Richard Maw [Sat, 25 Jun 2016 23:20:01 +0000 (00:20 +0100)]
Display notes from namespace
We must not leave it at its default behaviour,
as that results in notes from the root namespace being used
and ignoring notes from the current namespace,
since it is not namespace aware.
We can handle this by instructing it to not load the default refs,
and providing a set of extra refs to use.
The provided extra refs are globs rather than ref names,
so we should escape them to be sure.
We get an annoying warning if the provided ref does not exist,
so we check whether the ref exists before attempting to provide it.
Signed-off-by: Richard Maw <richard.maw@gmail.com>
Richard Maw [Sat, 25 Jun 2016 21:55:44 +0000 (22:55 +0100)]
Find the default branch based on the contents of the namespace
The find_current_ref callback does not need to be modified
to strip off the namespace prefix,
since the for_each_ref functions don't include the base ref prefix.
Signed-off-by: Richard Maw <richard.maw@gmail.com>
Richard Maw [Sat, 25 Jun 2016 21:42:33 +0000 (22:42 +0100)]
Guess the default branch based on current namespace
resolve_ref_unsafe() can't be told to be namespace aware,
so we need to prepend the namespace beforehand.
Additionally, we need to add the RESOLVE_REF_NO_RECURSE flag,
since otherwise if the commit that is pointed to exists in the root namespace,
it will opt to return that rather than the value in the namespace,
presumably preferring shorter ref names to longer ones.
Signed-off-by: Richard Maw <richard.maw@gmail.com>
Richard Maw [Sat, 25 Jun 2016 21:29:24 +0000 (22:29 +0100)]
Look up refs in namespace with cgit_get_sha1
This causes all ref resolving to look for the requested branch
inside the current namespace.
Previously any form of git revision would be accepted,
but ref resolving isn't namespace aware
and it would be infeasible to replicate all its behaviour,
so we stick to providing the most common cases
of a sha1, an absolute ref, or a partial ref.
Signed-off-by: Richard Maw <richard.maw@gmail.com>
Richard Maw [Sat, 25 Jun 2016 19:54:07 +0000 (20:54 +0100)]
Print out parsed namespace on request
This is not strictly necessary,
as we do not have any way to generate namespace entries from a scan-path,
but I'd rather not leave this as a surprise
to someone who comes up with a good namespace discovery mechanism.
Signed-off-by: Richard Maw <richard.maw@gmail.com>
Richard Maw [Sat, 25 Jun 2016 19:38:41 +0000 (20:38 +0100)]
Parse repo.namespace
This contains the unexpanded name of the namespace
rather than the base ref of the namespace,
since the git namespace mechanism works by setting GIT_NAMESPACE
and on the first call to get_git_namespace() it gets expanded.
We need to save this for a later call to prepare_repo_cmd,
rather than trying to process it here,
since we can only do it once,
and we have other uses for the unexpanded name.
Signed-off-by: Richard Maw <richard.maw@gmail.com>
Richard Maw [Thu, 30 Jun 2016 20:05:48 +0000 (21:05 +0100)]
Fix archive generation
The get_ref_from_filename function is expected to return a sha1.
It didn't actually do this,
instead returning the ref that would under normal circumstances resolve to that.
Since we're going to resolve refs in a way that is namespace aware
we need to return the sha1 rather than the ref,
since the archive is created by libgit code that is not namespace aware,
and it would try to resolve the ref again.
This previously worked fine
because it would resolve the ref the same way both times.
Signed-off-by: Richard Maw <richard.maw@gmail.com>
Lukas Fleischer [Tue, 24 May 2016 16:15:18 +0000 (18:15 +0200)]
Avoid ambiguities when prettifying snapshot names
When composing snapshot file names for a tag with a prefix of the form
v[0-9] (resp. V[0-9]), the leading "v" (resp. "V") is stripped. This
leads to conflicts if a tag with the stripped name already exists or if
there are tags only differing in the capitalization of the leading "v".
Make sure we do not strip the "v" in these cases.
Otherwise we get the classic Python UTF-8 errors, and the text is all
out of order. While we're at it, switch to python3 so we only have to
support one set of oddball semantics.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Suggested-by: Daniel Campbell <dlcampbell@gmx.com>
Tim Nordell [Fri, 26 Feb 2016 20:58:41 +0000 (14:58 -0600)]
ui-log: Simplify decoration code
The decoration code inside of git returns the decoration type, so
utilize this to create the decoration spans. Additionally, use
prettify_refname(...) to get the shorter name for the ref.
Signed-off-by: Tim Nordell <tim.nordell@logicpd.com>
Christian Hesse [Tue, 23 Feb 2016 09:47:25 +0000 (10:47 +0100)]
css: use less blurry icon for external link
Your mileage may vary, but for me the old icon looks blurry. The new
one is character 0xf08e from OTF font awsome in size 10.
The icon color is black, gray level is adjusted via opacity.
Joe Anakata [Mon, 22 Feb 2016 17:45:53 +0000 (18:45 +0100)]
ui-plain: fix to show a repo's root directory listing in plain view
This is to fix the case of accessing http://host.com/cgit.cgi/repo.git/plain/
There is code here to make this case work (match_baselen is set to -1
for top-of-the-tree views) but the unsigned to signed comparison was
always false in this case, causing an empty directory listing without
this fix.
Signed-off-by: Joe Anakata <jea-signup-github@anakata.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
John Keeping [Mon, 8 Feb 2016 15:06:27 +0000 (15:06 +0000)]
ui-atom: avoid DATE_STRFTIME
Git's DATE_STRFTIME ignores the timezone argument and just uses the
local timezone regardless of whether the "local" flag is set.
Since Atom accepts ISO8601 dates [1], we can use Git's
DATE_ISO8601_STRICT instead, which does get this right. Additionally,
we never use the local timezone here so we can use the
date_mode_from_type() wrapper to simplify the code a bit.
John Keeping [Mon, 8 Feb 2016 15:05:54 +0000 (15:05 +0000)]
Avoid DATE_STRFTIME for long/short dates
Git's DATE_STRFTIME ignores the timezone argument and just uses the
local timezone regardless of whether the "local" flag is set.
Since our existing FMT_LONGDATE and FMT_SHORTDATE are pretty-much
perfect matches to DATE_ISO8601 and DATE_SHORT, switch to taking a
date_mode_type directly in cgit_date_mode().
John Keeping [Mon, 8 Feb 2016 14:12:35 +0000 (14:12 +0000)]
ui-stats: cast pointer before checking for zero
We abuse the "void *util" field as a counter and recently started to
cast it to a uintptr_t to avoid risking nasal demons by performing
arithmetic on a void pointer.
However, compilers are also known to do "interesting" things if they
know that a pointer is or isn't NULL. Make this safer by checking if
the counter (after casting) is non-zero rather than checking if the
pointer is non-null.
John Keeping [Sat, 16 Jan 2016 11:03:07 +0000 (11:03 +0000)]
cache: don't check for match with no key
We call open_slot() from cache_ls() without a key since we simply want
to read the path out of the header. Should the file happen to contain
an empty key then we end up calling memcmp() with NULL and a non-zero
length. Fix this by assigning slot->match only if a key is set, which
is always will be in the code paths where we use slot->match.
Coverity-id: 13807 Signed-off-by: John Keeping <john@keeping.me.uk>
John Keeping [Sat, 16 Jan 2016 11:03:05 +0000 (11:03 +0000)]
ui-log: handle parse_commit() errors
If parse_commit() fails, none of the fields in the commit structure will
have been populated so we will dereference NULL when accessing
item->tree.
There isn't much we can do about the error at this point, but if we
return true then we'll try parsing the commit again from print_commit()
and we can report an error to the user at that point.
Coverity-id: 13801 Signed-off-by: John Keeping <john@keeping.me.uk>
Peter Colberg [Tue, 8 Dec 2015 17:53:09 +0000 (12:53 -0500)]
ui-repolist: return HTTP 404 if no repositories found
Return HTTP status code 404 Not found when querying a non-existent
repository, which signals to search engines that a repository no
longer exists. Further, some webservers such as nginx permit
logging requests to different files depending on the HTTP code.
Lukas Fleischer [Sun, 13 Dec 2015 00:27:13 +0000 (01:27 +0100)]
Fix segmentation fault in hc()
The ctx.qry.page variable might be unset at this point, e.g. when an
invalid command is passed and cgit_print_pageheader() is called to show
an error message.
Convert all instances of get_object_hash to use an appropriate
reference to the hash member of the oid member of struct object.
This provides no functional change, as it is essentially a macro
substitution.
filter: avoid integer overflow in authenticate_post
ctx.env.content_length is an unsigned int, coming from the
CONTENT_LENGTH environment variable, which is parsed by strtoul. The
HTTP/1.1 spec says that "any Content-Length greater than or equal to
zero is a valid value." By storing this into an int, we potentially
overflow it, resulting in the following bounding check failing, leading
to a buffer overflow.
Reported-by: Erik Cabetas <Erik@cabetas.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
projects / cgit / log