Add a gitweb configuration variable $prevent_xss that disables features
to prevent content in repositories from launching cross-site scripting
(XSS) attacks in the gitweb domain. Currently, this option makes gitweb
ignore README.html (a better solution may be worked out in the future)
and serve a blob_plain file of an untrusted type with
"Content-Disposition: attachment", which tells the browser not to show
the file at its original URL.
The XSS prevention is currently off by default.
Signed-off-by: Matt McCutchen <matt@mattmccutchen.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Although it does not matter in general it is handled different by
"git clone", as it removes it to make the "humanish" name of the
new repository.
Signed-off-by: Santi Béjar <santi@agolina.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
After invoking git add -p I always got the warnings:
Use of uninitialized value $_[3] in exec at Git.pm line 1282.
Use of uninitialized value $args[2] in join or string at Git.pm line 1264.
A bisect showed that these warnings occur in a301973 "add -p: print errors
in separate color" the first time.
They can be reproduced by setting color.ui (or color.interactive) to "auto"
and unsetting color.interactive.help and color.interactive.error.
I am using Perl 5.10.0.
The reason of the warning is that color.interactive.error defaults to
color.interactive.help which defaults to nothing in the specific codepath.
It defaults to 'red bold' some lines above which could lead to the wrong
assumption that it always defaults to 'red bold' now.
This patch lets it default to 'red bold', blowing the warnings away.
Signed-off-by: Stephan Beyer <s-beyer@gmx.net>
Acked-By: Thomas Rast <trast@student.ethz.ch>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Before d467a52 ("Make '--decorate' set an explicit 'show_decorations'
flag", Nov 3 2008), commit decorations were shown whenever they exist, and
distances stored in them by "git rev-list --bisect-all" were automatically
shown. d467a52 changed the rule so that commit decorations are not shown
unless rev_info explicitly asks to, with its show_decorations bit, but
forgot that the ones "git rev-list --bisect-all" adds need to be shown.
This patch fixes this old breakage.
Signed-off-by: Christian Couder <chriscool@tuxfamily.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Earlier, when you called
git submodule some/bogus/path
Git would silently ignore the path, without warning the user about the
likely mistake. Now it does.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Tab completion makes it easy to add a trailing slash to a submodule path.
As it is completely clear what the user actually wanted to say, be nice
and strip that slash at the end.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This function is now superseded by normalize_path_copy().
Signed-off-by: Johannes Sixt <j6t@kdbg.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This changes the test-path-utils utility to invoke normalize_path_copy()
instead of normalize_absolute_path() because the latter is about to be
removed.
The test cases in t0060 are adjusted in two regards:
- normalize_path_copy() more often leaves a trailing slash in the result.
This has no negative side effects because the new user of this function,
longest_ancester_length(), already accounts for this behavior.
- The function can fail.
The tests uncover a flaw in normalize_path_copy(): If there are
sufficiently many '..' path components so that the root is reached, such as
in "/d1/s1/../../d2", then the leading slash was lost. This manifested
itself that (assuming there is a repository at /tmp/foo)
$ git add /d1/../tmp/foo/some-file
reported 'pathspec is outside repository'. This is now fixed.
Moreover, the test case descriptions of t0060 now include the test data and
expected outcome.
Signed-off-by: Johannes Sixt <j6t@kdbg.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Using git with GIT_CEILING_DIRECTORIES crashed on Windows due to a failed
assertion in normalize_absolute_path(): This function expects absolute
paths to start with a slash, while on Windows they can start with a drive
letter or a backslash.
This fixes it by using the alternative, normalize_path_copy() instead,
which can handle Windows-style paths just fine.
Secondly, the portability macro PATH_SEP is used instead of expecting
colons to be used as path list delimiter.
The test script t1504 is also changed to help MSYS's bash recognize some
program arguments as path list. (MSYS's bash must translate POSIX-style
path lists to Windows-style path lists, and the heuristic did not catch
some cases.)
Signed-off-by: Rene Scharfe <rene.scharfe@lsrfire.ath.cx>
Signed-off-by: Johannes Sixt <j6t@kdbg.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This function and normalize_absolute_path() do almost the same thing. The
former already works on Windows, but the latter crashes.
In subsequent changes we will remove normalize_absolute_path(). Here we
make the replacement function reusable. On the way we rename it to reflect
that it does some path normalization. Apart from that this is only moving
around code.
Signed-off-by: Johannes Sixt <j6t@kdbg.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Previously, this test utility happily returned with exit code 0 if garbage
was thrown at it. Now it reports failure if an unknown function name was
given on the command line.
Signed-off-by: Johannes Sixt <j6t@kdbg.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
When the callback function invoked from read_tree_recursive() returns
the value `READ_TREE_RECURSIVE` for a gitlink entry, the traversal will
now continue into the tree connected to the gitlinked commit. This
functionality can be used to allow inter-repository operations, but
since the current users of read_tree_recursive() does not yet support
such operations, they have been modified where necessary to make sure
that they never return READ_TREE_RECURSIVE for gitlink entries (hence
no change in behaviour should be introduces by this patch alone).
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
* js/filter-branch-submodule:
filter-branch: do not consider diverging submodules a 'dirty worktree'
filter-branch: Fix fatal error on bare repositories
vc-git is distributed with Emacs since version 22.2, and is maintained
in the Emacs CVS tree. This file is obsolete and causes trouble for
people who want to add contrib/emacs to their load-path.
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
This allows using fill-paragraph on the log message without
interference from the various header fields.
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
Support for cherry-picking and reverting commits, with automatic
formatting of the commit log message. Bound to C-c C-p and C-c C-v
respectively.
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
Prompts for a branch name, create a new branch at HEAD and switch to
it. Bound to C-c C-b by default.
Based on a patch by Rémi Vanicat <vanicat@debian.org>.
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
Prompts for a branch name and checks it out. Bound to C-c C-o by
default.
Based on a patch by Rémi Vanicat <vanicat@debian.org>.
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
eval{use...} is no good because the 'use' is evaluated at compile
time, so manually 'require' it. We need to forward declare the
functions we use, otherwise Perl raises a compilation error.
Signed-off-by: Thomas Rast <trast@student.ethz.ch>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
* js/maint-remote-remove-mirror:
builtin-remote: make rm operation safer in mirrored repository
builtin-remote: make rm() use properly named variable to hold return value
* js/notes:
git-notes: fix printing of multi-line notes
notes: fix core.notesRef documentation
Add an expensive test for git-notes
Speed up git notes lookup
Add a script to edit/inspect notes
Introduce commit notes
Conflicts:
pretty.c
* rc/http-push:
http-push: wrap signature of get_remote_object_url
http-push: add back underscore separator before lock token
http-push.c: get_remote_object_url() is only used under USE_CURL_MULTI
http-push: refactor request url creation
* cb/mergetool:
mergetool: fix running mergetool in sub-directories
mergetool: Add a test for running mergetool in a sub-directory
mergetool: respect autocrlf by using checkout-index
At the end of filter-branch in a non-bare repository, the work tree is
updated with "read-tree -m -u HEAD", to carry the change forward in case
the current branch was rewritten. In order to avoid losing any local
change during this step, filter-branch refuses to work when there are
local changes in the work tree.
This "read-tree -m -u HEAD" operation does not affect what commit is
checked out in a submodule (iow, it does not touch .git/HEAD in a
submodule checkout), and checking if there is any local change to the
submodule is not useful.
Staged submodules _are_ considered to be 'dirty', however, as the
"read-tree -m -u HEAD" could result in loss of staged information
otherwise.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Print interaction error messages in color.interactive.error, which
defaults to the value of color.interactive.help.
Signed-off-by: Thomas Rast <trast@student.ethz.ch>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Use Term::ReadKey, if available and enabled with interactive.singlekey,
to let the user answer add -p's prompts by pressing a single key. We're
not doing the same in the main 'add -i' interface because file selection
etc. may expect several characters.
Two commands take an argument: 'g' can easily cope since it'll just
offer a choice of chunks. '/' now (unconditionally, even without
readkey) offers a chance to enter a regex if none was given.
Signed-off-by: Thomas Rast <trast@student.ethz.ch>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
1) Instead of requesting OLD_ICONV on all Mac OS X versions except for 10.5
(which will break when 10.6 is released), exlicitly request it for versions
older than 10.5.
2) NO_STRLCPY is not needed since Mac OS X 10.2. Noticed by Benjamin Kramer.
Note that uname -r returns the underlying Darwin version, which can be mapped
to Mac OS X version at http://www.opensource.apple.com/darwinsource/
Signed-off-by: Jay Soffian <jaysoffian@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>