Skip to content

Commit

Permalink
Improve tests for .well-known/security.txt
Browse files Browse the repository at this point in the history
- make CI fail already one month before expiry
- make sure the expiry date is no further than one year into the future
  • Loading branch information
senekor committed Jul 26, 2024
1 parent 4a5ab5a commit eef2e6d
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 8 deletions.
2 changes: 1 addition & 1 deletion static/text/well_known_security.txt
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
Contact: https://www.rust-lang.org/policies/security
Expires: 2024-05-15T00:00:00.000Z
Expires: 2025-05-15T00:00:00.000Z
26 changes: 19 additions & 7 deletions tests/well_known_security.rs
Original file line number Diff line number Diff line change
@@ -1,18 +1,19 @@
use time::{format_description::well_known::Rfc3339, OffsetDateTime};

static TEXT: &str = include_str!("../static/text/well_known_security.txt");

#[test]
fn well_known_security_is_not_expired() {
let text = include_str!("../static/text/well_known_security.txt");
let expires = text.split("Expires:").nth(1).unwrap().trim();
fn well_known_security_is_not_about_to_expire() {
let expires = TEXT.split("Expires:").nth(1).unwrap().trim();
let expires = OffsetDateTime::parse(expires, &Rfc3339).unwrap();
let now = OffsetDateTime::now_utc();
let one_month_from_now = OffsetDateTime::now_utc() + time::Duration::days(30);
assert!(
now < expires,
one_month_from_now < expires,
"
┌────────────────────────────────────────────────────────────────┐
│ │
│ I looks like the expiration date of the security policy has
passed. Before blindly updating it, please make sure the
│ I looks like the expiration date of the security policy needs
updating. Before blindly updating it, please make sure the │
│ pointed-to URL still refers to the source of truth of the │
│ security policy of the Rust project. If all is well, you can │
│ update the expiration date in the relevant file: │
Expand All @@ -23,3 +24,14 @@ fn well_known_security_is_not_expired() {
"
);
}

#[test]
fn well_known_security_expires_within_a_year() {
let expires = TEXT.split("Expires:").nth(1).unwrap().trim();
let expires = OffsetDateTime::parse(expires, &Rfc3339).unwrap();
let one_year_from_now = OffsetDateTime::now_utc() + time::Duration::days(370);
assert!(
expires < one_year_from_now,
"The security policy should be checked once a year, please reduce the expiration date."
);
}

0 comments on commit eef2e6d

Please sign in to comment.