sslutil: abort when unable to verify peer connection (BC) Previously, when we connected to a server and were unable to verify its certificate against a trusted certificate authority we would issue a warning and continue to connect. This is obviously not great behavior because the x509 certificate model is based upon trust of specific CAs. Failure to enforce that trust erodes security. This behavior was defined several years ago when Python did not support loading the system trusted CA store (Python 2.7.9's backports of Python 3's improvements to the "ssl" module enabled this). This commit changes behavior when connecting to abort if the peer certificate can't be validated. With an empty/default Mercurial configuration, the peer certificate can be validated if Python is able to load the system trusted CA store. Environments able to load the system trusted CA store include: * Python 2.7.9+ on most platforms and installations * Python 2.7 distributions with a modern ssl module (e.g. RHEL7's patched 2.7.5 package) * Python shipped on OS X Environments unable to load the system trusted CA store include: * Python 2.6 * Python 2.7 on many existing Linux installs (because they don't ship 2.7.9+ or haven't backported modern ssl module) * Python 2.7.9+ on some installs where Python is unable to locate the system CA store (this is hopefully rare) Users of these Pythongs will need to configure Mercurial to load the system CA store using web.cacerts. This should ideally be performed by packagers (by setting web.cacerts in the global/system hgrc file). Where Mercurial packagers aren't setting this, the linked URL in the new abort message can contain instructions for users. In the future, we may want to add more code for finding the system CA store. For example, many Linux distributions have the CA store at well-known locations (such as /etc/ssl/certs/ca-certificates.crt in the case of Ubuntu). This will enable CA loading to "just work" on more Python configurations and will be best for our users since they won't have to change anything after upgrading to a Mercurial with this patch. We may also want to consider distributing a trusted CA store with Mercurial. Although we should think long and hard about that because most systems have a global CA store and Mercurial should almost certainly use the same store used by everything else on the system.

sslutil: remove out of place comment This comment likely got orphaned as a result of refactoring in this file. It isn't providing any useful value. So delete it.

largefiles: remove additional blank line between methods in localstore According to the coding style it should be a single blank line between functions.

revset: make head() honor order of subset The ordering of 'x & head()' was broken in 6a1a4c212d50 (revset: improve head revset performance, 2014-03-13). Presumably due to other optimizations since then, undoing that change to fix the order does not slow down the simple case of "hg log -r 'head()'" mentioned in that commit. I see a small slowdown from ~0.16s to about ~0.19s with 'not 0 & head()', but I'd say it's worth it for the correct output.

revsets: use itervalues() where only values are needed I don't think there will be a noticeable speedup, but it removes an unused variable.

revsets: passing a set to baseset() is not wrong Since 69c6e9623bdc (revset: force ascending order for baseset initialized from a set, 2016-04-04), it is safe to pass a revset to a baseset.

pyflakes: use pycompat.pickles to prevent error The pyflakes in my test box complain about pickle in pycompat. mercurial/pycompat.py:17: 'pickle' imported but unused

rebase: move local variable 'obsoletenotrebased' to the RR class

rebase: move restorestestatus function to be a method of the RR class

rebase: move local variables related to keeping things unchanged to the RR This commit moves the following variables, local to the rebase function to be fields of the rebaseruntime: -keepf -keepbranchesf -keepopen

rebase: move local variables 'date' and 'extrafns' to the RR class This commit moves the following variables, local to the rebase function to be fields of the rebaseruntime: -date -extrafns

rebase: move collapse-related local variables to the RR class This commit moves the following variables local to the 'rebase' function to be fields of the rebaseruntime class: -collapsef -collapsemsg

rebase: pass repo, ui and opts objects to the RR class constructor

check-code: build translation table for repquote in global for efficiency Rebuilding translation table (256 size) at each repquote() invocations is redundant. For example, this patch decreases user time of command invocation below from 18.297s to 13.445s (about -27%) on a Linux box. This command is main part of test-check-code.t. hg locate | xargs python contrib/check-code.py --warnings --per-file=0 This patch adds "_repquote" prefix to functions and variables factored out from repquote() to avoid conflict of name in the future.

check-code: detect "missing _() in ui message" more exactly Before this patch, "missing _() in ui message" rule overlooks translatable message, which starts with other than alphabet. To detect "missing _() in ui message" more exactly, this patch improves the regexp with assumptions below. - sequence consisting of below might precede "translatable message" in same string token - formatting string, which starts with '%' - escaped character, which starts with 'b' (as replacement of '\\'), or - characters other than '%', 'b' and 'x' (as replacement of alphabet) - any string tokens might precede a string token, which contains "translatable message" This patch builds an input file, which is used to examine "missing _() in ui message" detection, before '"$check_code" stringjoin.py' in test-contrib-check-code.t, because this reduces amount of change churn in subsequent patch. This patch also applies "()" instead of "_()" on messages below to hide false-positives: - messages for ui.debug() or debug commands/tools - contrib/debugshell.py - hgext/win32mbcs.py (ui.write() is used, though) - mercurial/commands.py - _debugchangegroup - debugindex - debuglocks - debugrevlog - debugrevspec - debugtemplate - untranslatable messages - doc/gendoc.py (ReST specific text) - hgext/hgk.py (permission string) - hgext/keyword.py (text written into configuration file) - mercurial/cmdutil.py (formatting strings for JSON)

revlog: add a fast path for "ambiguous identifier" Before fd1bb7c, if the C index.partialmatch raises RevlogError, the Python code raises "ambiguous identifier" error immediately, which is efficient. fd1bb7c took hidden revisions into consideration and forced the slow path enumerating the changelog to double-check hidden revisions. But it's not necessary if we know the revlog has no hidden revisions. This patch adds back the fast path for unfiltered revlogs.

import-checker: ensure cffi is always a system module I've had reports that this is not always happening, so whitelist it the way we whitelist other problem cases.

atomictempfile: add context manager support Close the file (moving it in place) on clean context exit, discard when there has been an exception.

atomictempfile: add read to the supported file operations

atomictempfile: remove test ordering These tests are independent and numbering only makes it harder to add more and logically group them.

atomictempfile: use a tempdir to keep the test environment clean Rather than pre-emptively delete a file, execute the test in a dedicated temporary directory that is removed after each test.

test-revset: show how inconsistent the ordering of compound expressions is This adds mostly broken tests that will be fixed by subsequent patches. We generally don't do that, but this patch series would be hard to review without a set of broken tests. Note that some tests pass thanks to the reordering problem in optimize(). For instance, '2:0 & _intlist(0 1 2)' doesn't fail because it is rewritten as '_intlist(0 1 2) & 2:0'.

i18n: translate abort messages I found a few places where message given to abort is not translated, I don't find any reason to not translate them.

hgweb: display blamed revision once per block in annotate view I.e. when a revision blames a block of source lines, only display the revision link on the first line of the block (this is identified by the "blockhead" key in annotate context). This addresses item "Visual grouping of changesets" of the blame improvements plan (https://www.mercurial-scm.org/wiki/BlamePlan) which states: "Typically there are block of lines all attributed to the same revision. Instead of rendering the revision/changeset for every line, we could only render it once per block."

hgweb: highlight data of the current revision in annotate view * Distinguish the /annotate/<revision>/<file>#<linenumber> link when it would lead to the current page (i.e. <revision> is the current revision) (style it gray and undecorated). This indicates more clearly that this is a "dead-end" in blame navigation. * Display lines changed in current revision in green.

bashcompletion: show available command-line switches for aliases When auto-completing hg commands, aliases are listed, but not the available switches for an alias, because `HGPLAIN=1` filters these out. Add a `HGPLAINEXCEPT=alias` exception to resolve this. We make heavy use of aliases that drive hg log with custom revsets, sorting and the -G switch, but want our users to be able to auto-complete any additional command-line switches.

py3: shift from __future__ import absolute import to beginning (issue5269)

pull: add help information about pulling active bookmark

templates: add support for search webcommand in json style

templates: add support for summary webcommand in json style Change summary webcommand to yield each element of the shortlog instead of the entire list. This makes generated json more readable since each entry can be formatted separately, instead of returning all the shortlog content in a single string.