convert module dates to newer standard

[h00die]

YYYY-MM-DD is the current module disclosuredate format. Many older modules use a (previously accepted) Mon DD YYYY format. To prevent future module confusion, and simplify date processing, convert all dates to the new format

Verification

make sure modules load and msftidy passes

[github-actions]

Thanks for your pull request! As part of our landing process, we manually verify that all modules work as expected.

We've added the additional-testing-required label to indicate that additional testing is required before this pull request can be merged.
For maintainers, this means visiting here.

[Copilot]

Pull request overview

This pull request standardizes Metasploit module DisclosureDate metadata to the ISO 8601 YYYY-MM-DD format and tightens tooling to reject the legacy Mon DD YYYY format to avoid ambiguity and simplify date processing.

Changes:

• Updated many modules/spec fixtures to use YYYY-MM-DD DisclosureDate values.
• Updated tools/dev/msftidy.rb to require YYYY-MM-DD (with ISO8601 parsing validation) and emit a clearer error message when the format is wrong.
• Updated the RuboCop cop/spec to reject the legacy format and removed autocorrection behavior for converting legacy dates.

Impact Analysis:

• Blast radius: medium; affects developers/CI via msftidy and RuboCop linting, plus any code paths/tests that assume the legacy date string format.
• Data and contract effects: metadata contract tightened (legacy Mon DD YYYY no longer accepted by lint tooling).
• Rollback and test focus: rollback is straightforward (revert tooling strictness and/or date changes); focus validation on module loading and msftidy/RuboCop runs.

Reviewed changes

Copilot reviewed 85 out of 85 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
tools/dev/msftidy.rb	Enforces ISO YYYY-MM-DD disclosure dates and improves the non-ISO error message.
lib/rubocop/cop/lint/module_disclosure_date_format.rb	Removes autocorrect and keeps strict validation of DisclosureDate format.
spec/rubocop/cop/lint/module_disclosure_date_format_spec.rb	Updates expectations to reject legacy Mon DD YYYY and no longer expect autocorrections.
spec/lib/msf/core/exploit/browser_autopwn2_spec.rb	Converts test fixture disclosure dates to ISO format.
modules/** (various)	Converts legacy disclosure date strings to ISO YYYY-MM-DD.

[adfoster-r7]

The rubocop rule should be updated to catch the modules that slipped through the AST matcher 👀

diff to master:

diff --git a/lib/rubocop/cop/lint/module_disclosure_date_format.rb b/lib/rubocop/cop/lint/module_disclosure_date_format.rb
index 0b8def91e94..4aadc2ff0b2 100644
--- a/lib/rubocop/cop/lint/module_disclosure_date_format.rb
+++ b/lib/rubocop/cop/lint/module_disclosure_date_format.rb
@@ -23,11 +23,20 @@ module RuboCop
           (def :initialize _args (super $(send nil? {:update_info :merge_info} (lvar :info) (hash ...)) ...))
         PATTERN
 
+        def_node_matcher :find_super_hash_node, <<~PATTERN
+          {(def :initialize _args (begin (super $(hash ...)) ...))
+           (def :initialize _args (super $(hash ...)))}
+        PATTERN
+
         def on_def(node)
           update_info_node = find_update_info_node(node) || find_nested_update_info_node(node)
-          return if update_info_node.nil?
+          hash = if update_info_node
+                   update_info_node.arguments.find { |argument| hash_arg?(argument) }
+                 else
+                   find_super_hash_node(node)
+                 end
+          return if hash.nil?
 
-          hash = update_info_node.arguments.find { |argument| hash_arg?(argument) }
           hash.each_pair do |key, value|
             next unless key.value == 'DisclosureDate'
             next if valid_disclosure_date?(value)
diff --git a/spec/rubocop/cop/lint/module_disclosure_date_format_spec.rb b/spec/rubocop/cop/lint/module_disclosure_date_format_spec.rb
index 06222393982..4fdf64d8cf0 100644
--- a/spec/rubocop/cop/lint/module_disclosure_date_format_spec.rb
+++ b/spec/rubocop/cop/lint/module_disclosure_date_format_spec.rb
@@ -81,6 +81,37 @@ RSpec.describe RuboCop::Cop::Lint::ModuleDisclosureDateFormat do
     expect_no_corrections
   end
 
+  it 'rejects invalid DisclosureDate values when super is called with a hash directly' do
+    expect_offense(<<~RUBY)
+      class DummyModule
+        def initialize
+          super(
+            'Name' => 'Simple module name',
+            'Description' => 'Lorem ipsum dolor sit amet',
+            'Author' => [ 'example1', 'example2' ],
+            'License' => MSF_LICENSE,
+            'DisclosureDate' => 'Nov 12 2013'
+                                ^^^^^^^^^^^^^ Modules should specify a DisclosureDate with the required format '%Y-%m-%d', for example '2020-10-02'
+          )
+        end
+      end
+    RUBY
+
+    expect_correction(<<~RUBY)
+      class DummyModule
+        def initialize
+          super(
+            'Name' => 'Simple module name',
+            'Description' => 'Lorem ipsum dolor sit amet',
+            'Author' => [ 'example1', 'example2' ],
+            'License' => MSF_LICENSE,
+            'DisclosureDate' => '2013-11-12'
+          )
+        end
+      end
+    RUBY
+  end
+
   it 'provides an autocorrection when the DisclosureDate can safely be converted to the required format' do
     expect_offense(<<~RUBY)
       class DummyModule

Keeping the autocorrector logic around should be fine too

I don't mind pushing the fix to the PR, or landing this PR, then landing my fix afterwards separately - just let me know what you'd like 👍

[h00die]

whatevers easiest