Mercurial Mercurial > hg-stable / changelog
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | help
(0) -30000 -10000 -3000 -1000 -300 -100 -30 -10 -3 +3 +10 +30 +100 +300 +1000 +3000 +10000 tip
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fri, 03 Nov 2017 20:12:50 +0900 subrepo: disallow symlink traversal across subrepo mount point (SEC) stable
changeset
Yuya Nishihara <yuya@tcha.org> [Fri, 03 Nov 2017 20:12:50 +0900] rev 34962
subrepo: disallow symlink traversal across subrepo mount point (SEC) It wasn't easy to extend the pathauditor to check symlink traversal across subrepos because pathauditor._checkfs() rejects a directory having ".hg" directory. That's why I added the explicit islink() check. No idea if this patch is necessary after we've fixed the issue5730 by splitting submerge() into planning and execution phases.
Fri, 03 Nov 2017 19:17:25 +0900 tests: show symlink traversal across subrepo mount point (SEC) stable
changeset
Yuya Nishihara <yuya@tcha.org> [Fri, 03 Nov 2017 19:17:25 +0900] rev 34961
tests: show symlink traversal across subrepo mount point (SEC) Also adds a couple of tests where the auditor does work as expected.
Mon, 06 Nov 2017 10:33:40 -0800 share: move config item declarations into core stable
changeset
Gregory Szorc <gregory.szorc@gmail.com> [Mon, 06 Nov 2017 10:33:40 -0800] rev 34960
share: move config item declarations into core These config items control share behavior that is implemented in core. Since the functionality is implemented in core, extensions may leverage it. Mozilla has one such extension. And, it needs to access share.pool. Before this patch, a devel warning regarding accessing an unregistered config option would be issued unless the share extension were loaded. Moving the registration of the config options to core fixes this.
(0) -30000 -10000 -3000 -1000 -300 -100 -30 -10 -3 +3 +10 +30 +100 +300 +1000 +3000 +10000 tip
hg-stable