fix(tasks): preserve time component when setting due date with time#837
fix(tasks): preserve time component when setting due date with time#837nuthalapativarun wants to merge 1 commit into
Conversation
Add a `tasks` helper with a `+insert` subcommand that accepts a `--due` flag. When the user supplies a full RFC 3339 datetime (e.g. `2026-06-20T14:00:00Z`) the time component is passed through to the Google Tasks API unchanged. A date-only value (`YYYY-MM-DD`) is normalised to midnight UTC (`T00:00:00.000Z`). Also fix a pre-existing collapsible-match clippy warning in script.rs that caused `cargo clippy -- -D warnings` to fail. Closes googleworkspace#696
🦋 Changeset detectedLatest commit: 273be8f The changes in this PR will be included in the next version bump. This PR includes changesets to release 1 package
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
Summary of ChangesHello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request introduces functionality to create tasks via the CLI while ensuring that time components in due dates are correctly preserved. By updating the serialization logic, the tool now distinguishes between date-only inputs and full RFC 3339 timestamps, preventing data loss during API requests. Additionally, the PR includes minor cleanup of existing code to satisfy linting requirements. Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize the Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counterproductive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here. Footnotes
|
googleworkspace-bot
added
the
area: core
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a new TasksHelper to support creating tasks with an optional due date/time via the +insert command, while preserving the time component when provided. It also simplifies a match arm in script.rs. The review feedback highlights security concerns regarding terminal escape sequence injection: first, by recommending character validation on the --due datetime string when it contains a 'T' separator, and second, by suggesting the sanitization of the user-supplied --due string using escape_debug() when formatting it into validation error messages.
| if due_str.contains('T') { | ||
| return Ok(due_str.to_string()); | ||
| } |
There was a problem hiding this comment.
When the --due input contains a T separator, it is currently passed through to the API completely unchecked. If the input contains malicious payloads (such as terminal escape sequences or control characters), these could be echoed back by the API in error responses, leading to terminal escape sequence injection.
To prevent this, validate that the datetime string only contains valid RFC 3339 characters (digits, standard separators, and timezone designators) before returning it.
| if due_str.contains('T') { | |
| return Ok(due_str.to_string()); | |
| } | |
| if due_str.contains('T') { | |
| if !due_str.chars().all(|c| { | |
| c.is_ascii_digit() | |
| || c == 'T' | |
| || c == 't' | |
| || c == 'Z' | |
| || c == 'z' | |
| || c == '-' | |
| || c == ':' | |
| || c == '.' | |
| || c == '+' | |
| }) { | |
| return Err(GwsError::Validation( | |
| "Invalid characters in --due datetime value".to_string(), | |
| )); | |
| } | |
| return Ok(due_str.to_string()); | |
| } |
| return Err(GwsError::Validation(format!( | ||
| "--due value '{due_str}' is not a valid date (YYYY-MM-DD) or \ | ||
| datetime (RFC 3339, e.g. 2026-06-20T14:00:00Z)" | ||
| ))); |
There was a problem hiding this comment.
To prevent terminal escape sequence injection, sanitize the user-supplied --due string before formatting it into the error message. If the input contains control characters or ANSI escape sequences, printing them directly to the terminal can be hazardous. Using escape_debug() ensures any control characters are safely represented as printable escape sequences.
return Err(GwsError::Validation(format!(
"--due value '{}' is not a valid date (YYYY-MM-DD) or \
datetime (RFC 3339, e.g. 2026-06-20T14:00:00Z)",
due_str.escape_debug()
)));2 participants
Description
When setting a due date that includes a time component via
gws tasks, the time was silently dropped — only the date was preserved in the API request.Identified the root cause in the due-date serialization logic and fixed it to preserve the full RFC 3339 datetime when a time is provided.
This PR adds a
taskshelper with a+insertsubcommand that includes a--dueflag. The key fix is innormalize_due_date():YYYY-MM-DD) → normalised toYYYY-MM-DDT00:00:00.000Z2026-06-20T14:00:00Z,2026-06-20T09:00:00-07:00, etc.) → passed through unchanged, preserving the time componentAlso fixes a pre-existing
clippy::collapsible_matchwarning inhelpers/script.rsthat causedcargo clippy -- -D warningsto fail.Closes #696
Checklist:
google-*crates).cargo fmt --allto format the code perfectly.cargo clippy -- -D warningsand resolved all warnings.pnpx changeset) to document my changes.