Mathias De Mare <mathias.de_mare@nokia.com> [Thu, 07 Feb 2019 09:12:01 +0100] rev 41320
packaging: modify rc detection to work with X.Yrc instead of X.Y-rc
rc detection on CentOS failed without this change,
resulting in upgrades from 4.9rc to 4.9 not working
(4.9rc was considered more recent than 4.9).
Differential Revision: https://phab.mercurial-scm.org/D5876
Matt Harbison <matt_harbison@yahoo.com> [Tue, 05 Feb 2019 20:50:54 -0500] rev 41319
subrepo: avoid false unsafe path detection on Windows
Subrepo paths are not normalized for the OS, so what was happening in the
subsequent root path check was:
root -> $TESTTMP\issue1852a\sub/repo
util.expandpath(...) -> $TESTTMP\issue1852a\sub/repo
os.path.realpath(...) -> $TESTTMP\issue1852a\sub\repo
Augie Fackler <raf@durin42.com> [Fri, 01 Feb 2019 13:44:09 -0500] rev 41318
Added signature for changeset 83377b4b4ae0
Augie Fackler <raf@durin42.com> [Fri, 01 Feb 2019 13:44:07 -0500] rev 41317
Added tag 4.9 for changeset 83377b4b4ae0
Yuya Nishihara <yuya@tcha.org> [Tue, 08 Jan 2019 22:19:36 +0900] rev 41316
subrepo: reject potentially unsafe subrepo paths (BC) (SEC)
In addition to the previous patch, this prohibits '~', '$nonexistent', etc.
for any subrepo types. I think this is safer, and real-world subrepos wouldn't
use such (local) paths.
Yuya Nishihara <yuya@tcha.org> [Tue, 08 Jan 2019 22:07:45 +0900] rev 41315
subrepo: prohibit variable expansion on creation of hg subrepo (SEC)
It's probably wrong to expand path at localrepo.*repository() layer, but
fixing the layering issue would require careful inspection of call paths.
So, this patch adds add a validation to the subrepo constructor.
os.path.realpath(util.expandpath(root)) is what vfsmod.vfs() would do.
Yuya Nishihara <yuya@tcha.org> [Tue, 08 Jan 2019 21:51:54 +0900] rev 41314
subrepo: extend path auditing test to include more weird patterns (SEC)
While reviewing patches for the issue 5739, "$foo in repository path
expanded", I realized that subrepo paths can also be cheated. This patch
includes various subrepo paths which are potentially unsafe.
Since an expanded subrepo path isn't audited, this bug allows symlink check
bypass. As a result, a malicious subrepository could be checked out to a
sub tree of e.g. $HOME directory. The good news is that the destination
directory must be empty or nonexistent, so the existing ~/.bashrc wouldn't
be overwritten. See the last part of the tests for details.
Anton Shestakov <av6@dwimlabs.net> [Thu, 31 Jan 2019 13:32:21 +0800] rev 41313
copyright: update to 2019
Differential Revision: https://phab.mercurial-scm.org/D5779
Boris Feld <boris.feld@octobus.net> [Thu, 24 Jan 2019 18:22:47 -0500] rev 41312
revlog: make sure we never use sparserevlog without general delta (issue6056)
We are getting user report where the delta code tries to use `sparse-revlog`
logic on repository where `generaldelta` is disabled. This can't work so we
ensure the two booleans have a consistent value.
Creating this kind of repository is not expected to be possible the current bug
report point at a clonebundle related bug that is still to be properly isolated
(Yuya Nishihara seems to a have done it).
Corrupting a repository to reproduce the issue is possible. A test using this
method is included in this fix.
Boris Feld <boris.feld@octobus.net> [Wed, 30 Jan 2019 18:15:38 +0100] rev 41311
sparserevlog: document the config option
This was overlooked when this graduated from experimental.
Georges Racinet <georges.racinet@octobus.net> [Wed, 23 Jan 2019 07:49:36 -0500] rev 41310
rust-cpython: raising error.WdirUnsupported
The Graph implementation of hg-cpython returns the appropriate error
upon encounter with the working directory special revision number, and
this gives us in particular a code path to test from test-rust-ancestors.py
In the current implementation, the exception is actually raised from
the iterator instantiation; we are nonetheless consuming the iterator
in the test with `list()` in order not to depend on implementation details.
Georges Racinet <georges.racinet@octobus.net> [Wed, 23 Jan 2019 07:47:04 -0500] rev 41309
rust: error for WdirUnsupported with cpython conversion as exception
This introduces WorkingDirectoryUnsupported as an enum variant
of GraphError in the core and converts it to the expected
`mercurial.error.WdirUnsupported`.