]> granicus.if.org Git - cgit/log
cgit
5 years agoui-ssdiff: ban strncat()
Christian Hesse [Tue, 12 Feb 2019 20:53:02 +0000 (21:53 +0100)]
ui-ssdiff: ban strncat()

Git version v2.21.0 marks strncat() as banned (commit
ace5707a803eda0f1dde3d776dc3729d3bc7759a), so replace it.

Signed-off-by: Christian Hesse <mail@eworm.de>
5 years agoglobal: make 'char *path' const where possible
Christian Hesse [Wed, 2 Jan 2019 16:25:01 +0000 (17:25 +0100)]
global: make 'char *path' const where possible

Signed-off-by: Christian Hesse <mail@eworm.de>
5 years agoui-shared: restrict to 15 levels
Jason A. Donenfeld [Mon, 20 May 2019 19:45:12 +0000 (21:45 +0200)]
ui-shared: restrict to 15 levels

Perhaps a more ideal version of this would be to not print breadcrumbs
at all for paths that don't exist in the given repo at the given oid.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reported-by: Fydor Wire Snark <wsnark@tuta.io>
5 years agoui-diff,ui-tag: don't use htmlf with non-formatted strings
Chris Mayo [Thu, 21 Feb 2019 19:57:23 +0000 (19:57 +0000)]
ui-diff,ui-tag: don't use htmlf with non-formatted strings

Signed-off-by: Chris Mayo <aklhfex@gmail.com>
5 years agoui-ssdiff: resolve HTML5 validation errors
Chris Mayo [Thu, 21 Feb 2019 19:56:05 +0000 (19:56 +0000)]
ui-ssdiff: resolve HTML5 validation errors

- Remove ids from anchor elements. They were unusable because they were
  duplicated between files and versions of files.
- Always close span, with html().
- Fix missing / on closing tr element in cgit_ssdiff_header_end().

Signed-off-by: Chris Mayo <aklhfex@gmail.com>
5 years agofilters: migrate from luacrypto to luaossl
Jason A. Donenfeld [Thu, 3 Jan 2019 01:11:14 +0000 (02:11 +0100)]
filters: migrate from luacrypto to luaossl

luaossl has no upstream anymore and doesn't support OpenSSL 1.1,
whereas luaossl is quite active.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
5 years agoui-shared: fix broken sizeof in title setting and rewrite
Jason A. Donenfeld [Wed, 2 Jan 2019 06:52:12 +0000 (07:52 +0100)]
ui-shared: fix broken sizeof in title setting and rewrite

The old algorithm was totally incorrect. While we're at it, use «
instead of \, since it makes more sense.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agogit: update to v2.20.0
Christian Hesse [Tue, 20 Nov 2018 16:31:21 +0000 (17:31 +0100)]
git: update to v2.20.0

Update to git version v2.20.0. Required changes follow upstream commits:

00436bf1b1c2a8fe6cf5d2c2457d419d683042f4
  (archive: initialize archivers earlier)

611e42a5980a3a9f8bb3b1b49c1abde63c7a191e
  (xdiff: provide a separate emit callback for hunks)

Signed-off-by: Christian Hesse <mail@eworm.de>
6 years agoui-blame: set repo for sb
Jason A. Donenfeld [Thu, 22 Nov 2018 00:49:55 +0000 (01:49 +0100)]
ui-blame: set repo for sb

Otherwise recent git complains and crashes with: "BUG: blame.c:1787:
repo is NULL".

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agoauth-filter: pass url with query string attached
Jason A. Donenfeld [Wed, 21 Nov 2018 02:16:11 +0000 (03:16 +0100)]
auth-filter: pass url with query string attached

Otherwise redirections come out wrong.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agogit: use xz compressed archive for download
Christian Hesse [Tue, 20 Nov 2018 22:55:03 +0000 (23:55 +0100)]
git: use xz compressed archive for download

Upstream will stop providing gz compressed source tarballs [0], so stop
using them.

[0] https://lists.zx2c4.com/pipermail/cgit/2018-November/004254.html

Signed-off-by: Christian Hesse <mail@eworm.de>
6 years agogit: update to v2.19.1
Christian Hesse [Tue, 28 Aug 2018 16:27:00 +0000 (18:27 +0200)]
git: update to v2.19.1

Update to git version v2.19.1. Required changes follow upstream commits:

* commit: add repository argument to get_cached_commit_buffer
  (3ce85f7e5a41116145179f0fae2ce6d86558d099)

* commit: add repository argument to lookup_commit_reference
  (2122f6754c93be8f02bfb5704ed96c88fc9837a8)

* object: add repository argument to parse_object
  (109cd76dd3467bd05f8d2145b857006649741d5c)

* tag: add repository argument to deref_tag
  (a74093da5ed601a09fa158e5ba6f6f14c1142a3e)

* tag: add repository argument to lookup_tag
  (ce71efb713f97f476a2d2ab541a0c73f684a5db3)

* tree: add repository argument to lookup_tree
  (f86bcc7b2ce6cad68ba1a48a528e380c6126705e)

* archive.c: avoid access to the_index
  (b612ee202a48f129f81f8f6a5af6cf71d1a9caef)

* for_each_*_object: move declarations to object-store.h
  (0889aae1cd18c1804ba01c1a4229e516dfb9fe9b)

Signed-off-by: Christian Hesse <mail@eworm.de>
6 years agoui-ssdiff: ban strcat()
Christian Hesse [Tue, 28 Aug 2018 16:23:36 +0000 (18:23 +0200)]
ui-ssdiff: ban strcat()

Git upstream bans strcat() with commit:

  banned.h: mark strcat() as banned
  1b11b64b815db62f93a04242e4aed5687a448748

Signed-off-by: Christian Hesse <mail@eworm.de>
6 years agoui-ssdiff: ban strncpy()
Christian Hesse [Tue, 28 Aug 2018 16:22:26 +0000 (18:22 +0200)]
ui-ssdiff: ban strncpy()

Git upstream bans strncpy() with commit:

  banned.h: mark strncpy() as banned
  e488b7aba743d23b830d239dcc33d9ca0745a9ad

Signed-off-by: Christian Hesse <mail@eworm.de>
6 years agoui-shared: ban strcat()
Christian Hesse [Tue, 28 Aug 2018 18:33:02 +0000 (20:33 +0200)]
ui-shared: ban strcat()

Git upstream bans strcat() with commit:

  banned.h: mark strcat() as banned
  1b11b64b815db62f93a04242e4aed5687a448748

To avoid compiler warnings from gcc 8.1.x we get the hard way.

Signed-off-by: Christian Hesse <mail@eworm.de>
6 years agoui-patch: ban sprintf()
Christian Hesse [Tue, 28 Aug 2018 16:18:37 +0000 (18:18 +0200)]
ui-patch: ban sprintf()

Git upstream bans sprintf() with commit:

  banned.h: mark sprintf() as banned
  cc8fdaee1eeaf05d8dd55ff11f111b815f673c58

Signed-off-by: Christian Hesse <mail@eworm.de>
6 years agoui-log: ban strncpy()
Christian Hesse [Tue, 28 Aug 2018 16:16:11 +0000 (18:16 +0200)]
ui-log: ban strncpy()

Git upstream bans strncpy() with commit:

  banned.h: mark strncpy() as banned
  e488b7aba743d23b830d239dcc33d9ca0745a9ad

Signed-off-by: Christian Hesse <mail@eworm.de>
6 years agoui-log: ban strcpy()
Christian Hesse [Tue, 28 Aug 2018 16:08:33 +0000 (18:08 +0200)]
ui-log: ban strcpy()

Git upstream bans strcpy() with commit:

  automatically ban strcpy()
  c8af66ab8ad7cd78557f0f9f5ef6a52fd46ee6dd

Signed-off-by: Christian Hesse <mail@eworm.de>
6 years agoparsing: ban sprintf()
Christian Hesse [Tue, 28 Aug 2018 16:14:32 +0000 (18:14 +0200)]
parsing: ban sprintf()

Git upstream bans sprintf() with commit:

  banned.h: mark sprintf() as banned
  cc8fdaee1eeaf05d8dd55ff11f111b815f673c58

Signed-off-by: Christian Hesse <mail@eworm.de>
6 years agoparsing: ban strncpy()
Christian Hesse [Tue, 28 Aug 2018 16:11:50 +0000 (18:11 +0200)]
parsing: ban strncpy()

Git upstream bans strncpy() with commit:

  banned.h: mark strncpy() as banned
  e488b7aba743d23b830d239dcc33d9ca0745a9ad

Signed-off-by: Christian Hesse <mail@eworm.de>
6 years agofilters: generate anchor links from markdown
Christian Hesse [Fri, 13 Jul 2018 19:44:50 +0000 (21:44 +0200)]
filters: generate anchor links from markdown

This makes the markdown filter generate anchor links for headings.

Signed-off-by: Christian Hesse <mail@eworm.de>
Tested-by: jean-christophe manciot <actionmystique@gmail.com>
6 years agoBump version. v1.2.1
Jason A. Donenfeld [Fri, 3 Aug 2018 14:26:14 +0000 (16:26 +0200)]
Bump version.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agoclone: fix directory traversal
Jason A. Donenfeld [Fri, 3 Aug 2018 13:46:11 +0000 (15:46 +0200)]
clone: fix directory traversal

This was introduced in the initial version of this code, way back when
in 2008.

$ curl http://127.0.0.1/cgit/repo/objects/?path=../../../../../../../../../etc/passwd
root:x:0:0:root:/root:/bin/sh
...

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reported-by: Jann Horn <jannh@google.com>
6 years agoconfig: record repo.snapshot-prefix in the per-repo config
Konstantin Ryabitsev [Tue, 17 Jul 2018 16:38:22 +0000 (12:38 -0400)]
config: record repo.snapshot-prefix in the per-repo config

Even if we find snapshot-prefix in the repo configuration, we are not
writing it out into the rc- file, so setting the value does not have any
effect.

Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
6 years agoauth-filters: add simple file-based authentication scheme
Jason A. Donenfeld [Sun, 15 Jul 2018 02:45:11 +0000 (04:45 +0200)]
auth-filters: add simple file-based authentication scheme

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agoauth-filters: use crypt() in simple-authentication
Jason A. Donenfeld [Sun, 15 Jul 2018 02:18:03 +0000 (04:18 +0200)]
auth-filters: use crypt() in simple-authentication

There's no use in giving a silly example to folks who will just copy it,
so instead try to do something slightly better.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agoauth-filters: generate secret securely
Jason A. Donenfeld [Sun, 15 Jul 2018 01:22:12 +0000 (03:22 +0200)]
auth-filters: generate secret securely

This is much better than having the user generate it themselves.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agoauth-filters: do not crash on nil username
Jason A. Donenfeld [Sat, 14 Jul 2018 03:10:28 +0000 (05:10 +0200)]
auth-filters: do not crash on nil username

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agoauth-filter: do not write more than we've read
Jason A. Donenfeld [Sat, 14 Jul 2018 03:09:27 +0000 (05:09 +0200)]
auth-filter: do not write more than we've read

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agoauth-filters: do not use HMAC-SHA1
Jason A. Donenfeld [Sat, 14 Jul 2018 01:32:00 +0000 (03:32 +0200)]
auth-filters: do not use HMAC-SHA1

Though SHA1 is broken, HMAC-SHA1 is still fine. But let's not push our
luck; SHA256 is more sensible anyway.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agoBump version. v1.2
Jason A. Donenfeld [Fri, 13 Jul 2018 20:40:42 +0000 (22:40 +0200)]
Bump version.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agoUpdate COPYING
Todd Zullinger [Tue, 10 Jul 2018 14:03:34 +0000 (10:03 -0400)]
Update COPYING

The address of the Free Software Foundation has changed since the
license was added in 7640d90 ("Add license file and copyright notices",
2006-12-10).  Update the license file from gnu.org¹.

The only non-whitespace changes are the updated FSF address and two
references to the L in LGPL changed from Library to Lesser.

¹ https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt

Signed-off-by: Todd Zullinger <tmz@pobox.com>
6 years agocss: use correct size in annotated decoration
Jason A. Donenfeld [Sun, 8 Jul 2018 17:14:44 +0000 (19:14 +0200)]
css: use correct size in annotated decoration

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agocgitrc.5: add local tar signature example
Jason A. Donenfeld [Thu, 5 Jul 2018 00:38:33 +0000 (02:38 +0200)]
cgitrc.5: add local tar signature example

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agoFix gcc 8.1.1 compiler warnings
Jason A. Donenfeld [Wed, 4 Jul 2018 01:13:31 +0000 (03:13 +0200)]
Fix gcc 8.1.1 compiler warnings

    CC ../shared.o
../shared.c: In function ‘expand_macro’:
../shared.c:487:3: warning: ‘strncpy’ specified bound depends on the length of the source argument [-Wstringop-overflow=]
   strncpy(name, value, len);
   ^~~~~~~~~~~~~~~~~~~~~~~~~
../shared.c:484:9: note: length computed here
   len = strlen(value);
         ^~~~~~~~~~~~~
../ui-shared.c: In function ‘cgit_repobasename’:
../ui-shared.c:136:2: warning: ‘strncpy’ specified bound 1024 equals destination size [-Wstringop-truncation]
  strncpy(rvbuf, reponame, sizeof(rvbuf));
  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    CC ../ui-ssdiff.o
../ui-ssdiff.c: In function ‘replace_tabs’:
../ui-ssdiff.c:142:4: warning: ‘strncat’ output truncated copying between 1 and 8 bytes from a string of length 8 [-Wstringop-truncation]
    strncat(result, spaces, 8 - (strlen(result) % 8));
    ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agocgitrc.5: document new signature notes
Jason A. Donenfeld [Tue, 3 Jul 2018 18:44:08 +0000 (20:44 +0200)]
cgitrc.5: document new signature notes

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agosnapshot: support tar signature for compressed tar
Christian Hesse [Thu, 7 Jun 2018 19:31:28 +0000 (21:31 +0200)]
snapshot: support tar signature for compressed tar

This adds support for kernel.org style signatures where the uncompressed
tar archive is signed and compressed later. The signature is valid for
all tar* snapshots.

We have a filter which snapshots may be generated and downloaded. This has
to allow tar signatures now even if tar itself is not allowed. To simplify
things we allow all signatures.

Signed-off-by: Christian Hesse <mail@eworm.de>
6 years agoextra-head-content: introduce another option for meta tags
Jason A. Donenfeld [Mon, 12 Feb 2018 22:10:06 +0000 (23:10 +0100)]
extra-head-content: introduce another option for meta tags

This is to support things like go-import meta tags, which are on a
per-repo basis.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agoUse string list strdup_strings for mimetypes
John Keeping [Wed, 20 Jun 2018 10:12:09 +0000 (18:12 +0800)]
Use string list strdup_strings for mimetypes

There's no need to do this manually with the string list API will do it
for us.

Signed-off-by: John Keeping <john@keeping.me.uk>
6 years agomanpage: fix sorting order
Andy Green [Wed, 20 Jun 2018 10:12:03 +0000 (18:12 +0800)]
manpage: fix sorting order

You maybe didn't know you had OCD until you saw an
alpha sorted list that has stuff out of order in it.

Signed-off-by: Andy Green <andy@warmcat.com>
Reviewed-by: John Keeping <john@keeping.me.uk>
6 years agocache: close race window when unlocking slots
John Keeping [Wed, 20 Jun 2018 05:29:14 +0000 (07:29 +0200)]
cache: close race window when unlocking slots

We use POSIX advisory record locks to control access to cache slots, but
these have an unhelpful behaviour in that they are released when any
file descriptor referencing the file is closed by this process.

Mostly this is okay, since we know we won't be opening the lock file
anywhere else, but there is one place that it does matter: when we
restore stdout we dup2() over a file descriptor referring to the file,
thus closing that descriptor.

Since we restore stdout before unlocking the slot, this creates a window
during which the slot content can be overwritten.  The fix is reasonably
straightforward: simply restore stdout after unlocking the slot, but the
diff is a bit bigger because this requires us to move the temporary
stdout FD into struct cache_slot.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
6 years agogit: update to v2.18.0
Christian Hesse [Mon, 4 Jun 2018 16:49:28 +0000 (18:49 +0200)]
git: update to v2.18.0

Update to git version v2.18.0. Required changes follow upstream commits:

* Convert find_unique_abbrev* to struct object_id
  (aab9583f7b5ea5463eb3f653a0b4ecac7539dc94)
* sha1_file: convert read_sha1_file to struct object_id
  (b4f5aca40e6f77cbabcbf4ff003c3cf30a1830c8)
* sha1_file: convert sha1_object_info* to object_id
  (abef9020e3df87c441c9a3a95f592fce5fa49bb9)
* object-store: move packed_git and packed_git_mru to object store
  (a80d72db2a73174b3f22142eb2014b33696fd795)
* treewide: rename tree to maybe_tree
  (891435d55da80ca3654b19834481205be6bdfe33)

The changed data types required some of our own functions to be converted
to struct object_id:

  ls_item
  print_dir
  print_dir_entry
  print_object
  single_tree_cb
  walk_tree
  write_tree_link

And finally we use new upstream functions that were added for
struct object_id:

  hashcpy     -> oidcpy
  sha1_to_hex -> oid_to_hex

Signed-off-by: Christian Hesse <mail@eworm.de>
Reviewed-by: John Keeping <john@keeping.me.uk>
6 years agoglobal: remove functionality we deprecated for cgit v1.0
Christian Hesse [Mon, 18 Jun 2018 09:48:43 +0000 (11:48 +0200)]
global: remove functionality we deprecated for cgit v1.0

The man page states these were deprecated for v1.0. We are past v1.1,
so remove the functionality.

Signed-off-by: Christian Hesse <mail@eworm.de>
Reviewed-by: John Keeping <john@keeping.me.uk>
6 years agosnapshot: strip bit from struct cgit_snapshot_format
Christian Hesse [Mon, 11 Jun 2018 06:26:59 +0000 (08:26 +0200)]
snapshot: strip bit from struct cgit_snapshot_format

We had a static bit value in struct cgit_snapshot_format. We do not rely
on it and things can be calculated on the fly. So strip it.

Signed-off-by: Christian Hesse <mail@eworm.de>
6 years agosnapshot: support special value 'all' to enable all formats
Christian Hesse [Thu, 7 Jun 2018 20:01:50 +0000 (22:01 +0200)]
snapshot: support special value 'all' to enable all formats

Signed-off-by: Christian Hesse <mail@eworm.de>
Reviewed-by: John Keeping <john@keeping.me.uk>
6 years agosnapshot: support archive signatures
John Keeping [Sat, 31 Mar 2018 15:15:48 +0000 (16:15 +0100)]
snapshot: support archive signatures

Read signatures from the notes refs refs/notes/signatures/$FORMAT where
FORMAT is one of our archive formats ("tar", "tar.gz", ...).  The note
is expected to simply contain the signature content to be returned when
the snapshot "${filename}.asc" is requested, so the signature for
cgit-1.1.tar.xz can be stored against the v1.1 tag with:

git notes --ref=refs/notes/signatures/tar.xz add -C "$(
gpg --output - --armor --detach-sign cgit-1.1.tar.xz |
git hash-object -w --stdin
)" v1.1

and then downloaded by simply appending ".asc" to the archive URL.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
6 years agoui-refs: use shared function to print tag downloads
John Keeping [Sat, 31 Mar 2018 14:11:05 +0000 (15:11 +0100)]
ui-refs: use shared function to print tag downloads

cgit_compose_snapshot_prefix() is identical to print_tag_downloads(), so
remove the latter and use the function from ui-shared.c instead.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
6 years agoui-shared: pass separator in to cgit_print_snapshot_links()
John Keeping [Sat, 31 Mar 2018 14:08:59 +0000 (15:08 +0100)]
ui-shared: pass separator in to cgit_print_snapshot_links()

cgit_print_snapshot_links() is almost identical to
print_tag_downloads(), so let's extract the difference to a parameter in
preparation for removing print_tag_downloads() in the next commit.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
6 years agoui-shared: use the same snapshot logic as ui-refs
John Keeping [Sat, 31 Mar 2018 14:06:01 +0000 (15:06 +0100)]
ui-shared: use the same snapshot logic as ui-refs

Make snapshot links in the commit UI use the same prefix algorithm as
those in the summary UI, so that refs starting with the snapshot prefix
are used as-is rather than composed with the prefix repeated.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
6 years agoui-shared: rename parameter to cgit_print_snapshot_links()
John Keeping [Sat, 31 Mar 2018 14:03:21 +0000 (15:03 +0100)]
ui-shared: rename parameter to cgit_print_snapshot_links()

This is expected to be a ref not a hex object ID, so name it more
appropriately.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
6 years agoui-shared: remove unused parameter
John Keeping [Sat, 31 Mar 2018 14:02:21 +0000 (15:02 +0100)]
ui-shared: remove unused parameter

The "head" parameter to cgit_print_snapshot_links() is never used, so
remove it.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
6 years agoui-refs: remove unnecessary sanity check
John Keeping [Sat, 31 Mar 2018 13:57:22 +0000 (14:57 +0100)]
ui-refs: remove unnecessary sanity check

There is no way for refinfo::refname to be null, and Git will prevent
zero-length refs so this check is unnecessary.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
6 years agoui-snapshot: filter permitted snapshot requests
John Keeping [Sat, 31 Mar 2018 14:19:52 +0000 (15:19 +0100)]
ui-snapshot: filter permitted snapshot requests

Currently the snapshots configuration option only filters which links
are displayed, not which snapshots may be generated and downloaded.
Apply the filter also to requests to ensure that the system policy is
enforced.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
6 years agoAdd "snapshot-prefix" repo configuration
John Keeping [Sat, 31 Mar 2018 13:20:01 +0000 (14:20 +0100)]
Add "snapshot-prefix" repo configuration

Allow using a user-specified value for the prefix in snapshot files
instead of the repository basename.  For example, files downloaded from
the linux-stable.git repository should be named linux-$VERSION and not
linux-stable-$VERSION, which can be achieved by setting:

repo.snapshot-prefix=linux

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
6 years agoui-snapshot: pass repo into get_ref_from_filename()
John Keeping [Sat, 31 Mar 2018 14:18:57 +0000 (15:18 +0100)]
ui-snapshot: pass repo into get_ref_from_filename()

Prepare to allow a custom snapshot prefix.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
6 years agoui-shared: pass repo object to print_snapshot_links()
John Keeping [Sat, 31 Mar 2018 13:05:02 +0000 (14:05 +0100)]
ui-shared: pass repo object to print_snapshot_links()

Both call sites of cgit_print_snapshot_links() use the same values for
the snapshot mask and repository name, which are derived from the
cgit_repo structure so let's pass in the structure and access the fields
directly.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
6 years agoui-log: highlight annotated tags in different color
Christian Hesse [Tue, 5 Jun 2018 10:46:13 +0000 (12:46 +0200)]
ui-log: highlight annotated tags in different color

Annotated tags have some extra information... Descriptive text or signature.
Highlighting annotated tags in a different color show what tag may be worth
clicking for extra information.

Signed-off-by: Christian Hesse <mail@eworm.de>
Reviewed-by: John Keeping <john@keeping.me.uk>
6 years agoprint git version string in footer
Christian Hesse [Mon, 4 Jun 2018 20:27:46 +0000 (22:27 +0200)]
print git version string in footer

This helps tracking what git version cgit uses. The security implications are
low as anybody can look up the version of our submodule anyway. The paranoid
can use a custom footer. :-p

On the other hand this brings potential security issues to the
administrators eyes...

Signed-off-by: Christian Hesse <mail@eworm.de>
6 years agogit: update to v2.17.1
Christian Hesse [Wed, 30 May 2018 08:28:12 +0000 (10:28 +0200)]
git: update to v2.17.1

Update to git version v2.17.1. Required changes:

* The function 'typename' has been renamed to 'type_name'
  (upstream commit debca9d2fe784193dc2d9f98b5edac605ddfefbb)

Signed-off-by: Christian Hesse <mail@eworm.de>
6 years agoui-blame: free read_sha1_file() buffer after use
Andy Green [Tue, 19 Jun 2018 09:02:07 +0000 (17:02 +0800)]
ui-blame: free read_sha1_file() buffer after use

Signed-off-by: Andy Green <andy@warmcat.com>
Signed-off-by: John Keeping <john@keeping.me.uk>
6 years agoui-tag: Fix inconsistent capitalization
Jon DeVree [Sun, 10 Jun 2018 22:28:49 +0000 (18:28 -0400)]
ui-tag: Fix inconsistent capitalization

Way back in 2009 all of these were lower cased except this one
occurrence.

Signed-off-by: Jon DeVree <nuxi@vault24.org>
Signed-off-by: John Keeping <john@keeping.me.uk>
6 years agoui-tree: free read_sha1_file() buffer after use
Andy Green [Wed, 13 Jun 2018 02:02:00 +0000 (10:02 +0800)]
ui-tree: free read_sha1_file() buffer after use

Free up the buffer allocated in read_sha1_file()

Signed-off-by: Andy Green <andy@warmcat.com>
Signed-off-by: John Keeping <john@keeping.me.uk>
6 years agoMakefile: drive asciidoc directly for HTML output
John Keeping [Sat, 16 Jun 2018 12:11:09 +0000 (13:11 +0100)]
Makefile: drive asciidoc directly for HTML output

This is mostly taken from Git's doc/Makefile, although simplified for
our use.  The output now uses Asciidoc's default CSS which I think looks
a bit nicer than the Docbook formatting; as a result of this we no
longer need our custom .css file.

A side effect of this change is that temporary files generated from the
HTML output no longer conflict with the manpage output format (because
any temporary HTML output files use names derived from the output
filename which includes .html).

Signed-off-by: John Keeping <john@keeping.me.uk>
6 years agodoc: use consistent id's when generating html files
Todd Zullinger [Wed, 21 Feb 2018 01:36:03 +0000 (20:36 -0500)]
doc: use consistent id's when generating html files

The html documentation is generated using a2x which calls docbook tools
to do the work.  The generate.consistent.ids parameter ensures that when
the docbook stylesheet assigns an id value to an output element it is
consistent as long as the document structure has not changed.

Having consistent html files reduces frivolous changes between builds.
Distributions can more easily deploy multiple architecture builds and
compare changes between package versions.  End-users avoid needless
changes in files deployed or backed up.

The generate.consistent.ids parameter was added in docbook-xsl-1.77.0.
Older versions gracefully ignore the parameter, so we can pass the
parameter unconditionally.  Most distributions contain docbook-xsl newer
than 1.77.0.  This includes Fedora, Debian, Ubuntu, and RHEL/CentOS 7.
RHEL/CentOS 6 and Debian Wheezy (old stable) ship with an older version,
unsurprisingly.

Signed-off-by: Todd Zullinger <tmz@pobox.com>
6 years agocgit: prepare repo before error pages
Jason A. Donenfeld [Mon, 12 Feb 2018 22:23:47 +0000 (23:23 +0100)]
cgit: prepare repo before error pages

This fixes a crash when showing a list of all heads in the <select> box
in the header.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agoui-blame: Allow syntax highlighting
Jeff Smith [Sun, 29 Oct 2017 02:43:26 +0000 (21:43 -0500)]
ui-blame: Allow syntax highlighting

Place file contents into a single block so that syntax highlighting can
be applied in the usual fashion.  Place the alternating color bars
behind the file contents.  Force the default syntax highlighting
background to transparent.

Signed-off-by: Jeff Smith <whydoubt@gmail.com>
Reviewed-by: John Keeping <john@keeping.me.uk>
6 years agoui-blame: Make each column into a single table cell
Jeff Smith [Wed, 18 Oct 2017 04:17:34 +0000 (23:17 -0500)]
ui-blame: Make each column into a single table cell

Signed-off-by: Jeff Smith <whydoubt@gmail.com>
Reviewed-by: John Keeping <john@keeping.me.uk>
6 years agoui-blame: Break out emit_blame_entry into component methods
Jeff Smith [Wed, 18 Oct 2017 04:17:33 +0000 (23:17 -0500)]
ui-blame: Break out emit_blame_entry into component methods

Signed-off-by: Jeff Smith <whydoubt@gmail.com>
Reviewed-by: John Keeping <john@keeping.me.uk>
6 years agoui-blame: Distinguish hashes column from lines column
Jeff Smith [Wed, 18 Oct 2017 04:17:32 +0000 (23:17 -0500)]
ui-blame: Distinguish hashes column from lines column

Signed-off-by: Jeff Smith <whydoubt@gmail.com>
Reviewed-by: John Keeping <john@keeping.me.uk>
6 years agogit: update to v2.16.0
Christian Hesse [Thu, 18 Jan 2018 08:19:31 +0000 (09:19 +0100)]
git: update to v2.16.0

Update to git version v2.16.0:

* refs: convert resolve_ref_unsafe to struct object_id
  (49e61479be913f67e66bb3fdf8de9475c41b58bd)
* diff: remove DIFF_OPT_SET macro
  (23dcf77f48feb49c54bad09210f093a799816334)
* log: add option to choose which refs to decorate
  (65516f586b69307f977cd67cc45513a296cabc25)
* diff: convert flags to be stored in bitfields
  (02f2f56bc377c287c411947d0e1482aac888f8db)

Signed-off-by: Christian Hesse <mail@eworm.de>
7 years agogit: update to v2.15.1
Christian Hesse [Wed, 29 Nov 2017 21:25:42 +0000 (22:25 +0100)]
git: update to v2.15.1

Update to git version v2.15.1: With commit 0abe14f6 prepare_packed_git()
moved to packfile.[ch].

Signed-off-by: Christian Hesse <mail@eworm.de>
Reviewed-by: John Keeping <john@keeping.me.uk>
7 years agoglobal: spelling fixes
Ville Skyttä [Sat, 14 Oct 2017 19:05:51 +0000 (22:05 +0300)]
global: spelling fixes

Signed-off-by: Ville Skyttä <ville.skytta@iki.fi>
7 years agoui-shared: use type='search' for the search box
Ville Skyttä [Sat, 14 Oct 2017 19:02:16 +0000 (22:02 +0300)]
ui-shared: use type='search' for the search box

Signed-off-by: Ville Skyttä <ville.skytta@iki.fi>
7 years agofilter: pipe_fh should be local
Jason A. Donenfeld [Sat, 14 Oct 2017 14:13:07 +0000 (16:13 +0200)]
filter: pipe_fh should be local

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
7 years agoparsing: don't clear existing state with empty input
John Keeping [Sat, 14 Oct 2017 12:02:53 +0000 (13:02 +0100)]
parsing: don't clear existing state with empty input

Since commit c699866 (parsing: clear query path before starting,
2017-02-19), we clear the "page" variable simply by calling
cgit_parse_url() even if the URL is empty.  This breaks a URL like:

.../cgit?p=about

which is generated when using the "root-readme" configuration option.

This happens because "page" is set to "about" when parsing the query
string before we handle the path (which is empty, but non-null).

It turns out that this is not the only case which is broken, but
specifying repository and page via query options has been broken since
before the commit mentioned above, for example:

.../cgit?r=git&p=log

Fix both of these by allowing the previous state to persist if PATH_INFO
is empty, falling back to the query parameters if no path has been
requested.

Reported-by: Tom Ryder <tom@sanctum.geek.nz>
Signed-off-by: John Keeping <john@keeping.me.uk>
7 years agoui-tree: link to blame UI if enabled
Jeff Smith [Mon, 2 Oct 2017 04:39:09 +0000 (23:39 -0500)]
ui-tree: link to blame UI if enabled

Create links to the blame page.

Signed-off-by: Jeff Smith <whydoubt@gmail.com>
Reviewed-by: John Keeping <john@keeping.me.uk>
7 years agoui-blame: add blame UI
Jeff Smith [Mon, 2 Oct 2017 04:39:08 +0000 (23:39 -0500)]
ui-blame: add blame UI

Implement a page which provides the blame view of a specified file.

This feature is controlled by a new config variable, "enable-blame",
which is disabled by default.

Signed-off-by: Jeff Smith <whydoubt@gmail.com>
Reviewed-by: John Keeping <john@keeping.me.uk>
7 years agoui-shared: make a char* parameter const
Jeff Smith [Mon, 2 Oct 2017 04:39:07 +0000 (23:39 -0500)]
ui-shared: make a char* parameter const

All cgit_xxx_link functions take const char* for the 'name' parameter,
except for cgit_commit_link, which takes a char* and subsequently
modifies the contents.  Avoiding the content changes, and making it
const char* will avoid the need to make copies of const char* strings
being passed to cgit_commit_link.

Signed-off-by: Jeff Smith <whydoubt@gmail.com>
Reviewed-by: John Keeping <john@keeping.me.uk>
7 years agoui-tree: move set_title_from_path to ui-shared
Jeff Smith [Mon, 2 Oct 2017 04:39:06 +0000 (23:39 -0500)]
ui-tree: move set_title_from_path to ui-shared

The ui-blame code will also need to call set_title_from_path, so go
ahead and move it to ui-shared.

Signed-off-by: Jeff Smith <whydoubt@gmail.com>
Reviewed-by: John Keeping <john@keeping.me.uk>
7 years agohtml: html_ntxt with no ellipsis
Jeff Smith [Mon, 2 Oct 2017 04:39:05 +0000 (23:39 -0500)]
html: html_ntxt with no ellipsis

For implementing a ui-blame page, there is need for a function that
outputs a selection from a block of text, transformed for HTML output,
but with no further modifications or additions.

Signed-off-by: Jeff Smith <whydoubt@gmail.com>
Reviewed-by: John Keeping <john@keeping.me.uk>
7 years agocache: flush stdio before restoring FDs
John Keeping [Mon, 24 Apr 2017 18:38:34 +0000 (19:38 +0100)]
cache: flush stdio before restoring FDs

As described in commit 2efb59e (ui-patch: Flush stdout after outputting
data, 2014-06-11), we need to ensure that stdout is flushed before
restoring the file descriptor when writing to the cache.  It turns out
that it's not just ui-patch that is affected by this but also raw diff
which writes to stdout internally.

Let's avoid risking more places doing this by ensuring that stdout is
flushed after writing in fill_slot().

Signed-off-by: John Keeping <john@keeping.me.uk>
7 years agoUse https for submodule
Daniel M. Weeks [Wed, 20 Sep 2017 15:17:29 +0000 (11:17 -0400)]
Use https for submodule

The git protocol provides no transport security. https does provide
transport security and should be preferred by default. https is also
more likely than git to be permitted by firewalls in restricted
environments.

Signed-off-by: Daniel M. Weeks <dan@danweeks.net>
7 years agoui-plain: print symlink content
John Keeping [Mon, 6 Mar 2017 23:27:23 +0000 (23:27 +0000)]
ui-plain: print symlink content

We currently ignore symlinks in ui-plain, leading to a 404.  In ui-tree
we print the content of the blob (that is, the path to the target of the
link), so it makes sense to do the same here.

Signed-off-by: John Keeping <john@keeping.me.uk>
7 years agocgit: don't set vpath unless repo is set
John Keeping [Sun, 19 Feb 2017 12:02:37 +0000 (12:02 +0000)]
cgit: don't set vpath unless repo is set

After the previous two patches, this can be classified as a tidy up
rather than a bug fix, but I think it makes sense to group all of the
tests together before setting up the environment for the command to
execute.

Signed-off-by: John Keeping <john@keeping.me.uk>
7 years agoparsing: clear query path before starting
John Keeping [Sun, 19 Feb 2017 12:17:05 +0000 (12:17 +0000)]
parsing: clear query path before starting

By specifying the "url" query parameter multiple times it is possible to
end up with ctx.qry.vpath set while ctx.repo is null, which triggers an
invalid code path from cgit_print_pageheader() while printing path
crumbs, resulting in a null dereference.

The previous patch fixed this segfault, but it makes no sense for us to
clear ctx.repo while leaving ctx.qry.path set to the previous value, so
let's just clear it here so that the last "url" parameter given takes
full effect rather than partially overriding the effect of the previous
value.

Signed-off-by: John Keeping <john@keeping.me.uk>
7 years agoui-shared: don't print path crumbs without a repo
John Keeping [Sun, 19 Feb 2017 12:27:48 +0000 (12:27 +0000)]
ui-shared: don't print path crumbs without a repo

cgit_print_path_crumbs() can call repolink() which assumes that ctx.repo
is non-null.  Currently we don't have any commands that set want_vpath
without also setting want_repo so it shouldn't be possible to fail this
test, but the check in cgit.c is in the wrong order so it is possible to
specify a query string like "?p=log&path=foo/bar" to end up here without
a valid repository.

This was found by American fuzzy lop [0].

[0] http://lcamtuf.coredump.cx/afl/

Signed-off-by: John Keeping <john@keeping.me.uk>
7 years agoui-atom: properly escape delimiter in page link
John Keeping [Sun, 15 Jan 2017 12:29:38 +0000 (12:29 +0000)]
ui-atom: properly escape delimiter in page link

If the delimiter here is '&' then it needs to be escaped for inclusion
in an attribute.  Use html_attrf() to ensure that this happens (we know
that hex won't need escaping, but this makes it clearer what's
happening.

Signed-off-by: John Keeping <john@keeping.me.uk>
7 years agogit: update to v2.14
Jeff Smith [Thu, 10 Aug 2017 00:02:56 +0000 (19:02 -0500)]
git: update to v2.14

Numerous changes were made to git functions to use an object_id
structure rather than sending sha1 hashes as raw unsigned character
arrays.  The functions that affect cgit are: parse_object,
lookup_commit_reference, lookup_tag, lookup_tree, parse_tree_indirect,
diff_root_tree_sha1, diff_tree_sha1, and format_display_notes.

Commit b2141fc (config: don't include config.h by default) made it
necessary to that config.h be explicitly included when needed.

Commit 07a3d41 (grep: remove regflags from the public grep_opt API)
removed one way of specifying the ignore-case grep option.

Signed-off-by: Jeff Smith <whydoubt@gmail.com>
7 years agogit: update to v2.13.4
Christian Hesse [Mon, 24 Jul 2017 15:22:52 +0000 (17:22 +0200)]
git: update to v2.13.4

Update to git version v2.13.4: With commit 8aee769f (pathspec: copy and free
owned memory) the definition of struct pathspec_item has changed with the
expectation that pathspecs will be managed dynamically. We work around this
a bit by setting up a static structure, but let's allocate the match string
to avoid needing to cast away const.

Updated a patch from John Keeping <john@keeping.me.uk> for git v2.12.1.

7 years agoUpdate .mailmap with my new email address
Lukas Fleischer [Thu, 27 Jul 2017 14:20:15 +0000 (16:20 +0200)]
Update .mailmap with my new email address

Signed-off-by: Lukas Fleischer <lfleischer@lfos.de>
7 years agoRemove unused variable from sort_section()
Lukas Fleischer [Wed, 5 Apr 2017 04:38:27 +0000 (06:38 +0200)]
Remove unused variable from sort_section()

Signed-off-by: Lukas Fleischer <lfleischer@lfos.de>
7 years agoui-repolist: properly sort by age
Jason A. Donenfeld [Thu, 30 Mar 2017 11:19:50 +0000 (13:19 +0200)]
ui-repolist: properly sort by age

When empty repos exist, comparing them against an existing repo with a
good mtime might, with particular qsort implementations, not sort
correctly, because of this brokenness:

   if (get_repo_modtime(r1, &t) && get_repo_modtime(r2, &t))

However, sorting by the age column works as expected, so anyway, to tidy
things up, we simply reuse that function.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
7 years agoui-patch: fix crash when using path limit
Lukas Fleischer [Thu, 24 Nov 2016 19:14:54 +0000 (20:14 +0100)]
ui-patch: fix crash when using path limit

The array passed to setup_revisions() must be NULL-terminated. Fixes a
regression introduced in 455b598 (ui-patch.c: Use log_tree_commit() to
generate diffs, 2013-08-20).

Reported-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Lukas Fleischer <lfleischer@lfos.de>
7 years agosyntax-highlighting: replace invalid unicode with ?
Jason A. Donenfeld [Sun, 22 Jan 2017 11:44:44 +0000 (12:44 +0100)]
syntax-highlighting: replace invalid unicode with ?

8 years agogit: update to v2.11.0
Christian Hesse [Wed, 30 Nov 2016 09:43:08 +0000 (10:43 +0100)]
git: update to v2.11.0

Update to git version v2.11.0. Function write_archive()
dropped argument (int setup_prefix).

8 years agoLink with -ldl on GNU Hurd
Peter Colberg [Fri, 25 Nov 2016 20:57:11 +0000 (15:57 -0500)]
Link with -ldl on GNU Hurd

Debian GNU/Hurd uses the GNU C library.

Signed-off-by: Peter Colberg <peter@colberg.org>
8 years agogit: update to v2.10.2 again
John Keeping [Thu, 24 Nov 2016 18:59:42 +0000 (18:59 +0000)]
git: update to v2.10.2 again

The submodule was accidentally downgraded in commit 8e9ddd21 (Bump
version, 2016-11-23).  Restore v2.10.2 so it matches the makefile again.

Signed-off-by: John Keeping <john@keeping.me.uk>
8 years agoBump version. v1.1
Jason A. Donenfeld [Wed, 23 Nov 2016 04:24:26 +0000 (05:24 +0100)]
Bump version.

8 years agocss: highlight even table rows and skip empty rows
Christian Hesse [Wed, 6 Jul 2016 20:42:36 +0000 (22:42 +0200)]
css: highlight even table rows and skip empty rows

This is stolen from kernel.org css [0].

[0] https://git.kernel.org/cgit-korg-0.10.1.css

8 years agogit: update to v2.10.2
Christian Hesse [Sun, 6 Nov 2016 20:47:04 +0000 (21:47 +0100)]
git: update to v2.10.2

Update to git version v2.10.2, no changes required.