subrepo: add tests for git rogue ssh urls (SEC) 'ssh://' has an exploit that will pass the url blindly to the ssh command, allowing a malicious person to have a subrepo with '-oProxyCommand' which could run arbitrary code on a user's machine. In addition, at least on Windows, a pipe '|' is able to execute arbitrary commands. When this happens, let's throw a big abort into the user's face so that they can inspect what's going on.

{
    "version": 1,
    "project": "mercurial",
    "project_url": "https://mercurial-scm.org/",
    "repo": "..",
    "branches": ["default", "stable"],
    "environment_type": "virtualenv",
    "show_commit_url": "https://www.mercurial-scm.org/repo/hg/rev/",
    "benchmark_dir": "benchmarks",
    "env_dir": "../.asv/env",
    "results_dir": "../.asv/results",
    "html_dir": "../.asv/html"
}