aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* css: make the footer opaquech/dynamic-agingChristian Hesse2020-01-131-2/+3
| | | | | | | Instead of changing the font color we add opacity to the whole footer. Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-shared: add now-dynamic age to footerAndy Green2020-01-131-1/+3
| | | | | | | | Now ages advance at the client, we can add one to the generated footer. Signed-off-by: Andy Green <andy@warmcat.com> Signed-off-by: Christian Hesse <mail@eworm.de>
* cgit.js: add dynamic age updateAndy Green2020-01-133-1/+63
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch updates the emitted "ages" dynamically on the client side. After updating on completion of the document load, it sets a timer to update according to the smallest age it found. If there are any ages listed in minutes, then it will update again in 10s. When the most recent age is in hours, it updates every 5m. If days, then every 30m and so on. This keeps the cost of the dynamic updates at worst once per 10s. The updates are done entirely on the client side without contact with the server. To make this work reliably, since parsing datetimes is unreliable in browser js, the unix time is added as an attribute to all age spans. To make that reliable cross-platform, the unix time is treated as a uint64_t when it is formatted for printing. The rules for display conversion of the age is aligned with the existing server-side rules in ui-shared.h. If the client or server-side time are not synchronized by ntpd etc, ages shown on the client will not relate to the original ages computed at the server. The client updates the ages immediately when the DOM has finished loading, so in the case the times at the server and client are not aligned, this patch changes what the user sees on the page to reflect patch age compared to client time. If the server and client clocks are aligned, this patch makes no difference to what is seen on the page. Signed-off-by: Andy Green <andy@warmcat.com> Signed-off-by: Christian Hesse <mail@eworm.de>
* config: add jsAndy Green2020-01-136-0/+27
| | | | | | | | | | | | Just like the config allows setting css URL path, add a config for setting the js URL path Setting the js path to an empty string disables emitting the reference to it in the head section. Signed-off-by: Andy Green <andy@warmcat.com> Reviewed-by: John Keeping <john@keeping.me.uk> Signed-off-by: Christian Hesse <mail@eworm.de>
* css: change to be a listAndy Green2020-01-134-7/+22
| | | | | | | | | | | Without changing the default behaviour of including /cgit.css if nothing declared, allow the "css" config to be given multiple times listing one or more alternative URL paths to be included in the document head area. Signed-off-by: Andy Green <andy@warmcat.com> Signed-off-by: Christian Hesse <mail@eworm.de>
* Bump versionv1.2.2Jason A. Donenfeld2020-01-131-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* git: update to v2.25.0Christian Hesse2020-01-133-2/+2
| | | | | | | | | | Update to git version v2.25.0. Upstream renamed 'init_display_notes()' to 'load_display_notes()' in commit 1e6ed5441a61b5085978e0429691e2e2425f6846 ("notes: rename to load_display_notes()"). Signed-off-by: Christian Hesse <mail@eworm.de>
* tests: skip tests if strace is not functionalChristian Hesse2019-12-111-0/+6
| | | | | | | | | | | | | Chances are that strace is available but not functional due to restricted permissions: strace: test_ptrace_get_syscall_info: PTRACE_TRACEME: Operation not permitted strace: ptrace(PTRACE_TRACEME, ...): Operation not permitted +++ exited with 1 +++ Just skip the tests then. Signed-off-by: Christian Hesse <mail@eworm.de>
* git: update to v2.24.1Christian Hesse2019-12-102-1/+1
| | | | | | | | Update to git version v2.24.1. No changes required. Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-repolist: do not return unsigned (negative) valueChristian Hesse2019-11-221-1/+1
| | | | | | | | The function read_agefile() returns time_t, which is a signed datatime. We should not return unsigned (negative) value here. Reported-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Christian Hesse <mail@eworm.de>
* git: update to v2.24.0Christian Hesse2019-11-083-2/+2
| | | | | | | | | | | Update to git version v2.24.0. Never use get_cached_commit_buffer() directly, use repo_get_commit_buffer() instead. The latter calls the former anyway. This fixes segmentation fault when commit-graph is enabled and get_cached_commit_buffer() does not return the expected result. Signed-off-by: Christian Hesse <mail@eworm.de>
* git: update to v2.23.0Christian Hesse2019-10-252-1/+1
| | | | | | | | Update to git version v2.23.0. No changes required. Signed-off-by: Christian Hesse <mail@eworm.de>
* git: update to v2.22.0Christian Hesse2019-10-253-7/+12
| | | | | | | | | | Update to git version v2.22.0. Upstream commit bce9db6d ("trace2: use system/global config for default trace2 settings") caused a regression. We have to unset HOME and XDG_CONFIG_HOME before early loading of config from trace2 code kicks in. Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-tree: allow per repository override for enable-blameChristian Hesse2019-06-256-3/+13
| | | | | | | The blame operation can cause high cost in terms of CPU load for huge repositories. Let's add a per repository override for enable-blame. Signed-off-by: Christian Hesse <mail@eworm.de>
* tests: successfully validate rc versionsChristian Hesse2019-06-051-1/+1
| | | | | | | | For testing versions the version string differs for git tag (v2.22.0-rc3) and tarball file name (2.22.0.rc3). Let's fix validation for testing versions. Signed-off-by: Christian Hesse <mail@eworm.de>
* git: update to v2.21.0Christian Hesse2019-06-059-15/+21
| | | | | | | | | | | | | | Update to git version v2.21.0. Required changes follow upstream commits: * 6a7895fd8a3bd409f2b71ffc355d5142172cc2a0 (commit: prepare free_commit_buffer and release_commit_memory for any repo) * e092073d643b17c82d72cf692fbfaea9c9796f11 (tree.c: make read_tree*() take 'struct repository *') Signed-off-by: Christian Hesse <mail@eworm.de> Reviewed-by: John Keeping <john@keeping.me.uk>
* ui-ssdiff: ban strncat()Christian Hesse2019-06-051-3/+5
| | | | | | | Git version v2.21.0 marks strncat() as banned (commit ace5707a803eda0f1dde3d776dc3729d3bc7759a), so replace it. Signed-off-by: Christian Hesse <mail@eworm.de>
* global: make 'char *path' const where possibleChristian Hesse2019-06-059-10/+10
| | | | Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-shared: restrict to 15 levelsJason A. Donenfeld2019-05-201-1/+3
| | | | | | | | Perhaps a more ideal version of this would be to not print breadcrumbs at all for paths that don't exist in the given repo at the given oid. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Reported-by: Fydor Wire Snark <wsnark@tuta.io>
* ui-diff,ui-tag: don't use htmlf with non-formatted stringsChris Mayo2019-02-232-3/+3
| | | | Signed-off-by: Chris Mayo <aklhfex@gmail.com>
* ui-ssdiff: resolve HTML5 validation errorsChris Mayo2019-02-231-4/+6
| | | | | | | | | - Remove ids from anchor elements. They were unusable because they were duplicated between files and versions of files. - Always close span, with html(). - Fix missing / on closing tr element in cgit_ssdiff_header_end(). Signed-off-by: Chris Mayo <aklhfex@gmail.com>
* filters: migrate from luacrypto to luaosslJason A. Donenfeld2019-01-035-44/+83
| | | | | | | luaossl has no upstream anymore and doesn't support OpenSSL 1.1, whereas luaossl is quite active. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* ui-shared: fix broken sizeof in title setting and rewriteJason A. Donenfeld2019-01-021-26/+8
| | | | | | | The old algorithm was totally incorrect. While we're at it, use « instead of \, since it makes more sense. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* git: update to v2.20.0Christian Hesse2018-12-094-2/+3
| | | | | | | | | | | | Update to git version v2.20.0. Required changes follow upstream commits: * 00436bf1b1c2a8fe6cf5d2c2457d419d683042f4 (archive: initialize archivers earlier) * 611e42a5980a3a9f8bb3b1b49c1abde63c7a191e (xdiff: provide a separate emit callback for hunks) Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-blame: set repo for sbJason A. Donenfeld2018-11-251-0/+1
| | | | | | | Otherwise recent git complains and crashes with: "BUG: blame.c:1787: repo is NULL". Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth-filter: pass url with query string attachedJason A. Donenfeld2018-11-253-3/+37
| | | | | | Otherwise redirections come out wrong. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* git: use xz compressed archive for downloadChristian Hesse2018-11-211-2/+2
| | | | | | | | | Upstream will stop providing gz compressed source tarballs [0], so stop using them. [0] https://lists.zx2c4.com/pipermail/cgit/2018-November/004254.html Signed-off-by: Christian Hesse <mail@eworm.de>
* git: update to v2.19.1Christian Hesse2018-10-1215-22/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update to git version v2.19.1. Required changes follow upstream commits: * commit: add repository argument to get_cached_commit_buffer (3ce85f7e5a41116145179f0fae2ce6d86558d099) * commit: add repository argument to lookup_commit_reference (2122f6754c93be8f02bfb5704ed96c88fc9837a8) * object: add repository argument to parse_object (109cd76dd3467bd05f8d2145b857006649741d5c) * tag: add repository argument to deref_tag (a74093da5ed601a09fa158e5ba6f6f14c1142a3e) * tag: add repository argument to lookup_tag (ce71efb713f97f476a2d2ab541a0c73f684a5db3) * tree: add repository argument to lookup_tree (f86bcc7b2ce6cad68ba1a48a528e380c6126705e) * archive.c: avoid access to the_index (b612ee202a48f129f81f8f6a5af6cf71d1a9caef) * for_each_*_object: move declarations to object-store.h (0889aae1cd18c1804ba01c1a4229e516dfb9fe9b) Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-ssdiff: ban strcat()Christian Hesse2018-09-111-2/+4
| | | | | | | | | Git upstream bans strcat() with commit: banned.h: mark strcat() as banned 1b11b64b815db62f93a04242e4aed5687a448748 Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-ssdiff: ban strncpy()Christian Hesse2018-09-111-2/+1
| | | | | | | | | Git upstream bans strncpy() with commit: banned.h: mark strncpy() as banned e488b7aba743d23b830d239dcc33d9ca0745a9ad Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-shared: ban strcat()Christian Hesse2018-09-111-4/+8
| | | | | | | | | | | Git upstream bans strcat() with commit: banned.h: mark strcat() as banned 1b11b64b815db62f93a04242e4aed5687a448748 To avoid compiler warnings from gcc 8.1.x we get the hard way. Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-patch: ban sprintf()Christian Hesse2018-09-111-2/+5
| | | | | | | | | Git upstream bans sprintf() with commit: banned.h: mark sprintf() as banned cc8fdaee1eeaf05d8dd55ff11f111b815f673c58 Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-log: ban strncpy()Christian Hesse2018-09-111-1/+1
| | | | | | | | | Git upstream bans strncpy() with commit: banned.h: mark strncpy() as banned e488b7aba743d23b830d239dcc33d9ca0745a9ad Signed-off-by: Christian Hesse <mail@eworm.de>
* ui-log: ban strcpy()Christian Hesse2018-09-111-1/+1
| | | | | | | | | Git upstream bans strcpy() with commit: automatically ban strcpy() c8af66ab8ad7cd78557f0f9f5ef6a52fd46ee6dd Signed-off-by: Christian Hesse <mail@eworm.de>
* parsing: ban sprintf()Christian Hesse2018-09-111-1/+1
| | | | | | | | | Git upstream bans sprintf() with commit: banned.h: mark sprintf() as banned cc8fdaee1eeaf05d8dd55ff11f111b815f673c58 Signed-off-by: Christian Hesse <mail@eworm.de>
* parsing: ban strncpy()Christian Hesse2018-09-111-2/+1
| | | | | | | | | Git upstream bans strncpy() with commit: banned.h: mark strncpy() as banned e488b7aba743d23b830d239dcc33d9ca0745a9ad Signed-off-by: Christian Hesse <mail@eworm.de>
* filters: generate anchor links from markdownChristian Hesse2018-08-281-2/+15
| | | | | | | This makes the markdown filter generate anchor links for headings. Signed-off-by: Christian Hesse <mail@eworm.de> Tested-by: jean-christophe manciot <actionmystique@gmail.com>
* Bump version.v1.2.1Jason A. Donenfeld2018-08-031-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* clone: fix directory traversalJason A. Donenfeld2018-08-031-4/+19
| | | | | | | | | | | | This was introduced in the initial version of this code, way back when in 2008. $ curl http://127.0.0.1/cgit/repo/objects/?path=../../../../../../../../../etc/passwd root:x:0:0:root:/root:/bin/sh ... Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Reported-by: Jann Horn <jannh@google.com>
* config: record repo.snapshot-prefix in the per-repo configKonstantin Ryabitsev2018-08-031-0/+2
| | | | | | | | Even if we find snapshot-prefix in the repo configuration, we are not writing it out into the rc- file, so setting the value does not have any effect. Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
* auth-filters: add simple file-based authentication schemeJason A. Donenfeld2018-08-031-0/+352
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth-filters: use crypt() in simple-authenticationJason A. Donenfeld2018-07-151-13/+6
| | | | | | | There's no use in giving a silly example to folks who will just copy it, so instead try to do something slightly better. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth-filters: generate secret securelyJason A. Donenfeld2018-07-152-18/+85
| | | | | | This is much better than having the user generate it themselves. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth-filters: do not crash on nil usernameJason A. Donenfeld2018-07-141-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth-filter: do not write more than we've readJason A. Donenfeld2018-07-141-2/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth-filters: do not use HMAC-SHA1Jason A. Donenfeld2018-07-142-4/+4
| | | | | | | Though SHA1 is broken, HMAC-SHA1 is still fine. But let's not push our luck; SHA256 is more sensible anyway. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Bump version.v1.2Jason A. Donenfeld2018-07-131-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Update COPYINGTodd Zullinger2018-07-101-20/+19
| | | | | | | | | | | | | The address of the Free Software Foundation has changed since the license was added in 7640d90 ("Add license file and copyright notices", 2006-12-10). Update the license file from gnu.org¹. The only non-whitespace changes are the updated FSF address and two references to the L in LGPL changed from Library to Lesser. ¹ https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt Signed-off-by: Todd Zullinger <tmz@pobox.com>
* css: use correct size in annotated decorationJason A. Donenfeld2018-07-081-0/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* cgitrc.5: add local tar signature exampleJason A. Donenfeld2018-07-051-4/+15
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>