Mercurial > hg
comparison mercurial/help/environment.txt @ 35170:c9740b69b9b7 stable
dispatch: add HGPLAIN=+strictflags to restrict early parsing of global options
If this feature is enabled, early options are parsed using the global options
table. As the parser stops processing options when non/unknown option is
encountered, it won't mistakenly take an option value as a new early option.
Still "--" can be injected to terminate the parsing (e.g. "hg -R -- log"), I
think it's unlikely to lead to an RCE.
To minimize a risk of this change, new fancyopts.earlygetopt() path is enabled
only when +strictflags is set. Also the strict parser doesn't support '--repo',
a short for '--repository' yet. This limitation will be removed later.
As this feature is backward incompatible, I decided to add a new opt-in
mechanism to HGPLAIN. I'm not pretty sure if this is the right choice, but
I'm thinking of adding +feature/-feature syntax to HGPLAIN. Alternatively,
we could add a new environment variable. Any bikeshedding is welcome.
Note that HGPLAIN=+strictflags doesn't work correctly in chg session since
command arguments are pre-processed in C. This wouldn't be easily fixed.
| author | Yuya Nishihara <yuya@tcha.org> |
|---|---|
| date | Thu, 23 Nov 2017 22:17:03 +0900 |
| parents | 40785ccab410 |
| children | aef2b98d9352 |
comparison
equal
deleted
inserted
replaced
| 35169:898c6f812a51 | 35170:c9740b69b9b7 |
|---|---|
| 54 change Mercurial's default output. This includes encoding, | 54 change Mercurial's default output. This includes encoding, |
| 55 defaults, verbose mode, debug mode, quiet mode, tracebacks, and | 55 defaults, verbose mode, debug mode, quiet mode, tracebacks, and |
| 56 localization. This can be useful when scripting against Mercurial | 56 localization. This can be useful when scripting against Mercurial |
| 57 in the face of existing user configuration. | 57 in the face of existing user configuration. |
| 58 | 58 |
| 59 In addition to the features disabled by ``HGPLAIN=``, the following | |
| 60 values can be specified to adjust behavior: | |
| 61 | |
| 62 ``+strictflags`` | |
| 63 Restrict parsing of command line flags. | |
| 64 | |
| 59 Equivalent options set via command line flags or environment | 65 Equivalent options set via command line flags or environment |
| 60 variables are not overridden. | 66 variables are not overridden. |
| 67 | |
| 68 See :hg:`help scripting` for details. | |
| 61 | 69 |
| 62 HGPLAINEXCEPT | 70 HGPLAINEXCEPT |
| 63 This is a comma-separated list of features to preserve when | 71 This is a comma-separated list of features to preserve when |
| 64 HGPLAIN is enabled. Currently the following values are supported: | 72 HGPLAIN is enabled. Currently the following values are supported: |
| 65 | 73 |