Commit Graph

1264 Commits

Author SHA1 Message Date
Lukasz Janyst
7f3c6e0ce9 ui-diff.c: avoid html injection
When path-filtering was used in commit-view, the path filter was
included without proper html escaping. This patch closes the hole.

Signed-off-by: Lukasz Janyst <ljanyst@cern.ch>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-03-05 14:13:06 +01:00
Lars Hjemli
1b09cbd303 Merge branch 'stable' 2011-03-05 14:01:59 +01:00
Lars Hjemli
9e849950dc CGIT 0.8.3.5
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-03-05 13:52:39 +01:00
Lars Hjemli
d0cb8413ff Avoid trailing slash in virtual-root
When setting virtual-root from cgitrc, care is taken to avoid trailing
slashes. But when no virtual-root setting is specified, SCRIPT_FILE
from the web server is used without similar checks. This patch fixes the
inconsistency, which could lead to double-slashes in generated links.

Noticed-by: Wouter Van Hemel <wouter@duodecim.org>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-03-05 13:50:40 +01:00
Jim Meyering
fc384b16fb do not infloop on a query ending in %XY, for invalid hex X or Y
When a query ends in say %gg, (or any invalid hex) e.g.,
http://git.gnome.org/browse/gdlmm/commit/?id=%gg
convert_query_hexchar calls memmove(txt, txt+3, 0), and then returns
txt-1, so the loop in http_parse_querystring never terminates.  The
solution is to make the memmove also copy the trailing NUL.
* html.c (convert_query_hexchar): Fix off-by-one error.

Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-03-05 13:38:34 +01:00
Dan McGee
aae067197f Return 404 on command not found
We were returning 200 before. Even 404 is questionable in all cases, but
200 was totally wrong. Also match the case of all of the "Not found"
status messsages.

Signed-off-by: Dan McGee <dpmcgee@gmail.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-02-19 15:00:18 +01:00
Dan McGee
42231328d3 Allow disabling of HTTP clone URLs
If advertising other URLs to your users, you may not want to make this
available through cgit (e.g. if you have the smart HTTP transport set up
elsewhere). Allow disabling the three magic commands that simulate the
git server, but default it to enabled.

Signed-off-by: Dan McGee <dpmcgee@gmail.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-02-19 15:00:18 +01:00
Dan McGee
35d33014fb Add is_clone flag to available commands
This will be used to make these operations configurable via a config
option.

Signed-off-by: Dan McGee <dpmcgee@gmail.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-02-19 14:57:48 +01:00
Lars Hjemli
979c460e7f Merge branch 'br/misc'
* br/misc:
  Use transparent background for the cgit logo
  ssdiff: anchors for ssdiff
  implement repo.logo and repo.logo-link
2011-02-19 14:51:00 +01:00
Bernhard Reutner-Fischer
0141b9f889 Use transparent background for the cgit logo
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-02-19 14:41:39 +01:00
Bernhard Reutner-Fischer
e52040bf90 ssdiff: anchors for ssdiff
Emit anchors to the respective revisions in side-by-side diff view

Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-02-19 14:41:39 +01:00
Bernhard Reutner-Fischer
808c685ebb implement repo.logo and repo.logo-link
Allow for per repo logo and logo-link; Use global logo and logo-link per
default.

Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-02-19 14:41:39 +01:00
Bernhard Reutner-Fischer
6bf2658f04 ui-shared: silence warning
warning: format ‘%ld’ expects type ‘long int’, but argument 2 has type
‘size_t’

Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-02-19 14:37:34 +01:00
Lars Hjemli
fb9e6d1594 Merge branch 'jh/scan-path'
* jh/scan-path:
  scan_path(): Do not recurse into hidden directories by default
  scan_path(): Improve handling of inaccessible directories
2011-02-19 14:25:55 +01:00
Johan Herland
df522794c3 scan_path(): Do not recurse into hidden directories by default
Paths that start with a period ('.') are considered hidden in the Unix world.
scan_path() should arguably not recurse into these directories by default.
This patch makes it so, and introduces the "scan-hidden-path" config variable
for overriding the new default and revert to the old behaviour (scanning _all_
directories, including hidden .directories).

Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <larsh@prediktor.no>
2011-02-19 14:25:14 +01:00
Lukas Fleischer
7c2dea0367 Makefile: Make make get-git work under OpenBSD.
OpenBSD tar(1) defaults to read from "/dev/rst0" when not specifying an
filename and thus fails to extract the Git sourcecode when not passing
stdin as input file descriptor explicitly.

Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-02-19 14:13:08 +01:00
Lars Hjemli
31e1f9af1d Merge branch 'jh/graph'
* jh/graph:
  ui-log: Move 'Age' column when commit graph is present
  ui-log: Line-wrap long commit subjects when showmsg is enabled
  ui-log: Colorize commit graph
  ui-log: Implement support for commit graphs
  ui-log: Change display of full commit messages (and notes)

Conflicts:
	cgit.css
2011-02-19 14:01:59 +01:00
Lars Hjemli
e66a16cebc Merge branch 'lh/improve-range-search'
* lh/improve-range-search:
  html.c: use '+' to escape spaces in urls
  ui-log.c: improve handling of range-search argument
  Add vector utility functions
2011-02-19 14:00:59 +01:00
Lars Hjemli
286c4c0a1d Use GIT-1.7.4
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-02-19 13:55:43 +01:00
Johan Herland
682adbc0ca scan_path(): Improve handling of inaccessible directories
When scanning a tree containing inaccessible directories (e.g. '.ssh'
directories in users' homedirs, or repos with explicitly restricted access),
scan_path() currently causes three lines of "Permissions denied" errors to be
printed to the CGI error log per inaccessible directory:

  Error checking path /home/foo/.ssh: Permission denied (13)
  Error checking path /home/foo/.ssh/.git: Permission denied (13)
  Error opening directory /home/foo/.ssh: Permission denied (13)

This is a side-effect of calling is_git_dir(path) and
is_git_dir(fmt("%s/.git", path) _before_ we try to opendir(path).

By placing the opendir(path) before the two is_git_dir() calls, we reduce the
noise to a single line per inaccessible directory:

  Error opening directory /home/foo/.ssh: Permission denied (13)

Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <larsh@prediktor.no>
2010-11-16 09:03:43 +01:00
Johan Herland
c2bfd40f8a ui-log: Move 'Age' column when commit graph is present
When the commit graph is present, we prefer to draw it along the left edge,
and moving the 'Age' column to the right of the 'Author' column, like in gitk.

Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-16 08:18:37 +01:00
Johan Herland
ad230267f8 ui-log: Line-wrap long commit subjects when showmsg is enabled
When showmsg is disabled ui-log truncates long commit subjects. This is good.
However, the same is not desirable when showmsg is enabled, since you then
end up with a truncated commit subject followed by the rest of the commit
message below.

Instead, when showmsg is enabled (and we're using all this space to display
the entire commit message, anyway), line-wrap the commit subject instead of
truncating it.

Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-16 08:18:37 +01:00
Johan Herland
268b34af23 ui-log: Colorize commit graph
Use the existing coloring logic in Git's graph code to color the lines
between commits in the commit graph.

Whereas Git normally uses ANSI color escapes to produce colors, we here
use graph_set_column_colors() to replace those with HTML color escapes,
that embed the graph lines in <span> tags that apply the desired color
using CSS.

Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-16 08:18:37 +01:00
Johan Herland
9a8d39c668 ui-log: Implement support for commit graphs
Teach CGit to print an ASCII art commit graph to the left of the commit
message, similar to 'git log --graph'. The graph adds extra lines (table
rows) to the log when needed to add/remove/shuffle edges in the graph.

When 'showmsg' is enabled, the graph is automatically padded to account
for the extra lines added by the commit message/notes.

This feature is controlled by a new config variable: "enable-commit-graph"
(disabled by default), and individual repos can control it by setting
"repo.enable-commit-graph".

Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-16 08:18:36 +01:00
Johan Herland
5a36c2a291 ui-log: Change display of full commit messages (and notes)
When showmsg is enabled, ui-log (in addition to the table row containing
the details of the current commit) adds a second table row containing the
remainder of the commit message, and yet another table row containing the
commit notes (if any). The vertical margins between commit subject, commit
message and commit notes are controlled by CSS.

In preparation for the commit graph (which will be printed to the left of
the commit message/notes) we need to eliminate these vertical margins (as
they would produce ugly gaps in the commit graph) and instead achieve them
by adding newlines to the commit message/notes. Furthermore, we can no
longer print the "Notes:" header in the "Age" column, since the graph will
be drawn between the "Age" column and the "Commit message" column.

This patch therefore prepares the commit message and commit notes in a
single buffer (properly formatting the notes using the NOTES_SHOW_HEADER
and NOTES_INDENT flags to format_note()), and then prints the entire
buffer into a single table row.

Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-16 08:18:36 +01:00
Johan Herland
17596459fe ui-stats: Remove unnecessary #include
<string-list.h> is already #included from cgit.h

Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-16 06:56:54 +01:00
Lars Hjemli
7618cac1ee Merge branch 'tz/make-improvements' 2010-11-10 00:28:56 +01:00
Lars Hjemli
c2680325f6 html.c: use '+' to escape spaces in urls
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-10 00:22:41 +01:00
Johan Herland
52558a6d39 ui-log: Prevent crash when given empty range search
Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-10 00:22:41 +01:00
Lars Hjemli
a3c3c04bdf ui-log.c: improve handling of range-search argument
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-10 00:22:41 +01:00
Lars Hjemli
958a95b378 Add vector utility functions
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-10 00:22:41 +01:00
Lars Hjemli
53f487dd71 Makefile: avoid spurious rebuilds of git sources due to sudo make
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-10 00:20:50 +01:00
Johan Herland
1415f3f3e0 ui-log: Fix filecount/linecount when path limit is in effect
When using ui-log with path limits, the listing of commits enables parent
rewriting in Git's internal log machinery. This did not work well together
with cgit_diff_commit() which is used to generate the filecount and
linecount numbers for each commit in the log view. cgit_diff_commit() would
operate without any path limits, and would therefore process the full diff
between the commits shown (which, because of parent rewriting, is not the
same as processing the diff for the commit itself). Additionally, the bottom
commit in the log view would (again, because of parent rewriting) have zero
parents, causing us to process the entire diff between the empty tree and
that commit. Since path limits were not in effect, this would (in large
projects) reports thousands of files and millions of lines changed in that
bottom commit.

This patch fixes the issue by applying the same path limit to
cgit_diff_commit() as is applied to the rest of the log view. The result is
that the filecount/linecount now only reflects the diff as it pertains to
the given path limit.

Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-09 16:37:39 +01:00
Felix Hanley
e0c6f23789 Add strict-export option
This option is used to specify a filename which needs to be present in
the repositories found during `scan-path` processing. By setting this
option to 'git-daemon-export-ok', only repositories explicitly marked
for git daemon export will be included in the cgit configuration.

Signed-off-by: Felix Hanley <felix@seconddrawer.com.au>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-08 19:41:13 +01:00
Kamil Kaminski
49d09d4fd1 Fix a typo in README, s/ExecCGI/+ExecCGI
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-08 19:30:03 +01:00
Lars Hjemli
cda1b78ff7 Append path and branch to atom feed title
Currently all atom feeds for a repository get the same title but they
are actually unique per path and per branch.

Signed-off-by: Chris Mayo <aklhfex@gmail.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-07 16:35:54 +01:00
Chris Mayo
eca95229ac Use committer date for atom feed entry updated element
Committer date reflects the most recent change and is used for ordering
the log page (author date is still available in published element of the
feed entry).

Signed-off-by: Chris Mayo <aklhfex@gmail.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-07 16:33:41 +01:00
Lars Hjemli
69f705cf57 Merge branch 'stable'
Conflicts:
	scan-tree.c

Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-07 16:25:23 +01:00
Dean Scarff
aabc70f74b Use absolute path for scanned repo readme
repo.readme is transformed to an absolute path when read from the config,
so add_repo needs to add "README.html" with the repository path too.

Signed-off-by: Dean Scarff <dos@scarff.id.au>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-07 16:21:59 +01:00
Lars Hjemli
5807fb79fa Makefile: add -MP option
Work around errors `make` gives when header files are removed without
the Makefile being updated.

Signed-off-by: Lynn Lin <Lynn.Lin@emc.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-07 16:13:49 +01:00
Lars Hjemli
d41b2ddcb3 Merge branch 'stable'
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-09-27 08:20:42 +02:00
Lars Hjemli
af492114cc CGIT 0.8.3.4
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-09-27 08:00:47 +02:00
Lars Hjemli
82a883ede7 Use GIT-1.7.3
This fixes http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2542.

Noticed-by: Silvio Cesare <silvio.cesare@gmail.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-09-27 07:58:13 +02:00
Lars Hjemli
9043b46f85 Merge branch 'stable' 2010-09-19 20:58:15 +02:00
Aaron Griffin
aaa3f78542 RSS items should always use UTC times
The format uses a 'Z' suffix, which indicates no TZ offset.
Thus we should not respect the local-time config setting here.

Signed-off-by: Aaron Griffin <agriffin@datalogics.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-09-19 20:57:30 +02:00
Todd Zullinger
66df113457 Use example.com in documentation, per RFC 2606
Signed-off-by: Todd Zullinger <tmz@pobox.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-09-19 19:12:51 +02:00
Todd Zullinger
d7765df117 cgit.css: Add syntax highlighting entries
Signed-off-by: Todd Zullinger <tmz@pobox.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-09-19 19:12:51 +02:00
Todd Zullinger
6d10c13058 Install filter scripts
The syntax-highlighting.sh script is quite useful without any changes.
Installing it by default makes it easier to use and package.

Signed-off-by: Todd Zullinger <tmz@pobox.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-09-19 19:11:45 +02:00
Todd Zullinger
0c3130de96 Add Makefile targets to install/uninstall docs
Signed-off-by: Todd Zullinger <tmz@pobox.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-09-19 19:11:45 +02:00
Todd Zullinger
679f7ef4f3 Generalize doc generation
This borrows from the git Documentation/Makefile.  The goal is to make
it easier to add new man pages and other documentation as well as to
prevent make from re-generating the documentation needlessly.

Signed-off-by: Todd Zullinger <tmz@pobox.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-09-19 19:11:45 +02:00