Sean Farley <sean@farley.io> [Mon, 31 Jul 2017 14:40:28 -0700] rev 33655
push: add tests for unsafe ssh url (SEC)
Sean Farley <sean@farley.io> [Fri, 28 Jul 2017 16:47:32 -0700] rev 33654
pull: add tests for unsafe ssh url (SEC)
Sean Farley <sean@farley.io> [Fri, 28 Jul 2017 16:36:36 -0700] rev 33653
clone: add tests for unsafe ssh url (SEC)
Sean Farley <sean@farley.io> [Tue, 01 Aug 2017 14:40:19 -0700] rev 33652
sshpeer: check for safe ssh url (SEC)
Checking in the sshpeer for a rogue ssh:// urls seems like the right
place to do it (instead of whack-a-mole with pull, clone, push, etc).
Augie Fackler <augie@google.com> [Fri, 04 Aug 2017 14:00:03 -0400] rev 33651
ssh: ban any username@host or host that starts with - (SEC)
This paranoia probably isn't required, but it can't hurt either.
Sean Farley <sean@farley.io> [Fri, 28 Jul 2017 16:32:25 -0700] rev 33650
util: add utility method to check for bad ssh urls (SEC)
Our use of SSH has an exploit that will parse the first part of an url
blindly as a hostname. Prior to this set of security patches, a url
with '-oProxyCommand' could run arbitrary code on a user's machine. In
addition, at least on Windows, a pipe '|' can be abused to execute
arbitrary commands in a similar fashion.
We defend against this by checking ssh:// URLs and looking for a
hostname that starts with a - or contains a |.
When this happens, let's throw a big abort into the user's face so
that they can inspect what's going on.
Yuya Nishihara <yuya@tcha.org> [Wed, 26 Jul 2017 22:10:15 +0900] rev 33649
pathauditor: disable cache of audited paths by default (
issue5628)
The initial attempt was to discard cache when appropriate, but it appears
to be error prone. We had to carefully inspect all places where audit() is
called e.g. without actually updating filesystem, before removing files and
directories, etc.
So, this patch disables the cache of audited paths by default, and enables
it only for the following cases:
- short-lived auditor objects
- repo.vfs, repo.svfs, and repo.cachevfs, which are managed directories
and considered sort of append-only (a file/directory would never be
replaced with a symlink)
There would be more cacheable vfs objects (e.g. mq.queue.opener), but I
decided not to inspect all of them in this patch. We can make them cached
later.
Benchmark result:
- using old clone of http://selenic.com/repo/linux-2.6/ (38319 files)
- on tmpfs
- run HGRCPATH=/dev/null hg up -q --time tip && hg up -q null
- try 4 times and take the last three results
original:
real 7.480 secs (user 1.140+22.760 sys 0.150+1.690)
real 8.010 secs (user 1.070+22.280 sys 0.170+2.120)
real 7.470 secs (user 1.120+22.390 sys 0.120+1.910)
clearcache (the other series):
real 7.680 secs (user 1.120+23.420 sys 0.140+1.970)
real 7.670 secs (user 1.110+23.620 sys 0.130+1.810)
real 7.740 secs (user 1.090+23.510 sys 0.160+1.940)
enable cache only for vfs and svfs (this series):
real 8.730 secs (user 1.500+25.190 sys 0.260+2.260)
real 8.750 secs (user 1.490+25.170 sys 0.250+2.340)
real 9.010 secs (user 1.680+25.340 sys 0.280+2.540)
remove cache function at all (for reference):
real 9.620 secs (user 1.440+27.120 sys 0.250+2.980)
real 9.420 secs (user 1.400+26.940 sys 0.320+3.130)
real 9.760 secs (user 1.530+27.270 sys 0.250+2.970)
Yuya Nishihara <yuya@tcha.org> [Tue, 01 Aug 2017 21:03:25 +0900] rev 33648
tests: show cache of audited paths is never invalidated
Augie Fackler <augie@google.com> [Thu, 10 Aug 2017 14:23:25 -0400] rev 33647
stable: merge heads
Augie Fackler <raf@durin42.com> [Thu, 10 Aug 2017 14:14:49 -0400] rev 33646
Added signature for changeset
943c91326b23
Augie Fackler <raf@durin42.com> [Thu, 10 Aug 2017 14:14:48 -0400] rev 33645
Added tag 4.2.3 for changeset
943c91326b23
Yuya Nishihara <yuya@tcha.org> [Mon, 07 Aug 2017 22:22:28 +0900] rev 33644
ssh: unban the use of pipe character in user@host:port string
This vulnerability was fixed by the previous patch and there were more ways
to exploit than using '|shellcmd'. So it doesn't make sense to reject only
pipe character.
Test cases are updated to actually try to exploit the bug. As the SSH bridge
of git/svn subrepos are not managed by our code, the tests for non-hg subrepos
are just removed.
This may be folded into the original patches.
Jun Wu <quark@fb.com> [Fri, 04 Aug 2017 23:54:12 -0700] rev 33643
ssh: quote parameters using shellquote (SEC)
This patch uses shellquote to quote ssh parameters more strictly to avoid
shell injection.
Sean Farley <sean@farley.io> [Mon, 31 Jul 2017 14:55:11 -0700] rev 33642
subrepo: add tests for git rogue ssh urls (SEC)
'ssh://' has an exploit that will pass the url blindly to the ssh
command, allowing a malicious person to have a subrepo with
'-oProxyCommand' which could run arbitrary code on a user's machine. In
addition, at least on Windows, a pipe '|' is able to execute arbitrary
commands.
When this happens, let's throw a big abort into the user's face so that
they can inspect what's going on.
Sean Farley <sean@farley.io> [Mon, 31 Jul 2017 16:44:17 -0700] rev 33641
subrepo: add tests for svn rogue ssh urls (SEC)
'ssh://' has an exploit that will pass the url blindly to the ssh
command, allowing a malicious person to have a subrepo with
'-oProxyCommand' which could run arbitrary code on a user's machine. In
addition, at least on Windows, a pipe '|' is able to execute arbitrary
commands.
When this happens, let's throw a big abort into the user's face so that
they can inspect what's going on.
Sean Farley <sean@farley.io> [Mon, 31 Jul 2017 16:04:44 -0700] rev 33640
subrepo: add tests for hg rogue ssh urls (SEC)
'ssh://' has an exploit that will pass the url blindly to the ssh
command, allowing a malicious person to have a subrepo with
'-oProxyCommand' which could run arbitrary code on a user's machine. In
addition, at least on Windows, a pipe '|' is able to execute arbitrary
commands.
When this happens, let's throw a big abort into the user's face so that
they can inspect what's going on.
Sean Farley <sean@farley.io> [Mon, 31 Jul 2017 14:40:28 -0700] rev 33639
push: add tests for unsafe ssh url (SEC)
Sean Farley <sean@farley.io> [Fri, 28 Jul 2017 16:47:32 -0700] rev 33638
pull: add tests for unsafe ssh url (SEC)
Sean Farley <sean@farley.io> [Fri, 28 Jul 2017 16:36:36 -0700] rev 33637
clone: add tests for unsafe ssh url (SEC)
Sean Farley <sean@farley.io> [Tue, 01 Aug 2017 14:40:19 -0700] rev 33636
sshpeer: check for safe ssh url (SEC)
Checking in the sshpeer for a rogue ssh:// urls seems like the right
place to do it (instead of whack-a-mole with pull, clone, push, etc).
Augie Fackler <augie@google.com> [Fri, 04 Aug 2017 14:00:03 -0400] rev 33635
ssh: ban any username@host or host that starts with - (SEC)
This paranoia probably isn't required, but it can't hurt either.
Sean Farley <sean@farley.io> [Fri, 28 Jul 2017 16:32:25 -0700] rev 33634
util: add utility method to check for bad ssh urls (SEC)
Our use of SSH has an exploit that will parse the first part of an url
blindly as a hostname. Prior to this set of security patches, a url
with '-oProxyCommand' could run arbitrary code on a user's machine. In
addition, at least on Windows, a pipe '|' can be abused to execute
arbitrary commands in a similar fashion.
We defend against this by checking ssh:// URLs and looking for a
hostname that starts with a - or contains a |.
When this happens, let's throw a big abort into the user's face so
that they can inspect what's going on.
Yuya Nishihara <yuya@tcha.org> [Wed, 26 Jul 2017 22:10:15 +0900] rev 33633
pathauditor: disable cache of audited paths by default (
issue5628)
The initial attempt was to discard cache when appropriate, but it appears
to be error prone. We had to carefully inspect all places where audit() is
called e.g. without actually updating filesystem, before removing files and
directories, etc.
So, this patch disables the cache of audited paths by default, and enables
it only for the following cases:
- short-lived auditor objects
- repo.vfs, repo.svfs, and repo.cachevfs, which are managed directories
and considered sort of append-only (a file/directory would never be
replaced with a symlink)
There would be more cacheable vfs objects (e.g. mq.queue.opener), but I
decided not to inspect all of them in this patch. We can make them cached
later.
Benchmark result:
- using old clone of http://selenic.com/repo/linux-2.6/ (38319 files)
- on tmpfs
- run HGRCPATH=/dev/null hg up -q --time tip && hg up -q null
- try 4 times and take the last three results
original:
real 7.480 secs (user 1.140+22.760 sys 0.150+1.690)
real 8.010 secs (user 1.070+22.280 sys 0.170+2.120)
real 7.470 secs (user 1.120+22.390 sys 0.120+1.910)
clearcache (the other series):
real 7.680 secs (user 1.120+23.420 sys 0.140+1.970)
real 7.670 secs (user 1.110+23.620 sys 0.130+1.810)
real 7.740 secs (user 1.090+23.510 sys 0.160+1.940)
enable cache only for vfs and svfs (this series):
real 8.730 secs (user 1.500+25.190 sys 0.260+2.260)
real 8.750 secs (user 1.490+25.170 sys 0.250+2.340)
real 9.010 secs (user 1.680+25.340 sys 0.280+2.540)
remove cache function at all (for reference):
real 9.620 secs (user 1.440+27.120 sys 0.250+2.980)
real 9.420 secs (user 1.400+26.940 sys 0.320+3.130)
real 9.760 secs (user 1.530+27.270 sys 0.250+2.970)
Yuya Nishihara <yuya@tcha.org> [Tue, 01 Aug 2017 21:03:25 +0900] rev 33632
tests: show cache of audited paths is never invalidated
Augie Fackler <raf@durin42.com> [Thu, 10 Aug 2017 13:29:09 -0400] rev 33631
Added signature for changeset
5544af862286
Augie Fackler <raf@durin42.com> [Thu, 10 Aug 2017 13:29:08 -0400] rev 33630
Added tag 4.3 for changeset
5544af862286
Mathias De Maré <mathias.de_mare@nokia.com> [Mon, 07 Aug 2017 13:40:36 +0200] rev 33629
chg: define _GNU_SOURCE to allow CentOS 5 compilation
Without this flag, compilation fails with:
hgclient.c: In function 'hgc_open':
hgclient.c:466: error: 'O_DIRECTORY' undeclared (first use in this function)
hgclient.c:466: error: (Each undeclared identifier is reported only once
hgclient.c:466: error: for each function it appears in.)
Differential Revision: https://phab.mercurial-scm.org/D260
Mathias De Maré <mathias.de_mare@nokia.com> [Mon, 07 Aug 2017 13:38:25 +0200] rev 33628
centos5: use vault urls
CentOS 5 has reached end-of-life. A working build for it is still
possible using 'vault.centos.org'.
Differential Revision: https://phab.mercurial-scm.org/D261
Kostia Balytskyi <ikostia@fb.com> [Sat, 05 Aug 2017 13:19:09 -0700] rev 33627
ui: make sure buffer is flushed before waiting for user input (
issue5587)
Without this patch on Windows 'hg ci -i' hangs waiting for user input
and "examine changes to 'file'? [Ynesfdaq?]" is never displayed (at least
if the diff is sufficiently small). When Ctrl+C is pressed, this prompt
becomes visible, which suggests that the buffer just wasn't flushed.
I've never seen this happening on Linux, but this looks harmless enough
to not platform-gate it.
Yuya Nishihara <yuya@tcha.org> [Wed, 02 Aug 2017 22:51:19 +0900] rev 33626
util: fix sortdict.update() to call __setitem__() on PyPy (
issue5639)
It appears that overriding __setitem__() doesn't work as documented on PyPy.
Let's patch it as before
bd0fd3ff9916.
https://docs.python.org/2/library/collections.html#ordereddict-examples-and-recipes
The issue was ui.configitems() wasn't ordered correctly, so the pull command
was wrapped in different order.
Yuya Nishihara <yuya@tcha.org> [Wed, 02 Aug 2017 22:58:38 +0900] rev 33625
test-revlog-raw: close file handles explicitly (
issue5644)
Yuya Nishihara <yuya@tcha.org> [Wed, 02 Aug 2017 22:04:02 +0900] rev 33624
tests: clear __pycache__ for PyPy compatibility (
issue5638) (
issue5642)
Yuya Nishihara <yuya@tcha.org> [Wed, 02 Aug 2017 22:06:45 +0900] rev 33623
test-extension: glob module name in error message for PyPy
Yuya Nishihara <yuya@tcha.org> [Wed, 02 Aug 2017 21:52:22 +0900] rev 33622
rebase: sort collapsed revisions in commit message (
issue5643)
This fixes the test instability.
FUJIWARA Katsunori <foozy@lares.dti.ne.jp> [Wed, 02 Aug 2017 00:02:11 +0900] rev 33621
i18n: use actual filename, in which function is defined, for hg.pot
Before this patch, source filename for msgid in hg.pot file becomes
incorrect, if a function is defined in file A, but detected in dict in
file B,
For example, almost all debug* commands are defined in
debugcommands.py, but hggettext detects them in "table" of
commands.py. Therefore, docstring fragments of debug* commands are
marked as "defined in commands.py" in hg.pot file.
This is serious problem for translation, because the cost to find out
original location of texts increases very much.
FUJIWARA Katsunori <foozy@lares.dti.ne.jp> [Tue, 01 Aug 2017 18:52:52 +0900] rev 33620
ui: enable pager always for explicit --pager=on (
issue5580)
Before this patch, explicit --pager=on is unintentionally ignored by
any disabling factor, even if priority of it is less than --pager=on
(e.g. "[ui] paginate = off").
Durham Goode <durham@fb.com> [Thu, 20 Jul 2017 01:30:41 -0700] rev 33619
rebase: use one dirstateguard for when using rebase.singletransaction
This was previously landed as
2519994d25ca but backed out in
b63351f6a2 because
it broke hooks mid-rebase and caused conflict resolution data loss in the event
of unexpected exceptions. This new version adds the behavior back but behind a
config flag, since the performance improvement is notable in large repositories.
The old commit message was:
Recently we switched rebases to run the entire rebase inside a single
transaction, which dramatically improved the speed of rebases in repos with
large working copies. Let's also move the dirstate into a single dirstateguard
to get the same benefits. This let's us avoid serializing the dirstate after
each commit.
In a large repo, rebasing 27 commits is sped up by about 20%.
I believe the test changes are because us touching the dirstate gave the
transaction something to actually rollback.
(grafted from
9e3dc3a1638b9754b58a0cb26aaa75d868058109)
(grafted from
7d38b41d2266d9a02a15c64229fae0da5738dcec)
Differential Revision: https://phab.mercurial-scm.org/D135
FUJIWARA Katsunori <foozy@lares.dti.ne.jp> [Mon, 31 Jul 2017 21:47:53 +0900] rev 33618
README: make paragraphs before example code end with "::" for reST syntax
After this patch, README as reST text can be rendered into HTML more
appropriately. This is useful for hosting servers, which render README
file as a part of index HTML of its directory (for example,
Bitbucket).
Martin von Zweigbergk <martinvonz@google.com> [Mon, 31 Jul 2017 14:54:57 -0700] rev 33617
commit: don't let failed commit with --addremove update dirstate (
issue5645)
Differential Revision: https://phab.mercurial-scm.org/D204
Martin von Zweigbergk <martinvonz@google.com> [Mon, 31 Jul 2017 14:54:08 -0700] rev 33616
tests: demonstrate that failed "hg ci -A" updates dirstate (
issue5645)
Differential Revision: https://phab.mercurial-scm.org/D203
Martin von Zweigbergk <martinvonz@google.com> [Mon, 31 Jul 2017 16:32:01 -0700] rev 33615
tests: fix test-flagprocessor.t flakiness
The test for duplicate flag processors depended on the timestamps
being set in the dirstate to work. If the time between the the
previous failed commit (which would set the timestamp, due to bug
5645) and the attempted commit with the duplicate flag processors was
small enough, it would fail. The failure was caused by a call to
commands.status() early in the commit process. If the dirstate did not
have the timestamp set, it would need to fetch the file content to
compare with. Since two flag processors had been registered, it would
attempted to base64 decode the contents twice, which would of course
fail.
This patch adds a "hg debugrebuilddirstate" to make it deterministic
and also replaces the test case's "hg commit" by simply "hg status",
since that will trigger reading of the contents and thereby use of the
flag processors as noted above.
Differential Revision: https://phab.mercurial-scm.org/D202
Martin von Zweigbergk <martinvonz@google.com> [Mon, 31 Jul 2017 16:40:31 -0700] rev 33614
tests: clarify that duplicate flag processors is not an error
The flag processors test for duplicate processors for a single flag
was misleading because the file from the previous test case caused it
to fail (making the "echo 'this should fail' > file" part
irrelevant). Let's remove the leftover from the previous test case to
make it clear that duplicate flag processors results only in a
warning.
Note that duplicate flag processors would have resulted in a failure
(not just a warning) until
ea1c2eb7abd3 (extensions: catch uisetup and
extsetup failures and don't let them break hg, 2017-06-06). I remember
expressing my concern about ending up with half-loaded extensions. It
would be pretty unfortunate to have double-encoded revlog content
enter a repo, so maybe we should reconsider?
Differential Revision: https://phab.mercurial-scm.org/D201
FUJIWARA Katsunori <foozy@lares.dti.ne.jp> [Tue, 01 Aug 2017 01:27:32 +0900] rev 33613
tests: avoid unexpected result at invocation of *.py file on Windows
Invocation of "diff tool.py" in test-extdiff.t tests whether
shellquote() is applied on specified command as expected.
But direct invocation of "*.py" file might cause unexpected result on
Windows according to suffix binding.
For example, starting IDE, showing dialog to choose program to be
used, and so on. In such case, running test-extdiff.t is easily timed
out.
This patch uses intermediate *.bat file on Windows, to avoid such
unexpected result. Naming that intermediate file as "diff tool.bat" is
enough to test applying shellquote().
FUJIWARA Katsunori <foozy@lares.dti.ne.jp> [Mon, 31 Jul 2017 13:16:34 +0900] rev 33612
tests: use pdiff instead of diff for portability
"diff" command might cause redundant message, "No differences
encountered" on Solaris for example. But suppressing option like "-q"
isn't portable, because POSIX specification doesn't define it.
pdiff script was introduced by
b59ef0c21405 to stabilize output of
standard diff command on each platforms.
FUJIWARA Katsunori <foozy@lares.dti.ne.jp> [Mon, 31 Jul 2017 13:10:19 +0900] rev 33611
tests: make pdiff return appropriate exit code at comparison of files
Before this patch, pdiff script returns 0, even if diff is detected.
This issue doesn't cause failure of tests using it, if it is invoked
via extdiff extension, because extdiff itself examines changes between
specified revisions and decides exit code.
BTW, this patch ignores recursive comparison case, because:
- there is no portable way for current while-read based
implementation to return 1 at detecting changes
- it isn't yet needed to replace direct "diff -r" invocation by
pdiff for portability
Augie Fackler <augie@google.com> [Tue, 01 Aug 2017 10:14:25 -0400] rev 33610
merge with stable
Martin von Zweigbergk <martinvonz@google.com> [Mon, 31 Jul 2017 12:43:26 -0700] rev 33609
tests: make test-profile.t pass if statprof didn't collect samples
We had the first 3 tests in test-profile.t fail because the output
didn't match. I have not yet confirmed that this was because no
samples were collected, but we shouldn't require samples to be
collected for the test to pass either way.
Differential Revision: https://phab.mercurial-scm.org/D199
Boris Feld <boris.feld@octobus.net> [Thu, 27 Jul 2017 10:52:56 +0200] rev 33608
pypy: fix failing test-devel-warnings.t with Pypy5.6.0
In Pypy 5.6.0, traceback exception classes are not displayed with their full
qualified name.
Instead of displaying mercurial.error.ProgrammingError, Pypy displays
ProgrammingError.
Update the test to support both version.
Boris Feld <boris.feld@octobus.net> [Mon, 31 Jul 2017 17:43:45 +0200] rev 33607
pypy: fix failing test files with Pypy5.6.0
Pypy 5.6.0 saves cached bytecode files in __pycache__ directory, clean them in
tests to fix loading old test extensions code.
Doing so should also helps for Python3.x migration.
Pulkit Goyal <7895pulkit@gmail.com> [Sun, 30 Jul 2017 12:19:46 +0530] rev 33606
commitextras: make sure keys are not empty
Thanks to Yuya for catching this.
Sean Farley <sean@farley.io> [Sat, 29 Jul 2017 19:12:48 -0700] rev 33605
make: add new directory 'hgdemandimport' to cleanbutpackages rule
This fixes the build process for ppa (at least in my simple check).
Perhaps we should loop through all directory that aren't 'packages'?
Gregory Szorc <gregory.szorc@gmail.com> [Sat, 29 Jul 2017 12:50:56 -0700] rev 33604
statichttprepo: implement wlock() (
issue5613)
statichttprepo inherits from localrepository. In doing so, it
obtains default implementations of various methods, like wlock().
Before this change, tags cache writing would call repo.wlock().
This failed on statichttprepo due to localrepository's wlock()
looking for an instance attribute that doesn't exist on statichttprepo
(statichttprepo doesn't call localrepository.__init__).
We /could/ define missing attributes until the base wlock() works.
However, a statichttprepo is remote and read-only and can't be
locked. The class already has a lock() that short circuits. So
it makes sense to implement a short-circuited wlock() as well. That
is what this patch does.
LockError is expected to be raised when locking fails. The constructor
takes a number of arguments that are local repository centric. Rather
than rework LockError to not require them (which would not be
appropriate for stable), this commit populates dummy values. I don't
believe they'll ever be seen by the user, as lock failures on
static http repos should be limited to well-defined (and tested)
scenarios. We can and should revisit the LockError type to improve
this.
Gregory Szorc <gregory.szorc@gmail.com> [Sat, 29 Jul 2017 12:40:05 -0700] rev 33603
test: add tests for branches and tags with static http repo (
issue5613)
Mercurial currently fails to clone by revision on static http
repos with tags. The added tests demonstrate this.
Pulkit Goyal <7895pulkit@gmail.com> [Fri, 28 Jul 2017 07:42:55 +0530] rev 33602
commitextras: make sure keys contains ascii letters, numbers, '_' and '-' only
Jun Wu <quark@fb.com> [Thu, 27 Jul 2017 12:03:01 -0700] rev 33601
phabricator: convert unicode to binary when writing patches
This is a quick fix to make `hg phabread D189` work.
It seems we might want to replace all `r''` to `u''`, and add more
`encoding.*to*` to be more explicit when interacting with `json` module.
Differential Revision: https://phab.mercurial-scm.org/D192
Yuya Nishihara <yuya@tcha.org> [Thu, 27 Jul 2017 23:15:14 +0900] rev 33600
setup: silence warning of unknown option python_requires on distutils
/usr/lib/python2.7/distutils/dist.py:267: UserWarning: Unknown distribution
option: 'python_requires'
Yuya Nishihara <yuya@tcha.org> [Thu, 20 Jul 2017 22:47:40 +0900] rev 33599
setup: forcibly include cext/pure packages in py2exe (
issue5625)
Since these modules are implicitly imported by policy.importmod(), py2exe
can't track them statically. cffi modules are excluded for now because they
wouldn't be useful in frozen (i.e. CPython) environment.
Yuya Nishihara <yuya@tcha.org> [Thu, 20 Jul 2017 22:32:37 +0900] rev 33598
setup: do not select hg executable that prints unexpected warnings
Otherwise the subsequent hg.run() would fail. This factors out the filtering
function so the same rule should apply.
Mathias De Maré <mathias.de_mare@nokia.com> [Thu, 27 Jul 2017 13:44:15 +0200] rev 33597
docker: pass proxy arguments to docker process
Building in Docker when behind a proxy requires passing the proxy variables.
Differential Revision: https://phab.mercurial-scm.org/D190
Mathias De Maré <mathias.de_mare@nokia.com> [Thu, 27 Jul 2017 14:15:26 +0200] rev 33596
makefile: build on CentOS 6 with a Python 2.7
Differential Revision: https://phab.mercurial-scm.org/D189
Augie Fackler <augie@google.com> [Mon, 24 Jul 2017 20:39:26 -0400] rev 33595
osx: wire up genosxversion script
The only version strings that are changed are the ones baked into the
.pkg - hg's self-reported version string doesn't change, so users will
still see our mostly-pip-compatible version strings.
For reference, the part of our versioning setup that's not PEP440
compatible is the RC releases - those should be .rc0 insted of
-rc. It's too late to change that for the 4.3 cycle, so I'll worry
about fixing that during the 4.4 cycle.
Augie Fackler <augie@google.com> [Mon, 24 Jul 2017 20:38:09 -0400] rev 33594
osx: new script for generating OS X package versions
If you're shipping prerelease or rc packages using Munki, you'll
eventually discover that Munki's version comparison logic is not as
good as pip's. In theory we should be able to fix Munki, but it seems
entirely reasonable to produce version strings that sort reasonably
under these conditions. Since the requried logic not brief, add a new
script and some tests of that logic.
A followup change will wire this into the Makefile.
Augie Fackler <augie@google.com> [Mon, 24 Jul 2017 20:34:08 -0400] rev 33593
tests: update mac packaging test expectations
Some more files are included these days.
Augie Fackler <augie@google.com> [Wed, 26 Jul 2017 17:56:44 -0400] rev 33592
tests: add support in run-tests.py for an environment variable to stop color
I don't like the color output, so this gives me a way to easily never
see it while still having pygments on my machine.
Augie Fackler <augie@google.com> [Wed, 26 Jul 2017 13:21:34 -0400] rev 33591
setup: fix mistake that prevented Python 3 from being excluded
My intent was to only allow Python 3 if the right environment variable
is set (for when people want to use `pip install .` on hg
locally). This fixes the bug in my previous change. I verified that
`python3.6 run-tests.py` still passes the tests that passed before,
and that all tests pass on 2.7 (including our virtualenv-using
installation test).
Differential Revision: https://phab.mercurial-scm.org/D185
Jun Wu <quark@fb.com> [Mon, 24 Jul 2017 23:52:56 -0700] rev 33590
rebase: move bookmark to destination for commits becoming empty (
issue5627)
When rebasing a changeset X and that changeset becomes empty, we should move
the bookmark on X to rebase destination.
This is a regression caused by the scmutil.cleanupnodes refactoring for
rebase.
The `adjustdest` function calculates the destination of bookmark movement.
It was back-ported from https://phab.mercurial-scm.org/D21. It might be
slightly more powerful than the minimal requirement to solve this issue.
For example, it's impossible for a merge changeset to become empty while any
of its ancestors does not become empty, but the code could handle that case.
Since the code is reasonably short and clean, and helps the upcoming D21
series, I'd like to check-in `adjustdest` now.
Thanks Martin von Zweigbergk for spotting corner cases (-k and descendant
with bookmarks) in this area!
Yuya Nishihara <yuya@tcha.org> [Wed, 26 Jul 2017 23:39:42 +0900] rev 33589
setup: drop use of set literal so parsable on Python 2.6
Otherwise friendly error wouldn't be displayed.
Augie Fackler <augie@google.com> [Fri, 21 Jul 2017 10:46:31 -0400] rev 33588
setup: add extra logic to try and recommend a new pip on bad Python
Modern pip can detect supported Python versions (which we now
declare), and pull down a reasonable release. This trick was suggested
in http://bit.ly/pycon2017-build-bridges, and seems like a good
defensive maneuver so that when we want to move to Python 3 it's
less risky for existing users.
This moves the version-check logic after defining our printf function
so we can print more informative messages.
Augie Fackler <augie@google.com> [Fri, 21 Jul 2017 10:39:52 -0400] rev 33587
setup: explicitly declare supported Python versions
I think we should probably backport this to 4.2 as well, and do one
more release there that explicitly declares 2.6 support. That way
anyone stuck on Python 2.6 will end up getting the right hg if they
use a modern pip to install. Users can still use `python setup.py`
incantations to attempt installing Mercurial on unsupported Pythons,
including 3.5 and 3.6.
A followup change will switch to only doing our own
Python-version-check logic if we're not being installed by a
reasonable pip.
Augie Fackler <augie@google.com> [Mon, 24 Jul 2017 15:37:57 -0400] rev 33586
contrib: remove one test from the python 3 whitelist
439b4d005b4a introduced a use of 'hg revert --no-backup' which is
currently broken. Rather than try and do a fix on the (complicated)
revert code during the freeze, let's just give up on this test under
Python 3 until later. Once we do fix things, the test ratchet script
will re-enable it.
Augie Fackler <augie@google.com> [Mon, 24 Jul 2017 13:50:25 -0400] rev 33585
ui: fix configbytes isinstance check to look for bytes and not str
Fixes configbytes on Python 3.
Augie Fackler <augie@google.com> [Mon, 24 Jul 2017 14:42:55 -0400] rev 33584
patch: update copying of dict keys and values to work on Python 3
Alex Gaynor <agaynor@mozilla.com> [Fri, 21 Jul 2017 14:22:08 +0000] rev 33583
phabricator: include the suggested arc config in the repo
Test Plan:
I uploaded this revision with `arc diff`
Differential Revision: https://phab.mercurial-scm.org/D171
Martin von Zweigbergk <martinvonz@google.com> [Wed, 19 Jul 2017 14:50:50 -0700] rev 33582
match: override visitdir() in nevermatcher to return False
When we changed basematcher.visitdir() in
cf15c3cc304c (match: make
base matcher return True for visitdir, 2017-07-14), we forgot to add
an override in nevermatcher. This led to tests failing in narrowhg.
As Durham pointed out, it's high time to add unit tests for the
matcher, so this patch also adds a first unit test.
Differential Revision: https://phab.mercurial-scm.org/D151
Steve Borho <steve@borho.org> [Fri, 21 Jul 2017 11:26:51 -0500] rev 33581
wix: update list of necessary pyd files
Jun Wu <quark@fb.com> [Fri, 21 Jul 2017 08:43:39 -0700] rev 33580
run-tests: pre instantiate pygments objects
This speeds up run-tests.py diff output by 10x, which affects developer
experience significantly. As demonstrated by the following test:
```
#require pygments
$ for i in `seq 1 200`; do
> echo ' $ echo '$i >> test-a.t
> echo ' wrong' >> test-a.t
> done
$ cat > walltime.py <<EOF
> from __future__ import absolute_import, print_function
> import os, sys, time
> t1 = time.time()
> os.system(' '.join(sys.argv[1:]) + ' >/dev/null 2>/dev/null')
> t2 = time.time()
> print('%0.2f' % (t2 - t1))
> EOF
$ $PYTHON walltime.py $TESTDIR/run-tests.py -l --color=never $TESTTMP/test-a.t
0.24
Before this patch:
$ $PYTHON walltime.py $TESTDIR/run-tests.py -l --color=always $TESTTMP/test-a.t
2.46
After this patch:
$ $PYTHON walltime.py $TESTDIR/run-tests.py -l --color=always $TESTTMP/test-a.t
0.25
```
Augie Fackler <augie@google.com> [Wed, 19 Jul 2017 13:44:22 -0400] rev 33579
contrib: drop Python 2.6 from manylinux1 wheel script
Augie Fackler <augie@google.com> [Wed, 19 Jul 2017 13:45:06 -0400] rev 33578
contrib: make build-linux-wheels.sh executable
Siddharth Agarwal <sid0@fb.com> [Thu, 20 Jul 2017 18:04:21 -0700] rev 33577
test-dirstate-race: hide irrelevant hg status output
See the explanation for more.
Differential Revision: https://phab.mercurial-scm.org/D153
Matt Harbison <matt_harbison@yahoo.com> [Tue, 18 Jul 2017 20:34:22 -0400] rev 33576
test-commit: stabilize for filesystems without symlink support
Matt Harbison <matt_harbison@yahoo.com> [Tue, 18 Jul 2017 19:49:51 -0400] rev 33575
test-https: properly conditionalize Windows vs non-Windows output
There's a bug in the (feature !) annotation, and this needs to be resolved
before fixing it. Once fixed, the glob '*/missing' will match the output
'/missing' on non-Windows platforms, consuming the output line and leaving
nothing for the no-windows required line.
I probably should have made (foo !) match only the 'foo' feature, and be ignored
otherwise instead of optional. (re) didn't work here, because the parenthesis
need to be escaped too.
Kevin Bullock <kbullock@ringworld.org> [Wed, 19 Jul 2017 07:58:03 -0500] rev 33574
Added signature for changeset
857876ebaed4
Kevin Bullock <kbullock@ringworld.org> [Wed, 19 Jul 2017 07:57:53 -0500] rev 33573
Added tag 4.3-rc for changeset
857876ebaed4
Kevin Bullock <kbullock+mercurial@ringworld.org> [Wed, 19 Jul 2017 07:51:41 -0500] rev 33572
merge default into stable for code freeze
Rishabh Madan <rishabhmadan96@gmail.com> [Tue, 18 Jul 2017 23:04:08 +0530] rev 33571
releasenotes: add custom admonitions support for release notes
By default, the extension has default sections like fix, feature, perf etc.. This
patch allow user to add support for custom admonition. In order to add a custom
admonition, one needs to have a .hgreleasenotes file inside the repository. All the
custom directive with name specified under the tag [sections] will be
usable by the extension. One important thing to keep in mind is if there exists any
custom admonitions with same key as default then they will override the default ones.
Ryan McElroy <rmcelroy@fb.com> [Tue, 18 Jul 2017 06:27:36 -0700] rev 33570
check-config: mention the file and line of the error
I used this to more quickly track down a failing test-check-config.t issue
in another repo. I thought it might be useful more generally, so I'm sending
it out in case others think it's a worthwhile change.
Durham Goode <durham@fb.com> [Tue, 18 Jul 2017 07:47:28 -0700] rev 33569
rebase: add config to move rebase into a single transaction
This was previously landed as
cf8ad0e6c0e4 but backed out in
a5abaa81fa because
it broke hook mid rebase and caused conflict resolution data loss in the event
of unexpected exceptions. This new version adds the behavior back but behind a
config flag, since the performance improvement is notable in large repositories.
The next patch adds a test covering this config.
The old commit message was:
Previously, rebasing would open several transaction over the course of rebasing
several commits. Opening a transaction can have notable overhead (like copying
the dirstate) which can add up when rebasing many commits.
This patch adds a single large transaction around the actual commit rebase
operation, with a catch for intervention which serializes the current state if
we need to drop back to the terminal for user intervention. Amazingly, almost
all the tests seem to pass.
On large repos with large working copies, this can speed up rebasing 7 commits
by 25%. I'd expect the percentage to be a bit larger for rebasing even more
commits.
There are minor test changes because we're rolling back the entire transaction
during unexpected exceptions instead of just stopping mid-rebase, so there's no
more backup bundle. It also leave an unknown file in the working copy, since our
clean up 'hg update' doesn't delete unknown files.
(grafted from
cca36c7f35261b0e31beb226bf361067ef0e06ab)
(grafted from
dc497d8705b71503e32e07bd33925c1e42cf9c9a)
Differential Revision: https://phab.mercurial-scm.org/D134
Martin von Zweigbergk <martinvonz@google.com> [Mon, 17 Jul 2017 16:32:10 -0700] rev 33568
run-tests: remove unnecessary 'with_color' variable
Its value is always the same as that of 'pygmentspresent'.
Differential Revision: https://phab.mercurial-scm.org/D118
Martin von Zweigbergk <martinvonz@google.com> [Mon, 17 Jul 2017 16:27:13 -0700] rev 33567
run-tests: warn if --color=always and no pygments installed
Differential Revision: https://phab.mercurial-scm.org/D117
Martin von Zweigbergk <martinvonz@google.com> [Mon, 17 Jul 2017 16:28:42 -0700] rev 33566
run-tests: drop unnecessary check for pygmentspresent
2893face0af5 (run-tests: check if stream is a tty before using color,
2017-07-18) made the check redundant but forgot to remove it.
Differential Revision: https://phab.mercurial-scm.org/D116
Martin von Zweigbergk <martinvonz@google.com> [Mon, 17 Jul 2017 16:15:15 -0700] rev 33565
run-tests: pass color option via test case object , not global var
At first I updated the color field of the 'options' object (from the
CLI parser), but then I decided to put it directly on the test case
object itself to avoid mutating the shared object (even though all
tests would have the same value).
Differential Revision: https://phab.mercurial-scm.org/D114
Jun Wu <quark@fb.com> [Mon, 10 Jul 2017 18:02:03 -0700] rev 33564
phabricator: sanity check Differential Revision from commit message
Previously, we trust Differential Revision in commit message blindly. This
patch adds sanity check so a host name change will be detected and the
commit message will be ignored.
Differential Revision: https://phab.mercurial-scm.org/D35
Matt Harbison <matt_harbison@yahoo.com> [Tue, 18 Jul 2017 08:14:10 -0400] rev 33563
test-phases-exchange: properly conditionalize output
I forgot to invert the conditions, and the test runner didn't catch it[1]. But
since only '&&' is supported in the per-line feature tests, this won't work
anyway.
[1] https://www.mercurial-scm.org/pipermail/mercurial-devel/2017-July/101941.html
Pulkit Goyal <7895pulkit@gmail.com> [Tue, 18 Jul 2017 00:10:44 +0530] rev 33562
commitextras: mark the extension as ADVANCED
Matthieu Laneuville <matthieu.laneuville@octobus.net> [Tue, 18 Jul 2017 07:19:26 +0900] rev 33561
run-tests: check if stream is a tty before using color
Previous implementation (
e80041832eec) checked only if sys.stderr was a tty
which was less general. Also makes sure that colors is never used if pygments is
not available, irrespective of --color flag value.
Martin von Zweigbergk <martinvonz@google.com> [Fri, 14 Jul 2017 21:44:29 -0700] rev 33560
tests: rewrite test-rebase-detach.t using drawdag
This makes it much clearer because each test case can have exactly the
graph it wants (no extra cruft just because other tests want it).
Differential Revision: https://phab.mercurial-scm.org/D94
Martin von Zweigbergk <martinvonz@google.com> [Fri, 14 Jul 2017 23:09:17 -0700] rev 33559
tests: simplify config in test-rebase-detach.t
Differential Revision: https://phab.mercurial-scm.org/D93
Martin von Zweigbergk <martinvonz@google.com> [Fri, 14 Jul 2017 22:32:58 -0700] rev 33558
drawdag: include files from both parents in merge commits
Consider a graph like this:
D
|\
B C
|/
A
drawdag will add a file called A in commit A, file B in B, file C in
C. That's fine and expected. In merge commits like D, I would expect
the files and their contents to be taken from the parent commits, so
commit D in this example would have files A, B, and C. However,
drawdag will instead add the file D compared to the first
parent. Depending on whether B or C got a smaller nodeid, the contents
of D would be {A, B, D} or {A, C, D}. This patch changes it to to be
{A, B, C}.
Differential Revision: https://phab.mercurial-scm.org/D92
Gregory Szorc <gregory.szorc@gmail.com> [Mon, 17 Jul 2017 15:54:15 -0700] rev 33557
gitweb: preserve whitespace in description
Without this, multiple spaces or tabs in the commit message aren't
preserved and things like tables don't align properly.
As part of adding the CSS rule, we had to cuddle the content
with the <div> to not introduce leading and trailing whitespace.
The "addbreaks" filter was also removed because it would insert
an additional newline, effectively double spacing content.
Differential Revision: https://phab.mercurial-scm.org/D113
Gregory Szorc <gregory.szorc@gmail.com> [Mon, 17 Jul 2017 11:45:38 -0700] rev 33556
sparse: add a requirement when a repository uses sparse (BC)
The presence of a sparse checkout can confuse legacy clients or
clients without sparse enabled for reasons that should be obvious.
This commit introduces a new repository requirement that tracks
whether sparse is enabled. The requirement is added when a sparse
config is activated and removed when the sparse config is reset.
The localrepository constructor has been taught to not open repos
with this requirement unless the sparse feature is enabled. It yields
a more actionable error message than what you would get if the
lockout were handled strictly at the requirements verification phase.
Old clients that aren't sparse aware will see the generic
"repository requires features unknown to this Mercurial" error,
however.
The new requirement has "exp" in its name to reflect the
experimental nature of sparse. There's a chance that the eventual
non-experimental feature won't change significantly and we could
have squatted on the "sparse" requirement without ill effect. If
that happens, we can teach new clients to still recognize the old
name. But I suspect we'll sneak in some BC and we'll want a new
requirement to convey new meaning.
Differential Revision: https://phab.mercurial-scm.org/D110
Gregory Szorc <gregory.szorc@gmail.com> [Mon, 17 Jul 2017 11:21:23 -0700] rev 33555
sparse: consolidate common code for writing sparse config
In 3 functions we were writing the sparse config and updating the
working directory. In two of them we had a transaction-like process
for restoring the sparse config in case of wdir update fail.
Because the pattern is common, we've already made mistakes, and the
complexity will increase in the near future, let's consolidate the
code into a reusable function.
As part of this refactor, we end up reading the "sparse" file twice
when updating it. This is a bit sub-optimal. But I don't think it
is worth the code complexity to pass around the variables to avoid
the redundancy.
Differential Revision: https://phab.mercurial-scm.org/D109
Gregory Szorc <gregory.szorc@gmail.com> [Sat, 15 Jul 2017 15:51:57 -0700] rev 33554
revset: pass repo when passing ui
The repo instance is currently only used to provide a changeset
lookup function as part of parsing revsets. I /think/ this allows
node fragments to resolve. I'm not sure why we wouldn't want this
to always "just work" if parsing a revset string.
Plus, an upcoming commit will introduce a new consumer that needs a
handle on the repo. So passing it more often will make that code
work more.
Passing a repo instance in all callers of revset.match* results in
a bunch of test changes. Notably, branch and tags caches get
populated as part of evaluating revsets. I'm not sure if this is
desirable. So this patch takes the conservative approach and only
passes the repo if we're passing a ui instance.
Differential Revision: https://phab.mercurial-scm.org/D97
Kevin Bullock <kbullock+mercurial@ringworld.org> [Mon, 17 Jul 2017 13:22:59 -0500] rev 33553
win32: copy-edit debugssl messages to match prevailing style
Pulkit Goyal <7895pulkit@gmail.com> [Sat, 15 Jul 2017 02:17:05 +0530] rev 33552
run-tests: make sure to check if pygments is installed before using it
e80041832e introduced support to color the output of tests but used pygments
without checking whether it's installed or not. That breaks test-run-tests.t for
machines which don't have pygments installed. This patch conditionalize the
color test in test-run-tests.t and also add a check to make sure pygments is
installed before using that.
Gregory Szorc <gregory.szorc@gmail.com> [Sat, 15 Jul 2017 13:21:23 -0700] rev 33551
sparse: require [section] in sparse config files (BC)
Previously, [include] was implicit and pattern lines before a
[section] were added to includes.
Because the format may change in the future and explicit behavior,
well, more explicit, this commit changes the config parser to
reject pattern lines that don't occur in a [section].
Differential Revision: https://phab.mercurial-scm.org/D96
Gregory Szorc <gregory.szorc@gmail.com> [Sat, 15 Jul 2017 13:07:57 -0700] rev 33550
sparse: use set for capturing profiles
Order doesn't need to be preserved. A set is acceptable.
Differential Revision: https://phab.mercurial-scm.org/D95
Alex Gaynor <agaynor@mozilla.com> [Mon, 17 Jul 2017 12:38:07 -0400] rev 33549
util: remove dead code which used to be for old python2 versions
Differential Revision: https://phab.mercurial-scm.org/D107
Pulkit Goyal <7895pulkit@gmail.com> [Sat, 17 Jun 2017 20:10:22 +0530] rev 33548
status: add a flag to terse the output (
issue4119)
This adds an experimental flag -t/--terse which will terse the output. The terse flag
will respect other flags which filters the output. The flag takes a string
whose value can be a subsequence of "marduic" (the order does not matter here.)
Ignored files are not considered while tersing unless -i flag is passed or 'i'
is there is the terse flag value.
The flag is experimental for testing as there may be cases which will produce
strange results with the flag. We can set the terse on by default by simply
passing 'u' to the cmdutil.tersestatus().
This patch also adds a test file with tests covering the new feature.
Pulkit Goyal <7895pulkit@gmail.com> [Wed, 12 Jul 2017 16:10:10 +0530] rev 33547
commitextras: check the format of the arguments and no internal key is used
This patch adds check to make the arguments are passed as KEY=VALUE and no key
which is used internally is passed.
This patch also adds test for the extension.
Pulkit Goyal <7895pulkit@gmail.com> [Wed, 12 Jul 2017 00:23:45 +0530] rev 33546
commitextras: move fb extension to core which add extras to a commit
This patch moves the Facebook extension to add extra fields to a commit to a
in-core extension.
Matt Harbison <matt_harbison@yahoo.com> [Mon, 17 Jul 2017 00:49:29 -0400] rev 33545
archive: add an experimental config to control the metadata file template
Experimental because given the possible complexity, it may be worth figuring out
how to load this from a file, similar to the style files for the log command,
instead of trying to stuff it on the command line.
Matt Harbison <matt_harbison@yahoo.com> [Sun, 16 Jul 2017 17:40:36 -0400] rev 33544
archive: use a templater to build the metadata file
There are no visible changes here.
I'm starting to wonder if adding the '+' to the 'node' line instead of a
separate key line in
3047167733dc was the right thing to do. The '{node}'
keyword never includes '+' elsewhere, and the way setup.py works, it would
truncate it anyway. Additionally, the file is missing '{p2node}' when 'wdir()'
merges are archived. I thought about adding an 'identify' line that would
correspond to `hg id -n`. But the other nodes are the full 40 characters, and
the output most useful for versioning is the short form. All of this cries out
for customization via templating. (Although maybe having the short identify
line by default is still a good idea.)