Mercurial > hg
view relnotes/next @ 43019:2cc453284d5c
patchbomb: protect email addresses from shell
When patchbomb sends email via a sendmail-like program it invokes this
using procutil.popen which passes the string to a shell to be parsed.
To protect any special characters in the email addresses on the
command line from being interpretered by the shell they must be
quoted.
| author | Floris Bruynooghe <flub@google.com> |
|---|---|
| date | Mon, 30 Sep 2019 00:01:58 +0200 |
| parents | c2676b5a9f59 |
| children | a825ba8eb0a1 |
line wrap: on
line source
== New Features == * The amend extension supports the `--currentuser` argument. * The amend extension supports the `--close-branch` argument. * The amend extension supports the `--secret` argument. * The uncommit extension supports the `rewrite.update-timestamp` config option. == New Experimental Features == == Bug Fixes == == Backwards Compatibility Changes == * A shell that supports `$(command)`` syntax for command substitution is now required for running the test suite. The test runner normally uses `sh`, so if that is a shell that doesn't support `$(command)` syntax, you can override it by setting `$HGTEST_SHELL` or by passing it to `run-tests.py --shell <shell>`. * The (experimental) narrow extension's wire protocol changed. If you're using it, you'll need to make sure to upgrade server and client at the same time. == Internal API Changes ==