Fossil

Timeline
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

68 check-ins using file src/main.c version 52d2860fa0

2019-09-04
00:49
Fixed discussion of "x" cap in www/private.wiki to match its current implementation. ... (check-in: c5561039e1 user: wyoung tags: trunk)
2019-09-03
21:22
Back out check-in [3ad81c3c499599b4] which was causing sync to fail. ... (check-in: e1962ef67f user: drh tags: trunk)
20:20
Include the "js" property in the configuration export for skins. ... (check-in: 498fc87ac1 user: drh tags: trunk)
20:19
When displaying documents, provide class hints about the language of the document to syntax highlighter extensions. ... (check-in: 74b538f614 user: drh tags: trunk)
20:17
Improvements to /vdiff. Provide the branch= query parameter. In the name decoder, all "merge-in:BRANCH" to mean the most recent merge-in to BRANCH from its parent. Provide "Diff" links for branches that show all changes since the most recent merge-in. ... (check-in: e632a092a8 user: drh tags: trunk)
20:08
Fix a possible UNIQUE constraint violation in the new /vdiff logic. ... (Closed-Leaf check-in: 8e175a6708 user: drh tags: vdiff-improvements)
17:17
Adds 'js' to CONFIGSET_SKIN so that skin javascript is included in exports, syncs, etc. Works okay outside of checkouts in my testing. Probably needs some review by drh before being merged. ... (Closed-Leaf check-in: 5d2299d8ee user: ckennedy tags: js-skin-export)
2019-09-02
23:26
Added a new section to www/defcsp.md, "Serving Files Within the Limits". It pulls together a bit of info already in the document on the topic and then expands it considerably. The overall message is, "You probably don't have to override the default CSP." ... (check-in: 58883eccea user: wyoung tags: trunk)
19:54
In /artifact and similar pages, put HTML code tag inside pre with class="language-zExt" where zExt is the extension from the artifact's file name, if any. This allows JS code highlighting plugins to style such pre blocks automatically based on file name extension. ... (Closed-Leaf check-in: f3b9171498 user: wyoung tags: code-in-pre)
2019-08-31
18:22
Minor typo correction in comment---no functional change. ... (check-in: ab2b8de896 user: andybradford tags: trunk)
18:09
Avoid warning about extra call to db_end_transaction() by returning at the end of a complete block. ... (check-in: 7b2350a86b user: andybradford tags: trunk)
17:09
If there is nothing to stash, issue an error. ... (check-in: d959c48ac6 user: andybradford tags: trunk)
16:23
Merge in trunk latest developments. ... (Closed-Leaf check-in: 08291fec9f user: andybradford tags: test-updates)
2019-08-29
01:57
Linked to the new caps docs from the existing www/* docs wherever "capability" or "capabilities" was mentioned before. ... (check-in: 0af0e14688 user: wyoung tags: caps-doc)
00:45
Clarified meaning of EmailAlert (7) in cap ref. ... (check-in: 4aceb600dc user: wyoung tags: caps-doc)
00:31
Merged in trunk changes ... (check-in: 493254b2e7 user: wyoung tags: caps-doc)
00:28
Updated comment about "6-character random hex password" at the top level of the new setup docs to track [23a9f9bac2]. ... (check-in: f304ba31fe user: wyoung tags: trunk)
00:21
Linked to the new material showing Fossil's idea of user power hierarchy from the comment in fossil-v-git.wiki about Fossil's support for the organization's social and power hierarchies. It's not that Fossil has *no* support for enforcing this, it's that it's usually a fairly loose match between the two systems. This is an important point, because some people new to Fossil expect 1:1 mapping and get disappointed when we tell them it just doesn't do that. ... (check-in: b72795a339 user: wyoung tags: caps-doc)
00:17
Fixed some URLs still referring to admin-v-setup.md in its old location. ... (check-in: 182c4d7abc user: wyoung tags: caps-doc)
00:07
Investigated the use of HTTP for sync over ssh:// and file:// URLs and added what I found to the "Caps Affect Web Interfaces Only" section of the new caps docs. ... (check-in: 845b459439 user: wyoung tags: caps-doc)
2019-08-28
23:33
Documented Public Pages and the default user capability set in www/caps/index.md. ... (check-in: 4671ddb179 user: wyoung tags: caps-doc)
23:15
Moved the discussion about inadvertent attribution of artifacts and the problems with easy solutions to the problem into the implementation details section of the new caps docs and expanded it to cover recent forum discussions. ... (check-in: 78ad8b7496 user: wyoung tags: caps-doc)
22:42
Assorted small improvements to top-level caps doc ... (check-in: f21bfbeede user: wyoung tags: caps-doc)
22:09
Expanded the "Why Not Bitfields?" discussion in www/caps/impl.md. Also tweaked the "Capability Letter Choices" text a bit while in there. ... (check-in: 3ac560a2d0 user: wyoung tags: caps-doc)
19:52
Changed the hamburger menu link href from "#" to "/sitemap" so clicks on it do something useful in the noscript case. ... (check-in: b2379b31c2 user: wyoung tags: trunk)
16:08
Added 'or' help for checkin/ci alias, per forum request. ... (check-in: f616380dfa user: stephan tags: trunk)
2019-08-27
20:57
For candidate CGI parameter names that start with an uppercase letter, convert them to lowercase and then add. ... (check-in: b47b6b6906 user: mistachkin tags: noJsonCgiFlag)
20:35
Moved www/capabilities.md to www/caps/index.md and www/admin-v-setup.md to www/caps/admin-v-setup.md. Then broke three chunks of the old capabilities.md doc out into new www/caps/* docs: login groups, implementation details of user capabilities, and the user capability reference material. The latter switched from Markdown to HTML format so we could make it a clearer-looking table, rather than its prior hard-to-read bullet list form. ... (check-in: c6cdf9ce8e user: wyoung tags: caps-doc)
18:04
Merged most of the new material on Setup vs Admin in the new capabilities doc into the pre-existing admin-v-setup.md doc, which already covers this topic. ... (check-in: ee901c7be3 user: wyoung tags: caps-doc)
12:51
Change 'NO_JSON' to lowercase. Remove other branch changes that are now superfluous. ... (check-in: 8baac2646c user: mistachkin tags: noJsonCgiFlag)
12:36
Add hyperlinks to the branch diff page from branch timeline and from /info. ... (check-in: 833b220adc user: drh tags: vdiff-improvements)
04:15
Make it possible to disable JSON auto-detection in the CGI subsystem. ... (check-in: a775435357 user: mistachkin tags: noJsonCgiFlag)
03:56
Grepped the Fossil source code for C code that checks for Setup caps exclusively to preotect functions and listed those in the Reference section of capablities.md. Also expanded the coverage of the "caps affect Fossil web interfaces only" section, which plays into this. ... (check-in: 689f7683b6 user: wyoung tags: caps-doc)
02:16
Added cap "n" to "r" in skins that show a /ticket link in their header, since the handler for it allows the page to show for those who can only file new tickets, not just those who can see existing tickets. Also fixed some skins that were using "anoncap" to test this: it needs to work for all logged-in users, not just "anonymous". ... (Closed-Leaf check-in: f4e3abce26 user: wyoung tags: skin-cap-matching)
02:08
Minor wording change in the header of /vdiff. ... (check-in: 69adb45da0 user: drh tags: vdiff-improvements)
02:07
Updates to the /vdiff page with the branch=BRANCH query parameter so that it uses merge-in: instead of root: and thus excludes merge-in check-ins from the diff. ... (check-in: b36dc6f121 user: drh tags: vdiff-improvements)
01:55
Rewrote explanation of "o" cap. ... (check-in: 208ca0d713 user: wyoung tags: caps-doc)
01:47
Add the "merge-in:NAME" name type, similar to "root:NAME" except that it finds the youngest anscestor of NAME that is in the branch from which the branch of NAME derived. ... (check-in: dcd8f1d8f4 user: drh tags: vdiff-improvements)
01:40
Disentangled discussion of "developer" vs "reader" in capabilities.md. ... (check-in: 869494eb8f user: wyoung tags: caps-doc)
01:00
Added (Names) to the "Capability Reference" section of capabilities.md so the reference can be used while reading C source code, which uses these names instead of the capability characters in all code past the login handler. ... (check-in: d48dff8fd7 user: wyoung tags: caps-doc)
00:29
Merge in documentation enhancements from trunk. ... (check-in: c1b62c3260 user: drh tags: vdiff-improvements)
00:29
Remove an unused subroutine. Fix a minor CSS problem. ... (check-in: 2078c746a5 user: drh tags: vdiff-improvements)
00:11
On the /vdiff page, show a timeline with both check-ins using different highlights on each check-in. ... (check-in: 6e40f866ab user: drh tags: vdiff-improvements)
00:07
Changed all of the [anycap jor] TH1 calls in the stock skins wrapping the generation of that skin's /timeline and /timeline.rss links to [anycap ijr2] to match the user caps the timeline HTTP hit handler actually checks for in the C code. This is a branch in part because it needs review, but also it's the start of a broader effort to check the other cap checks in the skins to make sure they a) match what the C code checks for; and b) match each other. ... (check-in: 9cee8cf5c4 user: wyoung tags: skin-cap-matching)
2019-08-25
13:24
Added HTTP proxying info to Debian nginx server setup guide. ... (check-in: c6a033cea6 user: wyoung tags: trunk)
12:39
Replaced the content of "Running Fossil in SCGI Mode" within www/server/debian/nginx.md with references to our other Fossil server docs. This also reduces the prior focus of this section on fslsrv to a single sentence, since we now prefer the systemd option, now that we have it. ... (check-in: a4bb92f791 user: wyoung tags: trunk)
12:29
Swapped the simple foo.net "whole site is Fossil" example in www/server/debian/nginx.md for the more complicated example.com one where only /code is served by Fossil. This is probably going to be more common, and it shows off the important detail of setting SCRIPT_NAME properly. Made a minor adjustment to any/scgi.md to track this change, so there is not a pointless difference between these two nginx configs. ... (check-in: 653e90ca62 user: wyoung tags: trunk)
11:52
Clarified use of scgi_params, SCRIPT_NAME, and service starting in the generic SCGI server setup doc. ... (check-in: 5a58ac3141 user: wyoung tags: trunk)
2019-08-24
18:32
Merge fork ... (check-in: 6c6aae9782 user: andygoth tags: trunk)
2019-08-23
12:42
Add the fossil_random_password() utility function and use it to generate a stronger initial admin-user password in the "fossil new" command. ... (check-in: 23a9f9bac2 user: drh tags: trunk)
12:23
If the test-markdown-render or test-wiki-render commands are invoked without a repository in which to check for Wiki page names and artifact hashes, then substitute a temporary, empty, in-memory repository so that the commands will still work and won't give SQL errors. ... (check-in: 0ac64dad80 user: drh tags: trunk)
11:49
Clarified the placement of "moderator" and "subscriber" in the power hierarchy expression within www/capabilities.md, since each could float up and down somewhat within the fixed hierarchy we give here. Also fixed a broken URL. ... (check-in: ba88f4f2a7 user: wyoung tags: caps-doc)
11:07
Markdown hyperlinks are only converted to links to wiki if the named wikipage actually exists. Otherwise, the link becomes a relative link. This is for backwards compatibility. ... (check-in: 3b10e64468 user: drh tags: trunk)
08:31
Added www/capabilities.md, a complete treatment on user capabilities, user categories, login groups, and administration matters involving all of this. It does not replace the pre-existing admin-v-setup.md doc, but a bit of its content did move into this new doc. The new doc also contains the user capability info previously in the forum.wiki doc. This is on a branch because although it's quite useful already, it could use some work before being merged down. At the barest minimum, there are some unanswered questions in the new doc that need addressing. This new doc does not replace the existing documentation in the UI. It may be that we end up paring that down a bit now that we have a full doc to refer to, but that is a topic for the forum thread that will appear shortly after this checkin. ... (check-in: 832f107ebb user: wyoung tags: caps-doc)
05:32
Fixed a few fatal error messages from the login-group command that referred to an "add" command, which is now called "join". The symptom I saw is that "fossil login-group add" complained that "add" is not a valid command and that you should give '"add" or "leave"' instead! ... (check-in: 09c65d7527 user: wyoung tags: trunk)
05:22
Fixed a few messages from the login-group command that referred to an apparent older name for the "join" sub-command, "add". This lead to a confusing symptom: "fossil login-group add foo" -> {unknown command "add" - should be "add" or "leave"}. ... (check-in: 739cd8720e user: wyoung tags: trunk)
2019-08-22
15:06
Stronger recommendation for changing the default user's random hex password prior to setting up a Fossil server after learning it's 6 hex digits, not 8 as I thoght when I wrote that! ... (check-in: 9fcd6e443c user: wyoung tags: trunk)
14:14
Added bullet list detailing the sources for <script nonce=""> from a Fossil server and the reasons we consider each path safe. ... (check-in: 91377ae432 user: wyoung tags: trunk)
13:31
Reworked the material explaining why in-page <style> is currently allowed by Fossil's default CSP to make it clearer that this is most likely a temporary situation and that local custom CSS should go in the skin instead. ... (check-in: 092eeebf40 user: wyoung tags: trunk)
13:13
Expanded the discussion of in-repo and out-of-repo resource links in defcsp.md. ... (check-in: 23fcd765f6 user: wyoung tags: trunk)
12:39
Reworked the new introductory material in defcsp.md to be less about the CSP as last-resort and more about being a secondary filter to our other measures. Gave examples to clarify the tensions that prevent a purely server-side solution from being a practical solution. ... (check-in: 1c4df5bf0a user: wyoung tags: trunk)
11:54
"RaspberryPI" -> "Raspberry Pi" ... (check-in: 5182be99c9 user: wyoung tags: trunk)
11:53
Assorted refinements to the new pre- and post-activation advice sections in www/server/index.html: nix passive voice, add a few details, add some links to related docs, etc. Also fixed a CSS indenting problem preventing correct use of <p> in <li>, then made use of the new freedom in these sections' numbered lists. ... (check-in: b5c2c9bf31 user: wyoung tags: trunk)
2019-08-21
19:18
Fix the $ROOT mechanism in HTML documents so that it accepts any whitespace character before href= and script=. Add $ROOT in appropriate places in the server documentation. ... (check-in: 3e183bfad8 user: drh tags: trunk)
18:15
Outline how to configure a repository before and after server activation. ... (check-in: 154ea087af user: drh tags: trunk)
17:37
Improvements to the althttpd documentation. ... (check-in: 44f1df9fef user: drh tags: trunk)
17:21
Further improvements to the server document. ... (check-in: c2c4d3039f user: drh tags: trunk)
16:57
Extra defenses against running fossil_atexit() more than once. ... (check-in: bc7683e15a user: drh tags: trunk)