Add a gitweb configuration variable $prevent_xss that disables features
to prevent content in repositories from launching cross-site scripting
(XSS) attacks in the gitweb domain. Currently, this option makes gitweb
ignore README.html (a better solution may be worked out in the future)
and serve a blob_plain file of an untrusted type with
"Content-Disposition: attachment", which tells the browser not to show
the file at its original URL.
The XSS prevention is currently off by default.
Signed-off-by: Matt McCutchen <matt@mattmccutchen.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Although it does not matter in general it is handled different by
"git clone", as it removes it to make the "humanish" name of the
new repository.
Signed-off-by: Santi Béjar <santi@agolina.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
After invoking git add -p I always got the warnings:
Use of uninitialized value $_[3] in exec at Git.pm line 1282.
Use of uninitialized value $args[2] in join or string at Git.pm line 1264.
A bisect showed that these warnings occur in a301973 "add -p: print errors
in separate color" the first time.
They can be reproduced by setting color.ui (or color.interactive) to "auto"
and unsetting color.interactive.help and color.interactive.error.
I am using Perl 5.10.0.
The reason of the warning is that color.interactive.error defaults to
color.interactive.help which defaults to nothing in the specific codepath.
It defaults to 'red bold' some lines above which could lead to the wrong
assumption that it always defaults to 'red bold' now.
This patch lets it default to 'red bold', blowing the warnings away.
Signed-off-by: Stephan Beyer <s-beyer@gmx.net>
Acked-By: Thomas Rast <trast@student.ethz.ch>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Before d467a52 ("Make '--decorate' set an explicit 'show_decorations'
flag", Nov 3 2008), commit decorations were shown whenever they exist, and
distances stored in them by "git rev-list --bisect-all" were automatically
shown. d467a52 changed the rule so that commit decorations are not shown
unless rev_info explicitly asks to, with its show_decorations bit, but
forgot that the ones "git rev-list --bisect-all" adds need to be shown.
This patch fixes this old breakage.
Signed-off-by: Christian Couder <chriscool@tuxfamily.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Include it directly from git-shortlog.txt, and refer
to it from pretty-format.txt.
Signed-off-by: Marius Storm-Olsen <marius@trolltech.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
map_user() allows to lookup and replace both email and
name of a user, based on a new style mailmap file.
The possible mailmap definitions are now:
proper_name <commit_email> # Old style
<proper_email> <commit_email> # New style
proper_name <proper_email> <commit_email> # New style
proper_name <proper_email> commit_name <commit_email> # New style
map_email() operates the same as before, with the
exception that it also will to try to match on a name
passed in through the name return buffer.
clear_mailmap() is needed to now clear the more complex
mailmap structure.
Signed-off-by: Marius Storm-Olsen <marius@trolltech.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
string_list_find_insert_index() and string_list_insert_at_index()
enables you to see if an item is in the string_list, and to
insert at the appropriate index in the list, if not there.
This is usefull if you need to manipulate an existing item,
if present, and insert a new item if not.
Future mailmap code will use this construct to enable
complex (old_name, old_email) -> (new_name, new_email)
lookups.
The string_list_clear_func() allows to call a custom
cleanup function on each item in a string_list, which is
useful is the util member points to a complex structure.
Signed-off-by: Marius Storm-Olsen <marius@trolltech.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This allows us to augment the repo mailmap file, and to use
mailmap files elsewhere than the repository root. Meaning
that the entries in mailmap.file will override the entries
in "./.mailmap", should they match.
Signed-off-by: Marius Storm-Olsen <marius@trolltech.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Make SHA-1 regexp to be turned into hyperlink (the SHA-1 committag)
to match word boundary at the beginning and the end. This way we
reduce number of false matches, for example we now don't match
0x74a5cd01 which is hex decimal (for example memory address),
but is not SHA-1.
Suggested-by: Johannes Schindelin <Johannes.Schindelin@gmx.de>
Signed-off-by: Jakub Narebski <jnareb@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Earlier, when you called
git submodule some/bogus/path
Git would silently ignore the path, without warning the user about the
likely mistake. Now it does.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Tab completion makes it easy to add a trailing slash to a submodule path.
As it is completely clear what the user actually wanted to say, be nice
and strip that slash at the end.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This function is now superseded by normalize_path_copy().
Signed-off-by: Johannes Sixt <j6t@kdbg.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This changes the test-path-utils utility to invoke normalize_path_copy()
instead of normalize_absolute_path() because the latter is about to be
removed.
The test cases in t0060 are adjusted in two regards:
- normalize_path_copy() more often leaves a trailing slash in the result.
This has no negative side effects because the new user of this function,
longest_ancester_length(), already accounts for this behavior.
- The function can fail.
The tests uncover a flaw in normalize_path_copy(): If there are
sufficiently many '..' path components so that the root is reached, such as
in "/d1/s1/../../d2", then the leading slash was lost. This manifested
itself that (assuming there is a repository at /tmp/foo)
$ git add /d1/../tmp/foo/some-file
reported 'pathspec is outside repository'. This is now fixed.
Moreover, the test case descriptions of t0060 now include the test data and
expected outcome.
Signed-off-by: Johannes Sixt <j6t@kdbg.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Using git with GIT_CEILING_DIRECTORIES crashed on Windows due to a failed
assertion in normalize_absolute_path(): This function expects absolute
paths to start with a slash, while on Windows they can start with a drive
letter or a backslash.
This fixes it by using the alternative, normalize_path_copy() instead,
which can handle Windows-style paths just fine.
Secondly, the portability macro PATH_SEP is used instead of expecting
colons to be used as path list delimiter.
The test script t1504 is also changed to help MSYS's bash recognize some
program arguments as path list. (MSYS's bash must translate POSIX-style
path lists to Windows-style path lists, and the heuristic did not catch
some cases.)
Signed-off-by: Rene Scharfe <rene.scharfe@lsrfire.ath.cx>
Signed-off-by: Johannes Sixt <j6t@kdbg.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This function and normalize_absolute_path() do almost the same thing. The
former already works on Windows, but the latter crashes.
In subsequent changes we will remove normalize_absolute_path(). Here we
make the replacement function reusable. On the way we rename it to reflect
that it does some path normalization. Apart from that this is only moving
around code.
Signed-off-by: Johannes Sixt <j6t@kdbg.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Previously, this test utility happily returned with exit code 0 if garbage
was thrown at it. Now it reports failure if an unknown function name was
given on the command line.
Signed-off-by: Johannes Sixt <j6t@kdbg.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
When the callback function invoked from read_tree_recursive() returns
the value `READ_TREE_RECURSIVE` for a gitlink entry, the traversal will
now continue into the tree connected to the gitlinked commit. This
functionality can be used to allow inter-repository operations, but
since the current users of read_tree_recursive() does not yet support
such operations, they have been modified where necessary to make sure
that they never return READ_TREE_RECURSIVE for gitlink entries (hence
no change in behaviour should be introduces by this patch alone).
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
* js/filter-branch-submodule:
filter-branch: do not consider diverging submodules a 'dirty worktree'
filter-branch: Fix fatal error on bare repositories
vc-git is distributed with Emacs since version 22.2, and is maintained
in the Emacs CVS tree. This file is obsolete and causes trouble for
people who want to add contrib/emacs to their load-path.
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
This allows using fill-paragraph on the log message without
interference from the various header fields.
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
Support for cherry-picking and reverting commits, with automatic
formatting of the commit log message. Bound to C-c C-p and C-c C-v
respectively.
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
Prompts for a branch name, create a new branch at HEAD and switch to
it. Bound to C-c C-b by default.
Based on a patch by Rémi Vanicat <vanicat@debian.org>.
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
Prompts for a branch name and checks it out. Bound to C-c C-o by
default.
Based on a patch by Rémi Vanicat <vanicat@debian.org>.
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
In cd_to_toplevel, instead of 'cd $(unset PWD; /bin/pwd)/$path'
use 'cd -P $path'. The "-P" option yields a desirable similarity to
C chdir.
While the "-P" option may be slightly less commonly supported than
/bin/pwd, it is more concise, better tested, and less error prone.
I've already added the 'unset PWD' to fix the /bin/pwd solution on
BSD; there may be more edge cases out there.
This still passes all the same test cases in t5521-pull-symlink.sh and
t2300-cd-to-toplevel.sh, even before updating them to use 'pwd -P'.
Signed-off-by: Junio C Hamano <gitster@pobox.com>
git submodule update --no-fetch makes it possible to use git submodule
update in complete offline mode by not fetching new revisions.
This does make sense in the following setup:
* There is an unstable and a stable branch in the super/master repository.
* The submodules might be at different revisions in the branches.
* You are at some place without internet connection ;)
With this patch it is now possible to change branches and update
the submodules to be at the recorded revision without online access.
Another advantage is that with -N the update operation is faster, because fetch is checking for new updates even if there was no fetch/pull on the super/master repository since the last update.
Signed-off-by: Fabian Franz <git@fabian-franz.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
eval{use...} is no good because the 'use' is evaluated at compile
time, so manually 'require' it. We need to forward declare the
functions we use, otherwise Perl raises a compilation error.
Signed-off-by: Thomas Rast <trast@student.ethz.ch>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
* js/maint-remote-remove-mirror:
builtin-remote: make rm operation safer in mirrored repository
builtin-remote: make rm() use properly named variable to hold return value
* js/notes:
git-notes: fix printing of multi-line notes
notes: fix core.notesRef documentation
Add an expensive test for git-notes
Speed up git notes lookup
Add a script to edit/inspect notes
Introduce commit notes
Conflicts:
pretty.c
* rc/http-push:
http-push: wrap signature of get_remote_object_url
http-push: add back underscore separator before lock token
http-push.c: get_remote_object_url() is only used under USE_CURL_MULTI
http-push: refactor request url creation
* cb/mergetool:
mergetool: fix running mergetool in sub-directories
mergetool: Add a test for running mergetool in a sub-directory
mergetool: respect autocrlf by using checkout-index