Added signature for changeset cabc840ffdee

Added tag 4.4.1 for changeset cabc840ffdee

templatekw: add verbosity keyword to select template by -q/-v/--debug flag This can be used in conjunction with the ifeq() function.

templatekw: move loadkeyword() to bottom loadkeyword() isn't a template keyword function.

help: hide phaseidx template keyword I don't think it's great idea to expose the internal representation of phases. Let's discourage use of the phaseidx keyword.

stable: merge with security patches

subrepo: use per-type config options to enable subrepos We change subrepos.allowed from a list of allowed subrepo types to a combination of a master switch and per-type boolean flag. If the master switch is set, subrepos can be disabled wholesale. If subrepos are globally enabled, then per-type options are consulted. Mercurial repos are enabled by default. Everything else is disabled by default.

config: add some more documentation around why svn and git subrepos are off

subrepo: disable git and svn subrepos by default (BC) (SEC) We have a security issue with git subrepos. I'm not sure if svn subrepo is vulnerable, but it seems not 100% safe to allow writing arbitrary data into a metadata directory. So for now, only hg subrepo is enabled by default. Maybe we should improve the help to describe why git/svn subrepos are disabled.

subrepo: extend config option to disable subrepos by type (SEC) This allows us to minimize the behavior change introduced by the next patch. I have no idea which config style is preferred in UX POV, but I decided to get things done. a) list: 'allowed = hg, git, svn' b) sub option: 'allowed.hg = True' or 'allowed:hg = True' c) per-type action: 'hg = allow', 'git = abort'