Reject leap seconds to prevent year overflow (#1019)

Go's time.Date() normalizes leap seconds (second=60) by adding 1 minute. When parsing the maximum valid TOML date 9999-12-31 23:59:60z, this causes the year to overflow to 10000, which exceeds the valid TOML year range (0000-9999) and breaks round-trip serialization. The fix rejects leap seconds (second > 59) during parsing. This is consistent with the resolution of issue #913 which determined that emitting an error is less surprising than silently normalizing leap seconds. Fixes #1015 Co-authored-by: Claude <noreply@anthropic.com>
2026-01-04 13:40:19 -05:00
parent 3aaf147e3e
commit 99cd40b175
3 changed files with 14 additions and 4 deletions
@@ -3160,7 +3160,17 @@ world'`,
 		{
 			desc: "invalid seconds value",
 			data: `a=1979-05-27T12:45:99`,
-			msg:  `seconds cannot be greater 60`,
+			msg:  `seconds cannot be greater than 59`,
+		},
+		{
+			desc: "leap second not supported",
+			data: `a=1979-05-27T12:45:60`,
+			msg:  `seconds cannot be greater than 59`,
+		},
+		{
+			desc: "leap second with max date causes overflow",
+			data: `s=9999-12-31 23:59:60z`,
+			msg:  `seconds cannot be greater than 59`,
 		},
 		{
 			desc: `binary with invalid digit`,