]>
granicus.if.org Git - cgit/log
Christian Hesse [Mon, 12 Dec 2022 15:21:23 +0000 (16:21 +0100)]
git: update to v2.39.0
Update to git version v2.39.0, no additional changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Mon, 12 Dec 2022 15:18:28 +0000 (16:18 +0100)]
git: update to v2.38.2
Update to git version v2.38.2, no additional changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 18 Oct 2022 19:22:41 +0000 (21:22 +0200)]
git: update to v2.38.1
Update to git version v2.38.1, no additional changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Fri, 16 Sep 2022 09:31:24 +0000 (11:31 +0200)]
git: update to v2.38.0
Update to git version v2.38.0, no additional changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 30 Aug 2022 20:42:19 +0000 (22:42 +0200)]
git: update to v2.37.3
Update to git version v2.37.3, no additional changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Thu, 11 Aug 2022 20:07:02 +0000 (22:07 +0200)]
git: update to v2.37.2
Update to git version v2.37.2, no additional changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 12 Jul 2022 19:16:29 +0000 (21:16 +0200)]
git: update to v2.37.1
Update to git version v2.37.1, no additional changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 14 Jun 2022 10:48:56 +0000 (12:48 +0200)]
git: update to v2.37.0
Update to git version v2.37.0, no additional changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Mon, 9 May 2022 07:29:05 +0000 (09:29 +0200)]
git: update to v2.36.1
Update to git version v2.36.1, no additional changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
June McEnroe [Tue, 17 May 2022 21:50:53 +0000 (21:50 +0000)]
shared: fix bad free in cgit_diff_tree
Since git commit
244c27242f44e6b88e3a381c90bde08d134c274b ,
> diff.[ch]: have diff_free() call clear_pathspec(opts.pathspec)
calling diff_flush calls free(3) on opts.pathspec.items, so it can't
be a pointer to a stack variable.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Mon, 4 Apr 2022 19:00:33 +0000 (21:00 +0200)]
git: update to v2.36.0
Update to git version v2.36.0, this requires changes for these
upstream commits:
*
95433eeed9eac439eb21eb30105354b15e71302e
diff: add ability to insert additional headers for paths
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Mon, 18 Apr 2022 20:10:41 +0000 (22:10 +0200)]
git: update to v2.35.3
Update to git version v2.35.3, no additional changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 12 Apr 2022 17:01:23 +0000 (19:01 +0200)]
git: update to v2.35.2
Update to git version v2.35.2, no additional changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Sat, 29 Jan 2022 09:20:25 +0000 (10:20 +0100)]
git: update to v2.35.1
Update to git version v2.35.1, no additional changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 11 Jan 2022 10:03:29 +0000 (11:03 +0100)]
git: update to v2.35.0
Update to git version v2.35.0, no additional changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Wed, 24 Nov 2021 20:12:12 +0000 (21:12 +0100)]
git: update to v2.34.1
Update to git version v2.34.1, no additional changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Wed, 3 Nov 2021 14:32:17 +0000 (15:32 +0100)]
git: update to v2.34.0
Update to git version v2.34.0, this requires changes for these
upstream commits:
*
abf897bacd2d36b9dbd07c70b4a2f97a084704ee
string-list.[ch]: remove string_list_init() compatibility function
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Sun, 8 Aug 2021 15:55:53 +0000 (17:55 +0200)]
git: update to v2.33.0
Update to git version v2.33.0, no additional changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 18 May 2021 20:49:13 +0000 (22:49 +0200)]
git: update to v2.32.0
Update to git version v2.32.0, this requires changes for these
upstream commits:
*
47957485b3b731a7860e0554d2bd12c0dce1c75a
tree.h API: simplify read_tree_recursive() signature
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 18 May 2021 19:54:23 +0000 (21:54 +0200)]
git: update to v2.31.1
Update to git version v2.31.1, no additional changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 31 Mar 2020 12:53:42 +0000 (14:53 +0200)]
md2html: use proper formatting for hr
This addressed a non-existent background image and made the element
invisible. Drop the style and use something sane.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Mon, 15 Mar 2021 21:48:26 +0000 (22:48 +0100)]
git: update to v2.31.0
Update to git version v2.31.0, this requires changes for these
upstream commits:
*
36a317929b8f0c67d77d54235f2d20751c576cbb
refs: switch peel_ref() to peel_iterated_oid()
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Wed, 10 Feb 2021 15:13:53 +0000 (16:13 +0100)]
git: update to v2.30.1
Update to git version v2.30.1, no additional changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Todd Zullinger [Tue, 29 Dec 2020 19:18:01 +0000 (14:18 -0500)]
tests: t0107: support older and/or non-GNU tar
The untar tests for various compression algorithms use shortcut options
from GNU tar to handle decompression. These options may not be provided
by non-GNU tar nor even by slightly older GNU tar versions which ship on
many systems.
An example of the latter case is the --zstd option. This was added in
GNU tar-1.32 (2019-02-23)¹. This version of tar is not provided by
CentOS/RHEL, in particular. In Debian, --zstd has been backported to
the tar-1.30 release.
Avoid the requirement on any specific implementations or versions of tar
by piping decompressed output to tar. This is compatible with older GNU
tar releases as well as tar implementations from other vendors. (It may
also be a slight benefit that this more closely matches what the
snapshot creation code does.)
¹ Technically, the --zstd option was first released in tar-1.31
(2019-01-02), but this release was very short-lived and is no longer
listed on the GNU Tar release page.
Signed-off-by: Todd Zullinger <tmz@pobox.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Jason A. Donenfeld [Fri, 4 Dec 2020 12:13:23 +0000 (13:13 +0100)]
md2html: use sane_lists extension
This allows for cleaner nesting semantics and matches github more
closely.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Christian Hesse [Mon, 28 Dec 2020 22:27:13 +0000 (23:27 +0100)]
git: update to v2.30.0
Update to git version v2.30.0, this requires changes for these
upstream commits:
*
88894aaeeae92e8cb41143cc2e045f50289dc790
blame: simplify 'setup_scoreboard' interface
*
1fbfdf556f2abc708183caca53ae4e2881b46ae2
banned.h: mark non-reentrant gmtime, etc as banned
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Fri, 30 Oct 2020 21:22:32 +0000 (22:22 +0100)]
git: update to v2.29.2
Update to git version v2.29.2.
No changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 27 Oct 2020 09:39:46 +0000 (10:39 +0100)]
git: update to v2.29.1
Update to git version v2.29.1. No functional change, but we want latest
and greated version number, no? 😜
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Wed, 21 Oct 2020 20:16:57 +0000 (22:16 +0200)]
tests: try with commit-graph
Git 2.24.0 enabled commit-graph by default and caused crashes without
necessary update. Let's test to work with commit-graph.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Wed, 21 Oct 2020 19:31:52 +0000 (21:31 +0200)]
tests: do not copy snapshots to /tmp/
No idea why this was added... Possibly to inspect the snapshot manually?
Let's drop it.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 20 Oct 2020 21:46:09 +0000 (23:46 +0200)]
global: replace hard coded hash length
With sha1 we had a guaranteed length of 40 hex chars. This changes now
that we have to support sha256 with 64 hex chars... Support both.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 20 Oct 2020 21:32:45 +0000 (23:32 +0200)]
global: replace references to 'sha1' with 'oid'
For some time now sha1 is considered broken and upstream is working to
replace it with sha256. Replace all references to 'sha1' with 'oid',
just as upstream does.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 6 Oct 2020 14:32:08 +0000 (16:32 +0200)]
git: update to v2.29.0
Update to git version v2.29.0, this requires changes for these
upstream commits:
*
dbbcd44fb47347a3fdbee88ea21805b7f4ac0b98
strvec: rename files from argv-array to strvec
*
873cd28a8b17ff21908c78c7929a7615f8c94992
argv-array: rename to strvec
*
d70a9eb611a9d242c1d26847d223b8677609305b
strvec: rename struct fields
*
6a67c759489e1025665adf78326e9e0d0981bab5
test-lib-functions: restrict test_must_fail usage
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Mon, 27 Jul 2020 18:36:14 +0000 (20:36 +0200)]
git: update to v2.28.0
Update to git version v2.28.0.
No changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 2 Jun 2020 08:10:15 +0000 (10:10 +0200)]
git: update to v2.27.0
Update to git version v2.27.0.
No changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Mon, 9 Mar 2020 08:51:05 +0000 (09:51 +0100)]
git: update to v2.26.0
Update to git version v2.26.0.
No changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Jason A. Donenfeld [Fri, 13 Mar 2020 23:49:52 +0000 (17:49 -0600)]
Bump version
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Jason A. Donenfeld [Fri, 13 Mar 2020 02:52:35 +0000 (20:52 -0600)]
global: use proper accessors for maybe_tree
A previous commit changed ->tree to ->maybe_tree throughout, which may
have worked at the time, but wasn't safe, because maybe_tree is loaded
lazily. This manifested itself in crashes when using the "follow" log
feature. The proper fix is to use the correct contextual accessors
everytime we want access to maybe_tree. Thankfully, the commit.cocci
script takes care of creating mostly-correct patches that we could then
fix up, resulting in this commit here.
Fixes: 255b78f ("git: update to v2.18.0")
Reviewed-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Christian Hesse [Wed, 26 Feb 2020 08:12:21 +0000 (09:12 +0100)]
ui-snapshot: add support for zstd compression
This patch adds support for zstd [0] compressed snapshots (*.tar.zst).
We enable multiple working threads (-T0), but keep default compression
level. The latter can be influenced by environment variable.
[0] https://www.zstd.net/
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Wed, 26 Feb 2020 08:19:00 +0000 (09:19 +0100)]
tests: add tests for xz compressed snapshots
Signed-off-by: Christian Hesse <mail@eworm.de>
Hanspeter Portner [Fri, 16 Aug 2019 21:40:19 +0000 (23:40 +0200)]
ui-snapshot: add support for lzip compression
This patch adds support for lzip [1] compressed snapshots (*.tar.lz)
[1] https://www.nongnu.org/lzip/
Signed-off-by: Hanspeter Portner <dev@open-music-kontrollers.ch>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Christian Hesse [Mon, 17 Feb 2020 08:08:02 +0000 (09:08 +0100)]
git: update to v2.25.1
Update to git version v2.25.1.
No changes required.
Christian Hesse [Mon, 13 Jan 2020 20:04:46 +0000 (21:04 +0100)]
tests: allow to skip git version tests
This allows to run tests non-tagged git checkout or when bisecting.
Signed-off-by: Christian Hesse <mail@eworm.de>
Jason A. Donenfeld [Mon, 13 Jan 2020 20:04:14 +0000 (15:04 -0500)]
Bump version
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Christian Hesse [Wed, 25 Dec 2019 23:02:23 +0000 (00:02 +0100)]
git: update to v2.25.0
Update to git version v2.25.0.
Upstream renamed 'init_display_notes()' to 'load_display_notes()' in
commit
1e6ed5441a61b5085978e0429691e2e2425f6846 ("notes: rename to
load_display_notes()").
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Wed, 11 Dec 2019 09:55:24 +0000 (10:55 +0100)]
tests: skip tests if strace is not functional
Chances are that strace is available but not functional due to
restricted permissions:
strace: test_ptrace_get_syscall_info: PTRACE_TRACEME: Operation not permitted
strace: ptrace(PTRACE_TRACEME, ...): Operation not permitted
+++ exited with 1 +++
Just skip the tests then.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 10 Dec 2019 19:40:45 +0000 (20:40 +0100)]
git: update to v2.24.1
Update to git version v2.24.1.
No changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Fri, 22 Nov 2019 10:09:50 +0000 (11:09 +0100)]
ui-repolist: do not return unsigned (negative) value
The function read_agefile() returns time_t, which is a signed datatime.
We should not return unsigned (negative) value here.
Reported-by: Johannes Stezenbach <js@linuxtv.org>
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Wed, 23 Oct 2019 21:21:54 +0000 (23:21 +0200)]
git: update to v2.24.0
Update to git version v2.24.0.
Never use get_cached_commit_buffer() directly, use repo_get_commit_buffer()
instead. The latter calls the former anyway. This fixes segmentation fault
when commit-graph is enabled and get_cached_commit_buffer() does not return
the expected result.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Thu, 13 Jun 2019 19:41:37 +0000 (21:41 +0200)]
git: update to v2.23.0
Update to git version v2.23.0.
No changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Mon, 13 May 2019 19:41:37 +0000 (21:41 +0200)]
git: update to v2.22.0
Update to git version v2.22.0.
Upstream commit
bce9db6d ("trace2: use system/global config for default
trace2 settings") caused a regression. We have to unset HOME and
XDG_CONFIG_HOME before early loading of config from trace2 code kicks in.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 26 Feb 2019 16:08:31 +0000 (17:08 +0100)]
ui-tree: allow per repository override for enable-blame
The blame operation can cause high cost in terms of CPU load for huge
repositories. Let's add a per repository override for enable-blame.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 4 Jun 2019 11:49:36 +0000 (13:49 +0200)]
tests: successfully validate rc versions
For testing versions the version string differs for git tag (v2.22.0-rc3)
and tarball file name (2.22.0.rc3). Let's fix validation for testing
versions.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Sun, 24 Feb 2019 20:19:46 +0000 (21:19 +0100)]
git: update to v2.21.0
Update to git version v2.21.0. Required changes follow upstream commits:
*
6a7895fd8a3bd409f2b71ffc355d5142172cc2a0
(commit: prepare free_commit_buffer and release_commit_memory for
any repo)
*
e092073d643b17c82d72cf692fbfaea9c9796f11
(tree.c: make read_tree*() take 'struct repository *')
Signed-off-by: Christian Hesse <mail@eworm.de>
Reviewed-by: John Keeping <john@keeping.me.uk>
Christian Hesse [Tue, 12 Feb 2019 20:53:02 +0000 (21:53 +0100)]
ui-ssdiff: ban strncat()
Git version v2.21.0 marks strncat() as banned (commit
ace5707a803eda0f1dde3d776dc3729d3bc7759a ), so replace it.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Wed, 2 Jan 2019 16:25:01 +0000 (17:25 +0100)]
global: make 'char *path' const where possible
Signed-off-by: Christian Hesse <mail@eworm.de>
Jason A. Donenfeld [Mon, 20 May 2019 19:45:12 +0000 (21:45 +0200)]
ui-shared: restrict to 15 levels
Perhaps a more ideal version of this would be to not print breadcrumbs
at all for paths that don't exist in the given repo at the given oid.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reported-by: Fydor Wire Snark <wsnark@tuta.io>
Chris Mayo [Thu, 21 Feb 2019 19:57:23 +0000 (19:57 +0000)]
ui-diff,ui-tag: don't use htmlf with non-formatted strings
Signed-off-by: Chris Mayo <aklhfex@gmail.com>
Chris Mayo [Thu, 21 Feb 2019 19:56:05 +0000 (19:56 +0000)]
ui-ssdiff: resolve HTML5 validation errors
- Remove ids from anchor elements. They were unusable because they were
duplicated between files and versions of files.
- Always close span, with html().
- Fix missing / on closing tr element in cgit_ssdiff_header_end().
Signed-off-by: Chris Mayo <aklhfex@gmail.com>
Jason A. Donenfeld [Thu, 3 Jan 2019 01:11:14 +0000 (02:11 +0100)]
filters: migrate from luacrypto to luaossl
luaossl has no upstream anymore and doesn't support OpenSSL 1.1,
whereas luaossl is quite active.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Jason A. Donenfeld [Wed, 2 Jan 2019 06:52:12 +0000 (07:52 +0100)]
ui-shared: fix broken sizeof in title setting and rewrite
The old algorithm was totally incorrect. While we're at it, use «
instead of \, since it makes more sense.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Christian Hesse [Tue, 20 Nov 2018 16:31:21 +0000 (17:31 +0100)]
git: update to v2.20.0
Update to git version v2.20.0. Required changes follow upstream commits:
*
00436bf1b1c2a8fe6cf5d2c2457d419d683042f4
(archive: initialize archivers earlier)
*
611e42a5980a3a9f8bb3b1b49c1abde63c7a191e
(xdiff: provide a separate emit callback for hunks)
Signed-off-by: Christian Hesse <mail@eworm.de>
Jason A. Donenfeld [Thu, 22 Nov 2018 00:49:55 +0000 (01:49 +0100)]
ui-blame: set repo for sb
Otherwise recent git complains and crashes with: "BUG: blame.c:1787:
repo is NULL".
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Jason A. Donenfeld [Wed, 21 Nov 2018 02:16:11 +0000 (03:16 +0100)]
auth-filter: pass url with query string attached
Otherwise redirections come out wrong.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Christian Hesse [Tue, 20 Nov 2018 22:55:03 +0000 (23:55 +0100)]
git: use xz compressed archive for download
Upstream will stop providing gz compressed source tarballs [0], so stop
using them.
[0] https://lists.zx2c4.com/pipermail/cgit/2018-November/004254.html
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 28 Aug 2018 16:27:00 +0000 (18:27 +0200)]
git: update to v2.19.1
Update to git version v2.19.1. Required changes follow upstream commits:
* commit: add repository argument to get_cached_commit_buffer
(
3ce85f7e5a41116145179f0fae2ce6d86558d099 )
* commit: add repository argument to lookup_commit_reference
(
2122f6754c93be8f02bfb5704ed96c88fc9837a8 )
* object: add repository argument to parse_object
(
109cd76dd3467bd05f8d2145b857006649741d5c )
* tag: add repository argument to deref_tag
(
a74093da5ed601a09fa158e5ba6f6f14c1142a3e )
* tag: add repository argument to lookup_tag
(
ce71efb713f97f476a2d2ab541a0c73f684a5db3 )
* tree: add repository argument to lookup_tree
(
f86bcc7b2ce6cad68ba1a48a528e380c6126705e )
* archive.c: avoid access to the_index
(
b612ee202a48f129f81f8f6a5af6cf71d1a9caef )
* for_each_*_object: move declarations to object-store.h
(
0889aae1cd18c1804ba01c1a4229e516dfb9fe9b )
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 28 Aug 2018 16:23:36 +0000 (18:23 +0200)]
ui-ssdiff: ban strcat()
Git upstream bans strcat() with commit:
banned.h: mark strcat() as banned
1b11b64b815db62f93a04242e4aed5687a448748
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 28 Aug 2018 16:22:26 +0000 (18:22 +0200)]
ui-ssdiff: ban strncpy()
Git upstream bans strncpy() with commit:
banned.h: mark strncpy() as banned
e488b7aba743d23b830d239dcc33d9ca0745a9ad
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 28 Aug 2018 18:33:02 +0000 (20:33 +0200)]
ui-shared: ban strcat()
Git upstream bans strcat() with commit:
banned.h: mark strcat() as banned
1b11b64b815db62f93a04242e4aed5687a448748
To avoid compiler warnings from gcc 8.1.x we get the hard way.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 28 Aug 2018 16:18:37 +0000 (18:18 +0200)]
ui-patch: ban sprintf()
Git upstream bans sprintf() with commit:
banned.h: mark sprintf() as banned
cc8fdaee1eeaf05d8dd55ff11f111b815f673c58
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 28 Aug 2018 16:16:11 +0000 (18:16 +0200)]
ui-log: ban strncpy()
Git upstream bans strncpy() with commit:
banned.h: mark strncpy() as banned
e488b7aba743d23b830d239dcc33d9ca0745a9ad
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 28 Aug 2018 16:08:33 +0000 (18:08 +0200)]
ui-log: ban strcpy()
Git upstream bans strcpy() with commit:
automatically ban strcpy()
c8af66ab8ad7cd78557f0f9f5ef6a52fd46ee6dd
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 28 Aug 2018 16:14:32 +0000 (18:14 +0200)]
parsing: ban sprintf()
Git upstream bans sprintf() with commit:
banned.h: mark sprintf() as banned
cc8fdaee1eeaf05d8dd55ff11f111b815f673c58
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 28 Aug 2018 16:11:50 +0000 (18:11 +0200)]
parsing: ban strncpy()
Git upstream bans strncpy() with commit:
banned.h: mark strncpy() as banned
e488b7aba743d23b830d239dcc33d9ca0745a9ad
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Fri, 13 Jul 2018 19:44:50 +0000 (21:44 +0200)]
filters: generate anchor links from markdown
This makes the markdown filter generate anchor links for headings.
Signed-off-by: Christian Hesse <mail@eworm.de>
Tested-by: jean-christophe manciot <actionmystique@gmail.com>
Jason A. Donenfeld [Fri, 3 Aug 2018 14:26:14 +0000 (16:26 +0200)]
Bump version.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Jason A. Donenfeld [Fri, 3 Aug 2018 13:46:11 +0000 (15:46 +0200)]
clone: fix directory traversal
This was introduced in the initial version of this code, way back when
in 2008.
$ curl http://127.0.0.1/cgit/repo/objects/?path=../../../../../../../../../etc/passwd
root:x:0:0:root:/root:/bin/sh
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reported-by: Jann Horn <jannh@google.com>
Konstantin Ryabitsev [Tue, 17 Jul 2018 16:38:22 +0000 (12:38 -0400)]
config: record repo.snapshot-prefix in the per-repo config
Even if we find snapshot-prefix in the repo configuration, we are not
writing it out into the rc- file, so setting the value does not have any
effect.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
Jason A. Donenfeld [Sun, 15 Jul 2018 02:45:11 +0000 (04:45 +0200)]
auth-filters: add simple file-based authentication scheme
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Jason A. Donenfeld [Sun, 15 Jul 2018 02:18:03 +0000 (04:18 +0200)]
auth-filters: use crypt() in simple-authentication
There's no use in giving a silly example to folks who will just copy it,
so instead try to do something slightly better.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Jason A. Donenfeld [Sun, 15 Jul 2018 01:22:12 +0000 (03:22 +0200)]
auth-filters: generate secret securely
This is much better than having the user generate it themselves.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Jason A. Donenfeld [Sat, 14 Jul 2018 03:10:28 +0000 (05:10 +0200)]
auth-filters: do not crash on nil username
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Jason A. Donenfeld [Sat, 14 Jul 2018 03:09:27 +0000 (05:09 +0200)]
auth-filter: do not write more than we've read
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Jason A. Donenfeld [Sat, 14 Jul 2018 01:32:00 +0000 (03:32 +0200)]
auth-filters: do not use HMAC-SHA1
Though SHA1 is broken, HMAC-SHA1 is still fine. But let's not push our
luck; SHA256 is more sensible anyway.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Jason A. Donenfeld [Fri, 13 Jul 2018 20:40:42 +0000 (22:40 +0200)]
Bump version.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Todd Zullinger [Tue, 10 Jul 2018 14:03:34 +0000 (10:03 -0400)]
Update COPYING
The address of the Free Software Foundation has changed since the
license was added in
7640d90 ("Add license file and copyright notices",
2006-12-10). Update the license file from gnu.org¹.
The only non-whitespace changes are the updated FSF address and two
references to the L in LGPL changed from Library to Lesser.
¹ https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
Signed-off-by: Todd Zullinger <tmz@pobox.com>
Jason A. Donenfeld [Sun, 8 Jul 2018 17:14:44 +0000 (19:14 +0200)]
css: use correct size in annotated decoration
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Jason A. Donenfeld [Thu, 5 Jul 2018 00:38:33 +0000 (02:38 +0200)]
cgitrc.5: add local tar signature example
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Jason A. Donenfeld [Wed, 4 Jul 2018 01:13:31 +0000 (03:13 +0200)]
Fix gcc 8.1.1 compiler warnings
CC ../shared.o
../shared.c: In function ‘expand_macro’:
../shared.c:487:3: warning: ‘strncpy’ specified bound depends on the length of the source argument [-Wstringop-overflow=]
strncpy(name, value, len);
^~~~~~~~~~~~~~~~~~~~~~~~~
../shared.c:484:9: note: length computed here
len = strlen(value);
^~~~~~~~~~~~~
../ui-shared.c: In function ‘cgit_repobasename’:
../ui-shared.c:136:2: warning: ‘strncpy’ specified bound 1024 equals destination size [-Wstringop-truncation]
strncpy(rvbuf, reponame, sizeof(rvbuf));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CC ../ui-ssdiff.o
../ui-ssdiff.c: In function ‘replace_tabs’:
../ui-ssdiff.c:142:4: warning: ‘strncat’ output truncated copying between 1 and 8 bytes from a string of length 8 [-Wstringop-truncation]
strncat(result, spaces, 8 - (strlen(result) % 8));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Jason A. Donenfeld [Tue, 3 Jul 2018 18:44:08 +0000 (20:44 +0200)]
cgitrc.5: document new signature notes
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Christian Hesse [Thu, 7 Jun 2018 19:31:28 +0000 (21:31 +0200)]
snapshot: support tar signature for compressed tar
This adds support for kernel.org style signatures where the uncompressed
tar archive is signed and compressed later. The signature is valid for
all tar* snapshots.
We have a filter which snapshots may be generated and downloaded. This has
to allow tar signatures now even if tar itself is not allowed. To simplify
things we allow all signatures.
Signed-off-by: Christian Hesse <mail@eworm.de>
Jason A. Donenfeld [Mon, 12 Feb 2018 22:10:06 +0000 (23:10 +0100)]
extra-head-content: introduce another option for meta tags
This is to support things like go-import meta tags, which are on a
per-repo basis.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
John Keeping [Wed, 20 Jun 2018 10:12:09 +0000 (18:12 +0800)]
Use string list strdup_strings for mimetypes
There's no need to do this manually with the string list API will do it
for us.
Signed-off-by: John Keeping <john@keeping.me.uk>
Andy Green [Wed, 20 Jun 2018 10:12:03 +0000 (18:12 +0800)]
manpage: fix sorting order
You maybe didn't know you had OCD until you saw an
alpha sorted list that has stuff out of order in it.
Signed-off-by: Andy Green <andy@warmcat.com>
Reviewed-by: John Keeping <john@keeping.me.uk>
John Keeping [Wed, 20 Jun 2018 05:29:14 +0000 (07:29 +0200)]
cache: close race window when unlocking slots
We use POSIX advisory record locks to control access to cache slots, but
these have an unhelpful behaviour in that they are released when any
file descriptor referencing the file is closed by this process.
Mostly this is okay, since we know we won't be opening the lock file
anywhere else, but there is one place that it does matter: when we
restore stdout we dup2() over a file descriptor referring to the file,
thus closing that descriptor.
Since we restore stdout before unlocking the slot, this creates a window
during which the slot content can be overwritten. The fix is reasonably
straightforward: simply restore stdout after unlocking the slot, but the
diff is a bit bigger because this requires us to move the temporary
stdout FD into struct cache_slot.
Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Mon, 4 Jun 2018 16:49:28 +0000 (18:49 +0200)]
git: update to v2.18.0
Update to git version v2.18.0. Required changes follow upstream commits:
* Convert find_unique_abbrev* to struct object_id
(
aab9583f7b5ea5463eb3f653a0b4ecac7539dc94 )
* sha1_file: convert read_sha1_file to struct object_id
(
b4f5aca40e6f77cbabcbf4ff003c3cf30a1830c8 )
* sha1_file: convert sha1_object_info* to object_id
(
abef9020e3df87c441c9a3a95f592fce5fa49bb9 )
* object-store: move packed_git and packed_git_mru to object store
(
a80d72db2a73174b3f22142eb2014b33696fd795 )
* treewide: rename tree to maybe_tree
(
891435d55da80ca3654b19834481205be6bdfe33 )
The changed data types required some of our own functions to be converted
to struct object_id:
ls_item
print_dir
print_dir_entry
print_object
single_tree_cb
walk_tree
write_tree_link
And finally we use new upstream functions that were added for
struct object_id:
hashcpy -> oidcpy
sha1_to_hex -> oid_to_hex
Signed-off-by: Christian Hesse <mail@eworm.de>
Reviewed-by: John Keeping <john@keeping.me.uk>
Christian Hesse [Mon, 18 Jun 2018 09:48:43 +0000 (11:48 +0200)]
global: remove functionality we deprecated for cgit v1.0
The man page states these were deprecated for v1.0. We are past v1.1,
so remove the functionality.
Signed-off-by: Christian Hesse <mail@eworm.de>
Reviewed-by: John Keeping <john@keeping.me.uk>
Christian Hesse [Mon, 11 Jun 2018 06:26:59 +0000 (08:26 +0200)]
snapshot: strip bit from struct cgit_snapshot_format
We had a static bit value in struct cgit_snapshot_format. We do not rely
on it and things can be calculated on the fly. So strip it.
Signed-off-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Thu, 7 Jun 2018 20:01:50 +0000 (22:01 +0200)]
snapshot: support special value 'all' to enable all formats
Signed-off-by: Christian Hesse <mail@eworm.de>
Reviewed-by: John Keeping <john@keeping.me.uk>
John Keeping [Sat, 31 Mar 2018 15:15:48 +0000 (16:15 +0100)]
snapshot: support archive signatures
Read signatures from the notes refs refs/notes/signatures/$FORMAT where
FORMAT is one of our archive formats ("tar", "tar.gz", ...). The note
is expected to simply contain the signature content to be returned when
the snapshot "${filename}.asc" is requested, so the signature for
cgit-1.1.tar.xz can be stored against the v1.1 tag with:
git notes --ref=refs/notes/signatures/tar.xz add -C "$(
gpg --output - --armor --detach-sign cgit-1.1.tar.xz |
git hash-object -w --stdin
)" v1.1
and then downloaded by simply appending ".asc" to the archive URL.
Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>