619c2d073e
- fossil 2.18: * Added support for SSL/TLS server mode for commands like "fossil server" and "fossil http" * The new cherry-pick command is an alias for merge --cherrypick * Add new setting "large-file-size". If the size of any file in a commit exceeds this size, a warning is issued * Query parameter "year=YYYY" is now accepted by /timeline * The tar and zip commands no longer sterilize the manifest file * Futher improvement to diff alignment in cases that involve both edits and indentation changes * Chat improvements * Promote the test-detach command into the detach command * For "fossil pull" with the --from-parent-project option, if no URL is specified then use the last URL from the most recent prior "fossil pull --from-parent-project" * Add options --project-name and --project-desc to the "fossil init" command. * The /ext page generates the SERVER_SOFTWARE environment variable for clients * Fix the REQUEST_URI CGI variable such that it includes the query string. This is how most other systems understand REQUEST_URI * Added the --transport-command option to fossil sync and similar - minimum/bundled version of sqlite increased to 3.38.0 - fossil-json1.patch: Starting from version 3.38.0 SQLite has JSON enabled by default and ENABLE_JSON1 has disappeared from the list of compile-time options. - Add a _service file to download the tarball automatically.
Reinhard Max2022-04-22 09:54:04 +00:00
27abba4111
- fossil 2.12.1: * CVE-2020-24614: Remote authenticated users with check-in or administrative privileges could have executed arbitrary code [boo#1175760] - Remove fossil-2.11-reproducible.patch: Upstream integrated the patch and improved it to also recognize SOURCE_DATE_EPOCH. - Remove fossil-2.7-remove_date_time.patch: OBS now sets SOURCE_DATE_EPOCH and gcc recognizes it, so the removal of __DATE__ and __TIME__ is not needed anymore. - Package the fossil.1 manual page.
Reinhard Max2020-08-26 15:22:34 +00:00
45b65b6953
* CVE-2017-17459, bsc#1071709: Fix the "ssh://" protocol to prevent an attack whereby the attacker convinces a victim to run a "clone" with a dodgy URL and thereby gains access to their system
Reinhard Max2017-12-08 14:06:37 +00:00
a9c36e534c
- Use bcond for deciding between system and builtin sqlite.
Reinhard Max2017-12-07 13:43:11 +00:00
4f53377450
- Update to version 2.4: * New feature: URL Aliases. URL Aliases allow an administrator to define their own URLs on the web interface that are rewritten to built-in URLs with specific parameters. Create and configure URL Aliases using the /Setup/URL_Aliases menu option in the web interface. * Add tech-note search capability. * Add the -r|--revision and -o|--origin options to the annotate command. * Add the origin= query parameter to the /annotate webpage. * The fossil annotate command and the /annotate web page go backwards in time as far as can be computed in 30 milliseconds by default, rather than stopping after 20 steps. The new limit= query parameter or the --limit command-line option can be used to alter this timeout. * Provide separate on-line help screens for each setting. * Back out support for the --no-dir-symlinks option * Remove support from the legacy configuration sync protocol. The only way now to do a configuration push or pull is to use the new protocol that was added in 2011. * Add the from= and to= query parameters to /fdiff in order to get a diff of two files in the same check-in. * Fix the "ssh://" protocol to prevent an attack whereby the attacker convinces a victim to run a "clone" with a dodgy URL and thereby gains access to their system. * Provide a checkbox that will temporarily disable all ad-units. * Improvements to the /stat page * Various new hyperlinks to the /bloblist and /bigbloblist pages. * Correct the /doc page to support read-only repositories. * Correct /zip, /tarball, zip, and tarball pages and commands to
Reinhard Max2017-12-07 13:34:54 +00:00
8b3372331e
Accepting request 516151 from devel:tools:scm
Yuchen Lin2017-08-12 18:28:24 +00:00
ce91508e50
- Update to version 2.3: * Update internal Unicode character tables, used in regular expression handling, from version 9.0 to 10.0. * Show the last-sync-URL on the /urllist page ( * Added the "Event Summary" activity report. example * Added the "Security Audit" page, available to administrators only * Added the Last Login time to the user list page, for administrators only * Added the --numstat option to the fossil diff command * Limit the size of the heap and stack on unix systems, as a proactive defense against the Stack Clash attack. * Fix "database locked" warnings caused by "PRAGMA optimize". * Fix a potential XSS vulnerability on the /help webpage. (bsc#1053267). * Documentation updates
Reinhard Max2017-08-11 14:09:38 +00:00
a1e9a52929
- Update to version 2.2: * GIT comment tags are now handled by Fossil during import/export. * Show the content of README files on directory listings. * Support for Basic Authentication if enabled (default off). * Show the hash algorithms used on the /rcvfromlist page. * The /tarball and /zip pages now use the the r= query parameter to select which check-in to deliver. The uuid= query parameter is still accepted for backwards compatibility. * Update the built-in SQLite to version 3.18.0. * Run "PRAGMA optimize" on the database connection as it is closing. - Changes in Version 2.1: * Add support for hash policies that control which of the Hardened-SHA1 or SHA3-256 algorithms is used to name new artifacts. * Add the "gshow" and "gcat" subcommands to fossil stash. * Add the /juvlist web page and use it to construct the Download Page of the Fossil self-hosting website using Ajax.
Reinhard Max2017-05-08 11:59:59 +00:00
8e74aeb1cc
- Update to version 2.0: * Use the hardened SHA1 implemenation by Marc Stevens and Dan Shumow. * Add the ability to read and understand artifact names that are based on SHA3-256 rather than SHA1, but do not actually generate any such names. * Added the sha3sum command. * Update the built-in SQLite to version 3.17.0.
Reinhard Max2017-03-08 11:28:06 +00:00
03da4ce7a5
Accepting request 204345 from devel:tools:scm
Tomáš Chvátal
2013-10-23 08:07:44 +00:00
638e38f6c4
- Update to Version 1.27 * Enhance the fossil changes, fossil clean, fossil extras, fossil ls and fossil status commands to restrict operation to files and directories named on the command-line. * New --integrate option to fossil merge, which automatically closes the merged branch when committing. * Renamed /stats_report page to /reports. Graph width is now relative, not absolute. * Added yw=YYYY-WW (year-week) filter to timeline to limit the results to a specific year and calendar week number, e.g. /timeline?yw=2013-01. * Updates to SQLite to prevent opening a repository file using file descriptors 1 or 2 on unix. This fixes a bug under which an assertion failure could overwrite part of a repository database file, corrupting it. * Added support for unlimited line lengths in side-by-side diffs. * New --close option to fossil commit, which immediately closes the branch being committed. * Added chart option to fossil bisect. * Improvements to the "human or bot?" determination. * Reports errors about missing CGI-standard environment variables for HTTP servers which do not support them. * Added --scgi option to fossil server. * Internal improvements to the sync process. * The internals of the JSON API are now MIT-licensed, so downstream users/packagers are no longer affected by the "do no evil" license clause. * The argument to the --port option for the "fossil ui" and "fossil server" commands can take an IP address in addition to
Reinhard Max2013-10-15 15:46:08 +00:00
cc221290b6
Accepting request 156291 from devel:tools:scm
Stephan Kulow
2013-02-25 19:34:19 +00:00
4a08bd2ac3
Accepting request 155833 from home:m_meister:branches:devel:tools:scm
Dirk Mueller2013-02-25 09:18:42 +00:00
213c732187
Accepting request 145302 from devel:tools:scm
Stephan Kulow
2013-01-11 16:11:27 +00:00
Dominique Leuenberger
Reinhard Max
Ana Guerrero
Martin Pluskal
Yuchen Lin
Andreas Stieger
Dirk Mueller
Takashi Iwai
Stephan Kulow
Tomáš Chvátal
Cristian Rodríguez