exchange: make _pushb2ctx() look more like _getbundlechangegrouppart()
The functions already have a lot in common, but were structured a
little differently.
exchange: get rid of "getcgkwargs" variable
This also makes the "version" argument explicit (never relies on
getlocalchangegroupraw()'s default), which I think is a good thing.
bundle: move writebundle() from changegroup.py to bundle2.py (API)
writebundle() writes a bundle2 bundle or a plain changegroup1. Imagine
away the "2" in "bundle2.py" for a moment and this change should makes
sense. The bundle wraps the changegroup, so it makes sense that it
knows about it. Another sign that this is correct is that the delayed
import of bundle2 in changegroup goes away.
I'll leave it for another time to remove the "2" in "bundle2.py"
(alternatively, extract a new bundle.py from it).
Added signature for changeset
ae279d4a19e9
Added tag 3.7.3 for changeset
ae279d4a19e9
convert: test for shell injection in git calls (SEC)
CVE-2016-3069 (5/5)
Before recent refactoring we were not escaping calls to git at all
which made such injections possible. Let's have a test for that to
avoid this problem in the future. Reported by Blake Burkhart.