Mercurial > hg
view tests/test-patchbomb-tls.t @ 30152:d65e246100ed
help: backout f3c4edfd35e1 (mark boolean flags with [no-] in help) for now
The ability to negate any boolean flags itself is great, but I think we are not
ready to expose the help side of it yet.
First, while there exist a handful of such flags whose default value can be
changed (eg: git diff, patchwork confirmation), there is only a few of them. The
users who benefit the most from this change are alias users and large
installation that can deploy extension to change behavior (eg: facebook
tweakdefault). So the majority of user who will be affected by a large change
to command help that is not yet relevant to them. (I expect this to become
relevant when ui.progressive start to exists).
Below is an example of the impact of the new help on 'hg help diff':
-r --rev REV [+] revision
-c --change REV change made by revision
-a --[no-]text treat all files as text
-g --[no-]git use git extended diff format
--[no-]nodates omit dates from diff headers
--[no-]noprefix omit a/ and b/ prefixes from filenames
-p --[no-]show-function show which function each change is in
--[no-]reverse produce a diff that undoes the changes
-w --[no-]ignore-all-space ignore white space when comparing lines
-b --[no-]ignore-space-change ignore changes in the amount of white space
-B --[no-]ignore-blank-lines ignore changes whose lines are all blank
-U --unified NUM number of lines of context to show
--[no-]stat output diffstat-style summary of changes
--root DIR produce diffs relative to subdirectory
-I --include PATTERN [+] include names matching the given patterns
-X --exclude PATTERN [+] exclude names matching the given patterns
-S --[no-]subrepos recurse into subrepositories
Another issue with the current state of help, the default value for the
flag is not conveyed to the user. For example in the 'backout' help, there is
no real distinction between "--[no-]backup" (default to True) and "--[no-]keep"
(default) to False:
--[no-]backup no backups
--[no-]keep do not modify working directory during strip
In addition, I've discussed with Augie Fackler and the last batch of the work on
this have burned him out quite some. Therefore he is not intending to perform
any more work on this topic. Quoting him, he would rather see the help part
backed out than spending more time on it.
I do not think we are ready to expose this to users in 4.0 (freeze in a week),
especially because we cannot expect quick improvement on these aspect as this
topic no longer have an owner. We should be able to reintroduce that change in
the future when someone get back on it and the main issues are solves:
* Introduction of ui.progressive makes it relevant for a majority of user,
* Current default value are efficiently conveyed to the user.
(In addition, the excerpt from diff help show that we still have some issue with
some negative option like '--nodates' so further improvement are probably
welcome there.)
author | Pierre-Yves David <pierre-yves.david@ens-lyon.org> |
---|---|
date | Sun, 09 Oct 2016 03:11:18 +0200 |
parents | 6cff2ac0ccb9 |
children | 5b2e1689b24d |
line wrap: on
line source
#require serve ssl Set up SMTP server: $ CERTSDIR="$TESTDIR/sslcerts" $ cat "$CERTSDIR/priv.pem" "$CERTSDIR/pub.pem" >> server.pem $ python "$TESTDIR/dummysmtpd.py" -p $HGPORT --pid-file a.pid -d \ > --tls smtps --certificate `pwd`/server.pem listening at localhost:$HGPORT $ cat a.pid >> $DAEMON_PIDS Ensure hg email output is sent to stdout: $ unset PAGER Set up repository: $ hg init t $ cd t $ cat <<EOF >> .hg/hgrc > [extensions] > patchbomb = > [email] > method = smtp > [smtp] > host = localhost > port = $HGPORT > tls = smtps > EOF $ echo a > a $ hg commit -Ama -d '1 0' adding a Utility functions: $ DISABLECACERTS= $ try () { > hg email $DISABLECACERTS -f quux -t foo -c bar -r tip "$@" > } Our test cert is not signed by a trusted CA. It should fail to verify if we are able to load CA certs: #if sslcontext defaultcacerts no-defaultcacertsloaded $ try this patch series consists of 1 patches. (an attempt was made to load CA certificates but none were loaded; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error) (?i)abort: .*?certificate.verify.failed.* (re) [255] #endif #if no-sslcontext defaultcacerts $ try this patch series consists of 1 patches. warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (using CA certificates from *; if you see this message, your Mercurial install is not properly configured; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?) (?i)abort: .*?certificate.verify.failed.* (re) [255] #endif #if defaultcacertsloaded $ try this patch series consists of 1 patches. warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?) (using CA certificates from *; if you see this message, your Mercurial install is not properly configured; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?) (?i)abort: .*?certificate.verify.failed.* (re) [255] #endif #if no-defaultcacerts $ try this patch series consists of 1 patches. (unable to load * certificates; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?) abort: localhost certificate error: no certificate received (set hostsecurity.localhost:certfingerprints=sha256:62:09:97:2f:97:60:e3:65:8f:12:5d:78:9e:35:a1:36:7a:65:4b:0e:9f:ac:db:c3:bc:6e:b6:a3:c0:16:e0:30 config setting or use --insecure to connect insecurely) [255] #endif $ DISABLECACERTS="--config devel.disableloaddefaultcerts=true" Without certificates: $ try --debug this patch series consists of 1 patches. (using smtps) sending mail: smtp host localhost, port * (glob) warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?) (verifying remote certificate) abort: unable to verify security of localhost (no loaded CA certificates); refusing to connect (see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error or set hostsecurity.localhost:fingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e to trust this server) [255] With global certificates: $ try --debug --config web.cacerts="$CERTSDIR/pub.pem" this patch series consists of 1 patches. (using smtps) sending mail: smtp host localhost, port * (glob) warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?) (verifying remote certificate) sending [PATCH] a ... With invalid certificates: $ try --config web.cacerts="$CERTSDIR/pub-other.pem" this patch series consists of 1 patches. warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?) (?i)abort: .*?certificate.verify.failed.* (re) [255] $ cd ..