Skip to content

fix(core): stamp admin-action audit filename in UTC, not local time#1128

Merged
maiconburn merged 1 commit into
mainfrom
fix/admin-audit-utc-date
Jun 27, 2026
Merged

fix(core): stamp admin-action audit filename in UTC, not local time#1128
maiconburn merged 1 commit into
mainfrom
fix/admin-audit-utc-date

Conversation

@maiconburn

Copy link
Copy Markdown
Collaborator

Bug

append_admin_action (crates/core/src/audit.rs) named admin-actions-<date>.jsonl from chrono::Local::now(). Every other date-stamped file InnerWarden writes — events-/incidents-/decisions-*.jsonl — and the reader today_date_string() use UTC.

In any non-UTC timezone that straddles midnight (e.g. UK/BST after 00:00 local, which is still the previous UTC day), the admin-audit entry landed on a different date than the rest of the system. Effects:

  • the day's admin-audit trail is split across two files (forensics gap),
  • the audit reader looks under the UTC date and misses entries written under the local date,
  • ctl::commands::ops::tests::cmd_tune_applies_raise_suggestion_and_writes_audit fails on that boundary (it asserts the UTC-named file exists) — currently red in CI for everyone on 2026-06-28.

Fix

Use chrono::Utc::now(), consistent with the rest of the date-stamped files. One line.

Verify

cmd_tune_applies_raise_suggestion_and_writes_audit now passes; innerwarden_core tests + clippy clean; cargo fmt --all --check clean.

🤖 Generated with Claude Code

@codecov

codecov Bot commented Jun 27, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

append_admin_action named admin-actions-<date>.jsonl from
chrono::Local::now(), but every other date-stamped file
(events-/incidents-/decisions-*.jsonl) and the reader (today_date_string)
use UTC. In a non-UTC timezone across midnight (e.g. UK/BST after 00:00
local, still the previous UTC day) the audit entry landed on a different
date than the rest of the system, splitting the day's audit trail and
breaking the reader + the admin-audit tests on that boundary. Use UTC.

Also align the ctl test helpers that locate the admin-actions file
(capability/response/gdpr) from chrono::Local to chrono::Utc to match the
writer; they passed only by luck when local==UTC by day and were the same
boundary bug on the test side.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@maiconburn maiconburn force-pushed the fix/admin-audit-utc-date branch from b4dc631 to 21c0935 Compare June 27, 2026 23:35
@maiconburn maiconburn merged commit 3b460f4 into main Jun 27, 2026
19 checks passed
@maiconburn maiconburn deleted the fix/admin-audit-utc-date branch June 27, 2026 23:41
maiconburn added a commit that referenced this pull request Jun 28, 2026
…#1132)

Bump workspace version 0.15.29 -> 0.15.30 and roll [Unreleased] into
[0.15.30]. Contents:
- agent-guard now denies commands that disable InnerWarden itself (#1127)
- innerwarden agent install-hook: enforcing PreToolUse hook for Claude Code (#1129)
- admin-action audit filename in UTC, not local time (#1128)

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants