rust-lang · oherrala · Mar 10, 2025 · Mar 10, 2025 · weihanglo · Mar 14, 2025
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -59,7 +59,7 @@ ignore = "0.4.23"
 im-rc = "15.1.0"
 indexmap = "2.7.1"
 itertools = "0.14.0"
-jiff = { version = "0.2.3", default-features = false, features = [ "std" ] }
+jiff = { version = "0.2.3", default-features = false, features = [ "std", "serde" ] }
 jobserver = "0.1.32"
 lazycell = "1.3.0"
 libc = "0.2.169"
@@ -102,7 +102,6 @@ snapbox = { version = "0.6.21", features = ["diff", "dir", "term-svg", "regex",
 tar = { version = "0.4.43", default-features = false }
 tempfile = "3.16.0"
 thiserror = "2.0.11"
-time = { version = "0.3.37", features = ["parsing", "formatting", "serde"] }
 toml = "0.8.20"
 toml_edit = { version = "0.22.23", features = ["serde"] }
 tracing = { version = "0.1.41", default-features = false, features = ["std"] } # be compatible with rustc_log: https://github.com./rust-lang/rust/blob/e51e98dde6a/compiler/rustc_log/Cargo.toml#L9
@@ -208,7 +207,6 @@ supports-unicode.workspace = true
 tar.workspace = true
 tempfile.workspace = true
 thiserror.workspace = true
-time.workspace = true
 toml.workspace = true
 toml_edit.workspace = true
 tracing = { workspace = true, features = ["attributes"] }

diff --git a/crates/cargo-test-support/Cargo.toml b/crates/cargo-test-support/Cargo.toml
@@ -20,13 +20,13 @@ flate2.workspace = true
 git2.workspace = true
 glob.workspace = true
 itertools.workspace = true
+jiff.workspace = true
 pasetors.workspace = true
 regex.workspace = true
 serde = { workspace = true, features = ["derive"] }
 serde_json.workspace = true
 snapbox.workspace = true
 tar.workspace = true
-time.workspace = true
 toml.workspace = true
 url.workspace = true
 walkdir.workspace = true

diff --git a/crates/cargo-test-support/src/registry.rs b/crates/cargo-test-support/src/registry.rs
@@ -49,6 +49,7 @@ use cargo_util::paths::append;
 use cargo_util::Sha256;
 use flate2::write::GzEncoder;
 use flate2::Compression;
+use jiff::{SignedDuration, Timestamp};
 use pasetors::keys::{AsymmetricPublicKey, AsymmetricSecretKey};
 use pasetors::paserk::FormatAsPaserk;
 use pasetors::token::UntrustedToken;
@@ -58,10 +59,9 @@ use std::fs::{self, File};
 use std::io::{BufRead, BufReader, Read, Write};
 use std::net::{SocketAddr, TcpListener, TcpStream};
 use std::path::{Path, PathBuf};
+use std::str::FromStr;
 use std::thread::{self, JoinHandle};
 use tar::{Builder, Header};
-use time::format_description::well_known::Rfc3339;
-use time::{Duration, OffsetDateTime};
 use url::Url;
 
 /// Path to the local index for psuedo-crates.io.
@@ -910,9 +910,9 @@ impl HttpServer {
             v: Option<u8>,
         }
         let message: Message<'_> = t!(serde_json::from_str(trusted_token.payload()).ok());
-        let token_time = t!(OffsetDateTime::parse(message.iat, &Rfc3339).ok());
-        let now = OffsetDateTime::now_utc();
-        if (now - token_time) > Duration::MINUTE {
+        let token_time = t!(Timestamp::from_str(message.iat).ok());
+        let now = Timestamp::now();
+        if now.duration_since(token_time) > SignedDuration::from_mins(1) {
             return false;
         }
         if private_key_subject.as_deref() != message.sub {

diff --git a/credential/cargo-credential/Cargo.toml b/credential/cargo-credential/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "cargo-credential"
-version = "0.4.8"
+version = "0.4.9"
 rust-version.workspace = true
 edition.workspace = true
 license.workspace = true
@@ -10,10 +10,10 @@ description = "A library to assist writing Cargo credential helpers."
 
 [dependencies]
 anyhow.workspace = true
+jiff.workspace = true
 serde = { workspace = true, features = ["derive"] }
 serde_json.workspace = true
 thiserror.workspace = true
-time.workspace = true
 
 [target.'cfg(unix)'.dependencies]
 libc.workspace = true

diff --git a/credential/cargo-credential/src/lib.rs b/credential/cargo-credential/src/lib.rs
@@ -43,9 +43,9 @@
 #![allow(clippy::print_stderr)]
 #![allow(clippy::print_stdout)]
 
+use jiff::Timestamp;
 use serde::{Deserialize, Serialize};
 use std::{fmt::Display, io};
-use time::OffsetDateTime;
 
 mod error;
 mod secret;
@@ -202,8 +202,8 @@ pub enum CacheControl {
     Never,
     /// Cache this result and use it for subsequent requests in the current Cargo invocation until the specified time.
     Expires {
-        #[serde(with = "time::serde::timestamp")]
-        expiration: OffsetDateTime,
+        #[serde(with = "jiff::fmt::serde::timestamp::second::required")]
+        expiration: Timestamp,
     },
     /// Cache this result and use it for all subsequent requests in the current Cargo invocation.
     Session,
@@ -320,7 +320,7 @@ mod tests {
     #[test]
     fn cache_control() {
         let cc = CacheControl::Expires {
-            expiration: OffsetDateTime::from_unix_timestamp(1693928537).unwrap(),
+            expiration: Timestamp::from_second(1693928537).unwrap(),
         };
         let json = serde_json::to_string(&cc).unwrap();
         assert_eq!(json, r#"{"cache":"expires","expiration":1693928537}"#);

diff --git a/src/cargo/util/auth/mod.rs b/src/cargo/util/auth/mod.rs
@@ -11,9 +11,10 @@ use cargo_credential::{
 };
 
 use core::fmt;
+use jiff::Timestamp;
 use serde::Deserialize;
 use std::error::Error;
-use time::{Duration, OffsetDateTime};
+use std::time::Duration;
 use url::Url;
 
 use crate::core::SourceId;
@@ -619,7 +620,7 @@ fn auth_token_optional(
     if let Some(cached_token) = cache.get(url) {
         if cached_token
             .expiration
-            .map(|exp| OffsetDateTime::now_utc() + Duration::minutes(1) < exp)
+            .map(|exp| Timestamp::now() + Duration::from_secs(60) < exp)
             .unwrap_or(true)
         {
             if cached_token.operation_independent || matches!(operation, Operation::Read) {

diff --git a/src/cargo/util/context/mod.rs b/src/cargo/util/context/mod.rs
@@ -85,11 +85,11 @@ use cargo_credential::Secret;
 use cargo_util::paths;
 use cargo_util_schemas::manifest::RegistryName;
 use curl::easy::Easy;
+use jiff::Timestamp;
 use lazycell::LazyCell;
 use serde::de::IntoDeserializer as _;
 use serde::Deserialize;
 use serde_untagged::UntaggedEnumVisitor;
-use time::OffsetDateTime;
 use toml_edit::Item;
 use url::Url;
 
@@ -155,7 +155,7 @@ enum WhyLoad {
 #[derive(Debug)]
 pub struct CredentialCacheValue {
     pub token_value: Secret<String>,
-    pub expiration: Option<OffsetDateTime>,
+    pub expiration: Option<Timestamp>,
     pub operation_independent: bool,
 }
 

diff --git a/src/cargo/util/credential/paseto.rs b/src/cargo/util/credential/paseto.rs
@@ -9,7 +9,6 @@ use pasetors::{
     keys::{AsymmetricKeyPair, AsymmetricPublicKey, AsymmetricSecretKey, Generate},
     paserk::FormatAsPaserk,
 };
-use time::{format_description::well_known::Rfc3339, OffsetDateTime};
 use url::Url;
 
 use crate::{
@@ -103,10 +102,10 @@ impl<'a> Credential for PasetoCredential<'a> {
                     .expose();
                 let kip: pasetors::paserk::Id = (&public).into();
 
-                let iat = OffsetDateTime::now_utc();
+                let iat = jiff::Timestamp::now();
 
                 let message = Message {
-                    iat: &iat.format(&Rfc3339).unwrap(),
+                    iat: &iat.to_string(),
                     sub: secret_key_subject.as_deref(),
                     mutation: match operation {
                         Operation::Publish { .. } => Some("publish"),