Hello community, here is the log from the commit of package mercurial for openSUSE:Factory checked in at 2017-11-14 14:23:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mercurial (Old) and /work/SRC/openSUSE:Factory/.mercurial.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "mercurial" Tue Nov 14 14:23:54 2017 rev:122 rq:540758 version:4.4.1 Changes: -------- --- /work/SRC/openSUSE:Factory/mercurial/mercurial.changes 2017-11-09 16:25:26.648454755 +0100 +++ /work/SRC/openSUSE:Factory/.mercurial.new/mercurial.changes 2017-11-14 14:23:56.244921934 +0100 @@ -1,0 +2,18 @@ +Sat Nov 11 15:44:35 UTC 2017 - [email protected] + +- Mercurial 4.4.1 + + 1. Notable changes + * Git and Subversion subrepos have been disabled by default to mitigate a + potential security risk if files overlapping with a subrepo managed to be + committed to a repository. + * Subrepos are now more paranoid about symlink traversal. + * The share extension handles drive letters on Windows better. + + It is possible that a specially malformed repository can cause Git + subrepositories to run arbitrary code in the form of a .git/hooks/post-update + script checked in to the repository in Mercurial 4.4 and earlier. Typical use + of Mercurial prevents construction of such repositories, but they can be + created programmatically. + +------------------------------------------------------------------- Old: ---- mercurial-4.4.tar.gz mercurial-4.4.tar.gz.asc New: ---- mercurial-4.4.1.tar.gz mercurial-4.4.1.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mercurial.spec ++++++ --- /var/tmp/diff_new_pack.eyhGhh/_old 2017-11-14 14:23:56.944896414 +0100 +++ /var/tmp/diff_new_pack.eyhGhh/_new 2017-11-14 14:23:56.948896268 +0100 @@ -20,7 +20,7 @@ %{!?python_sitelib: %global python_sitelib %(python -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")} %endif Name: mercurial -Version: 4.4 +Version: 4.4.1 Release: 0 Summary: Scalable Distributed SCM License: GPL-2.0+ ++++++ mercurial-4.4.tar.gz -> mercurial-4.4.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/.hgsigs new/mercurial-4.4.1/.hgsigs --- old/mercurial-4.4/.hgsigs 2017-11-01 22:54:40.000000000 +0100 +++ new/mercurial-4.4.1/.hgsigs 2017-11-07 19:15:36.000000000 +0100 @@ -153,3 +153,4 @@ 920977f72c7b70acfdaf56ab35360584d7845827 0 iQIcBAABCAAGBQJZv+wSAAoJELnJ3IJKpb3VH3kQAJp3OkV6qOPXBnlOSSodbVZveEQ5dGJfG9hk+VokcK6MFnieAFouROoGNlQXQtzj6cMqK+LGCP/NeJEG323gAxpxMzc32g7TqbVEhKNqNK8HvQSt04aCVZXtBmP0cPzc348UPP1X1iPTkyZxaJ0kHulaHVptwGbFZZyhwGefauU4eMafJsYqwgiGmvDpjUFu6P8YJXliYeTo1HX2lNChS1xmvJbop1YHfBYACsi8Eron0vMuhaQ+TKYq8Zd762u2roRYnaQ23ubEaVsjGDUYxXXVmit2gdaEKk+6Rq2I+EgcI5XvFzK8gvoP7siz6FL1jVf715k9/UYoWj9KDNUm8cweiyiUpjHQt0S+Ro9ryKvQy6tQVunRZqBN/kZWVth/FlMbUENbxVyXZcXv+m7OLvk+vyK7UZ7yT+OBzgRr0PyUuafzSVW3e+RZJtGxYGM5ew2bWQ8L6wuBucRYZOSnXXtCw7cKEMlK3BTjfAfpHUdIZIG492R9d6aOECUK/MpNvCiXXaZoh5Kj4a0dARiuWFCZxWwt3bmOg13oQ841zLdzOi/YZe15vCm8OB4Ffg6CkmPKhZhnMwVbFmlaBcoaeMzzpMuog91J1M2zgEUBTYwe/HKiNr/0iilJMPFRpZ+zEb2GvVoc8FMttXi8aomlXf/6LHCC9ndexGC29jIzl41+ 2f427b57bf9019c6dc3750baa539dc22c1be50f6 0 iQJEBAABCAAuFiEEK8zhT1xnJaouqK63ucncgkqlvdUFAlnQtVIQHHJhZkBkdXJpbjQyLmNvbQAKCRC5ydyCSqW91TTkD/409sWTM9vUH2qkqNTb1IXyGpqzb9UGOSVDioz6rvgZEBgh9D1oBTWnfBXW8sOWR0A7iCL6qZh2Yi7g7p0mKGXh9LZViLtSwwMSXpNiGBO7RVPW+NQ6DOY5Rhr0i08UBiVEkZXHeIVCd2Bd6mhAiUsm5iUh9Jne10wO8cIxeAUnsx4DBdHBMWLg6AZKWllSgN+r9H+7wnOhDbkvj1Cu6+ugKpEs+xvbTh47OTyM+w9tC1aoZD4HhfR5w5O16FC+TIoE6wmWut6e2pxIMHDB3H08Dky6gNjucY/ntJXvOZW5kYrQA3LHKks8ebpjsIXesOAvReOAsDz0drwzbWZan9Cbj8yWoYz/HCgHCnX3WqKKORSP5pvdrsqYua9DXtJwBeSWY4vbIM2kECAiyw1SrOGudxlyWBlW1f1jhGR2DsBlwoieeAvUVoaNwO7pYirwxR4nFPdLDRCQ4hLK/GFiuyr+lGoc1WUzVRNBYD3udcOZAbqq4JhWLf0Gvd5xP0rn1cJNhHMvrPH4Ki4a5KeeK6gQI7GT9/+PPQzTdpxXj6KwofktJtVNqm5sJmJ+wMIddnobFlNNLZ/F7OMONWajuVhh+vSOV34YLdhqzAR5XItkeJL6qyAJjNH5PjsnhT7nMqjgwriPz6xxYOLJWgtK5ZqcSCx4gWy9KJVVja8wJ7rRUg== 1e2454b60e5936f5e77498cab2648db469504487 0 iQJVBAABCAA/FiEEOoFVFj0OIKUw/LeGR6Z/+qNGqs4FAlnqRBUhHGtidWxsb2NrK21lcmN1cmlhbEByaW5nd29ybGQub3JnAAoJEEemf/qjRqrOAQQP/28EzmTKFL/RxmNYePdzqrmcdJ2tn+s7OYmGdtneN2sESZ4MK0xb5Q8Mkm+41aXS52zzJdz9ynwdun8DG4wZ3sE5MOG+GgK6K0ecOv1XTKS3a2DkUM0fl5hlcXN7Zz7m7m5M6sy6vSxHP7kTyzQWt//z175ZLSQEu1a0nm/BLH+HP9e8DfnJ2Nfcnwp32kV0Nj1xTqjRV1Yo/oCnXfVvsxEJU+CDUGBiLc29ZcoWVbTw9c1VcxihJ6k0pK711KZ+bedSk7yc1OudiJF7idjB0bLQY6ESHNNNjK8uLppok0RsyuhvvDTAoTsl1rMKGmXMM0Ela3/5oxZ/5lUZB73vEJhzEi48ULvstpq82EO39KylkEfQxwMBPhnBIHQaGRkl7QPLXGOYUDMY6gT08Sm3e8/NqEJc/AgckXehpH3gSS2Ji2xg7/E8H5plGsswFidw//oYTTwm0j0halWpB521TD2wmjkjRHXzk1mj0EoFQUMfwHTIZU3E8flUBasD3mZ9XqZJPr66RV7QCrXayH75B/i0CyNqd/Hv5Tkf2TlC3EkEBZwZyAjqw7EyL1LuS936sc7fWuMFsH5k/fwjVwzIc1LmP+nmk2Dd9hIC66vec4w1QZeeAXuDKgOJjvQzj2n+uYRuObl4kKcxvoXqgQN0glGuB1IW7lPllGHR1kplhoub +0ccb43d4cf01d013ae05917ec4f305509f851b2d 0 iQJVBAABCAA/FiEEOoFVFj0OIKUw/LeGR6Z/+qNGqs4FAln6Qp8hHGtidWxsb2NrK21lcmN1cmlhbEByaW5nd29ybGQub3JnAAoJEEemf/qjRqrOJ8MP/2ufm/dbrFoE0F8hewhztG1vS4stus13lZ9lmM9kza8OKeOgY/MDH8GaV3O8GnRiCNUFsVD8JEIexE31c84H2Ie7VQO0GQSUHSyMCRrbED6IvfrWp6EZ6RDNPk4LHBfxCuPmuVHGRoGZtsLKJBPIxIHJKWMlEJlj9BZuUxZp/8kurQ6CXwblVbFzXdOaZQlioOBH27Bk3S0+gXfJ+wA2ed5XOQvT9jwjqC8y/1t8obaoPTpzyAvb9NArG+9RT9vfNN42aWISZNwg6RW5oLJISqoGrAes6EoG7dZfOC0UoKMVYXoNvZzJvVlMHyjugIoid+WI+V8y9bPrRTfbPCmocCzEzCOLEHQta8roNijB0bKcq8hmQPHcMyXlj1Srnqlco49jbhftgJoPTwzb10wQyU0VFvaZDPW/EQUT3M/k4j3sVESjANdyG1iu6EDV080LK1LgAdhjpKMBbf6mcgAe06/07XFMbKNrZMEislOcVFp98BSKjdioUNpy91rCeSmkEsASJ3yMArRnSkuVgpyrtJaGWl79VUcmOwKhUOA/8MXMz/Oqu7hvve/sgv71xlnim460nnLw6YHPyeeCsz6KSoUK3knFXAbTk/0jvU1ixUZbI122aMzX04UgPGeTukCOUw49XfaOdN+x0YXlkl4PsrnRQhIoixY2gosPpK4YO73G diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/.hgtags new/mercurial-4.4.1/.hgtags --- old/mercurial-4.4/.hgtags 2017-11-01 22:54:40.000000000 +0100 +++ new/mercurial-4.4.1/.hgtags 2017-11-07 19:15:36.000000000 +0100 @@ -166,3 +166,4 @@ 920977f72c7b70acfdaf56ab35360584d7845827 4.3.2 2f427b57bf9019c6dc3750baa539dc22c1be50f6 4.3.3 1e2454b60e5936f5e77498cab2648db469504487 4.4-rc +0ccb43d4cf01d013ae05917ec4f305509f851b2d 4.4 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/PKG-INFO new/mercurial-4.4.1/PKG-INFO --- old/mercurial-4.4/PKG-INFO 2017-11-01 22:54:55.000000000 +0100 +++ new/mercurial-4.4.1/PKG-INFO 2017-11-07 19:15:52.000000000 +0100 @@ -1,6 +1,6 @@ Metadata-Version: 1.1 Name: mercurial -Version: 4.4 +Version: 4.4.1 Summary: Fast scalable distributed SCM (revision control, version control) system Home-page: https://mercurial-scm.org/ Author: Matt Mackall and many others diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/doc/hg-ssh.8.html new/mercurial-4.4.1/doc/hg-ssh.8.html --- old/mercurial-4.4/doc/hg-ssh.8.html 2017-11-01 22:54:45.000000000 +0100 +++ new/mercurial-4.4.1/doc/hg-ssh.8.html 2017-11-07 19:15:42.000000000 +0100 @@ -3,7 +3,7 @@ <html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> -<meta name="generator" content="Docutils 0.13.1: http://docutils.sourceforge.net/"; /> +<meta name="generator" content="Docutils 0.12: http://docutils.sourceforge.net/"; /> <title>hg-ssh</title> <meta name="author" content="Thomas Arendsen Hein <thomas@intevation.de>" /> <meta name="organization" content="Mercurial" /> @@ -22,9 +22,9 @@ <td>Thomas Arendsen Hein <<a class="reference external" href="mailto:thomas@intevation.de";>thomas@intevation.de</a>></td></tr> <tr><th class="docinfo-name">Organization:</th> <td>Mercurial</td></tr> -<tr class="manual-section field"><th class="docinfo-name">Manual section:</th><td class="field-body">8</td> +<tr class="field"><th class="docinfo-name">Manual section:</th><td class="field-body">8</td> </tr> -<tr class="manual-group field"><th class="docinfo-name">Manual group:</th><td class="field-body">Mercurial Manual</td> +<tr class="field"><th class="docinfo-name">Manual group:</th><td class="field-body">Mercurial Manual</td> </tr> </tbody> </table> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/doc/hg.1.html new/mercurial-4.4.1/doc/hg.1.html --- old/mercurial-4.4/doc/hg.1.html 2017-11-01 22:54:48.000000000 +0100 +++ new/mercurial-4.4.1/doc/hg.1.html 2017-11-07 19:15:45.000000000 +0100 @@ -3,7 +3,7 @@ <html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> -<meta name="generator" content="Docutils 0.13.1: http://docutils.sourceforge.net/"; /> +<meta name="generator" content="Docutils 0.12: http://docutils.sourceforge.net/"; /> <title>hg</title> <meta name="author" content="Matt Mackall <mpm@selenic.com>" /> <meta name="organization" content="Mercurial" /> @@ -22,9 +22,9 @@ <td>Matt Mackall <<a class="reference external" href="mailto:mpm@selenic.com";>mpm@selenic.com</a>></td></tr> <tr><th class="docinfo-name">Organization:</th> <td>Mercurial</td></tr> -<tr class="manual-section field"><th class="docinfo-name">Manual section:</th><td class="field-body">1</td> +<tr class="field"><th class="docinfo-name">Manual section:</th><td class="field-body">1</td> </tr> -<tr class="manual-group field"><th class="docinfo-name">Manual group:</th><td class="field-body">Mercurial Manual</td> +<tr class="field"><th class="docinfo-name">Manual group:</th><td class="field-body">Mercurial Manual</td> </tr> </tbody> </table> @@ -174,7 +174,7 @@ undo an add before that, see <a class="reference external" href="hg.1.html#forget"><tt class="docutils literal">hg forget</tt></a>.</p> <p>If no names are given, add all files to the repository (except files matching <tt class="docutils literal">.hgignore</tt>).</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>Examples:</p> <blockquote> <ul> @@ -251,7 +251,7 @@ used to check which files were identified as moved or renamed. If not specified, -s/--similarity defaults to 100 and only renames of identical files are detected.</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>Examples:</p> <blockquote> <ul> @@ -427,7 +427,7 @@ directory; use -r/--rev to specify a different revision.</p> <p>The archive type is automatically detected based on file extension (to override, use -t/--type).</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>Examples:</p> <ul> <li><p class="first">create a zip file containing the 1.0 release:</p> @@ -514,12 +514,12 @@ it will be committed immediately.</p> <p>If REV is the parent of the working directory, then this new changeset is committed automatically (unless --no-commit is specified).</p> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last"><a class="reference external" href="hg.1.html#backout"><tt class="docutils literal">hg backout</tt></a> cannot be used to fix either an unwanted or incorrect merge.</p> </div> -<div class="verbose docutils container"> +<div class="verbose container"> <p>Examples:</p> <ul> <li><p class="first">Reverse the effect of the parent of the working directory. @@ -634,7 +634,7 @@ means to skip the revision, 127 (command not found) will abort the bisection, and any other non-zero exit status means the revision is bad.</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>Some examples:</p> <ul> <li><p class="first">start a bisection with known bad revision 34, and good revision 12:</p> @@ -754,7 +754,7 @@ the active bookmark's name.</p> <p>A bookmark named '@' has the special property that <a class="reference external" href="hg.1.html#clone"><tt class="docutils literal">hg clone</tt></a> will check it out by default if it exists.</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>Examples:</p> <ul> <li><p class="first">create an active bookmark for a new line of development:</p> @@ -821,7 +821,7 @@ <pre class="literal-block"> hg branch [-fC] [NAME] </pre> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">Branch names are permanent and global. Use <a class="reference external" href="hg.1.html#bookmark"><tt class="docutils literal">hg bookmark</tt></a> to create a light-weight bookmark instead. See <a class="reference external" href="hg.1.html#glossary"><tt class="docutils literal">hg help glossary</tt></a> for more @@ -1052,12 +1052,12 @@ a modern client may inherit legacy or inefficient storage used by the remote or a legacy Mercurial client may not be able to clone from a modern Mercurial remote.</p> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">Specifying a tag will include the tagged changeset but not the changeset containing the tag.</p> </div> -<div class="verbose docutils container"> +<div class="verbose container"> <p>For efficiency, hardlinks are used for cloning whenever the source and destination are on the same filesystem (note this applies only to the repository data, not to the working @@ -1199,7 +1199,7 @@ or changesets that have children.</p> <p>See <a class="reference external" href="hg.1.html#dates"><tt class="docutils literal">hg help dates</tt></a> for a list of formats valid for -d/--date.</p> <p>Returns 0 on success, 1 if nothing changed.</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>Examples:</p> <ul> <li><p class="first">commit all files ending in .py:</p> @@ -1373,7 +1373,7 @@ </pre> <p>Show differences between revisions for the specified files.</p> <p>Differences between files are shown using the unified diff format.</p> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last"><a class="reference external" href="hg.1.html#diff"><tt class="docutils literal">hg diff</tt></a> may generate unexpected results for merges, as it will default to comparing against the working directory's first @@ -1391,7 +1391,7 @@ anyway, probably with undesirable results.</p> <p>Use the -g/--git option to generate diffs in the git extended diff format. For more information, read <a class="reference external" href="hg.1.html#diffs"><tt class="docutils literal">hg help diffs</tt></a>.</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>Examples:</p> <ul> <li><p class="first">compare a file in the current working directory to its parent:</p> @@ -1511,7 +1511,7 @@ <p>The information shown in the changeset header is: author, date, branch name (if non-default), changeset hash, parent(s) and commit comment.</p> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last"><a class="reference external" href="hg.1.html#export"><tt class="docutils literal">hg export</tt></a> may generate unexpected diff output for merge changesets, as it will compare the merge changeset against its @@ -1550,7 +1550,7 @@ format. See <a class="reference external" href="hg.1.html#diffs"><tt class="docutils literal">hg help diffs</tt></a> for more information.</p> <p>With the --switch-parent option, the diff will be against the second parent. It can be useful to review a merge.</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>Examples:</p> <ul> <li><p class="first">use export and import to transplant a bugfix to the current @@ -1618,7 +1618,7 @@ Files can be specified as filenames or filesets.</p> <p>If no files are given to match, this command prints the names of all files under Mercurial control.</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>Examples:</p> <ul> <li><p class="first">list all files under the current directory:</p> @@ -1700,7 +1700,7 @@ working directory.</p> <p>To delete the file from the working directory, see <a class="reference external" href="hg.1.html#remove"><tt class="docutils literal">hg remove</tt></a>.</p> <p>To undo a forget before the next commit, see <a class="reference external" href="hg.1.html#add"><tt class="docutils literal">hg add</tt></a>.</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>Examples:</p> <ul> <li><p class="first">forget newly-added binary files:</p> @@ -1758,12 +1758,12 @@ interrupted so that the current merge can be manually resolved. Once all conflicts are addressed, the graft process can be continued with the -c/--continue option.</p> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">The -c/--continue option does not reapply earlier options, except for --force.</p> </div> -<div class="verbose docutils container"> +<div class="verbose container"> <p>Examples:</p> <ul> <li><p class="first">copy a single change to the stable branch and edit its description:</p> @@ -2015,7 +2015,7 @@ repository.</p> <p>Specifying a path to a repository root or Mercurial bundle will cause lookup to operate on that repository/bundle.</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>Examples:</p> <ul> <li><p class="first">generate a build identifier for the working directory:</p> @@ -2124,7 +2124,7 @@ changeset. This flag exists to let people import patches that partially apply without losing the associated metadata (author, date, description, ...).</p> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">When no hunks apply cleanly, <a class="reference external" href="hg.1.html#import"><tt class="docutils literal">hg import <span class="pre">--partial</span></tt></a> will create an empty changeset, importing only the patch metadata.</p> @@ -2137,7 +2137,7 @@ See <a class="reference external" href="hgrc.5.html"><tt class="docutils literal">hg help config</tt></a> for more information about configuration files and how to use these options.</p> <p>See <a class="reference external" href="hg.1.html#dates"><tt class="docutils literal">hg help dates</tt></a> for a list of formats valid for -d/--date.</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>Examples:</p> <ul> <li><p class="first">import a traditional patch from a website and detect renames:</p> @@ -2253,7 +2253,7 @@ pull location. These are the changesets that would have been pulled by <a class="reference external" href="hg.1.html#pull"><tt class="docutils literal">hg pull</tt></a> at the time you issued this command.</p> <p>See pull for valid source format details.</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>With -B/--bookmarks, the result of bookmark comparison between local and remote repositories is displayed. With -v/--verbose, status is also displayed for each bookmark like below:</p> @@ -2283,7 +2283,7 @@ existing only in the remote repository are treated as <tt class="docutils literal">added</tt>, even if it is in fact locally deleted.</p> </div> -<div class="verbose docutils container"> +<div class="verbose container"> <p>For remote repository, using --bundle avoids downloading the changesets twice if the incoming is followed by a pull.</p> <p>Examples:</p> @@ -2486,34 +2486,34 @@ parent of the 'o' merge on the same line. Paths in the DAG are represented with '|', '/' and so forth. ':' in place of a '|' indicates one or more revisions in a path are omitted.</p> -<div class="verbose docutils container"> +<div class="verbose container"> Use -L/--line-range FILE,M:N options to follow the history of lines from M to N in FILE. With -p/--patch only diff hunks affecting specified line range will be shown. This option requires --follow; it can be specified multiple times. Currently, this option is not compatible with --graph. This option is experimental.</div> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last"><a class="reference external" href="hg.1.html#log"><tt class="docutils literal">hg log <span class="pre">--patch</span></tt></a> may generate unexpected diff output for merge changesets, as it will only compare the merge changeset against its first parent. Also, only files different from BOTH parents will appear in files:.</p> </div> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">For performance reasons, <a class="reference external" href="hg.1.html#log"><tt class="docutils literal">hg log FILE</tt></a> may omit duplicate changes made on branches and will not show removals or mode changes. To see all such changes, use the --removed switch.</p> </div> -<div class="verbose docutils container"> -<div class="admonition note"> +<div class="verbose container"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">The history resulting from -L/--line-range options depends on diff options; for instance if white-spaces are ignored, respective changes with only white-spaces in specified line range will not be listed.</p> </div> </div> -<div class="verbose docutils container"> +<div class="verbose container"> <p>Some examples:</p> <ul> <li><p class="first">changesets with full descriptions and file lists:</p> @@ -2776,7 +2776,7 @@ or the default push location. These are the changesets that would be pushed if a push was requested.</p> <p>See pull for details of valid destination formats.</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>With -B/--bookmarks, the result of bookmark comparison between local and remote repositories is displayed. With -v/--verbose, status is also displayed for each bookmark like below:</p> @@ -2942,7 +2942,7 @@ <tt class="docutils literal">default</tt> will be used for pull; otherwise <tt class="docutils literal">default</tt> is used as the fallback for both. When cloning a repository, the clone source is written as <tt class="docutils literal">default</tt> in <tt class="docutils literal">.hg/hgrc</tt>.</p> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last"><tt class="docutils literal">default</tt> and <tt class="docutils literal"><span class="pre">default-push</span></tt> apply to all inbound (e.g. <a class="reference external" href="hg.1.html#incoming"><tt class="docutils literal">hg incoming</tt></a>) and outbound (e.g. <a class="reference external" href="hg.1.html#outgoing"><tt class="docutils literal">hg outgoing</tt></a>, <a class="reference external" href="hg.1.html#email"><tt class="docutils literal">hg email</tt></a> @@ -3078,7 +3078,7 @@ <p>Use --new-branch if you want to allow push to create a new named branch that is not present at the destination. This allows you to only create a new branch without forcing other changes.</p> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">Extra care should be taken with the -f/--force option, which will push all new heads on all branches, an action which will @@ -3092,7 +3092,7 @@ bookmark's name.</p> <p>Please see <a class="reference external" href="hg.1.html#urls"><tt class="docutils literal">hg help urls</tt></a> for important details about <tt class="docutils literal"><span class="pre">ssh://</span></tt> URLs. If DESTINATION is omitted, a default path will be used.</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>The --pushvars option sends strings to the server that become environment variables prepended with <tt class="docutils literal">HG_USERVAR_</tt>. For example, <tt class="docutils literal"><span class="pre">--pushvars</span> ENABLE_FEATURE=true</tt>, provides the server side hooks with @@ -3174,7 +3174,7 @@ <p>This command schedules the files to be removed at the next commit. To undo a remove before that, see <a class="reference external" href="hg.1.html#revert"><tt class="docutils literal">hg revert</tt></a>. To undo added files, see <a class="reference external" href="hg.1.html#forget"><tt class="docutils literal">hg forget</tt></a>.</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>-A/--after can be used to remove only files that have already been deleted, -f/--force can be used to force deletion, and -Af can be used to remove files from the next revision without @@ -3227,7 +3227,7 @@ </tr> </tbody> </table> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last"><a class="reference external" href="hg.1.html#remove"><tt class="docutils literal">hg remove</tt></a> never deletes files in Added [A] state from the working directory, not even if <tt class="docutils literal"><span class="pre">--force</span></tt> is specified.</p> @@ -3337,7 +3337,7 @@ You can use <tt class="docutils literal">set:unresolved()</tt> or <tt class="docutils literal">set:resolved()</tt> to filter the list. See <a class="reference external" href="hg.1.html#filesets"><tt class="docutils literal">hg help filesets</tt></a> for details.</li> </ul> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">Mercurial will not let you commit files with unresolved merge conflicts. You must use <a class="reference external" href="hg.1.html#resolve"><tt class="docutils literal">hg resolve <span class="pre">-m</span> ...</tt></a> before you can @@ -3391,7 +3391,7 @@ <pre class="literal-block"> hg revert [OPTION]... [-r REV] [NAME]... </pre> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">To check out earlier revisions, you should use <a class="reference external" href="hg.1.html#update"><tt class="docutils literal">hg update REV</tt></a>. To cancel an uncommitted merge (and lose your changes), @@ -3473,7 +3473,7 @@ <p>Transactions are used to encapsulate the effects of all commands that create new changesets or propagate existing changesets into a repository.</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>For example, the following commands are transactional, and their effects can be rolled back:</p> <ul class="simple"> @@ -3634,7 +3634,7 @@ options -mardu are used.</p> <p>Option -q/--quiet hides untracked (unknown and ignored) files unless explicitly requested with -u/--unknown or -i/--ignored.</p> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last"><a class="reference external" href="hg.1.html#status"><tt class="docutils literal">hg status</tt></a> may appear to disagree with diff if permissions have changed or a merge has occurred. The standard diff format does @@ -3656,7 +3656,7 @@ I = ignored = origin of the previous file (with --copies) </pre> -<div class="verbose docutils container"> +<div class="verbose container"> <p>The -t/--terse option abbreviates the output by showing only the directory name if all the files in it share the same status. The option takes an argument indicating the statuses to abbreviate: 'm' for 'modified', 'a' @@ -3956,7 +3956,7 @@ aborted. With the -c/--check option, the working directory is checked for uncommitted changes; if none are found, the working directory is updated to the specified changeset.</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>The -C/--clean, -c/--check, and -m/--merge options control what happens if the working directory contains uncommitted changes. At most of one of them can be specified.</p> @@ -4165,7 +4165,7 @@ color = no </pre> <p>See <a class="reference external" href="hgrc.5.html#ui"><tt class="docutils literal">hg help config.ui.color</tt></a> for details.</p> -<div class="windows docutils container"> +<div class="windows container"> The default pager on Windows does not support color, so enabling the pager will effectively disable color. See <a class="reference external" href="hgrc.5.html#ui"><tt class="docutils literal">hg help config.ui.paginate</tt></a> to disable the pager. Alternately, MSYS and Cygwin shells provide <cite>less</cite> as a pager, @@ -5113,7 +5113,7 @@ <p>Subdirectories can have their own .hgignore settings by adding <tt class="docutils literal"><span class="pre">subinclude:path/to/subdir/.hgignore</span></tt> to the root <tt class="docutils literal">.hgignore</tt>. See <a class="reference external" href="hg.1.html#patterns"><tt class="docutils literal">hg help patterns</tt></a> for details on <tt class="docutils literal">subinclude:</tt> and <tt class="docutils literal">include:</tt>.</p> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">Patterns specified in other than <tt class="docutils literal">.hgignore</tt> are always rooted. Please see <a class="reference external" href="hg.1.html#patterns"><tt class="docutils literal">hg help patterns</tt></a> for details.</p> @@ -5521,7 +5521,7 @@ internal <tt class="docutils literal">:merge</tt> is used.</li> <li>Otherwise, <tt class="docutils literal">:prompt</tt> is used.</li> </ol> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">After selecting a merge program, Mercurial will by default attempt to merge the files using a simple merge algorithm first. Only if it doesn't @@ -5547,7 +5547,7 @@ environment variable $PAGER. If $PAGER is not set, pager.pager from the default or system configuration is used. If none of these are set, a default pager will be used, typically <cite>less</cite> on Unix and <cite>more</cite> on Windows.</p> -<div class="windows docutils container"> +<div class="windows container"> On Windows, <cite>more</cite> is not color aware, so using it effectively disables color. MSYS and Cygwin shells provide <cite>less</cite> as a pager, which can be configured to support ANSI color codes. See <a class="reference external" href="hgrc.5.html#color"><tt class="docutils literal">hg help config.color.pagermode</tt></a> to configure @@ -5584,7 +5584,7 @@ <p>By default, Mercurial treats filenames as shell-style extended glob patterns.</p> <p>Alternate pattern notations must be specified explicitly.</p> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">Patterns specified in <tt class="docutils literal">.hgignore</tt> are not rooted. Please see <a class="reference external" href="hg.1.html#hgignore"><tt class="docutils literal">hg help hgignore</tt></a> for details.</p> @@ -5701,7 +5701,7 @@ - secret changesets are neither pushed, pulled, or cloned </pre> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">Pulling a draft changeset from a publishing server does not mark it as public on the server side due to the read-only nature of pull.</p> @@ -5714,12 +5714,12 @@ publish = False </pre> <p>See <a class="reference external" href="hgrc.5.html"><tt class="docutils literal">hg help config</tt></a> for more information on configuration files.</p> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">Servers running older versions of Mercurial are treated as publishing.</p> </div> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">Changesets in secret phase are not exchanged with the server. This applies to their content: file names, file contents, and changeset @@ -6257,7 +6257,7 @@ advantage over simple <tt class="docutils literal">hg</tt> process invocations in that they are likely more efficient. This is because there is significant overhead to spawn new Python processes.</p> -<div class="admonition tip"> +<div class="tip"> <p class="first admonition-title">Tip</p> <p class="last">If you need to invoke several <tt class="docutils literal">hg</tt> processes in short order and/or performance is important to you, use of a server-based interface @@ -6329,7 +6329,7 @@ example, <tt class="docutils literal">log <span class="pre">-T</span> <span class="pre">{node}\n</span></tt> can be used to print a newline delimited list of changeset nodes instead of a human-tailored output containing authors, dates, descriptions, etc.</p> -<div class="admonition tip"> +<div class="tip"> <p class="first admonition-title">Tip</p> <p class="last">If parsing raw command output is too complicated, consider using templates to make your life easier.</p> @@ -6338,7 +6338,7 @@ Mercurial ships with the machine-readable styles <tt class="docutils literal">json</tt> and <tt class="docutils literal">xml</tt>, which provide JSON and XML output, respectively. These are useful for producing output that is machine readable as-is.</p> -<div class="admonition important"> +<div class="important"> <p class="first admonition-title">Important</p> <p>The <tt class="docutils literal">json</tt> and <tt class="docutils literal">xml</tt> styles are considered experimental. While they may be attractive to use for easily obtaining machine-readable @@ -6427,7 +6427,7 @@ subrepositories to the state they were committed in a parent repository changeset. Mercurial automatically record the nested repositories states when committing in the parent repository.</p> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">The <tt class="docutils literal">.hgsubstate</tt> file should not be edited manually.</p> </div> @@ -8526,7 +8526,7 @@ destination subrepositories contain the <dest>/<sub>/.hg/shamap file. Converting a repository with subrepositories requires converting a single repository at a time, from the bottom up.</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>An example showing how to convert a repository with subrepositories:</p> <pre class="literal-block"> # so convert knows the type when it sees a non empty destination @@ -8679,7 +8679,7 @@ [repository] native = LF </pre> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">The rules will first apply when files are touched in the working directory, e.g. by updating to null and back to tip to touch all files.</p> @@ -9436,7 +9436,7 @@ default, this selects the editable history that is unique to the ancestry of the working directory.</li> </ul> -<div class="verbose docutils container"> +<div class="verbose container"> <p>If you use --outgoing, this command will abort if there are ambiguous outgoing revisions. For example, if there are multiple branches containing outgoing revisions.</p> @@ -9445,7 +9445,7 @@ such ambiguous situation. See <a class="reference external" href="hg.1.html#revsets"><tt class="docutils literal">hg help revsets</tt></a> for detail about selecting revisions.</p> </div> -<div class="verbose docutils container"> +<div class="verbose container"> <p>Examples:</p> <blockquote> <ul> @@ -9626,7 +9626,7 @@ # prefer svn- over cvs-like default keywordmaps svn = True </pre> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">The more specific you are in your filename patterns the less you lose speed in huge repositories.</p> @@ -9920,7 +9920,7 @@ locally, pulling from a remote repository to the local cache.</p> <p>If SOURCE is omitted, the 'default' path will be used. See <a class="reference external" href="hg.1.html#urls"><tt class="docutils literal">hg help urls</tt></a> for more information.</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>Some examples:</p> <ul> <li><p class="first">pull largefiles for all branch heads:</p> @@ -10382,7 +10382,7 @@ has activated it.</p> <p>With no arguments, print the currently active guards. With arguments, set guards for the named patch.</p> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">Specifying negative guards now requires '--'.</p> </div> @@ -11499,7 +11499,7 @@ deleted, there is no hook presently available for this.</p> <p>If a rebase is interrupted to manually resolve a conflict, it can be continued with --continue/-c or aborted with --abort/-a.</p> -<div class="verbose docutils container"> +<div class="verbose container"> <p>Examples:</p> <ul> <li><p class="first">move "local changes" (current commit back to branching point) @@ -11957,7 +11957,7 @@ </pre> <p>Initialize a new repository and working directory that shares its history (and optionally bookmarks) with another repository.</p> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">using rollback or extensions that destroy/modify history (mq, rebase, etc.) can cause considerable confusion with shared @@ -12124,7 +12124,7 @@ backup directory. Only the N most recent backups are kept. N defaults to 10 but can be overridden using the <tt class="docutils literal">shelve.maxbackups</tt> configuration option.</p> -<div class="verbose docutils container"> +<div class="verbose container"> Timestamp in seconds is used to decide order of backups. More than <tt class="docutils literal">maxbackups</tt> backups are kept, if same timestamp prevents from deciding exact order of them, for safety.</div> @@ -12188,7 +12188,7 @@ <p>A requested view of repository data is displayed.</p> <p>If no view is requested, the list of available views is shown and the command aborts.</p> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p>There are no backwards compatibility guarantees for the output of this command. Output may change in any future Mercurial release.</p> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/doc/hgignore.5.html new/mercurial-4.4.1/doc/hgignore.5.html --- old/mercurial-4.4/doc/hgignore.5.html 2017-11-01 22:54:48.000000000 +0100 +++ new/mercurial-4.4.1/doc/hgignore.5.html 2017-11-07 19:15:45.000000000 +0100 @@ -3,7 +3,7 @@ <html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> -<meta name="generator" content="Docutils 0.13.1: http://docutils.sourceforge.net/"; /> +<meta name="generator" content="Docutils 0.12: http://docutils.sourceforge.net/"; /> <title>hgignore</title> <meta name="author" content="Vadim Gelfer <vadim.gelfer@gmail.com>" /> <meta name="organization" content="Mercurial" /> @@ -22,9 +22,9 @@ <td>Vadim Gelfer <<a class="reference external" href="mailto:vadim.gelfer@gmail.com";>vadim.gelfer@gmail.com</a>></td></tr> <tr><th class="docinfo-name">Organization:</th> <td>Mercurial</td></tr> -<tr class="manual-section field"><th class="docinfo-name">Manual section:</th><td class="field-body">5</td> +<tr class="field"><th class="docinfo-name">Manual section:</th><td class="field-body">5</td> </tr> -<tr class="manual-group field"><th class="docinfo-name">Manual group:</th><td class="field-body">Mercurial Manual</td> +<tr class="field"><th class="docinfo-name">Manual group:</th><td class="field-body">Mercurial Manual</td> </tr> </tbody> </table> @@ -89,7 +89,7 @@ <p>Subdirectories can have their own .hgignore settings by adding <tt class="docutils literal"><span class="pre">subinclude:path/to/subdir/.hgignore</span></tt> to the root <tt class="docutils literal">.hgignore</tt>. See <a class="reference external" href="hg.1.html#patterns"><tt class="docutils literal">hg help patterns</tt></a> for details on <tt class="docutils literal">subinclude:</tt> and <tt class="docutils literal">include:</tt>.</p> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">Patterns specified in other than <tt class="docutils literal">.hgignore</tt> are always rooted. Please see <a class="reference external" href="hg.1.html#patterns"><tt class="docutils literal">hg help patterns</tt></a> for details.</p> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/doc/hgrc.5 new/mercurial-4.4.1/doc/hgrc.5 --- old/mercurial-4.4/doc/hgrc.5 2017-11-01 22:54:45.000000000 +0100 +++ new/mercurial-4.4.1/doc/hgrc.5 2017-11-07 19:15:42.000000000 +0100 @@ -2355,6 +2355,51 @@ rewrite rules are then applied on the full (absolute) path. If \fBpattern\fP doesn\(aqt match the full path, an attempt is made to apply it on the relative path alone. The rules are applied in definition order. +.SS \fBsubrepos\fP +.sp +This section contains options that control the behavior of the +subrepositories feature. See also \%\fBhg help subrepos\fP\:. +.sp +Security note: auditing in Mercurial is known to be insufficient to +prevent clone\-time code execution with carefully constructed Git +subrepos. It is unknown if a similar detect is present in Subversion +subrepos. Both Git and Subversion subrepos are disabled by default +out of security concerns. These subrepo types can be enabled using +the respective options below. +.INDENT 0.0 +.TP +.B \fBallowed\fP +.sp +Whether subrepositories are allowed in the working directory. +.sp +When false, commands involving subrepositories (like \%\fBhg update\fP\:) +will fail for all subrepository types. +(default: true) +.TP +.B \fBhg:allowed\fP +.sp +Whether Mercurial subrepositories are allowed in the working +directory. This option only has an effect if \fBsubrepos.allowed\fP +is true. +(default: true) +.TP +.B \fBgit:allowed\fP +.sp +Whether Git subrepositories are allowed in the working directory. +This option only has an effect if \fBsubrepos.allowed\fP is true. +.sp +See the security note above before enabling Git subrepos. +(default: false) +.TP +.B \fBsvn:allowed\fP +.sp +Whether Subversion subrepositories are allowed in the working +directory. This option only has an effect if \fBsubrepos.allowed\fP +is true. +.sp +See the security note above before enabling Subversion subrepos. +(default: false) +.UNINDENT .SS \fBtemplatealias\fP .sp Alias definitions for templates. See \%\fBhg help templates\fP\: for details. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/doc/hgrc.5.html new/mercurial-4.4.1/doc/hgrc.5.html --- old/mercurial-4.4/doc/hgrc.5.html 2017-11-01 22:54:49.000000000 +0100 +++ new/mercurial-4.4.1/doc/hgrc.5.html 2017-11-07 19:15:46.000000000 +0100 @@ -3,7 +3,7 @@ <html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> -<meta name="generator" content="Docutils 0.13.1: http://docutils.sourceforge.net/"; /> +<meta name="generator" content="Docutils 0.12: http://docutils.sourceforge.net/"; /> <title>hgrc</title> <meta name="author" content="Bryan O'Sullivan <bos@serpentine.com>" /> <meta name="organization" content="Mercurial" /> @@ -22,9 +22,9 @@ <td>Bryan O'Sullivan <<a class="reference external" href="mailto:bos@serpentine.com";>bos@serpentine.com</a>></td></tr> <tr><th class="docinfo-name">Organization:</th> <td>Mercurial</td></tr> -<tr class="manual-section field"><th class="docinfo-name">Manual section:</th><td class="field-body">5</td> +<tr class="field"><th class="docinfo-name">Manual section:</th><td class="field-body">5</td> </tr> -<tr class="manual-group field"><th class="docinfo-name">Manual group:</th><td class="field-body">Mercurial Manual</td> +<tr class="field"><th class="docinfo-name">Manual group:</th><td class="field-body">Mercurial Manual</td> </tr> </tbody> </table> @@ -68,18 +68,19 @@ <li><a class="reference internal" href="#server" id="id36"><tt class="docutils literal">server</tt></a></li> <li><a class="reference internal" href="#smtp" id="id37"><tt class="docutils literal">smtp</tt></a></li> <li><a class="reference internal" href="#subpaths" id="id38"><tt class="docutils literal">subpaths</tt></a></li> -<li><a class="reference internal" href="#templatealias" id="id39"><tt class="docutils literal">templatealias</tt></a></li> -<li><a class="reference internal" href="#templates" id="id40"><tt class="docutils literal">templates</tt></a></li> -<li><a class="reference internal" href="#trusted" id="id41"><tt class="docutils literal">trusted</tt></a></li> -<li><a class="reference internal" href="#ui" id="id42"><tt class="docutils literal">ui</tt></a></li> -<li><a class="reference internal" href="#web" id="id43"><tt class="docutils literal">web</tt></a></li> -<li><a class="reference internal" href="#websub" id="id44"><tt class="docutils literal">websub</tt></a></li> -<li><a class="reference internal" href="#worker" id="id45"><tt class="docutils literal">worker</tt></a></li> +<li><a class="reference internal" href="#subrepos" id="id39"><tt class="docutils literal">subrepos</tt></a></li> +<li><a class="reference internal" href="#templatealias" id="id40"><tt class="docutils literal">templatealias</tt></a></li> +<li><a class="reference internal" href="#templates" id="id41"><tt class="docutils literal">templates</tt></a></li> +<li><a class="reference internal" href="#trusted" id="id42"><tt class="docutils literal">trusted</tt></a></li> +<li><a class="reference internal" href="#ui" id="id43"><tt class="docutils literal">ui</tt></a></li> +<li><a class="reference internal" href="#web" id="id44"><tt class="docutils literal">web</tt></a></li> +<li><a class="reference internal" href="#websub" id="id45"><tt class="docutils literal">websub</tt></a></li> +<li><a class="reference internal" href="#worker" id="id46"><tt class="docutils literal">worker</tt></a></li> </ul> </li> -<li><a class="reference internal" href="#author" id="id46">Author</a></li> -<li><a class="reference internal" href="#see-also" id="id47">See Also</a></li> -<li><a class="reference internal" href="#copying" id="id48">Copying</a></li> +<li><a class="reference internal" href="#author" id="id47">Author</a></li> +<li><a class="reference internal" href="#see-also" id="id48">See Also</a></li> +<li><a class="reference internal" href="#copying" id="id49">Copying</a></li> </ul> </div> <div class="section" id="description"> @@ -115,12 +116,12 @@ appropriate configuration files yourself:</p> <p>Local configuration is put into the per-repository <tt class="docutils literal"><span class="pre"><repo>/.hg/hgrc</span></tt> file.</p> <p>Global configuration like the username setting is typically put into:</p> -<div class="windows docutils container"> +<div class="windows container"> <ul class="simple"> <li><tt class="docutils literal"><span class="pre">%USERPROFILE%\mercurial.ini</span></tt> (on Windows)</li> </ul> </div> -<div class="unix-plan9 docutils container"> +<div class="unix-plan9 container"> <ul class="simple"> <li><tt class="docutils literal"><span class="pre">$HOME/.hgrc</span></tt> (on Unix, Plan9)</li> </ul> @@ -130,7 +131,7 @@ alphabetical order, later ones overriding earlier ones. Where multiple paths are given below, settings from earlier paths override later ones.</p> -<div class="verbose-unix docutils container"> +<div class="verbose-unix container"> <p>On Unix, the following files are consulted:</p> <ul class="simple"> <li><tt class="docutils literal"><span class="pre"><repo>/.hg/hgrc</span></tt> (per-repository)</li> @@ -143,7 +144,7 @@ <li><tt class="docutils literal"><span class="pre"><internal>/default.d/*.rc</span></tt> (defaults)</li> </ul> </div> -<div class="verbose-windows docutils container"> +<div class="verbose-windows container"> <p>On Windows, the following files are consulted:</p> <ul class="simple"> <li><tt class="docutils literal"><span class="pre"><repo>/.hg/hgrc</span></tt> (per-repository)</li> @@ -156,15 +157,15 @@ <li><tt class="docutils literal"><span class="pre"><install-dir>\Mercurial.ini</span></tt> (per-installation)</li> <li><tt class="docutils literal"><span class="pre"><internal>/default.d/*.rc</span></tt> (defaults)</li> </ul> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">The registry key <tt class="docutils literal">HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mercurial</tt> is used when running 32-bit Python on 64-bit Windows.</p> </div> </div> -<div class="windows docutils container"> +<div class="windows container"> On Windows 9x, <tt class="docutils literal">%HOME%</tt> is replaced by <tt class="docutils literal">%APPDATA%</tt>.</div> -<div class="verbose-plan9 docutils container"> +<div class="verbose-plan9 container"> <p>On Plan9, the following files are consulted:</p> <ul class="simple"> <li><tt class="docutils literal"><span class="pre"><repo>/.hg/hgrc</span></tt> (per-repository)</li> @@ -180,7 +181,7 @@ particular repository. This file is not version-controlled, and will not get transferred during a "clone" operation. Options in this file override options in all other configuration files.</p> -<div class="unix-plan9 docutils container"> +<div class="unix-plan9 container"> On Plan 9 and Unix, most of this file will be ignored if it doesn't belong to a trusted user or to a trusted group. See <a class="reference external" href="hgrc.5.html#trusted"><tt class="docutils literal">hg help config.trusted</tt></a> for more details.</div> @@ -191,7 +192,7 @@ <p>Per-installation configuration files are searched for in the directory where Mercurial is installed. <tt class="docutils literal"><span class="pre"><install-root></span></tt> is the parent directory of the <strong>hg</strong> executable (or symlink) being run.</p> -<div class="unix-plan9 docutils container"> +<div class="unix-plan9 container"> For example, if installed in <tt class="docutils literal">/shared/tools/bin/hg</tt>, Mercurial will look in <tt class="docutils literal">/shared/tools/etc/mercurial/hgrc</tt>. Options in these files apply to all Mercurial commands executed by any user in any @@ -318,7 +319,7 @@ <pre class="literal-block"> stable5 = latest -b stable </pre> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">It is possible to create aliases with the same names as existing commands, which will then override the original @@ -349,7 +350,7 @@ alias, as was done above for the purge alias. In addition, <tt class="docutils literal">$HG_ARGS</tt> expands to the arguments given to Mercurial. In the <tt class="docutils literal">hg echo foo</tt> call above, <tt class="docutils literal">$HG_ARGS</tt> would expand to <tt class="docutils literal">echo foo</tt>.</p> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">Some global configuration options such as <tt class="docutils literal"><span class="pre">-R</span></tt> are processed before shell aliases and will thus not be passed to @@ -552,7 +553,7 @@ HG: Everything below will be removed. {diff()} </pre> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p>For some problematic encodings (see <a class="reference external" href="hg.1.html#win32mbcs"><tt class="docutils literal">hg help win32mbcs</tt></a> for detail), this customization should be configured carefully, to @@ -661,8 +662,8 @@ filtered by the command. The string <tt class="docutils literal">OUTFILE</tt> is replaced with the name of an empty temporary file, where the filtered data must be written by the command.</p> -<div class="windows docutils container"> -<div class="admonition note"> +<div class="windows container"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">The tempfile mechanism is recommended for Windows systems, where the standard shell I/O redirection operators often have @@ -1052,7 +1053,7 @@ parent is in <tt class="docutils literal">$HG_PARENT2</tt>. If the update succeeded, <tt class="docutils literal">$HG_ERROR=0</tt>. If the update failed (e.g. because conflicts were not resolved), <tt class="docutils literal">$HG_ERROR=1</tt>.</dd> </dl> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">It is generally better to use standard hooks rather than the generic pre- and post- command hooks, as they are guaranteed to be @@ -1060,7 +1061,7 @@ Also, hooks like "commit" will be called in all contexts that generate a commit (e.g. tag) and not just the commit command.</p> </div> -<div class="admonition note"> +<div class="note"> <p class="first admonition-title">Note</p> <p class="last">Environment variables with empty values may not be passed to hooks on platforms such as Windows. As an example, <tt class="docutils literal">$HG_PARENT2</tt> @@ -1289,7 +1290,7 @@ (default: 0)</dd> <dt><tt class="docutils literal">executable</tt></dt> <dd><p class="first">Either just the name of the executable or its pathname.</p> -<div class="windows docutils container"> +<div class="windows container"> On Windows, the path can use environment variables with ${ProgramFiles} syntax.</div> <p class="last">(default: the tool name)</p> @@ -1335,7 +1336,7 @@ <dt><tt class="docutils literal">gui</tt></dt> <dd>This tool requires a graphical interface to run. (default: False)</dd> </dl> -<div class="windows docutils container"> +<div class="windows container"> <dl class="docutils"> <dt><tt class="docutils literal">regkey</tt></dt> <dd>Windows registry key which describes install location of this @@ -1768,6 +1769,43 @@ doesn't match the full path, an attempt is made to apply it on the relative path alone. The rules are applied in definition order.</p> </div> +<div class="section" id="subrepos"> +<h2><a class="toc-backref" href="#contents"><tt class="docutils literal">subrepos</tt></a></h2> +<p>This section contains options that control the behavior of the +subrepositories feature. See also <a class="reference external" href="hg.1.html#subrepos"><tt class="docutils literal">hg help subrepos</tt></a>.</p> +<p>Security note: auditing in Mercurial is known to be insufficient to +prevent clone-time code execution with carefully constructed Git +subrepos. It is unknown if a similar detect is present in Subversion +subrepos. Both Git and Subversion subrepos are disabled by default +out of security concerns. These subrepo types can be enabled using +the respective options below.</p> +<dl class="docutils"> +<dt><tt class="docutils literal">allowed</tt></dt> +<dd><p class="first">Whether subrepositories are allowed in the working directory.</p> +<p class="last">When false, commands involving subrepositories (like <a class="reference external" href="hg.1.html#update"><tt class="docutils literal">hg update</tt></a>) +will fail for all subrepository types. +(default: true)</p> +</dd> +<dt><tt class="docutils literal">hg:allowed</tt></dt> +<dd>Whether Mercurial subrepositories are allowed in the working +directory. This option only has an effect if <tt class="docutils literal">subrepos.allowed</tt> +is true. +(default: true)</dd> +<dt><tt class="docutils literal">git:allowed</tt></dt> +<dd><p class="first">Whether Git subrepositories are allowed in the working directory. +This option only has an effect if <tt class="docutils literal">subrepos.allowed</tt> is true.</p> +<p class="last">See the security note above before enabling Git subrepos. +(default: false)</p> +</dd> +<dt><tt class="docutils literal">svn:allowed</tt></dt> +<dd><p class="first">Whether Subversion subrepositories are allowed in the working +directory. This option only has an effect if <tt class="docutils literal">subrepos.allowed</tt> +is true.</p> +<p class="last">See the security note above before enabling Subversion subrepos. +(default: false)</p> +</dd> +</dl> +</div> <div class="section" id="templatealias"> <h2><a class="toc-backref" href="#contents"><tt class="docutils literal">templatealias</tt></a></h2> <p>Alias definitions for templates. See <a class="reference external" href="hg.1.html#templates"><tt class="docutils literal">hg help templates</tt></a> for details.</p> @@ -1952,7 +1990,7 @@ <dt><tt class="docutils literal">false</tt></dt> <dd>Alias for <tt class="docutils literal">ignore</tt>.</dd> </dl> -<div class="windows last docutils container"> +<div class="windows last container"> On Windows, this configuration option is ignored and the command aborted.</div> </dd> <dt><tt class="docutils literal">quiet</tt></dt> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/hgext/share.py new/mercurial-4.4.1/hgext/share.py --- old/mercurial-4.4/hgext/share.py 2017-11-01 22:54:37.000000000 +0100 +++ new/mercurial-4.4.1/hgext/share.py 2017-11-07 19:15:33.000000000 +0100 @@ -63,16 +63,6 @@ # leave the attribute unspecified. testedwith = 'ships-with-hg-core' -configtable = {} -configitem = registrar.configitem(configtable) - -configitem('share', 'pool', - default=None, -) -configitem('share', 'poolnaming', - default='identity', -) - @command('share', [('U', 'noupdate', None, _('do not create a working directory')), ('B', 'bookmarks', None, _('also share bookmarks')), diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/mercurial/__version__.py new/mercurial-4.4.1/mercurial/__version__.py --- old/mercurial-4.4/mercurial/__version__.py 2017-11-01 22:54:50.000000000 +0100 +++ new/mercurial-4.4.1/mercurial/__version__.py 2017-11-07 19:15:47.000000000 +0100 @@ -1,2 +1,2 @@ # this file is autogenerated by setup.py -version = "4.4" +version = "4.4.1" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/mercurial/cmdutil.py new/mercurial-4.4.1/mercurial/cmdutil.py --- old/mercurial-4.4/mercurial/cmdutil.py 2017-11-01 22:54:37.000000000 +0100 +++ new/mercurial-4.4.1/mercurial/cmdutil.py 2017-11-07 19:15:33.000000000 +0100 @@ -570,9 +570,8 @@ unresolvedlist = [f for f in mergestate.unresolved() if m(f)] if unresolvedlist: mergeliststr = '\n'.join( - [' %s' % os.path.relpath( - os.path.join(repo.root, path), - pycompat.getcwd()) for path in unresolvedlist]) + [' %s' % util.pathto(repo.root, pycompat.getcwd(), path) + for path in unresolvedlist]) msg = _('''Unresolved merge conflicts: %s diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/mercurial/configitems.py new/mercurial-4.4.1/mercurial/configitems.py --- old/mercurial-4.4/mercurial/configitems.py 2017-11-01 22:54:37.000000000 +0100 +++ new/mercurial-4.4.1/mercurial/configitems.py 2017-11-07 19:15:33.000000000 +0100 @@ -790,6 +790,12 @@ coreconfigitem('server', 'zliblevel', default=-1, ) +coreconfigitem('share', 'pool', + default=None, +) +coreconfigitem('share', 'poolnaming', + default='identity', +) coreconfigitem('smtp', 'host', default=None, ) @@ -811,6 +817,18 @@ coreconfigitem('sparse', 'missingwarning', default=True, ) +coreconfigitem('subrepos', 'allowed', + default=dynamicdefault, # to make backporting simpler +) +coreconfigitem('subrepos', 'hg:allowed', + default=dynamicdefault, +) +coreconfigitem('subrepos', 'git:allowed', + default=dynamicdefault, +) +coreconfigitem('subrepos', 'svn:allowed', + default=dynamicdefault, +) coreconfigitem('templates', '.*', default=None, generic=True, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/mercurial/help/config.txt new/mercurial-4.4.1/mercurial/help/config.txt --- old/mercurial-4.4/mercurial/help/config.txt 2017-11-01 22:54:37.000000000 +0100 +++ new/mercurial-4.4.1/mercurial/help/config.txt 2017-11-07 19:15:33.000000000 +0100 @@ -1893,6 +1893,47 @@ doesn't match the full path, an attempt is made to apply it on the relative path alone. The rules are applied in definition order. +``subrepos`` +------------ + +This section contains options that control the behavior of the +subrepositories feature. See also :hg:`help subrepos`. + +Security note: auditing in Mercurial is known to be insufficient to +prevent clone-time code execution with carefully constructed Git +subrepos. It is unknown if a similar detect is present in Subversion +subrepos. Both Git and Subversion subrepos are disabled by default +out of security concerns. These subrepo types can be enabled using +the respective options below. + +``allowed`` + Whether subrepositories are allowed in the working directory. + + When false, commands involving subrepositories (like :hg:`update`) + will fail for all subrepository types. + (default: true) + +``hg:allowed`` + Whether Mercurial subrepositories are allowed in the working + directory. This option only has an effect if ``subrepos.allowed`` + is true. + (default: true) + +``git:allowed`` + Whether Git subrepositories are allowed in the working directory. + This option only has an effect if ``subrepos.allowed`` is true. + + See the security note above before enabling Git subrepos. + (default: false) + +``svn:allowed`` + Whether Subversion subrepositories are allowed in the working + directory. This option only has an effect if ``subrepos.allowed`` + is true. + + See the security note above before enabling Subversion subrepos. + (default: false) + ``templatealias`` ----------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/mercurial/hg.py new/mercurial-4.4.1/mercurial/hg.py --- old/mercurial-4.4/mercurial/hg.py 2017-11-01 22:54:37.000000000 +0100 +++ new/mercurial-4.4.1/mercurial/hg.py 2017-11-07 19:15:33.000000000 +0100 @@ -243,7 +243,9 @@ try: sharedpath = os.path.relpath(sharedpath, destvfs.base) requirements += 'relshared\n' - except IOError as e: + except (IOError, ValueError) as e: + # ValueError is raised on Windows if the drive letters differ on + # each path raise error.Abort(_('cannot calculate relative path'), hint=str(e)) else: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/mercurial/pathutil.py new/mercurial-4.4.1/mercurial/pathutil.py --- old/mercurial-4.4/mercurial/pathutil.py 2017-11-01 22:54:37.000000000 +0100 +++ new/mercurial-4.4.1/mercurial/pathutil.py 2017-11-07 19:15:33.000000000 +0100 @@ -135,7 +135,47 @@ return False def canonpath(root, cwd, myname, auditor=None): - '''return the canonical path of myname, given cwd and root''' + '''return the canonical path of myname, given cwd and root + + >>> def check(root, cwd, myname): + ... a = pathauditor(root, realfs=False) + ... try: + ... return canonpath(root, cwd, myname, a) + ... except error.Abort: + ... return 'aborted' + >>> def unixonly(root, cwd, myname, expected='aborted'): + ... if pycompat.iswindows: + ... return expected + ... return check(root, cwd, myname) + >>> def winonly(root, cwd, myname, expected='aborted'): + ... if not pycompat.iswindows: + ... return expected + ... return check(root, cwd, myname) + >>> winonly(b'd:\\\\repo', b'c:\\\\dir', b'filename') + 'aborted' + >>> winonly(b'c:\\\\repo', b'c:\\\\dir', b'filename') + 'aborted' + >>> winonly(b'c:\\\\repo', b'c:\\\\', b'filename') + 'aborted' + >>> winonly(b'c:\\\\repo', b'c:\\\\', b'repo\\\\filename', + ... b'filename') + 'filename' + >>> winonly(b'c:\\\\repo', b'c:\\\\repo', b'filename', b'filename') + 'filename' + >>> winonly(b'c:\\\\repo', b'c:\\\\repo\\\\subdir', b'filename', + ... b'subdir/filename') + 'subdir/filename' + >>> unixonly(b'/repo', b'/dir', b'filename') + 'aborted' + >>> unixonly(b'/repo', b'/', b'filename') + 'aborted' + >>> unixonly(b'/repo', b'/', b'repo/filename', b'filename') + 'filename' + >>> unixonly(b'/repo', b'/repo', b'filename', b'filename') + 'filename' + >>> unixonly(b'/repo', b'/repo/subdir', b'filename', b'subdir/filename') + 'subdir/filename' + ''' if util.endswithsep(root): rootsep = root else: @@ -184,8 +224,10 @@ try: if cwd != root: canonpath(root, root, myname, auditor) - hint = (_("consider using '--cwd %s'") - % os.path.relpath(root, cwd)) + relpath = util.pathto(root, cwd, '') + if relpath[-1] == pycompat.ossep: + relpath = relpath[:-1] + hint = (_("consider using '--cwd %s'") % relpath) except error.Abort: pass diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/mercurial/subrepo.py new/mercurial-4.4.1/mercurial/subrepo.py --- old/mercurial-4.4/mercurial/subrepo.py 2017-11-01 22:54:37.000000000 +0100 +++ new/mercurial-4.4.1/mercurial/subrepo.py 2017-11-07 19:15:33.000000000 +0100 @@ -359,6 +359,33 @@ "in '%s'\n") % vfs.join(dirname)) vfs.unlink(vfs.reljoin(dirname, f)) +def _auditsubrepopath(repo, path): + # auditor doesn't check if the path itself is a symlink + pathutil.pathauditor(repo.root)(path) + if repo.wvfs.islink(path): + raise error.Abort(_("subrepo '%s' traverses symbolic link") % path) + +SUBREPO_ALLOWED_DEFAULTS = { + 'hg': True, + 'git': False, + 'svn': False, +} + +def _checktype(ui, kind): + # subrepos.allowed is a master kill switch. If disabled, subrepos are + # disabled period. + if not ui.configbool('subrepos', 'allowed', True): + raise error.Abort(_('subrepos not enabled'), + hint=_("see 'hg help config.subrepos' for details")) + + default = SUBREPO_ALLOWED_DEFAULTS.get(kind, False) + if not ui.configbool('subrepos', '%s:allowed' % kind, default): + raise error.Abort(_('%s subrepos not allowed') % kind, + hint=_("see 'hg help config.subrepos' for details")) + + if kind not in types: + raise error.Abort(_('unknown subrepo type %s') % kind) + def subrepo(ctx, path, allowwdir=False, allowcreate=True): """return instance of the right subrepo class for subrepo in path""" # subrepo inherently violates our import layering rules @@ -369,10 +396,10 @@ from . import hg as h hg = h - pathutil.pathauditor(ctx.repo().root)(path) + repo = ctx.repo() + _auditsubrepopath(repo, path) state = ctx.substate[path] - if state[2] not in types: - raise error.Abort(_('unknown subrepo type %s') % state[2]) + _checktype(repo.ui, state[2]) if allowwdir: state = (state[0], ctx.subrev(path), state[2]) return types[state[2]](ctx, path, state[:2], allowcreate) @@ -387,10 +414,10 @@ from . import hg as h hg = h - pathutil.pathauditor(ctx.repo().root)(path) + repo = ctx.repo() + _auditsubrepopath(repo, path) state = ctx.substate[path] - if state[2] not in types: - raise error.Abort(_('unknown subrepo type %s') % state[2]) + _checktype(repo.ui, state[2]) subrev = '' if state[2] == 'hg': subrev = "0" * 40 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/tests/test-audit-subrepo.t new/mercurial-4.4.1/tests/test-audit-subrepo.t --- old/mercurial-4.4/tests/test-audit-subrepo.t 1970-01-01 01:00:00.000000000 +0100 +++ new/mercurial-4.4.1/tests/test-audit-subrepo.t 2017-11-07 19:15:33.000000000 +0100 @@ -0,0 +1,132 @@ +Test illegal name +----------------- + +on commit: + + $ hg init hgname + $ cd hgname + $ mkdir sub + $ hg init sub/.hg + $ echo 'sub/.hg = sub/.hg' >> .hgsub + $ hg ci -qAm 'add subrepo "sub/.hg"' + abort: path 'sub/.hg' is inside nested repo 'sub' + [255] + +prepare tampered repo (including the commit above): + + $ hg import --bypass -qm 'add subrepo "sub/.hg"' - <<'EOF' + > diff --git a/.hgsub b/.hgsub + > new file mode 100644 + > --- /dev/null + > +++ b/.hgsub + > @@ -0,0 +1,1 @@ + > +sub/.hg = sub/.hg + > diff --git a/.hgsubstate b/.hgsubstate + > new file mode 100644 + > --- /dev/null + > +++ b/.hgsubstate + > @@ -0,0 +1,1 @@ + > +0000000000000000000000000000000000000000 sub/.hg + > EOF + $ cd .. + +on clone (and update): + + $ hg clone -q hgname hgname2 + abort: path 'sub/.hg' is inside nested repo 'sub' + [255] + +Test direct symlink traversal +----------------------------- + +#if symlink + +on commit: + + $ mkdir hgsymdir + $ hg init hgsymdir/root + $ cd hgsymdir/root + $ ln -s ../out + $ hg ci -qAm 'add symlink "out"' + $ hg init ../out + $ echo 'out = out' >> .hgsub + $ hg ci -qAm 'add subrepo "out"' + abort: subrepo 'out' traverses symbolic link + [255] + +prepare tampered repo (including the commit above): + + $ hg import --bypass -qm 'add subrepo "out"' - <<'EOF' + > diff --git a/.hgsub b/.hgsub + > new file mode 100644 + > --- /dev/null + > +++ b/.hgsub + > @@ -0,0 +1,1 @@ + > +out = out + > diff --git a/.hgsubstate b/.hgsubstate + > new file mode 100644 + > --- /dev/null + > +++ b/.hgsubstate + > @@ -0,0 +1,1 @@ + > +0000000000000000000000000000000000000000 out + > EOF + $ cd ../.. + +on clone (and update): + + $ mkdir hgsymdir2 + $ hg clone -q hgsymdir/root hgsymdir2/root + abort: subrepo 'out' traverses symbolic link + [255] + $ ls hgsymdir2 + root + +#endif + +Test indirect symlink traversal +------------------------------- + +#if symlink + +on commit: + + $ mkdir hgsymin + $ hg init hgsymin/root + $ cd hgsymin/root + $ ln -s ../out + $ hg ci -qAm 'add symlink "out"' + $ mkdir ../out + $ hg init ../out/sub + $ echo 'out/sub = out/sub' >> .hgsub + $ hg ci -qAm 'add subrepo "out/sub"' + abort: path 'out/sub' traverses symbolic link 'out' + [255] + +prepare tampered repo (including the commit above): + + $ hg import --bypass -qm 'add subrepo "out/sub"' - <<'EOF' + > diff --git a/.hgsub b/.hgsub + > new file mode 100644 + > --- /dev/null + > +++ b/.hgsub + > @@ -0,0 +1,1 @@ + > +out/sub = out/sub + > diff --git a/.hgsubstate b/.hgsubstate + > new file mode 100644 + > --- /dev/null + > +++ b/.hgsubstate + > @@ -0,0 +1,1 @@ + > +0000000000000000000000000000000000000000 out/sub + > EOF + $ cd ../.. + +on clone (and update): + + $ mkdir hgsymin2 + $ hg clone -q hgsymin/root hgsymin2/root + abort: path 'out/sub' traverses symbolic link 'out' + [255] + $ ls hgsymin2 + root + +#endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/tests/test-convert-git.t new/mercurial-4.4.1/tests/test-convert-git.t --- old/mercurial-4.4/tests/test-convert-git.t 2017-11-01 22:54:37.000000000 +0100 +++ new/mercurial-4.4.1/tests/test-convert-git.t 2017-11-07 19:15:33.000000000 +0100 @@ -6,6 +6,10 @@ $ echo "autocrlf = false" >> $HOME/.gitconfig $ echo "[extensions]" >> $HGRCPATH $ echo "convert=" >> $HGRCPATH + $ cat >> $HGRCPATH <<EOF + > [subrepos] + > git:allowed = true + > EOF $ GIT_AUTHOR_NAME='test'; export GIT_AUTHOR_NAME $ GIT_AUTHOR_EMAIL='[email protected]'; export GIT_AUTHOR_EMAIL $ GIT_AUTHOR_DATE="2007-01-01 00:00:00 +0000"; export GIT_AUTHOR_DATE diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/tests/test-mq-subrepo-svn.t new/mercurial-4.4.1/tests/test-mq-subrepo-svn.t --- old/mercurial-4.4/tests/test-mq-subrepo-svn.t 2017-11-01 22:54:37.000000000 +0100 +++ new/mercurial-4.4.1/tests/test-mq-subrepo-svn.t 2017-11-07 19:15:33.000000000 +0100 @@ -5,6 +5,9 @@ > mq = > [diff] > nodates = 1 + > [subrepos] + > allowed = true + > svn:allowed = true > EOF fn to create new repository, and cd into it diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/tests/test-subrepo-git.t new/mercurial-4.4.1/tests/test-subrepo-git.t --- old/mercurial-4.4/tests/test-subrepo-git.t 2017-11-01 22:54:37.000000000 +0100 +++ new/mercurial-4.4.1/tests/test-subrepo-git.t 2017-11-07 19:15:33.000000000 +0100 @@ -41,7 +41,23 @@ $ echo 's = [git]../gitroot' > .hgsub $ git clone -q ../gitroot s $ hg add .hgsub + +git subrepo is disabled by default + + $ hg commit -m 'new git subrepo' + abort: git subrepos not allowed + (see 'hg help config.subrepos' for details) + [255] + +so enable it + + $ cat >> $HGRCPATH <<EOF + > [subrepos] + > git:allowed = true + > EOF + $ hg commit -m 'new git subrepo' + $ hg debugsub path s source ../gitroot @@ -86,9 +102,29 @@ path s source ../gitroot revision 126f2a14290cd5ce061fdedc430170e8d39e1c5a + $ cd .. + +clone with subrepo disabled (update should fail) + + $ hg clone t -U tc2 --config subrepos.allowed=false + $ hg update -R tc2 --config subrepos.allowed=false + abort: subrepos not enabled + (see 'hg help config.subrepos' for details) + [255] + $ ls tc2 + a + + $ hg clone t tc3 --config subrepos.allowed=false + updating to branch default + abort: subrepos not enabled + (see 'hg help config.subrepos' for details) + [255] + $ ls tc3 + a update to previous substate + $ cd tc $ hg update 1 -q $ cat s/g g @@ -400,11 +436,13 @@ Don't crash if subrepo is a broken symlink $ ln -s broken s $ hg status -S + abort: subrepo 's' traverses symbolic link + [255] $ hg push -q - abort: subrepo s is missing (in subrepository "s") + abort: subrepo 's' traverses symbolic link [255] $ hg commit --subrepos -qm missing - abort: subrepo s is missing (in subrepository "s") + abort: subrepo 's' traverses symbolic link [255] $ rm s #endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/tests/test-subrepo-svn.t new/mercurial-4.4.1/tests/test-subrepo-svn.t --- old/mercurial-4.4/tests/test-subrepo-svn.t 2017-11-01 22:54:37.000000000 +0100 +++ new/mercurial-4.4.1/tests/test-subrepo-svn.t 2017-11-07 19:15:33.000000000 +0100 @@ -57,6 +57,21 @@ $ mkdir subdir $ svn co --quiet "$SVNREPOURL"/src subdir/s $ hg add .hgsub + +svn subrepo is disabled by default + + $ hg ci -m1 + abort: svn subrepos not allowed + (see 'hg help config.subrepos' for details) + [255] + +so enable it + + $ cat >> $HGRCPATH <<EOF + > [subrepos] + > svn:allowed = true + > EOF + $ hg ci -m1 make sure we avoid empty commits (issue2445) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mercurial-4.4/tests/test-subrepo.t new/mercurial-4.4.1/tests/test-subrepo.t --- old/mercurial-4.4/tests/test-subrepo.t 2017-11-01 22:54:37.000000000 +0100 +++ new/mercurial-4.4.1/tests/test-subrepo.t 2017-11-07 19:15:33.000000000 +0100 @@ -484,9 +484,47 @@ path t source t revision 20a0db6fbf6c3d2836e6519a642ae929bfc67c0e + $ cd .. + +clone with subrepo disabled (update should fail) + + $ hg clone t -U tc2 --config subrepos.allowed=false + $ hg update -R tc2 --config subrepos.allowed=false + abort: subrepos not enabled + (see 'hg help config.subrepos' for details) + [255] + $ ls tc2 + a + + $ hg clone t tc3 --config subrepos.allowed=false + updating to branch default + abort: subrepos not enabled + (see 'hg help config.subrepos' for details) + [255] + $ ls tc3 + a + +And again with just the hg type disabled + + $ hg clone t -U tc4 --config subrepos.hg:allowed=false + $ hg update -R tc4 --config subrepos.hg:allowed=false + abort: hg subrepos not allowed + (see 'hg help config.subrepos' for details) + [255] + $ ls tc4 + a + + $ hg clone t tc5 --config subrepos.hg:allowed=false + updating to branch default + abort: hg subrepos not allowed + (see 'hg help config.subrepos' for details) + [255] + $ ls tc5 + a push + $ cd tc $ echo bah > t/t $ hg ci -m11 committing subrepository t
