Pierre-Yves David <pierre-yves.david@octobus.net> [Sun, 24 Feb 2019 19:56:57 +0100] rev 41324
test: update test-sparse-revlog.t output
This test is skipped unless a large artefact is pre-build. It seems like nobody
ran it in a while. Changeset 3764330f76a6 changed the expected output but
nobody noticed.
This changeset focus on the first and simpler step: putting the expected output
back to what one would get by running this test.
However this test changes highlight a couple of deeper issues:
1) Even if the revision content did not changed, a change in the delta
contained in the bundle affected the delta stored in the final revlog, changing
the test result. Since we are testing the delta computation strategy with
sparse, we should not blindly reuse the delta-base from the bundled delta.
2) A change in the format of the repository used to generate the bundle changed
the delta stored in the bundle. We should get a more stable output to avoid
future instabilities of this test.
3) The test is it not run by CI or developer.
We'll try to address all this issues in the coming changesets.
Matt Harbison <matt_harbison@yahoo.com> [Wed, 20 Feb 2019 20:57:58 -0500] rev 41323
tests: add a missing abort exit code on Windows in test-audit-subrepo.t
Yuya Nishihara <yuya@tcha.org> [Thu, 07 Feb 2019 20:50:41 +0900] rev 41322
subrepo: add test for Windows relative-ish path with drive letter
Matt Harbison pointed out that Windows had some weird path syntax.
Fortunately it's rejected appropriately by pathauditor, so we're safe.
Let's test the behavior as we have a special handling for Windows drive
letters.
This patch includes a basic example. Maybe we'll need to extend the test
case further, but writing such tests on Linux isn't easy.
Mathias De Mare <mathias.de_mare@nokia.com> [Thu, 07 Feb 2019 11:08:54 +0100] rev 41321
tests: fix regression tests failing on CentOS 7
Differential Revision: https://phab.mercurial-scm.org/D5877
Mathias De Mare <mathias.de_mare@nokia.com> [Thu, 07 Feb 2019 09:12:01 +0100] rev 41320
packaging: modify rc detection to work with X.Yrc instead of X.Y-rc
rc detection on CentOS failed without this change,
resulting in upgrades from 4.9rc to 4.9 not working
(4.9rc was considered more recent than 4.9).
Differential Revision: https://phab.mercurial-scm.org/D5876
Matt Harbison <matt_harbison@yahoo.com> [Tue, 05 Feb 2019 20:50:54 -0500] rev 41319
subrepo: avoid false unsafe path detection on Windows
Subrepo paths are not normalized for the OS, so what was happening in the
subsequent root path check was:
root -> $TESTTMP\issue1852a\sub/repo
util.expandpath(...) -> $TESTTMP\issue1852a\sub/repo
os.path.realpath(...) -> $TESTTMP\issue1852a\sub\repo
Augie Fackler <raf@durin42.com> [Fri, 01 Feb 2019 13:44:09 -0500] rev 41318
Added signature for changeset 83377b4b4ae0
Augie Fackler <raf@durin42.com> [Fri, 01 Feb 2019 13:44:07 -0500] rev 41317
Added tag 4.9 for changeset 83377b4b4ae0
Yuya Nishihara <yuya@tcha.org> [Tue, 08 Jan 2019 22:19:36 +0900] rev 41316
subrepo: reject potentially unsafe subrepo paths (BC) (SEC)
In addition to the previous patch, this prohibits '~', '$nonexistent', etc.
for any subrepo types. I think this is safer, and real-world subrepos wouldn't
use such (local) paths.
Yuya Nishihara <yuya@tcha.org> [Tue, 08 Jan 2019 22:07:45 +0900] rev 41315
subrepo: prohibit variable expansion on creation of hg subrepo (SEC)
It's probably wrong to expand path at localrepo.*repository() layer, but
fixing the layering issue would require careful inspection of call paths.
So, this patch adds add a validation to the subrepo constructor.
os.path.realpath(util.expandpath(root)) is what vfsmod.vfs() would do.
Yuya Nishihara <yuya@tcha.org> [Tue, 08 Jan 2019 21:51:54 +0900] rev 41314
subrepo: extend path auditing test to include more weird patterns (SEC)
While reviewing patches for the issue 5739, "$foo in repository path
expanded", I realized that subrepo paths can also be cheated. This patch
includes various subrepo paths which are potentially unsafe.
Since an expanded subrepo path isn't audited, this bug allows symlink check
bypass. As a result, a malicious subrepository could be checked out to a
sub tree of e.g. $HOME directory. The good news is that the destination
directory must be empty or nonexistent, so the existing ~/.bashrc wouldn't
be overwritten. See the last part of the tests for details.
Anton Shestakov <av6@dwimlabs.net> [Thu, 31 Jan 2019 13:32:21 +0800] rev 41313
copyright: update to 2019
Differential Revision: https://phab.mercurial-scm.org/D5779