Replace unmaintained croniter dependency with maintained alternative

[coderabbitai]

Problem

The project currently uses croniter>=6.0.0 as a dependency, but croniter was declared unmaintained/abandoned by its maintainer in December 2024. This poses security and maintenance risks for the project.

Current Usage

croniter is currently used in:

• state-manager/app/tasks/verify_graph.py for cron expression parsing and scheduling
• state-manager/pyproject.toml as a dependency

Recommended Solutions

Option 1: APScheduler (Recommended for in-app scheduling)

• Use case: If you need full-featured scheduling within the application
• Migration: Replace croniter with APScheduler and use apscheduler.triggers.cron.CronTrigger

Option 2: python-crontab

• Use case: If you need to edit or manage system crontabs
• Migration: Replace croniter with python-crontab

Option 3: Maintained forks

• Use case: If you only need cron expression parsing/iteration
• Options: croniters (Rust-backed), dt-croniter, or aws-croniter
• Note: Verify API compatibility before migration

Action Items

• Evaluate current croniter usage patterns in the codebase
• Choose appropriate replacement based on actual needs
• Update state-manager/pyproject.toml to remove croniter dependency
• Refactor state-manager/app/tasks/verify_graph.py to use the chosen alternative
• Add comprehensive tests for cron expression handling, including edge cases (DST boundaries, 5-field vs 6-field specs, invalid expressions)
• Update any documentation referencing croniter

References

• Pull Request: Adding triggers to graphs #428
• Comment: Adding triggers to graphs #428 (comment)
• Reported by: @coderabbitai

Priority

This should be addressed as a high priority due to the security and maintenance implications of using an unmaintained dependency.