Mercurial Mercurial > hg / changelog
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | zip | gz | bz2 | help
(0) -10000 -3000 -1000 -300 -100 -30 -10 -6 +6 +10 +30 +100 +300 +1000 +3000 +10000 +30000 tip
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tue, 02 Aug 2011 11:32:39 +0200 revert: introduce short option -C for --no-backup
changeset
Adrian Buehlmann <adrian@cadifra.com> [Tue, 02 Aug 2011 11:32:39 +0200] rev 15009
revert: introduce short option -C for --no-backup Corresponds to -C of the update command. It's much more convenient to use: $ hg revert -aC than having to type $ hg revert -a --no-backup I think the 'no-backup' case is a frequent use case. Introducing short option -C here fits with the muscle memory we have from 'hg update -C', which is described there as "discard uncommitted changes (no backup)".
Mon, 01 Aug 2011 18:10:05 -0500 merge with stable
changeset
Matt Mackall <mpm@selenic.com> [Mon, 01 Aug 2011 18:10:05 -0500] rev 15008
merge with stable
Mon, 01 Aug 2011 18:09:20 -0500 Added signature for changeset 4a43e23b8c55 stable
changeset
Matt Mackall <mpm@selenic.com> [Mon, 01 Aug 2011 18:09:20 -0500] rev 15007
Added signature for changeset 4a43e23b8c55
Mon, 01 Aug 2011 18:09:00 -0500 Added tag 1.9.1 for changeset 4a43e23b8c55 stable
changeset
Matt Mackall <mpm@selenic.com> [Mon, 01 Aug 2011 18:09:00 -0500] rev 15006
Added tag 1.9.1 for changeset 4a43e23b8c55
Mon, 01 Aug 2011 23:58:50 +0200 hgweb: do not ignore [auth] if url has a username (issue2822) stable 1.9.1
changeset
Patrick Mezard <pmezard@gmail.com> [Mon, 01 Aug 2011 23:58:50 +0200] rev 15005
hgweb: do not ignore [auth] if url has a username (issue2822) The [auth] section was ignored when handling URLs like: http://user@example.com/foo Instead, we look in [auth] for an entry matching the URL and supplied user name. Entries without username can match URL with a username. Prefix length ties are resolved in favor of entries matching the username. With: foo.prefix = http://example.org foo.username = user foo.password = password bar.prefix = http://example.org/bar and the input URL: http://user@example.org/bar the 'bar' entry will be selected because of prefix length, therefore prompting for a password. This behaviour ensure that entries selection is consistent when looking for credentials or for certificates, and that certificates can be picked even if their entries do no define usernames while the URL does. Additionally, entries without a username matched against a username are returned as if they did have requested username set to avoid prompting again for a username if the password is not set. v2: reparse the URL in readauthforuri() to handle HTTP and HTTPS similarly. v3: allow unset usernames to match URL usernames to pick certificates. Resolve prefix length ties in favor of entries with usernames.
Sun, 31 Jul 2011 01:46:52 +0200 hgweb: raw file mimetype guessing configurable, off by default (BC) (issue2923) stable
changeset
Matt Mackall <mpm@selenic.com> [Sun, 31 Jul 2011 01:46:52 +0200] rev 15004
hgweb: raw file mimetype guessing configurable, off by default (BC) (issue2923) Before: hgweb made it possible to download file content with a content type detected from the file extension. It would serve .html files as text/html and could thus cause XSS vulnerabilities if the web site had any kind of session authorization and the repository content wasn't fully trusted. Now: all files default to "application/binary", which all important browsers will refuse to treat as text/html. See the table here: https://code.google.com/p/browsersec/wiki/Part2#Survey_of_content_sniffing_behaviors
(0) -10000 -3000 -1000 -300 -100 -30 -10 -6 +6 +10 +30 +100 +300 +1000 +3000 +10000 +30000 tip
Mercurial