chore: run maintenance checklist (012-maintenance)#508
Merged
Conversation
Fixes found during pre-release maintenance: - fix(parser): prevent panic on single digit at EOF in lexer (fuzz crash) - fix(arithmetic): handle base 37-64 without from_str_radix panic (fuzz crash) - fix(test): increase ASan timeout bound from 30s to 300s for nightly CI - docs(threat-model): sync TM-INF-013 and TM-INF-014 status to FIXED - chore(deny): remove stale RUSTSEC-2023-0089 exemption - chore(specs): add missing Status sections to 8 spec files Maintenance results: - Dependencies: all up to date, no CVEs, vet passes - Tests: all pass (including regression tests for fuzz crashes) - Examples: all 5 compile successfully - Code quality: fmt + clippy clean - Nightly CI: 2 crashes fixed (parser_fuzz, arithmetic_fuzz), timeout fixed https://claude.ai/code/session_01JPAxQo3fiXXFzFHu1SzRuG
Cover positive and negative paths: correct values for 64#A, 64#@, 64#_, and invalid digit for base 37. https://claude.ai/code/session_01JPAxQo3fiXXFzFHu1SzRuG
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
parser_fuzz(crash-13c5f6f8)from_str_radixpanic — fuzz crash regression fromarithmetic_fuzz(crash-802347e7). Adds properparse_base_nfor bash's extended charset (0-9, a-z, A-Z, @, _)threat_cpu_exhaustion_timeoutnightly test (was taking 213s under ASan)## Statussections to 8 spec filesTest plan
test_digit_at_eof_no_panic(lexer crash)test_arithmetic_base_gt_36_no_panic(arithmetic crash)test_arithmetic_base_gt_36_special_chars(@ = 62, _ = 63)test_arithmetic_base_gt_36_invalid_digitjust pre-prpasses (fmt, clippy, tests, vet)64#A= 36cargo deny checkpassescargo audit— no CVEs (3 unmaintained transitive dep warnings)