vfs: factor out "rename and avoid ambiguity" to reuse
This makes subsequent patch simple.
debugcommands: issue warning when repo has secret changesets (
issue5589)
This seems like a prudent thing to do. As the inline comment says,
we may want to make this abort once the functionality is stabilized
as part of `hg bundle`. Let's save that debate for another day.
streamclone: consider secret changesets (BC) (
issue5589)
Previously, a repo containing secret changesets would be served via
stream clone, transferring those secret changesets. While secret
changesets aren't meant to imply strong security (if you really
want to keep them secret, others shouldn't have read access to the
repo), we should at least make an effort to protect secret changesets
when possible.
After this commit, we no longer serve stream clones for repos
containing secret changesets by default. This is backwards
incompatible behavior. In case anyone is relying on the behavior,
we provide a config option to opt into the old behavior.
Note that this defense is only beneficial for remote repos
accessed via the wire protocol: if a client has access to the
files backing a repo, they can get to the raw data and see secret
revisions.
json: pass formatting options recursively
This bug was introduced in
654e9a1c8a6c. It's okay to escape <>, but is
unnecessary for command output.
json: avoid extra string manipulation of dict keys
A key must be string per JSON spec, and that's also true for template dicts.
test-obsolete: include <> in user field to check JSON escapes
I found json() filter doesn't pass formatting options recursively. That's
why <> are escaped.