Fri, 05 Aug 2011 00:39:54 +0200 test-http: test http authentication stable
Mads Kiilerich <mads@kiilerich.com> [Fri, 05 Aug 2011 00:39:54 +0200] rev 15026
test-http: test http authentication The extension hack is based on Henrik Stuart's hg-textauth.
Fri, 05 Aug 2011 21:05:41 +0200 http: pass user to readauthforuri() (fix 4a43e23b8c55) stable
Patrick Mezard <pmezard@gmail.com> [Fri, 05 Aug 2011 21:05:41 +0200] rev 15025
http: pass user to readauthforuri() (fix 4a43e23b8c55) urllib2 never handles URIs with credentials, we have to extract them and store them in the password manager before handing the stripped URI. Half of the changes deducing the username from the URI in 4a43e23b8c55 were incorrect. Instead, we retrieve the username from the password manager before passing to readauthforuri(). test-hgweb-auth.py was passing because the test itself was flawed: it was passing URIs with credentials to find_password(), which never happens.
Fri, 05 Aug 2011 21:05:40 +0200 http: strip credentials from urllib2 manager URIs (issue2885) stable
Patrick Mezard <pmezard@gmail.com> [Fri, 05 Aug 2011 21:05:40 +0200] rev 15024
http: strip credentials from urllib2 manager URIs (issue2885) urllib2 password manager does not strip credentials from URIs registered with add_password() and compare them with stripped URIs in find_password(). Remove credentials from URIs returned by util.url.authinfo(). It sometimes works when no port was specified as the URI host is registered too.
Thu, 04 Aug 2011 16:12:58 -0500 help: move option text display into a helper function
Matt Mackall <mpm@selenic.com> [Thu, 04 Aug 2011 16:12:58 -0500] rev 15023
help: move option text display into a helper function
Thu, 04 Aug 2011 15:36:15 -0500 help: move 'additional help topics' code
Matt Mackall <mpm@selenic.com> [Thu, 04 Aug 2011 15:36:15 -0500] rev 15022
help: move 'additional help topics' code
Thu, 04 Aug 2011 15:34:30 -0500 help: rename option_lists to optlist
Matt Mackall <mpm@selenic.com> [Thu, 04 Aug 2011 15:34:30 -0500] rev 15021
help: rename option_lists to optlist
Thu, 04 Aug 2011 15:08:41 -0500 help: drop with_version
Matt Mackall <mpm@selenic.com> [Thu, 04 Aug 2011 15:08:41 -0500] rev 15020
help: drop with_version If --version is specified, we print the version and exit (as documented).
Thu, 04 Aug 2011 19:41:23 +0300 dispatch: don't rewrap aliases that have the same definition stable
Idan Kamara <idankk86@gmail.com> [Thu, 04 Aug 2011 19:41:23 +0300] rev 15019
dispatch: don't rewrap aliases that have the same definition Previously aliases that overrode existing commands would wrap the old alias on every call to dispatch() (twice actually), which is an obvious re-entrancy issue for things like the command server or TortoiseHG.
Thu, 04 Aug 2011 02:51:29 +0200 url: really handle urls of the form file:///c:/foo/bar/ correctly stable
Mads Kiilerich <mads@kiilerich.com> [Thu, 04 Aug 2011 02:51:29 +0200] rev 15018
url: really handle urls of the form file:///c:/foo/bar/ correctly 28edd65000d9 made sure that paths that seemed to start with a windows drive letter would not get an extra leading slash. localpath should thus not try to handle this case by removing a leading slash, and this special handling is thus removed. (The localpath handling of this case was wrong anyway, because paths that look like they start with a windows drive letter can't have a leading slash.) A quick verification of this is to run 'hg id file:///c:/foo/bar/'.
Tue, 02 Aug 2011 15:21:10 -0400 wireproto: add out-of-band error class to allow remote repo to report errors
Andrew Pritchard <andrewp@fogcreek.com> [Tue, 02 Aug 2011 15:21:10 -0400] rev 15017
wireproto: add out-of-band error class to allow remote repo to report errors Older clients will still print the provided error message and not much else: over ssh, this will be each line prefixed with 'remote: ' in addition to an "abort: unexpected response: '\n'"; over http, this will be the '---%<---' banners in addition to the 'does not appear to be a repository' message. Currently, clients with this patch will display 'abort: remote error:\n' and the provided error text, but it is trivial to style the error text however is deemed appropriate.
Wed, 03 Aug 2011 16:41:14 -0500 windows: fix pyflakes warning on unused imports
Matt Mackall <mpm@selenic.com> [Wed, 03 Aug 2011 16:41:14 -0500] rev 15016
windows: fix pyflakes warning on unused imports This is ugly, but only marginally uglier than before, and it avoids hacking/disabling our pyflakes test
Tue, 02 Aug 2011 17:43:20 -0500 minirst: add decorateblocks search helper
Matt Mackall <mpm@selenic.com> [Tue, 02 Aug 2011 17:43:20 -0500] rev 15015
minirst: add decorateblocks search helper
Tue, 02 Aug 2011 17:43:18 -0500 minirst: add getsections helper
Matt Mackall <mpm@selenic.com> [Tue, 02 Aug 2011 17:43:18 -0500] rev 15014
minirst: add getsections helper
Tue, 02 Aug 2011 17:41:45 -0500 minirst: add formatblocks helper
Matt Mackall <mpm@selenic.com> [Tue, 02 Aug 2011 17:41:45 -0500] rev 15013
minirst: add formatblocks helper
Tue, 02 Aug 2011 14:54:38 -0500 minirst: add parse method to get document structure
Matt Mackall <mpm@selenic.com> [Tue, 02 Aug 2011 14:54:38 -0500] rev 15012
minirst: add parse method to get document structure
Tue, 02 Aug 2011 13:18:56 +0200 util: move copymode into posix.py and windows.py
Adrian Buehlmann <adrian@cadifra.com> [Tue, 02 Aug 2011 13:18:56 +0200] rev 15011
util: move copymode into posix.py and windows.py reducing it to a NOP on Windows. This eliminates a pointless stat call on Windows and reduces the risk of interferring with other processes (e.g. AV-scanners, file change watchers). See also http://mercurial.selenic.com/wiki/UnlinkingFilesOnWindows, item 2d
Tue, 02 Aug 2011 12:29:48 +0200 util: factor new function copymode out of mktempcopy
Adrian Buehlmann <adrian@cadifra.com> [Tue, 02 Aug 2011 12:29:48 +0200] rev 15010
util: factor new function copymode out of mktempcopy
Tue, 02 Aug 2011 11:32:39 +0200 revert: introduce short option -C for --no-backup
Adrian Buehlmann <adrian@cadifra.com> [Tue, 02 Aug 2011 11:32:39 +0200] rev 15009
revert: introduce short option -C for --no-backup Corresponds to -C of the update command. It's much more convenient to use: $ hg revert -aC than having to type $ hg revert -a --no-backup I think the 'no-backup' case is a frequent use case. Introducing short option -C here fits with the muscle memory we have from 'hg update -C', which is described there as "discard uncommitted changes (no backup)".
Mon, 01 Aug 2011 18:10:05 -0500 merge with stable
Matt Mackall <mpm@selenic.com> [Mon, 01 Aug 2011 18:10:05 -0500] rev 15008
merge with stable
Mon, 01 Aug 2011 18:09:20 -0500 Added signature for changeset 4a43e23b8c55 stable
Matt Mackall <mpm@selenic.com> [Mon, 01 Aug 2011 18:09:20 -0500] rev 15007
Added signature for changeset 4a43e23b8c55
Mon, 01 Aug 2011 18:09:00 -0500 Added tag 1.9.1 for changeset 4a43e23b8c55 stable
Matt Mackall <mpm@selenic.com> [Mon, 01 Aug 2011 18:09:00 -0500] rev 15006
Added tag 1.9.1 for changeset 4a43e23b8c55
Mon, 01 Aug 2011 23:58:50 +0200 hgweb: do not ignore [auth] if url has a username (issue2822) stable 1.9.1
Patrick Mezard <pmezard@gmail.com> [Mon, 01 Aug 2011 23:58:50 +0200] rev 15005
hgweb: do not ignore [auth] if url has a username (issue2822) The [auth] section was ignored when handling URLs like: http://user@example.com/foo Instead, we look in [auth] for an entry matching the URL and supplied user name. Entries without username can match URL with a username. Prefix length ties are resolved in favor of entries matching the username. With: foo.prefix = http://example.org foo.username = user foo.password = password bar.prefix = http://example.org/bar and the input URL: http://user@example.org/bar the 'bar' entry will be selected because of prefix length, therefore prompting for a password. This behaviour ensure that entries selection is consistent when looking for credentials or for certificates, and that certificates can be picked even if their entries do no define usernames while the URL does. Additionally, entries without a username matched against a username are returned as if they did have requested username set to avoid prompting again for a username if the password is not set. v2: reparse the URL in readauthforuri() to handle HTTP and HTTPS similarly. v3: allow unset usernames to match URL usernames to pick certificates. Resolve prefix length ties in favor of entries with usernames.
Sun, 31 Jul 2011 01:46:52 +0200 hgweb: raw file mimetype guessing configurable, off by default (BC) (issue2923) stable
Matt Mackall <mpm@selenic.com> [Sun, 31 Jul 2011 01:46:52 +0200] rev 15004
hgweb: raw file mimetype guessing configurable, off by default (BC) (issue2923) Before: hgweb made it possible to download file content with a content type detected from the file extension. It would serve .html files as text/html and could thus cause XSS vulnerabilities if the web site had any kind of session authorization and the repository content wasn't fully trusted. Now: all files default to "application/binary", which all important browsers will refuse to treat as text/html. See the table here: https://code.google.com/p/browsersec/wiki/Part2#Survey_of_content_sniffing_behaviors
Mon, 01 Aug 2011 14:53:10 -0500 hgweb: extract the path logic from updatereqenv and add doctests
Matt Mackall <mpm@selenic.com> [Mon, 01 Aug 2011 14:53:10 -0500] rev 15003
hgweb: extract the path logic from updatereqenv and add doctests
(0) -10000 -3000 -1000 -300 -100 -50 -24 +24 +50 +100 +300 +1000 +3000 +10000 +30000 tip