Sun, 22 May 2016 11:43:18 +0900 commandserver: add new forking server implemented without using SocketServer
Yuya Nishihara <yuya@tcha.org> [Sun, 22 May 2016 11:43:18 +0900] rev 29544
commandserver: add new forking server implemented without using SocketServer SocketServer.ForkingMixIn of Python 2.x has a couple of issues, such as: - race condition that leads to 100% CPU usage (Python 2.6) https://bugs.python.org/issue21491 - can't wait for children belonging to different process groups (Python 2.6) - leaves at least one zombie process (Python 2.6, 2.7) https://bugs.python.org/issue11109 The first two are critical because we do setpgid(0, 0) in child process to isolate terminal signals. The last one isn't, but ForkingMixIn seems to be doing silly. So there are two choices: a) backport and maintain SocketServer until we can drop support for Python 2.x b) replace SocketServer by simpler one and eliminate glue codes I chose (b) because it's great time for getting rid of utterly complicated SocketServer stuff, and preparing for future move towards prefork service. New unixforkingservice is implemented loosely based on chg 531f8ef64be6. It is monolithic but much simpler than SocketServer. unixservicehandler provides customizing points for chg, and it will be shared with future prefork service. Old unixservice class is still used by chgserver. It will be removed later. Thanks to Jun Wu for investigating these issues.
Sun, 22 May 2016 12:49:22 +0900 commandserver: extract function that serves for the current connection
Yuya Nishihara <yuya@tcha.org> [Sun, 22 May 2016 12:49:22 +0900] rev 29543
commandserver: extract function that serves for the current connection This will be used by new server implementation.
Sun, 22 May 2016 12:44:25 +0900 commandserver: manually create file objects from socket
Yuya Nishihara <yuya@tcha.org> [Sun, 22 May 2016 12:44:25 +0900] rev 29542
commandserver: manually create file objects from socket Prepares for moving away from SocketServer. See the subsequent patches for why.
Wed, 13 Jul 2016 10:46:26 +0200 bdiff: split bdiff into cpy-aware and cpy-agnostic part
Maciej Fijalkowski <fijall@gmail.com> [Wed, 13 Jul 2016 10:46:26 +0200] rev 29541
bdiff: split bdiff into cpy-aware and cpy-agnostic part
Wed, 13 Jul 2016 10:07:17 +0200 bdiff: rename functions and structs to be amenable for later exporting
Maciej Fijalkowski <fijall@gmail.com> [Wed, 13 Jul 2016 10:07:17 +0200] rev 29540
bdiff: rename functions and structs to be amenable for later exporting
Wed, 13 Jul 2016 09:36:24 +0200 bdiff: use ssize_t in favor of Py_ssize_t in cpython-unaware locations
Maciej Fijalkowski <fijall@gmail.com> [Wed, 13 Jul 2016 09:36:24 +0200] rev 29539
bdiff: use ssize_t in favor of Py_ssize_t in cpython-unaware locations This function and struct will be exposed via cffi, so we need to remove the cpython API dependency they currently have.
Thu, 14 Jul 2016 12:33:44 +0800 hgweb: enumerate lines in loop header, not before
Anton Shestakov <av6@dwimlabs.net> [Thu, 14 Jul 2016 12:33:44 +0800] rev 29538
hgweb: enumerate lines in loop header, not before Doing this will allow access to the lines in arbitrary order (because the result of enumerate() is an iterator), and that will help calculating rowspan for annotate blocks.
Wed, 13 Jul 2016 19:33:52 -0700 sslutil: add assertion to prevent accidental CA usage on Windows
Gregory Szorc <gregory.szorc@gmail.com> [Wed, 13 Jul 2016 19:33:52 -0700] rev 29537
sslutil: add assertion to prevent accidental CA usage on Windows Yuya suggested we add this check to ensure we don't accidentally try to load user-writable paths on Windows if we change the control flow of this function later.
Wed, 13 Jul 2016 16:16:18 +0100 shelve: make unshelve be able to abort in any case
Kostia Balytskyi <ikostia@fb.com> [Wed, 13 Jul 2016 16:16:18 +0100] rev 29536
shelve: make unshelve be able to abort in any case
Wed, 13 Jul 2016 10:39:33 -0400 osx: explicitly build hg with /usr/bin/python2.7
Augie Fackler <augie@google.com> [Wed, 13 Jul 2016 10:39:33 -0400] rev 29535
osx: explicitly build hg with /usr/bin/python2.7 This should help avoid creating a package that depends on a custom Python, as happened when I built a package for 3.8.
Wed, 13 Jul 2016 11:26:44 -0400 osx: correct comment about ordering of welcome page
Augie Fackler <augie@google.com> [Wed, 13 Jul 2016 11:26:44 -0400] rev 29534
osx: correct comment about ordering of welcome page
Wed, 13 Jul 2016 11:24:31 -0400 osx: jettison outdated build instructions
Augie Fackler <augie@google.com> [Wed, 13 Jul 2016 11:24:31 -0400] rev 29533
osx: jettison outdated build instructions
Sun, 22 May 2016 11:21:11 +0900 commandserver: extract _cleanup() hook to clarify chg is doing differently
Yuya Nishihara <yuya@tcha.org> [Sun, 22 May 2016 11:21:11 +0900] rev 29532
commandserver: extract _cleanup() hook to clarify chg is doing differently This makes it clear that chg needs its own way to unlink closed socket file. I made a mistake in draft patches without noting the difference.
Sat, 21 May 2016 17:06:39 +0900 chgserver: drop repo at chgunixservice.__init__()
Yuya Nishihara <yuya@tcha.org> [Sat, 21 May 2016 17:06:39 +0900] rev 29531
chgserver: drop repo at chgunixservice.__init__() Since it isn't expensive operation, we don't have to delay it to init().
Sat, 21 May 2016 16:52:04 +0900 chgserver: extract utility to bind unix domain socket to long path
Yuya Nishihara <yuya@tcha.org> [Sat, 21 May 2016 16:52:04 +0900] rev 29530
chgserver: extract utility to bind unix domain socket to long path This is common problem of using sockaddr_un.
Sat, 21 May 2016 16:42:59 +0900 chgserver: narrow scope of chdir() to socket.bind()
Yuya Nishihara <yuya@tcha.org> [Sat, 21 May 2016 16:42:59 +0900] rev 29529
chgserver: narrow scope of chdir() to socket.bind() This helps extracting a utility function.
Mon, 11 Jul 2016 15:45:34 +0200 annotate: handle empty files earlier
Denis Laxalde <denis.laxalde@logilab.fr> [Mon, 11 Jul 2016 15:45:34 +0200] rev 29528
annotate: handle empty files earlier Rather than looping on funcmap and then checking for non-zero `l` continue if the result of fctx.annotate is empty.
Mon, 11 Jul 2016 14:44:19 +0200 context: eliminate handling of linenumber being None in annotate
Denis Laxalde <denis.laxalde@logilab.fr> [Mon, 11 Jul 2016 14:44:19 +0200] rev 29527
context: eliminate handling of linenumber being None in annotate I could not find any use of this parameter value. And it arguably makes understanding of the function more difficult. Setting the parameter default value to False.
Tue, 12 Jul 2016 22:26:04 -0700 tests: regenerate x509 test certificates
Gregory Szorc <gregory.szorc@gmail.com> [Tue, 12 Jul 2016 22:26:04 -0700] rev 29526
tests: regenerate x509 test certificates The old x509 test certificates were using cryptographic settings that are ancient by today's standards, namely 512 bit RSA keys. To put things in perspective, browsers have been dropping support for 1024 bit RSA keys. I think it is important that tests match the realities of the times. And 2048 bit RSA keys with SHA-2 hashing are what the world is moving to. This patch replaces all the x509 certificates with new versions using modern best practices. In addition, the docs for generating the keys have been updated, as the existing docs left out a few steps, namely how to generate certs that were not active yet or expired.
Tue, 12 Jul 2016 15:09:07 +0200 hgweb: add a link on node id in annotate hover-box
Denis Laxalde <denis.laxalde@logilab.fr> [Tue, 12 Jul 2016 15:09:07 +0200] rev 29525
hgweb: add a link on node id in annotate hover-box The link pointing the annotate view at this revision, just like the one in the left-column but accessible from anywhere.
Tue, 12 Jul 2016 15:07:37 +0200 hgweb: move author information from left-column to hover-box in annotate view
Denis Laxalde <denis.laxalde@logilab.fr> [Tue, 12 Jul 2016 15:07:37 +0200] rev 29524
hgweb: move author information from left-column to hover-box in annotate view And display the full author information since there is enough space there.
Tue, 14 Jun 2016 11:01:30 +0200 hgweb: add links to diff and changeset in hover-box on annotate view
Denis Laxalde <denis.laxalde@logilab.fr> [Tue, 14 Jun 2016 11:01:30 +0200] rev 29523
hgweb: add links to diff and changeset in hover-box on annotate view
Tue, 28 Jun 2016 11:42:42 +0200 hgweb: add link to parents of annotated revision in annotate view
Denis Laxalde <denis.laxalde@logilab.fr> [Tue, 28 Jun 2016 11:42:42 +0200] rev 29522
hgweb: add link to parents of annotated revision in annotate view The link is embedded into a div with class="annotate-info" that only shows up upon hover of the annotate column. To avoid duplicate hover-overs (this new one and the one coming from link's title), drop "title" attribute from a element and put it in the annotate-info element.
Mon, 11 Jul 2016 13:53:35 +0200 compat: provide a declaration of ssize_t, for MS windows
Maciej Fijalkowski <fijall@gmail.com> [Mon, 11 Jul 2016 13:53:35 +0200] rev 29521
compat: provide a declaration of ssize_t, for MS windows
Sat, 09 Jul 2016 23:04:03 -0400 check-code: enforce (glob) on output lines containing 127.0.0.1
Augie Fackler <raf@durin42.com> [Sat, 09 Jul 2016 23:04:03 -0400] rev 29520
check-code: enforce (glob) on output lines containing 127.0.0.1
Sat, 09 Jul 2016 23:03:45 -0400 tests: add (glob) annotations to output lines with 127.0.0.1
Augie Fackler <raf@durin42.com> [Sat, 09 Jul 2016 23:03:45 -0400] rev 29519
tests: add (glob) annotations to output lines with 127.0.0.1
Sat, 09 Jul 2016 23:01:02 -0400 run-tests: add support for using 127.0.0.1 as a glob
Augie Fackler <raf@durin42.com> [Sat, 09 Jul 2016 23:01:02 -0400] rev 29518
run-tests: add support for using 127.0.0.1 as a glob Some systems don't have a 127/8 address for localhost (I noticed this on a FreeBSD jail). In order to work around this, use 127.0.0.1 as a glob pattern. A future commit will update needed output lines and add a requirement to check-code.py.
Tue, 12 Jul 2016 15:34:17 -0400 check-code: only treat a # as a line in a t-test if it has a space before it
Augie Fackler <augie@google.com> [Tue, 12 Jul 2016 15:34:17 -0400] rev 29517
check-code: only treat a # as a line in a t-test if it has a space before it Prior to this, check-code wouldn't notice things like (glob) annotations or similar in a test if they were after a # anywhere in the line. This resolves a defect in a future change, and also exposed a couple of small spots that needed some attention.
Tue, 12 Jul 2016 15:41:38 -0400 test-export: be more aggressive about quoting ^
Augie Fackler <augie@google.com> [Tue, 12 Jul 2016 15:41:38 -0400] rev 29516
test-export: be more aggressive about quoting ^ An upcoming change to check-code will notice this isn't quoted enough. Presumably it's been fine by luck all this time.
Tue, 12 Jul 2016 15:32:24 -0400 test-check-shbang: work around check-code not wanting hardcoded paths
Augie Fackler <augie@google.com> [Tue, 12 Jul 2016 15:32:24 -0400] rev 29515
test-check-shbang: work around check-code not wanting hardcoded paths I'm about to fix a bug in check-code that a # anywhere on a line treated the rest of the line as a comment, even if it was meaningful. This test is the one place we explicitly *do* want hardcoded paths referenced, but we can work around that by specifying bin as a regular expression.
Tue, 12 Jul 2016 11:20:30 -0400 tests: relax "Connection refused" match
Augie Fackler <augie@google.com> [Tue, 12 Jul 2016 11:20:30 -0400] rev 29514
tests: relax "Connection refused" match We already had the match relaxed on Windows, but on Google Compute Engine VMs I'm seeing "Network is unreachable" instead of "Connection refused". At this point, just give up and make sure we get an error back.
Sat, 21 May 2016 15:23:21 +0900 commandserver: backport handling of forking server from chgserver
Yuya Nishihara <yuya@tcha.org> [Sat, 21 May 2016 15:23:21 +0900] rev 29513
commandserver: backport handling of forking server from chgserver This is common between chg and vanilla forking server, so move it to commandserver and unify handle(). It would be debatable whether we really need gc.collect() or not, but that is beyond the scope of this series. Maybe we can remove gc.collect() once all resource deallocations are switched to context manager.
Sat, 21 May 2016 15:18:23 +0900 commandserver: promote .cleanup() hook from chgserver
Yuya Nishihara <yuya@tcha.org> [Sat, 21 May 2016 15:18:23 +0900] rev 29512
commandserver: promote .cleanup() hook from chgserver This allows us to unify _requesthandler.handle().
Sat, 21 May 2016 15:12:19 +0900 commandserver: extract method to create commandserver instance per request
Yuya Nishihara <yuya@tcha.org> [Sat, 21 May 2016 15:12:19 +0900] rev 29511
commandserver: extract method to create commandserver instance per request This is a step toward merging chgserver._requesthandler with commandserver's.
Mon, 11 Jul 2016 21:40:02 +0900 error: make hintable exceptions reject unknown keyword arguments (API)
Yuya Nishihara <yuya@tcha.org> [Mon, 11 Jul 2016 21:40:02 +0900] rev 29510
error: make hintable exceptions reject unknown keyword arguments (API) Previously they would accept any typos of the hint keyword.
Sat, 09 Jul 2016 14:28:30 +0900 error: make HintException a mix-in class not derived from BaseException (API)
Yuya Nishihara <yuya@tcha.org> [Sat, 09 Jul 2016 14:28:30 +0900] rev 29509
error: make HintException a mix-in class not derived from BaseException (API) HintException is unrelated to the hierarchy of errors. It is an implementation detail whether a class inherits from HintException or not, a sort of "private inheritance" in C++. New Hint isn't an exception class, which prevents catching error by its type: try: dosomething() except error.Hint: pass Unfortunately, this passes on PyPy 5.3.1, but not on Python 2, and raises more detailed TypeError on Python 3.
Wed, 06 Jul 2016 22:53:22 -0700 sslutil: move context options flags to _hostsettings
Gregory Szorc <gregory.szorc@gmail.com> [Wed, 06 Jul 2016 22:53:22 -0700] rev 29508
sslutil: move context options flags to _hostsettings Again, moving configuration determination to a single location.
Wed, 06 Jul 2016 22:47:24 -0700 sslutil: move protocol determination to _hostsettings
Gregory Szorc <gregory.szorc@gmail.com> [Wed, 06 Jul 2016 22:47:24 -0700] rev 29507
sslutil: move protocol determination to _hostsettings Most of the logic for configuring TLS is now in this function. Let's move protocol determination code there as well.
Mon, 11 Jul 2016 13:40:02 -0700 share: don't recreate the source repo each time
Durham Goode <durham@fb.com> [Mon, 11 Jul 2016 13:40:02 -0700] rev 29506
share: don't recreate the source repo each time Previously, every time you asked for the source repo of a shared working copy it would recreate the repo object, which required calling reposetup. With certain extension enabled, this can be quite expensive, and it can happen many times (for instance, share attaches a post transaction hook to update bookmarks that triggers this). The fix is to just cache the repo object instead of constantly recreating it.
Mon, 11 Jul 2016 10:44:18 +0200 setup: prepare for future cffi modules by adding placeholder in setup
Maciej Fijalkowski <fijall@gmail.com> [Mon, 11 Jul 2016 10:44:18 +0200] rev 29505
setup: prepare for future cffi modules by adding placeholder in setup
Fri, 08 Jul 2016 16:48:38 +0100 journal: add support for seaching by pattern
Martijn Pieters <mjpieters@fb.com> [Fri, 08 Jul 2016 16:48:38 +0100] rev 29504
journal: add support for seaching by pattern If a pattern is used, include the entry name in the output, to make it clear what name was matched.
Mon, 11 Jul 2016 14:45:41 +0100 journal: add share extension support
Martijn Pieters <mjpieters@fb.com> [Mon, 11 Jul 2016 14:45:41 +0100] rev 29503
journal: add share extension support Rather than put everything into one journal file, split entries up in *shared* and *local* entries. Working copy changes are local to a specific working copy, so should remain local only. Other entries are shared with the source if so configured when the share was created. When unsharing, any shared journale entries are copied across.
Mon, 11 Jul 2016 13:39:24 +0100 journal: add dirstate tracking
Martijn Pieters <mjpieters@fb.com> [Mon, 11 Jul 2016 13:39:24 +0100] rev 29502
journal: add dirstate tracking Note that now the default action for `hg journal` is to list the working copy history, not all bookmarks. In its place is the `--all` switch which lists all name changes recorded, including the name for which the change was recorded on each line. Locking is switched to using a dedicated lock to avoid issues with the dirstate being written during wlock unlocking (you can't re-lock during that process).
Mon, 11 Jul 2016 08:54:13 -0500 merge with stable
Matt Mackall <mpm@selenic.com> [Mon, 11 Jul 2016 08:54:13 -0500] rev 29501
merge with stable
Wed, 06 Jul 2016 21:16:00 -0700 sslutil: try to find CA certficates in well-known locations
Gregory Szorc <gregory.szorc@gmail.com> [Wed, 06 Jul 2016 21:16:00 -0700] rev 29500
sslutil: try to find CA certficates in well-known locations Many Linux distros and other Nixen have CA certificates in well-defined locations. Rather than potentially fail to load any CA certificates at all (which will always result in a certificate verification failure), we scan for paths to known CA certificate files and load one if seen. Because a proper Mercurial install will have the path to the CA certificate file defined at install time, we print a warning that the install isn't proper and provide a URL with instructions to correct things. We only perform path-based fallback on Pythons that don't know how to call into OpenSSL to load the default verify locations. This is because we trust that Python/OpenSSL is properly configured and knows better than Mercurial. So this new code effectively only runs on Python <2.7.9 (technically Pythons without the modern ssl module).
Wed, 06 Jul 2016 20:46:05 -0700 sslutil: issue warning when unable to load certificates on OS X
Gregory Szorc <gregory.szorc@gmail.com> [Wed, 06 Jul 2016 20:46:05 -0700] rev 29499
sslutil: issue warning when unable to load certificates on OS X Previously, failure to load system certificates on OS X would lead to a certificate verify failure and that's it. We now print a warning message with a URL that will contain information on how to configure certificates on OS X. As the inline comment states, there is room to improve here. I think we could try harder to detect Homebrew and MacPorts installed certificate files, for example. It's worth noting that Homebrew's openssl package uses `security find-certificate -a -p` during package installation to export the system keychain root CAs to etc/openssl/cert.pem. This is something we could consider adding to setup.py. We could also encourage packagers to do this. For now, I'd just like to get this warning (which matches Windows behavior) landed. We should have time to improve things before release.
Thu, 30 Jun 2016 08:38:19 -0700 revert: don't backup if no files reverted in interactive mode (issue4793)
skarlage <skarlage@fb.com> [Thu, 30 Jun 2016 08:38:19 -0700] rev 29498
revert: don't backup if no files reverted in interactive mode (issue4793) When reverting interactively, we always backup files before prompting the user to find out if they actually want to revert them. This can create spurious *.orig files if a user enters an interactive revert session and then doesn't revert any files. Instead, we should only backup files that are actually being touched.
Tue, 05 Jul 2016 07:25:51 +0900 perf: define command annotation locally for Mercurial earlier than 3.1
FUJIWARA Katsunori <foozy@lares.dti.ne.jp> [Tue, 05 Jul 2016 07:25:51 +0900] rev 29497
perf: define command annotation locally for Mercurial earlier than 3.1 Before this patch, using cmdutil.command() for "@command" annotation prevents perf.py from being loaded by Mercurial earlier than 1.9 (or 2daa5179e73f), because cmdutil.command() isn't available in such Mercurial, even though there are some code paths for Mercurial earlier than 1.9. For example, setting "_prereadsize" attribute in perfindex() and perfnodelookup() is effective only with hg earlier than 1.8 (or 61c9bc3da402). In addition to it, "norepo" option of command annotation has been available since 3.1 (or 75a96326cecb), and this is another blocker for loading perf.py with earlier Mercurial. ============ ============ ====== command of hg version cmdutil norepo ============ ============ ====== 3.1 or later o o 1.9 or later o x earlier x x ============ ============ ====== This patch defines "command()" for annotation locally as below: - define wrapper of existing cmdutil.command(), if cmdutil.command() doesn't support "norepo" (for Mercurial earlier than 3.1) - define full command() locally with minimum function, if cmdutil.command() isn't available at runtime (for Mercurial earlier than 1.9) This patch also defines parsealiases() locally without examining whether it is available or not, because it is small enough to define locally.
Tue, 05 Jul 2016 07:25:51 +0900 perf: avoid using formatteropts for Mercurial earlier than 3.2
FUJIWARA Katsunori <foozy@lares.dti.ne.jp> [Tue, 05 Jul 2016 07:25:51 +0900] rev 29496
perf: avoid using formatteropts for Mercurial earlier than 3.2 Before this patch, referring commands.formatteropts prevents perf.py from being loaded by Mercurial earlier than 3.2 (or 7a7eed5176a4), because it isn't available in such Mercurial, even though formatting itself has been available since 2.2 (or ae5f92e154d3). In addition to it, there are some code paths for Mercurial earlier than 3.2. For example, setting "_prereadsize" attribute in perfindex() and perfnodelookup() is effective only with hg earlier than 1.8 (or 61c9bc3da402). This patch uses empty option list as formatteropts, if it isn't available in commands module at runtime. Disabling -T/--template option for earlier Mercurial should be reasonable, because: - since 427e80a18ef8, -T/--template for formatter has been available - since 7a7eed5176a4, commands.formatteropts has been available - the latter revision is direct child of the former
Tue, 05 Jul 2016 07:25:51 +0900 perf: use locally defined revlog option list for Mercurial earlier than 3.7
FUJIWARA Katsunori <foozy@lares.dti.ne.jp> [Tue, 05 Jul 2016 07:25:51 +0900] rev 29495
perf: use locally defined revlog option list for Mercurial earlier than 3.7 Before this patch, referring commands.debugrevlogopts prevents perf.py from being loaded by Mercurial earlier than 3.7 (or 5606f7d0d063), because it isn't available in such Mercurial, even though cmdutil.openrevlog(), a user of these options, has been available since 1.9 (or a79fea6b3e77). In addition to it, there are some code paths for Mercurial earlier than 3.7. For example, setting "_prereadsize" attribute in perfindex() and perfnodelookup() is effective only with hg earlier than 1.8 (or 61c9bc3da402). But just "using locally defined revlog option list" might cause unexpected behavior at runtime. If --dir option is specified to cmdutil.openrevlog() of Mercurial earlier than 3.5 (or 49c583ca48c4), it is silently ignored without any warning or so. ============ ============ ===== =============== debugrevlogopts hg version openrevlog() --dir of commands ============ ============ ===== =============== 3.7 or later o o o 3.5 or later o o x 1.9 or later o x x earlier x x x ============ ============ ===== =============== Therefore, this patch does: - use locally defined option list, if commands.debugrevlogopts isn't available (for Mercurial earlier than 3.7) - wrap cmdutil.openrevlog(), if it is ambiguous whether cmdutil.openrevlog() can recognize --dir option correctly (for Mercurial earlier than 3.5) This wrapper function aborts execution, if: - --dir option is specified, and - localrepository doesn't have "dirlog" attribute, which indicates that localrepository has a function for '--dir' BTW, extensions.wrapfunction() has been available since 1.1 (or 0ab5f21c390b), and this seems old enough for "historical portability" of perf.py, which has been available since 1.1 (or eb240755386d).
Tue, 05 Jul 2016 07:25:51 +0900 perf: define util.safehasattr forcibly for Mercurial earlier than 1.9.3
FUJIWARA Katsunori <foozy@lares.dti.ne.jp> [Tue, 05 Jul 2016 07:25:51 +0900] rev 29494
perf: define util.safehasattr forcibly for Mercurial earlier than 1.9.3 Before this patch, using util.safehasattr() prevents perf.py from being loaded by Mercurial earlier than 1.9.3 (or 94b200a11cf7), because util.safehasattr() isn't available in such Mercurial, even though there are some code paths for Mercurial earlier than 1.9.3. For example, setting "_prereadsize" attribute in perfindex() and perfnodelookup() is effective only with Mercurial earlier than 1.8 (or 61c9bc3da402). This patch is a preparation for using util.safehasattr() safely in subsequent patches. This patch defines util.safehasattr() forcibly without examining whether it is available or not, because: - examining existence of "safehasattr" safely itself needs similar logic - safehasattr() is small enough to define locally
Tue, 05 Jul 2016 07:25:51 +0900 perf: add historical portability policy for future reference
FUJIWARA Katsunori <foozy@lares.dti.ne.jp> [Tue, 05 Jul 2016 07:25:51 +0900] rev 29493
perf: add historical portability policy for future reference
Sat, 09 Jul 2016 14:01:55 +0800 tests: check ETag format in test-hgweb-commands
Anton Shestakov <av6@dwimlabs.net> [Sat, 09 Jul 2016 14:01:55 +0800] rev 29492
tests: check ETag format in test-hgweb-commands
Sat, 09 Jul 2016 03:26:24 +0800 hgweb: emit a valid, weak ETag
Anton Shestakov <av6@dwimlabs.net> [Sat, 09 Jul 2016 03:26:24 +0800] rev 29491
hgweb: emit a valid, weak ETag Previously, ETag headers from hgweb weren't correctly formed, because rfc2616 (section 14, header definitions) requires double quotes around the content of the header. str(web.mtime) didn't do that. Additionally, strong ETags signify that the resource representations are byte-for-byte identical. That is, they can be reconstructed from byte ranges if client so wishes. Considering ETags for all hgweb pages is just mtime of 00changelog.i and doesn't consider of e.g. .hg/hgrc with description, contact and other fields, it's clearly shouldn't be strong. The W/ prefix marks it as weak, which still allows caching the whole served file/page, but doesn't allow byte-range requests.
Tue, 07 Jun 2016 15:35:58 +0200 policy: add cffi policy for PyPy
Maciej Fijalkowski <fijall@gmail.com> [Tue, 07 Jun 2016 15:35:58 +0200] rev 29490
policy: add cffi policy for PyPy This adds cffi policy in the case where we don't want to use C modules, but instead we're happy to rely on cffi (bundled with pypy)
Mon, 04 Jul 2016 10:04:11 -0700 sslutil: handle default CA certificate loading on Windows
Gregory Szorc <gregory.szorc@gmail.com> [Mon, 04 Jul 2016 10:04:11 -0700] rev 29489
sslutil: handle default CA certificate loading on Windows See the inline comment for what's going on here. There is magic built into the "ssl" module that ships with modern CPython that knows how to load the system CA certificates on Windows. Since we're not shipping a CA bundle with Mercurial, if we're running on legacy CPython there's nothing we can do to load CAs on Windows, so it makes sense to print a warning. I don't anticipate many people will see this warning because the official (presumed popular) Mercurial distributions on Windows bundle Python and should be distributing a modern Python capable of loading system CA certs.
Thu, 30 Jun 2016 19:54:12 -0700 sslutil: expand _defaultcacerts docstring to note calling assumptions
Gregory Szorc <gregory.szorc@gmail.com> [Thu, 30 Jun 2016 19:54:12 -0700] rev 29488
sslutil: expand _defaultcacerts docstring to note calling assumptions We should document this so future message additions don't seem out of place.
Mon, 04 Jul 2016 10:00:56 -0700 sslutil: document the Apple OpenSSL cert trick
Gregory Szorc <gregory.szorc@gmail.com> [Mon, 04 Jul 2016 10:00:56 -0700] rev 29487
sslutil: document the Apple OpenSSL cert trick This is sort of documented in _plainapplypython()'s docstring. But it helps to be explicit in security code.
Mon, 04 Jul 2016 09:58:45 -0700 sslutil: use certificates provided by certifi if available
Gregory Szorc <gregory.szorc@gmail.com> [Mon, 04 Jul 2016 09:58:45 -0700] rev 29486
sslutil: use certificates provided by certifi if available The "certifi" Python package provides a distribution of the Mozilla trusted CA certificates as a Python package. If it is present, we assume the user intends it to be used and we use it to provide the default CA certificates when certificates are otherwise not configured. It's worth noting that this behavior roughly matches the popular "requests" package, which also attempts to use "certifi" if present.
Sun, 03 Jul 2016 22:28:24 +0530 py3: make files use absolute_import and print_function
Pulkit Goyal <7895pulkit@gmail.com> [Sun, 03 Jul 2016 22:28:24 +0530] rev 29485
py3: make files use absolute_import and print_function This patch includes addition of absolute_import and print_function to the files where they are missing. The modern importing conventions are also followed.
Fri, 01 Jul 2016 19:17:45 -0700 sslutil: don't attempt to find default CA certs file when told not to
Gregory Szorc <gregory.szorc@gmail.com> [Fri, 01 Jul 2016 19:17:45 -0700] rev 29484
sslutil: don't attempt to find default CA certs file when told not to Before, devel.disableloaddefaultcerts only impacted the loading of default certs via SSLContext. After this patch, the config option also prevents sslutil._defaultcacerts() from being called. This config option is meant to be used by tests to force no CA certs to be loaded. Future patches will enable _defaultcacerts() to have success more often. Without this change we can't reliably test the failure to load CA certs. (This patch also likely fixes test failures on some OS X configurations.)
Fri, 01 Jul 2016 19:04:39 -0700 sslutil: pass ui to _defaultcacerts
Gregory Szorc <gregory.szorc@gmail.com> [Fri, 01 Jul 2016 19:04:39 -0700] rev 29483
sslutil: pass ui to _defaultcacerts We'll use this shortly.
Fri, 01 Jul 2016 18:03:51 -0700 sslutil: change comment and logged message for found ca cert file
Gregory Szorc <gregory.szorc@gmail.com> [Fri, 01 Jul 2016 18:03:51 -0700] rev 29482
sslutil: change comment and logged message for found ca cert file Future patches will change _defaultcacerts() to do something on platforms that aren't OS X. Change the comment and logged message to reflect the future.
Fri, 01 Jul 2016 19:27:34 -0700 tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com> [Fri, 01 Jul 2016 19:27:34 -0700] rev 29481
tests: better testing of loaded certificates Tests were failing on systems like RHEL 7 where loading the system certificates results in CA certs being reported to Python. We add a feature that detects when we're able to load *and detect* the loading of system certificates. We update the tests to cover the 3 scenarios: 1) system CAs are loadable and detected 2) system CAs are loadable but not detected 3) system CAs aren't loadable
(0) -10000 -3000 -1000 -300 -100 -64 +64 +100 +300 +1000 +3000 +10000 tip