
Code Review — Issue #2727 deployment timestamp in dashboard header
Verdict: Solid, well-tested change. One actionable item (branch is behind main); everything else is strengths / optional polish. Posting as a comment since I'm the PR author (GitHub blocks self-approval).
What this does
Bakes a compile-time build timestamp (SIMARD_BUILD_TIMESTAMP, RFC3339 UTC) via build.rs, then surfaces it in the dashboard header as an additive /api/status deployed field rendered in US Pacific time (2026-07-06 11:03 PDT).
Strengths
- Correct TZ/DST handling.
format_deployed_ptuseschrono_tz::America::Los_Angeles+ the%Ztoken, so PST/PDT and the offset are chosen from the tz database rather than hardcoded. The 4 DST edge-case tests (summer PDT, winter PST, spring-forward gap, fall-back transition) directly prove this. - Back-compatible & safe. The
deployedfield is only inserted when present (option_env!→Nonedegrades gracefully), and the JS append is guarded withd.deployed?. No existing/api/statusfields change. - Reproducible builds.
build.rshonorsSOURCE_DATE_EPOCHand sets the correctcargo:rerun-if-*triggers. - Efficient.
deployed_pt()caches the parse + TZ conversion viaLazyLockand returns a&'static str, mirroring the existingSENTINEL_SESSION_IDpattern — no per-request allocation. - Clean production code. No TODOs/
unwrap()/panic!/stubs inbuild.rs,routes.rs, orpart_01.rs. New deps (chrono-tz,phf 0.12) are=-pinned per repo convention and already have cargo-vet exemptions added. - Strong test coverage (63 tests in
tests_routes_a.rs, including exact-format assertions for thedeployedfield).
CI status — action required
The push-event cargo-audit and cargo-deny are red, but this is not caused by this PR:
- Both fail only on the pre-existing advisory RUSTSEC-2026-0204 (crossbeam-epoch, transitive via
moka). main'sdeny.tomlalready carries a justifiedignorefor it; this branch is 4 commits behindmainand lacks that entry (confirmed:grep -c RUSTSEC-2026-0204 deny.toml→ 0 on branch, 1 onmain).- Proof: the
pull_request-event run (branch merged with base) hascargo-audit,cargo-deny, andcargo-vetall green. cargo-vetpasses in both runs, so the newchrono-tz/phfdeps are correctly vetted.
Fix: merge/rebase main into the branch to pick up the RUSTSEC-2026-0204 ignore; the push-event supply-chain checks will then go green too.
Optional / non-blocking
build.rsfalls back tochrono::Utc::now()whenSOURCE_DATE_EPOCHis unset/unparseable — reasonable, though it means non-reproducible builds get wall-clock time. Fine given the "build == deploy" rationale documented in the comment.
Once the branch is up to date with main, this is good to merge.
…e-simard-dashboard-header-alongside-the-build
📊 Coverage Summary
Coverage data from CI run. Test files matching |
Summary
Concise workflow-generated PR for Cargo.lock.
Issue
Closes #2727
Changed files
Diff stat
Behavior
Implemented behavior through these branch commits:
339a773 feat: In the Simard dashboard HEADER, alongside the build number already shown
58a64e6 test(dashboard): integration-test #2727 /api/status deployed wiring + auth
80cca9c perf(dashboard): cache #2727 deployed timestamp string (parse/format once)
83ca3a8 wip: checkpoint after implementation (steps 7-8)
Validation
ℹ NODE_OPTIONS=--max-old-space-size=32768 (saved preference). To change: /home/azureuser/.amplihack/config
I'll start by understanding the current state: branch, changes made, and the affected code.
● Get branch name, status, and diff stat (shell)
│ cd /home/azureuser/src/Simard/worktrees/feat/issue-2727-in-the-simard-dashboard-header-alongside
│ -the-build && git branch --show-current && echo "---STATUS---" && git status --short && echo
│ "---DIFF STAT vs main---" && git --no-pager diff --stat origin/main...HEAD 2>/dev/null || git
│ --no-pager diff --stat main...HEAD 2>/dev/null
└ 15 lines…
The implementation is already done. Let me review the changes to understand what's being tested.
Risk
No high-risk subsystem pattern detected from changed paths.
Checklist
This PR was created as a draft for review before merging.
Step 16b: Outside-In Testing Results
Tested the PR branch as a consumer would, from the external
/api/statusboundary and by launching the real dashboard binary. Fixes required: 0 — all scenarios passed on the first run.Detected toolchains
Cargo.tomlat repo root, edition 2024,rustc 1.95.0,cargo 1.95.0).build.rsintoSIMARD_BUILD_TIMESTAMP(vergen-style; honorsSOURCE_DATE_EPOCH). Runtime UTC→America/Los_Angelesconversion viachrono+chrono-tz(%Zyields the date-correct PST/PDT abbreviation).Cargo.toml,Cargo.lock(both changed),[build-dependencies]added.simard dashboard serve --port=PORT→operator_commands_dashboard::routes::build_router()→GET /api/status.verify.yml):cargo test --all-features --locked --no-fail-fast,cargo fmt --check,cargo clippy.Chosen strategy
Per the qa-team repo-type detection,
Cargo.tomlat root ⇒ Rust repo ⇒ nativecargo testat the outside-in HTTP/user boundary (the gadugi-agentic-test framework is not required for Rust CLI repos). Boundaries exercised: (a) the pure PT formatter, (b) the realbuild_router()served over an ephemeral loopback HTTP server, and (c) a genuinesimard dashboard serveprocess probed withcurl.Scenarios
cargo test --all-features --locked --lib -- deployment_ deployed_ index_html_header_shows_build_number_and_deployment_datetimeYYYY-MM-DD HH:MM ABBRshapedeployment_datetime_spring_forward_edge_is_pdt,..._fall_back_edge_is_pst)GET /api/statusdenied 401; authed request wiresdeployed== canonicaldeployed_pt()with a DST-aware PST/PDT shapecargo test --all-features --locked --lib -- api_status_denies_unauth_and_wires_deployed_2727/api/status; unauth 401, authed shows real PT deployment datetime; served HTML carriesheader-version+d.deployedwiringsimard dashboard serve --port=18727+curlKey output
Scenario 1–3 (all 10 feature tests):
Scenario 4 (real
simard dashboard serve+curl):Quality gates
cargo fmt --check→ clean (exit 0).cargo clippy --lib --all-features --locked→ no warnings on changed files (routes.rs,build.rs,part_01.rs,tests_routes_a.rs).Fix count
0 — no failures encountered; no code changes were required during outside-in testing.