Augie Fackler <augie@google.com> [Mon, 13 Jan 2020 14:12:31 -0500] rev 44062
hgext: replace references to hashlib.sha1 with hashutil.sha1
When in a non-pure build of Mercurial, this will provide protections
against SHA1 collision attacks.
Differential Revision: https://phab.mercurial-scm.org/D7851
Augie Fackler <augie@google.com> [Mon, 13 Jan 2020 17:16:54 -0500] rev 44061
sslutil: migrate to hashutil.sha1 instead of hashlib.sha1
This is a straight-line replacement like the others, but I split it
out since it's used in a network context and I'm not sure this is
appropriate (we should probably drop support for sha1
fingerprints over TLS) and wanted this to be easily dropped.
Differential Revision: https://phab.mercurial-scm.org/D7850
Augie Fackler <augie@google.com> [Mon, 13 Jan 2020 17:15:14 -0500] rev 44060
core: migrate uses of hashlib.sha1 to hashutil.sha1
Differential Revision: https://phab.mercurial-scm.org/D7849
Augie Fackler <augie@google.com> [Mon, 13 Jan 2020 17:14:19 -0500] rev 44059
hashutil: new package for hashing-related features
Right now this just tries to use our sha1dc and if it's missing (eg a
--pure build) we fall back to hashlib. I imagine in the future we'll
want some other things in here for detecting what hasher is in use as
we transition off sha1.
Differential Revision: https://phab.mercurial-scm.org/D7848
Augie Fackler <augie@google.com> [Wed, 08 Jan 2020 15:59:52 -0500] rev 44058
sha1dc: initial implementation of Python extension
A future change will use this when available to avoid sha1 collision
issues until we can get moved to something else.
Differential Revision: https://phab.mercurial-scm.org/D7815
Augie Fackler <augie@google.com> [Wed, 08 Jan 2020 15:09:01 -0500] rev 44057
sha1dc: import latest version from github
After the recent SHA1 news, the attacks are serious enough we should
be more proactive. This code will at least allow detection of attacks
early. It's already widely deployed in Git.
This is git revision 855827c583bc30645ba427885caa40c5b81764d2 of the
sha1collisiondetection repo[0], with most of the files omitted. A
follow-up change will introduce Python bindings for this code.
0: https://github.com/cr-marcstevens/sha1collisiondetection
Differential Revision: https://phab.mercurial-scm.org/D7814
Pierre-Yves David <pierre-yves.david@octobus.net> [Sat, 11 Jan 2020 05:44:58 +0100] rev 44056
transaction: add a `hasfinalize` method
The method allow code to check if an existing callback exists. It allow them to
skip potentially expensive setup for a callback.
Differential Revision: https://phab.mercurial-scm.org/D7832
Pierre-Yves David <pierre-yves.david@octobus.net> [Sat, 11 Jan 2020 04:57:29 +0100] rev 44055
changelog: fix the diverted opener to accept more kwargs
The current code prevent the use of `atomictemp` file with the changelog
opener. I do not see a good reason for this limitation.
Differential Revision: https://phab.mercurial-scm.org/D7831
Pierre-Yves David <pierre-yves.david@octobus.net> [Mon, 06 Jan 2020 08:08:06 +0100] rev 44054
revlog: reorder a conditionnal about revlogio
if we are using REVLOGV0, we will not use a rust based index. This small line
movement make it clearer.
Differential Revision: https://phab.mercurial-scm.org/D7830
Martin von Zweigbergk <martinvonz@google.com> [Fri, 10 Jan 2020 15:47:39 -0800] rev 44053
rebase: delete seemingly unnecessary needupdate()
This seemed to be about checking that the user hasn't updated away
when we asked them to resolve merge conflicts. These days we call
`cmdutil.checkunfinished()` and refuse to update, so the user
shouldn't be able to get into this state.
`test-rebase-interruptions.t` actually has some tests where it
disables the rebase extension in order to be allowed to do some of
these updates. That still passes, but I wouldn't personally haved
cared if that failed.
Differential Revision: https://phab.mercurial-scm.org/D7825