Mercurial > hg

view mercurial/help/hg.1.txt @ 31290:f819aa9dbbf9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
sslutil: issue warning when [hostfingerprint] is used Mercurial 3.9 added the [hostsecurity] section, which is better than [hostfingerprints] in every way. One of the ways that [hostsecurity] is better is that it supports SHA-256 and SHA-512 fingerprints, not just SHA-1 fingerprints. The world is moving away from SHA-1 because it is borderline secure. Mercurial should be part of that movement. This patch adds a warning when a valid SHA-1 fingerprint from the [hostfingerprints] section is being used. The warning informs users to switch to [hostsecurity]. It even prints the config option they should set. It uses the SHA-256 fingerprint because recommending a SHA-1 fingerprint in 2017 would be ill-advised. The warning will print itself on every connection to a server until it is fixed. There is no way to suppress the warning. I admit this is annoying. But given the security implications of sticking with SHA-1, I think this is justified. If this patch is accepted, I'll likely send a follow-up to start warning on SHA-1 certificates in [hostsecurity] as well. Then sometime down the road, we can drop support for SHA-1 fingerprints. Credit for this idea comes from timeless in issue 5466.
author Gregory Szorc <gregory.szorc@gmail.com>
date Thu, 09 Mar 2017 20:33:29 -0800
parents 75149f84eac7
children 854a7315603e
line wrap: on
line source

====
 hg
====

---------------------------------------
Mercurial source code management system
---------------------------------------

:Author:         Matt Mackall <mpm@selenic.com>
:Organization:   Mercurial
:Manual section: 1
:Manual group:   Mercurial Manual

.. contents::
   :backlinks: top
   :class: htmlonly
   :depth: 1


Synopsis
""""""""
**hg** *command* [*option*]... [*argument*]...

Description
"""""""""""
The **hg** command provides a command line interface to the Mercurial
system.

Command Elements
""""""""""""""""

files...
    indicates one or more filename or relative path filenames; see
    `File Name Patterns`_ for information on pattern matching

path
    indicates a path on the local machine

revision
    indicates a changeset which can be specified as a changeset
    revision number, a tag, or a unique substring of the changeset
    hash value

repository path
    either the pathname of a local repository or the URI of a remote
    repository.

.. include:: hg.1.gendoc.txt

Files
"""""

``/etc/mercurial/hgrc``, ``$HOME/.hgrc``, ``.hg/hgrc``
    This file contains defaults and configuration. Values in
    ``.hg/hgrc`` override those in ``$HOME/.hgrc``, and these override
    settings made in the global ``/etc/mercurial/hgrc`` configuration.
    See |hgrc(5)|_ for details of the contents and format of these
    files.

``.hgignore``
    This file contains regular expressions (one per line) that
    describe file names that should be ignored by **hg**. For details,
    see |hgignore(5)|_.

``.hgsub``
    This file defines the locations of all subrepositories, and
    tells where the subrepository checkouts came from. For details, see
    :hg:`help subrepos`.

``.hgsubstate``
    This file is where Mercurial stores all nested repository states. *NB: This
    file should not be edited manually.*

``.hgtags``
    This file contains changeset hash values and text tag names (one
    of each separated by spaces) that correspond to tagged versions of
    the repository contents. The file content is encoded using UTF-8.

``.hg/last-message.txt``
    This file is used by :hg:`commit` to store a backup of the commit message
    in case the commit fails.

``.hg/localtags``
    This file can be used to define local tags which are not shared among
    repositories. The file format is the same as for ``.hgtags``, but it is
    encoded using the local system encoding.

Some commands (e.g. revert) produce backup files ending in ``.orig``,
if the ``.orig`` file already exists and is not tracked by Mercurial,
it will be overwritten.

Bugs
""""
Probably lots, please post them to the mailing list (see Resources_
below) when you find them.

See Also
""""""""
|hgignore(5)|_, |hgrc(5)|_

Author
""""""
Written by Matt Mackall <mpm@selenic.com>

Resources
"""""""""
Main Web Site: https://mercurial-scm.org/

Source code repository: https://www.mercurial-scm.org/repo/hg

Mailing list: https://www.mercurial-scm.org/mailman/listinfo/mercurial/

Copying
"""""""
Copyright (C) 2005-2017 Matt Mackall.
Free use of this software is granted under the terms of the GNU General
Public License version 2 or any later version.

.. include:: common.txt