Fossil

  int j;
  while( i<n ){
    char c = z[i];
    if( c=='[' && (j = help_is_link(z+i, n-i))>0 ){
      if( i ) blob_append(pOut, z, i);
      z += i+2;
      n -= i+2;
      blob_appendf(pOut, "<a href='%R/help?cmd=%.*s'>%.*s</a>",
         j-3, z, j-3, z);
      z += j-1;
      n -= j-1;
      i = 0;
    }else if( c=='%' && n-i>=7 && strncmp(z+i,"%fossil",7)==0 ){
      if( i ) blob_append(pOut, z, i);
      z += i+7;

    if( 0==fossil_strcmp(zName, z) ) return 1;
  }
  return 0;
}

/*
** WEBPAGE: help
** URL: /help?name=CMD
**
** Show the built-in help text for CMD.  CMD can be a command-line interface

** command or a page name from the web interface or a setting.


** Query parameters:
**
**    name=CMD        Show help for CMD where CMD is a command name or






**                    webpage name or setting name.
**
**    plaintext       Show the help within <pre>...</pre>, as if it were
**                    displayed using the "fossil help" command.
**
**    raw             Show the raw help text without any formatting.
**                    (Used for debugging.)
*/
void help_page(void){
  const char *zCmd = P("cmd");

  if( zCmd==0 ) zCmd = P("name");
  cgi_check_for_malice();
  if( zCmd && *zCmd ){
    int rc;
    const CmdOrPage *pCmd = 0;

    style_set_current_feature("tkt");
    style_submenu_element("Topic-List", "%R/help");
    if( search_restrict(SRCH_HELP)!=0 ){
      style_submenu_element("Search","%R/search?y=h");





    }
    rc = dispatch_name_search(zCmd, CMDFLAG_ANY|CMDFLAG_PREFIX, &pCmd);
    if( pCmd ){
      style_header("Help: %s", pCmd->zName);
    }else{
      style_header("Help");
    }

      const char *z = aCommand[i].zName;
      const char *zBoldOn  = aCommand[i].eCmdFlags&CMDFLAG_1ST_TIER?"<b>" :"";
      const char *zBoldOff = aCommand[i].eCmdFlags&CMDFLAG_1ST_TIER?"</b>":"";
      if( '/'==*z || strncmp(z,"test",4)==0 ) continue;
      if( (aCommand[i].eCmdFlags & CMDFLAG_SETTING)!=0 ) continue;
      else if( (aCommand[i].eCmdFlags & CMDFLAG_HIDDEN)!=0 ) continue;
      else if( (aCommand[i].eCmdFlags & CMDFLAG_ALIAS)!=0 ) continue;
      @ <li><a href="%R/help?cmd=%s(z)">%s(zBoldOn)%s(z)%s(zBoldOff)</a>
      /* Output aliases */
      if( occHelp[aCommand[i].iHelp] > 1 ){
        int j;
        int aliases[MX_HELP_DUP], nAliases=0;
        for(j=0; j<occHelp[aCommand[i].iHelp]; j++){
          if( bktHelp[aCommand[i].iHelp][j] != i ){
            if( aCommand[bktHelp[aCommand[i].iHelp][j]].eCmdFlags
                & CMDFLAG_ALIAS ){
              aliases[nAliases++] = bktHelp[aCommand[i].iHelp][j];
            }
          }
        }
        if( nAliases>0 ){
          int k;
          @(\
          for(k=0; k<nAliases; k++){
            @<a href="%R/help?cmd=%s(aCommand[aliases[k]].zName)">\
            @%s(aCommand[aliases[k]].zName)</a>%s((k<nAliases-1)?", ":"")\
          }
          @)\
        }
      }
      @ </li>
    }

    @ </ul></div>

    @ <a name='webpages'></a>
    @ <h1>Available web UI pages:</h1>
    @ <div class="columns" style="column-width: %s(zWidth);">
    @ <ul>
    for(i=0; i<MX_COMMAND; i++){
      const char *z = aCommand[i].zName;
      if( '/'!=*z ) continue;
      else if( (aCommand[i].eCmdFlags & CMDFLAG_HIDDEN)!=0 ) continue;
      if( aCommand[i].zHelp[0] ){
        @ <li><a href="%R/help?cmd=%s(z)">%s(z+1)</a></li>
      }else{
        @ <li>%s(z+1)</li>
      }
    }
    @ </ul></div>

    @ <a name='unsupported'></a>
    @ <h1>Unsupported commands:</h1>
    @ <div class="columns" style="column-width: %s(zWidth);">
    @ <ul>
    for(i=0; i<MX_COMMAND; i++){
      const char *z = aCommand[i].zName;
      if( strncmp(z,"test",4)!=0 ) continue;
      else if( (aCommand[i].eCmdFlags & CMDFLAG_HIDDEN)!=0 ) continue;
      if( aCommand[i].zHelp[0] ){
        @ <li><a href="%R/help?cmd=%s(z)">%s(z)</a></li>
      }else{
        @ <li>%s(z)</li>
      }
    }
    @ </ul></div>

    @ <a name='settings'></a>
    @ <h1>Settings:</h1>
    @ <div class="columns" style="column-width: %s(zWidth);">
    @ <ul>
    for(i=0; i<MX_COMMAND; i++){
      const char *z = aCommand[i].zName;
      if( (aCommand[i].eCmdFlags & CMDFLAG_SETTING)==0 ) continue;
      else if( (aCommand[i].eCmdFlags & CMDFLAG_HIDDEN)!=0 ) continue;
      if( aCommand[i].zHelp[0] ){
        @ <li><a href="%R/help?cmd=%s(z)">%s(z)</a></li>
      }else{
        @ <li>%s(z)</li>
      }
    }
    @ </ul></div>

  }

void mimetype_list_page(void){
  int i;
  char *zCustomList = 0;    /* value of the mimetypes setting */
  int nCustomEntries = 0;   /* number of entries in the mimetypes
                            ** setting */
  mimetype_verify();
  style_header("Mimetype List");
  @ <p>The Fossil <a href="%R/help?cmd=/doc">/doc</a> page uses filename
  @ suffixes and the following tables to guess at the appropriate mimetype
  @ for each document. Mimetypes may be customized and overridden using
  @ <a href="%R/help?cmd=mimetypes">the mimetypes config setting</a>.</p>
  zCustomList = db_get("mimetypes",0);
  if( zCustomList!=0 ){
    Blob list, entry, key, val;
    @ <h1>Repository-specific mimetypes</h1>
    @ <p>The following extension-to-mimetype mappings are defined via
    @ the <a href="%R/help?cmd=mimetypes">mimetypes setting</a>.</p>
    @ <table class='sortable mimetypetable' border=1 cellpadding=0 \
    @ data-column-types='tt' data-init-sort='0'>
    @ <thead>
    @ <tr><th>Suffix<th>Mimetype
    @ </thead>
    @ <tbody>
    blob_set(&list, zCustomList);

      if( pSetting==0 ) continue;
      zQP[0] = 'a'+i;
      zQP[1] = zQP[0];
      zQP[2] = 0;
      if( pSetting->width==0 ){
        /* Boolean setting */
        @ <tr><td align="right">
        @ <a href='%R/help?cmd=%h(pSetting->name)'>%h(pSetting->name)</a>:
        @ </td><td>
        onoff_attribute("", zQP, pSetting->name/*works-like:"x"*/, 0, 0);
        @ </td></tr>
      }else{
        /* Text value setting */
        @ <tr><td align="right">
        @ <a href='%R/help?cmd=%h(pSetting->name)'>%h(pSetting->name)</a>:
        @ </td><td>
        entry_attribute("", 25, pSetting->name, zQP/*works-like:""*/,
                        pSetting->def, 0);
        @ </td></tr>
      }   
    }
    @ </tbody></table>

> Both a footnote's text and a fragment to which a footnote applies
> are subject to further interpretation as Markdown sources.

## Miscellaneous ##

> *   In-line images are made using **\!\[alt-text\]\(image-URL\)**.
> *   Use HTML for advanced formatting such as forms, noting that certain
>     tags are [disallowed in some contexts](/help?cmd=safe-html).
> *   **\<!--** HTML-style comments **-->** are supported.
> *   Escape special characters (ex: **\[** **\(** **\|** **\***)
>     using backslash (ex: **\\\[** **\\\(** **\\\|** **\\\***).
> *   A line consisting of **---**, **\*\*\***, or **\_\_\_** is a horizontal
>     rule.  Spaces and extra **-**/**\***/**_** are allowed.
> *   Paragraphs enclosed in **\<html\>...\</html\>** is passed through unchanged.
> *   See [daringfireball.net][] for additional information.

      zPrefix = "The";
    }else{
      zPrefix = "Built-in help for the";
    }
    db_multi_exec(
      "INSERT INTO x(label,url,score,id,snip)"
      "  SELECT format('%q \"%%s\" %%s',name,type),"
      "         '/help?cmd='||name,"
      "         search_score(),"
      "         'h'||rowid,"
      "         search_snippet()"
      "    FROM helptext"
      "   WHERE search_match(format('the \"%%s\" %%s',name,type),"
      "                      helptext.helptext);",
      zPrefix

  }

  zVulnReport = db_get("vuln-report","log");
  if( fossil_strcmp(zVulnReport,"block")!=0
   && fossil_strcmp(zVulnReport,"fatal")!=0
  ){
    @ <li><p><b>WARNING:</b>
    @ The <a href="%R/help?cmd=vuln-report">vuln-report setting</a>
    @ has a value of "%h(zVulnReport)". This disables defenses against
    @ XSS or SQL-injection vulnerabilities caused by coding errors in
    @ custom TH1 scripts.  For the best security, change
    @ the value of the vuln-report setting to "block" or "fatal".
  }

  /* Obsolete:  */

          (db_get_versioned(pSet->name, NULL, NULL)!=0);
      if( bIfChng && setting_has_default_value(pSet, db_get(pSet->name,0)) ){
        continue;
      }
      onoff_attribute("", pSet->name,
                      pSet->var!=0 ? pSet->var : pSet->name /*works-like:"x"*/,
                      is_truth(pSet->def), hasVersionableValue);
      @ <a href='%R/help?cmd=%s(pSet->name)'>%h(pSet->name)</a>
      if( pSet->versionable ){
        @  (v)<br>
      } else {
        @ <br>
      }
    }
  }
  @ <br><input type="submit"  name="submit" value="Apply Changes">
  @ </td><td style="width:50px;"></td><td valign="top">
  @ <table>
  for(i=0, pSet=aSetting; i<nSetting; i++, pSet++){
    if( pSet->width>0 && !pSet->forceTextArea ){
      int hasVersionableValue = pSet->versionable &&
          (db_get_versioned(pSet->name, NULL, NULL)!=0);
      if( bIfChng && setting_has_default_value(pSet, db_get(pSet->name,0)) ){
        continue;
      }
      @ <tr><td>
      @ <a href='%R/help?cmd=%s(pSet->name)'>%h(pSet->name)</a>
      if( pSet->versionable ){
        @  (v)
      } else {
        @
      }
      @</td><td>
      entry_attribute("", /*pSet->width*/ 25, pSet->name,
                      pSet->var!=0 ? pSet->var : pSet->name /*works-like:"x"*/,
                      (char*)pSet->def, hasVersionableValue);
      @</td></tr>
    }
  }
  @</table>
  @ </td><td style="width:50px;"></td><td valign="top">
  for(i=0, pSet=aSetting; i<nSetting; i++, pSet++){
    if( pSet->width>0 && pSet->forceTextArea ){
      int hasVersionableValue = db_get_versioned(pSet->name, NULL, NULL)!=0;
      if( bIfChng && setting_has_default_value(pSet, db_get(pSet->name,0)) ){
        continue;
      }
      @ <a href='%R/help?cmd=%s(pSet->name)'>%s(pSet->name)</a>
      if( pSet->versionable ){
        @  (v)<br>
      } else {
        @ <br>
      }
      textarea_attribute("", /*rows*/ 2, /*cols*/ 35, pSet->name,
                      pSet->var!=0 ? pSet->var : pSet->name /*works-like:"x"*/,

    disableY = 1;
  }else{
    zBisect = 0;
  }

  style_header("Timeline");
  if( advancedMenu ){
    style_submenu_element("Help", "%R/help?cmd=/timeline");
  }
  login_anonymous_available();
  timeline_temp_table();
  blob_zero(&sql);
  blob_zero(&desc);
  blob_append(&sql, "INSERT OR IGNORE INTO timeline ", -1);
  blob_append(&sql, timeline_query_for_www(), -1);

out what web page is being requested, generates that one web page,
then exits.

Usually, the webpage being requested is the first term of the
PATH_INFO environment variable.  (Exceptions to this rule are noted
in the sequel.)  For our example, the first term of PATH_INFO
is "timeline", which means that Fossil will generate
the [/help?cmd=/timeline|/timeline] webpage.

With Fossil, terms of PATH_INFO beyond the webpage name are converted into
the "name" query parameter.  Hence, the following two URLs mean
exactly the same thing to Fossil:
<ol type='A'>
<li> [https://fossil-scm.org/home/info/c14ecc43]
<li> [https://fossil-scm.org/home/info?name=c14ecc43]
</ol>

In both cases, the CGI script is called "/fossil".  For case (A),
the PATH_INFO variable will be "info/c14ecc43" and so the
"[/help?cmd=/info|/info]" webpage will be generated and the suffix of
PATH_INFO will be converted into the "name" query parameter, which
identifies the artifact about which information is requested.
In case (B), the PATH_INFO is just "info", but the same "name"
query parameter is set explicitly by the URL itself.

<h2>Serving Multiple Fossil Repositories From One CGI Script</h2>

source is seen as a space of key/value pairs which are loaded into an
internal property hash table.  The code that runs to generate the reply
can then reference various properties values.
Fossil does not care where the value of each property comes from (POST
content, cookies, or query parameters) only that the property exists
and has a value.</p></li>
<li><p>
The "[/help?cmd=ui|fossil ui]" and "[/help?cmd=server|fossil server]" commands
are implemented using a simple built-in web server that accepts incoming HTTP
requests, translates each request into a CGI invocation, then creates a
separate child Fossil process to handle each request.  In other words, CGI
is used internally to implement "fossil ui/server".
<br><br>
SCGI is processed using the same built-in web server, just modified
to parse SCGI requests instead of HTTP requests.  Each SCGI request is

<title>How The Fossil Download Page Works</title>

<h2>1.0 Overview</h2>

The [/uv/download.html|Download] page for the Fossil self-hosting
repository is implemented using [./unvers.wiki|unversioned files].
The "download.html" screen itself, and the various build products
are all stored as unversioned content.  The download.html page
uses XMLHttpRequest() to retrieve the [/help?cmd=/juvlist|/juvlist] webpage
for a list of all unversioned files.  Javascript in the
[/uv/download.js?mimetype=text/plain|download.js] file (which is
sourced by "download.html") then figures out which unversioned files are
build products and paints appropriate icons on the displayed
download page.

Except, the "Source Tarball" download products are not stored as
unversioned files.  They are computed on-demand by the
[/help?cmd=/tarball|/tarball web page].

When a new version is generated, the developers use the
[/help?cmd=uv|fossil uv edit] command to make minor changes
to the "[/uv/download.js?mimetype=text/plain|download.js]"
file so that it knows about the
new version number.  Then the developers run
the [/help?cmd=uv|fossil uv add] command for each
build product.  Finally, the
[/help?cmd=uv|fossil uv sync] command is run to push all
the content up to servers.  All
[./selfhost.wiki|three self-hosting repositories] for Fossil
are updated automatically.

<h2>2.0 Details</h2>

The current text of the "download.html" and "download.js" files can

Fossil knows to add its standard header and footer information to the
document, making it look just like any other page.  See
"[./embeddeddoc.wiki|embedded documentation]" for further details on
how this <div class='fossil-doc'> markup works.

With each new release, the "releases" variable in the javascript on
the [/uv/download.js?mimetype=text/plain|download.js] page is
edited (using "[/help?cmd=uv|fossil uv edit download.js]") to add
details of the release.

When the JavaScript in the "download.js" file runs, it requests
a listing of all unversioned content using the /juvlist URL.
([/juvlist|sample /juvlist output]).  The content of the download page is
constructed by matching unversioned files against regular expressions
in the "releases" variable.

Build products need to be constructed on different machines.  The precompiled
binary for Linux is compiled on Linux, the precompiled binary for Windows
is compiled on Windows11, and so forth.  After a new release is tagged,
the release manager goes around to each of the target platforms, checks
out the release and compiles it, then runs
[/help?cmd=uv|fossil uv add] for the build product followed by
[/help?cmd=uv|fossil uv sync] to push the new build product to the
[./selfhost.wiki|various servers].  This process is repeated for
each build product.

When older builds are retired from the download page, the
[/uv/download.js?mimetype=text/plain|download.js] page is again
edited to remove the corresponding entry from the "release" variable
and the edit is synced using
[/help?cmd=uv|fossil uv sync].  This causes the build products to
disappear from the download page immediately.  But those build products
are still taking up space in the unversioned content table of the
server repository.  To purge the obsolete build products, one or
more [/help?cmd=uv|fossil uv rm] commands are run, followed by
another [/help?cmd=uv|fossil uv sync].  It is important to purge
obsolete build products since they take up a lot of space.
At [/repo-tabsize] you can see that the unversioned table takes up
a substantial fraction of the repository.

<h2>3.0 Security</h2>

Only users with the [/setup_ulist_notes|"y" permission] are allowed

# Email Alerts

## Overview

Beginning with version 2.7, Fossil can send email messages to
subscribers to alert them to changes in the repository:

  *  New [checkins](/help?cmd=ci)
  *  [Ticket](./tickets.wiki) changes
  *  [Wiki](./wikitheory.wiki) page changes
  *  New and edited [forum](./forum.wiki) posts
  *  Users receiving [new permissions](./caps/index.md) (admins only)
  *  Announcements

Subscribers can elect to receive emails as soon as these events happen,

This section collects the list of Fossil UI pages and CLI commands that
control the email alert system, some of which have not been mentioned so
far:

Commands:

   *  The [`alerts`](/help?cmd=alerts) command
   *  The [`test-alert`](/help?cmd=test-alert) command
   *  The [`test-add-alerts`](/help?cmd=test-add-alerts) command

Web pages available to users and subscribers:

   *  The [`/subscribe`](/help?cmd=/subscribe) page
   *  The [`/alerts`](/help?cmd=/alerts) page
   *  The [`/unsubscribe`](/help?cmd=/unsubscribe) page
   *  The [`/renew`](/help?cmd=/renew) page
   *  The [`/contact_admin`](/help?cmd=/contact_admin) page

Administrator-only web pages:

   *  The [`/setup_notification`](/help?cmd=/setup_notification) page
   *  The [`/subscribers`](/help?cmd=/subscribers) page


<a id="design"></a>
## Design of Email Alerts

This section describes the low-level design of the email alert system in
Fossil.  This expands on the high-level administration focused material

of the requester and so a malicious robot can forge a UserAgent
string that makes it look like a human.  But most robots want
to "play nicely" on the internet and are quite open
about the fact that they are a robot.  And so the UserAgent string
provides a good first-guess about whether or not a request originates
from a human or a robot.

The [/help?cmd=auto-hyperlink|auto-hyperlink] setting, shown as
"<b>Enable hyperlinks based on User-Agent and/or Javascript</b>" on
the Robot Defense Settings page, 
can be set to "UserAgent only" or "UserAgent and Javascript" or "off".
If the UserAgent string looks like a human and not a robot, then
Fossil will enable hyperlinks even if the <b>Hyperlink</b> capability
is omitted from the user permissions.  This setting gives humans easy
access to the hyperlinks while preventing robots

This extra step of using JavaScript to enable the hyperlink targets
is a security measure against robots that forge a human-looking
UserAgent string.  Most robots do not bother to run JavaScript and
so to the robot the empty anchor tag will be useless.  But all modern
web browsers implement JavaScript, so hyperlinks will show up
normally for human users.

If the [/help?cmd=auto-hyperlink|"auto-hyperlink"] setting is (2)
"<b>Enable hyperlinks using User-Agent and/or Javascript</b>",
then there are now two additional sub-settings that control when
hyperlinks are enabled.

The first new sub-setting is a delay (in milliseconds) before setting
the "href=" attributes on anchor tags.  The default value for this
delay is 10 milliseconds.  The idea here is that a robots will try to

See also [./loadmgmt.md|Managing Server Load] for a description
of how expensive pages can be disabled when the server is under heavy
load.

<h2>Do Not Allow Robot Access To Certain Pages</h2>

The [/help?cmd=robot-restrict|robot-restrict setting] is a comma-separated
list of GLOB patterns for pages for which robot access is prohibited.
The default value is:

<blockquote><pre>
timelineX,diff,annotate,fileage,file,finfo,reports
</pre></blockquote>

  *  <b>zip &rarr;</b>
     The special "zip" keyword also matches "/tarball/" and "/sqlar/".

  *  <b>zipX &rarr;</b>
     This is like "zip" in that it restricts access to "/zip/", "/tarball"/
     and "/sqlar/" but with exceptions:<ol type="a">
     <li><p> If the [/help?cmd=robot-zip-leaf|robot-zip-leaf] setting is
             true, then tarballs of leaf check-ins are allowed.  This permits
             URLs that attempt to download the latest check-in on trunk or
             from a named branch, for example.
     <li><p> If a check-in has a tag that matches the GLOB list in
             [/help?cmd=robot-zip-tag|robot-zip-tag], then tarballs of that
             check-in are allowed.  This allow check-ins tagged with
             "release" or "allow-robots" (for example) to be downloaded
             without restriction.
     </ol>
     The "zipX" restriction is not in the default robot-restrict setting.
     This is something you might want to add, depending on your needs.

  *  <b>diff &rarr;</b>
     This matches /vdiff/ and /fdiff/ and /vpatch/ and any other page that
     is primarily about showing the difference between two check-ins or two
     file versioons.

  *  <b>annotate &rarr;</b>
     This also matches /blame/ and /praise/.

Other special keywords may be added in the future.

The default [/help?cmd=robot-restrict|robot-restrict]
setting has been shown in practice to do a good job of keeping 
robots from consuming all available CPU and bandwidth while will
still allowing humans access to the full power of the site without
having to be logged in.

One possible enhancement is to add "zipX" to the 
[/help?cmd=robot-restrict|robot-restrict] setting,
and enable [help?cmd=robot-zip-leaf|robot-zip-leaf]
and configure [help?cmd=robot-zip-tag|robot-zip-tag].
Do this if you find that robots downloading lots of
obscure tarballs is causing load issues on your site.

<h2>Anti-robot Exception RegExps</h2>

The [/help?cmd=robot-exception|robot-exception setting] under the name
of <b>Exceptions to anti-robot restrictions</b> is a list of
[/re_rules|regular expressions], one per line, that match
URIs that will bypass the captcha and allow robots full access.  The
intent of this setting is to allow automated build scripts
to download specific tarballs of project snapshots.

The recommended value for this setting allows robots to use URIs of the

request.  After each webpage is generated, Fossil checks to see if any
backoffice work needs to be done. If there is work to do, and no other
process is already assigned to do the work, then a new backoffice process
is started to do the work.

This happens for every webpage, regardless of how that webpage is launched,
and regardless of the purpose of the webpage.  This also happens on the
server for "[fossil sync](/help?cmd=sync)" and
[fossil clone](/help?cmd=clone)" commands which are implemented as
web requests - albeit requests that the human user never sees.
Web requests can arrive at the Fossil server via direct TCP/IP (for example
when Fossil is started using commands like "[fossil server](/help?cmd=server)")
or via [CGI](./server/any/cgi.md) or
[SCGI](./server/any/scgi.md) or via SSH.
A backoffice process might be started regardless of the origin of the
request.

The backoffice is not a daemon.  Each backoffice process runs for a short
while and then exits.  This helps keep Fossil easy to manage, since there

some system - OpenBSD in particular.  We still do not understand why
this is.  (If you have insights, please share them on the
[Fossil Forum](https://fossil-scm.org/forum) so that we can perhaps
fix the problem.)  For now, the backoffice must be run manually
on OpenBSD systems.

To set up fully-manual backoffice, first disable the automatic backoffice
using the "[backoffice-disable](/help?cmd=backoffice-disable)" setting.

    fossil setting backoffice-disable on

Then arrange to invoke the backoffice separately using a command
like this:

    fossil backoffice --poll 30 _REPOSITORY-LIST_

Multiple repositories can be named.  This one command will handle
launching the backoffice for all of them.  There are additional useful
command-line options.  See the "[fossil backoffice](/help?cmd=backoffice)"
documentation for details.

The backoffice processes run manually using the "fossil backoffice"
command do not normally use a lease.  That means that if you run the
"fossil backoffice" command with --poll and you forget to disable
automatic backoffice by setting the "backoffice-disable" flag, then
you might have one backoffice running due to a command and another due

#### <a id="other-cfg"></a> Others

A repo’s URL aliases, [interwiki configuration](./interwiki.md), and
[ticket customizations](./custom_tcket.wiki) also do not normally sync.

[cfg]: /help?cmd=configuration



## <a id="private"></a> Private Branches

The very nature of Fossil’s [private branch feature][pbr] ensures that
remote clones don’t get a copy of those branches. Normally this is

pipe the decrypted SQL dump into `fossil sql`, because on startup, Fossil
normally goes looking for tables created by `fossil init`, and it won’t
find them in a newly-created repo DB. We get around this by passing
the `--no-repository` flag, which suppresses this behavior. Doing it
this way saves you from needing to go and build a matching version of
`sqlite3` just to restore the backup.

[bu]:    /help?cmd=backup
[grcp]:  https://www.grc.com/passwords.htm
[hb]:    https://brew.sh
[hbul]:  https://docs.brew.sh/FAQ#what-does-keg-only-mean
[lz4]:   https://lz4.github.io/lz4/
[pbr]:   ./private.wiki
[rint]:  https://www.random.org/integers/?num=1&min=100000&max=1000000&col=5&base=10&format=html&rnd=new
[Setup]: ./caps/admin-v-setup.md#apsu
[shun]:  ./shunning.wiki
[tkt]:   ./tickets.wiki
[uv]:    ./unvers.wiki

<title>The Annotate Algorithm</title>

<h2>1.0 Introduction</h2>

The [/help?cmd=annotate|fossil annotate],
[/help?cmd=blame|fossil blame], and
[/help?cmd=praise|fossil praise] commands, and the
[/help?cmd=/annotate|/annotate],
[/help?cmd=/blame|/blame], and
[/help?cmd=/praise|/praise] web pages are all used to show the most
recent check-in that modified each line of a particular file.
This article overviews the algorithm used to compute the annotation
for a file in Fossil.

<h2>2.0 Algorithm</h2>

<ol type='1'>

<h2>3.0 Discussion and Notes</h2>

The time-consuming part of this algorithm is step 6b - computing the
diff from all historical versions of the file to the version of the file
under analysis.  For a large file that has many historical changes, this
can take several seconds.  For this reason, the default
[/help?cmd=/annotate|/annotate] webpage only shows those lines that were
changed by the 20 most recent modifications to the file.  This allows
the loop on step 6 to terminate after only 19 diffs instead of the hundreds
or thousands of diffs that might be required for a frequently modified file.

As currently implemented (as of 2015-12-12) the annotate algorithm does not
follow files across name changes.  File name change information is
available in the database, and so the algorithm could be enhanced to follow
files across name changes by modifications to step 3.

Step 2 is interesting in that it is
[/artifact/6cb824a0417?ln=196-201 | implemented] using a
[https://www.sqlite.org/lang_with.html#recursivecte|recursive common table expression].

This much is certain: Fossil is definitely not a cryptocurrency. Whether
this makes it “not a blockchain” is a subjective matter.

[arh]:  ./hooks.md
[bse]:  https://www.researchgate.net/publication/311572122_What_is_Blockchain_a_Gentle_Introduction
[caps]: ./caps/
[cs]:   /help?cmd=clearsign
[dboc]: https://en.wikipedia.org/wiki/Debasement
[dsig]: https://en.wikipedia.org/wiki/Digital_signature
[fb]:   ./branching.wiki
[GPG]:  https://gnupg.org/
[PGP]:  https://www.openpgp.org/
[PII]:  https://en.wikipedia.org/wiki/Personal_data
[PKI]:  https://en.wikipedia.org/wiki/Public_key_infrastructure

[ctap]:   ./cap-theorem.md#ap
[ctca]:   ./cap-theorem.md#ca
[ctcp]:   ./cap-theorem.md#cp
[cap]:    https://en.wikipedia.org/wiki/CAP_theorem
[dlt]:    https://en.wikipedia.org/wiki/Distributed_ledger
[DVCS]:   https://en.wikipedia.org/wiki/Distributed_version_control
[fc]:     https://en.wikipedia.org/wiki/Fiat_money
[purge]:  /help?cmd=purge
[shun]:   ./shunning.wiki


<a id="dpc"></a>
## Distributed Partial Consensus

If we can’t get DLT, can we at least get some kind of distributed

would mean that querying whether a given commit is part of the
“blockchain” would be as simple as going down the list of servers and
sending each an HTTP GET `/info` query for the artifact ID, concluding
that the commit is legitimate once you get enough HTTP 200 status codes back. All of this is
hypothetical, because Fossil doesn’t do this today.

[AGI]:  https://en.wikipedia.org/wiki/Artificial_general_intelligence
[rcks]: /help?cmd=repo-cksum



<a id="anon"></a>
## Anonymity

Many blockchain based technologies go to extraordinary lengths to

on their scores under these metrics. We may well prefer to use the fork
of a software program that took *less* effort, being smaller, more
self-contained, and with a smaller attack surface.


[alert]: ./alerts.md
[capi]:  ./caps/ref.html#i
[mrep]:  /help?cmd=remote
[scost]: https://en.wikipedia.org/wiki/Software_development_effort_estimation
[scrub]: /help?cmd=scrub
[sreg]:  /help?cmd=self-register


# Conclusion

This author believes it is technologically indefensible to call Fossil a
“blockchain” in any sense likely to be understood by a majority of those
you’re communicating with. Using a term in a nonstandard way just because you can

works. This is also how Fossil works in autosync mode.

But perhaps Bob is off-network when he does his commit, so he has no way
of knowing that Alice has already committed her changes.  Or, it could
be that Bob has turned off "autosync" mode in Fossil.  Or, maybe Bob
just doesn't want to merge in Alice's changes before he has saved his
own, so he forces the commit to occur using the "--allow-fork" option to
the <b>[/help?cmd=commit | fossil commit]</b> command.  For any of these
reasons, two commits against check-in 2 have occurred, so the DAG now
has two leaves.

In such a condition, a person working with this repository has a
dilemma: which version of the project is the "latest" in the sense of
having the most features and the most bug fixes?  When there is more
than one leaf in the graph, you don't really know, which is why we

with "--allow-fork".  (Prime example: trunk.) The inverse case —
intentional forks on short-lived single-developer branches — is far
easier to justify, since presumably the lone developer is never confused
about why there are two or more leaves on that branch. Further
justifications for intentional forking are [#forking | given below].

Let us return to Figure 2. To resolve such situations before they can
become a real problem, Alice can use the <b>[/help?cmd=merge | fossil
merge]</b> command to merge Bob's changes into her local copy of
check-in 3. Without arguments, that command merges all leaves on the
current branch. Alice can then verify that the merge is sensible and if
so, commit the results as check-in 5.  This results in a DAG as shown in
Figure 3.

<verbatim type="pikchr center toggle">

    <li><p id="automation">You've automated Fossil, so you use
    <b>fossil commit --allow-fork</b> commands to prevent Fossil from
    refusing the check-in simply because it would create a fork.
    <br><br>
    If you are writing such a tool — e.g. a shell script to make
    multiple manipulations on a Fossil repo — it's better to make it
    smart enough to detect this condition and cope with it, such as
    by making a call to <b>[/help?cmd=update | fossil update]</b>
    and checking for a merge conflict. That said, if the alternative is
    losing information, you may feel justified in creating forks that an
    interactive user must later manually clean up with <b>fossil merge</b>
    commands.</p></li>
</ol>

That leaves only one case where we can recommend use of "--allow-fork"

    on a different branch at the time Alan made check-in 3, so Fossil
    sees that as the tip at the time she switches her working directory
    to that branch with a <b>fossil update $BRANCH</b> command. (There is an
    implicit autosync in that command, if the option was enabled at the
    time of the update.)</p></li>

    <li><p>The same thing, only in a fresh checkout directory with a
    <b>[/help?cmd=open | fossil open $REPO $BRANCH]</b> command.</p></li>

    <li><p>Alan makes his check-in 3 while Betty has check-in 1 or 2 as
    the tip in her local clone, but because she's working with an
    autosync'd connection to the same upstream repository as Alan, on
    attempting what will become check-in 4, she gets the "would fork"
    message from <b>fossil commit</b>, so she dutifully updates her clone
    and tries again, moving her work to be a child of the new tip,

This fact is helpful because it means you can reuse branch names, which
is especially useful with utility branches.  There are several of these
in the SQLite and Fossil repositories: "broken-build," "declined,"
"mistake," etc. As you might guess from these names, such branch names
are used in renaming the tip of one branch to shunt it off away from the
mainline of that branch due to some human error. (See
<b>[/help?cmd=amend | fossil
amend]</b> and the Fossil UI check-in amendment features.) This is a
workaround for Fossil's [./shunning.wiki|normal inability to forget
history]: we usually don't want to actually <i>remove</i> history, but
would like to sometimes set some of it aside under a new label.

Because some VCSes can't cope with duplicate branch names, Fossil
collapses such names down on export using the same time stamp based
arbitration logic, so that only the branch with the newest check-in gets
the branch name in the export.

All of the above is true of tags in general, not just branches.

This feature is primarily intended for fossil's developers and may
change at any time. It is only known to work on Linux systems and has
been seen to work on x86/64 and ARM.

Fossil has builtin support for processing specific features using
<tt>libfuzzer</tt>. The features which can be tested this way are
found in the help text for the [/help?cmd=test-fuzz|test-fuzz
command].

Fuzzing requires:

  *  The clang C compiler.
  *  libfuzzer. On Ubuntu-derived systems, it can be installed with
     <tt>apt install libfuzzer-XYZ</tt>, where XYZ is a version number

changed the format of list-type arguments at some point.  The required
minimum version is unknown, but any SDK version from May 2022 or later
"should" (as of this writing) suffice. Any older version may or may not
work.</div>

After that succeeds, we need to run the normal build so that those
generated files can be compiled in to the fossil binary, accessible
via the [/help?cmd=/builtin|/builtin page]:

<pre><code>$ make</code></pre>

Before checking in those newly-built files, they need to be tested by
running the [/pikchrshow] page. If that page loads, the compilation
process fundamentally worked (a load failure will be made obvious to
the viewer). If it fails to load then the browser's dev tools console

In addition, Setup users can use every feature of the Fossil UI. If Fossil can do a
thing, a Setup user on that repo can make Fossil do it.

Setup users can do many things that Admin users cannot. They may not
only use all of the Admin UI features, they may also:

*   See record IDs (RIDs) on screens that show them
*   See the MIME type of attachments on [`/ainfo` pages](/help?cmd=/ainfo)
*   See a remote repo’s HTTP [cache status](/help?cmd=/cachestat)
    and [pull cache entries](/help?cmd=/cacheget)
*   Edit a Setup user’s account!

The “Admin” feature of Fossil UI is so-named because Admin users can use
about half of its functions, but only Setup can use these pages:

*   **Access**: This page falls under the [Security](#security)
    category above, but like Configuration, it's generally something set

Fossil makes these users grant themselves (or others) these capabilities
deliberately, hopefully after careful consideration.


### <a id="y"></a>Write Unversioned

Fossil currently doesn’t distinguish the sub-operations of
[`fossil uv`](/help?cmd=uv); they’re all covered by [**WrUnver**][capy]
(“y”) capability. Since some of these operations are unconditionally
destructive due to the nature of unversioned content, and since this
goes against Fossil’s philosophy of immutable history, nobody gets cap
“y” on a Fossil repo by default, not even the Setup or Admin users.  A
Setup or Admin user must grant cap “y” to someone — not necessarily
themselves! — before modifications to remote
unversioned content are possible.

[capa]: ./ref.html#a
[caps]: ./ref.html#s
[capx]: ./ref.html#x
[capy]: ./ref.html#y

[fcp]:   https://fossil-scm.org/home/help?cmd=configuration
[fdp]:   ../fossil-v-git.wiki#devorg
[forum]: https://fossil-scm.org/forum/
[fui]:   /help?cmd=ui
[lg]:    ./login-groups.md
[rs]:    https://fossil-scm.org/home/doc/trunk/www/settings.wiki
[sia]:   https://fossil-scm.org/home/artifact?ln=1259-1260&name=0fda31b6683c206a
[snoy]:  https://fossil-scm.org/forum/forumpost/00e1c4ecff
[th1]:   ../th1.md
[tt]:    https://en.wikipedia.org/wiki/Tiger_team#Security
[webo]:  ./#webonly

That creates login group G joining repo A to B, then joins C to B.
Although we didn’t explicitly tie C to A, a successful login on C gets
you into both A and B, within the restrictions set out above.

Changes are transitive in the same way, provided you check that “apply
to all” box on the user edit screen.

[lg]: /help?cmd=login-group
[sh]: ../server/any/http-over-ssh.md
[wo]: ./index.md#webonly

-----

*[Back to Administering User Capabilities](./)*

  </tr> 

  <tr id="z">
    <th>z</th>
    <th>Zip</th>
    <td>
      Pull archives of particular repository versions via <a
      href="/help?cmd=/zip"><tt>/zip</tt></a>, <a
      href="/help?cmd=/tarball"><tt>/tarball</tt></a>, and <a
      href="/help?cmd=/sqlar"><tt>/sqlar</tt></a> URLs. This is an
      expensive capability to grant, because creating such archives can
      put a large load on <a href="../server/">a Fossil server</a> which
      you may then need to <a href="../loadmgmt.md">manage</a>.
      Mnemonic: <b>z</b>ip file download.
    </td>
  </tr> 

This is a Boolean property.
If it is present, and if the [#directory:|<b>directory:</b>] option is used,
and if the PATH_INFO string is empty, then Fossil will show a list
of available Fossil repositories.

The "skin" of the reply is determined by the first
repository in the list that has a non-zero
[/help?cmd=repolist-skin|repolist-skin] setting.

If no repository has such a non-zero repolist-skin setting, then
the repository list is generic HTML without any decoration, with
the page title taken from the <tt>FOSSIL_REPOLIST_TITLE</tt>
environment variable. The variable can be defined in the CGI
control file using the [#setenv|<tt>setenv:</tt>] statement.

ticket that matches the value of "name", then redirect to URL.  There
can be multiple "redirect:" lines that are processed in order.  If the
repo name is "*", then an unconditional redirect to URL is taken.


<h2 id="jsmode">jsmode: <i>VALUE</i></h2>

Specifies the delivery mode for JavaScript files. See "[/help?cmd=http |
http --jsmode]" for the allowed values and their meanings.


<h2 id="mainmenu">mainmenu: <i>FILE</i></h2>

This parameter causes the contents of the given file to override the
site's <tt>mainmenu</tt> configuration setting, in much the same way
that the <tt>skin</tt> setting overrides the skin. This can be used to
apply a common main menu to a number of sites, and centrally maintain
it, without having to copy its contents into each site. Note, however,
that the contents of this setting are not stored in the repository and
will not be cloned along with the repository.

<title>Change Log</title>

<h2 id='v2_28'>Changes for version 2.28 (pending)</h2><ol>
  <li> Improvements to [./antibot.wiki|anti-robot defenses]:<ol type="a">
      <li> The default configuration now allows robots to download any tarball
           or similar, to better support of automated build systems.
      <li> No special tag "zipX" for the [/help?cmd=robot-restrict|robot-restrict]
           setting blocks robot access to tarballs, but with exceptions to support
           automated build systems.
      </ol>
  <li> A drop-down menu of recent branches is now possible for the submenu, and
       is used in the code browser.
  <li> The [/help?cmd=timeline|timeline command] is enhanced with the new
       "<tt>-u|--for-user</tt>" option.
</ol>

<h2 id='v2_27'>Changes for version 2.27 (2025-09-30)</h2><ol>
  <li> Close a potential Denial-of-Service attack against any public-facing Fossil
       server involving exponential behavior in Fossil's regexp implementation.
  <li> Fix a SQL injection on the [/help?cmd=/file|/file page].  Thanks to
       additional defenses built into Fossil, as well as good luck, this injection
       is not exploitable for either data exfiltration or privilege escalation.  The
       only possible result of invoking the injection is a harmless SQL syntax error.
  <li> Strengthen robot defenses to help prevent public-facing servers from being
       overwhelmed by the latest generation of AI spiders.
  <ol type="a">
    <li> New javascript captcha used to restrict access by user "nobody" to pages
         listed in the [/help?cmd=robot-restrict|robot-restrict setting].
    <li> The [/help?cmd=robot-exception|robot-exception setting] is available to allow
         access to pages that match a regular expression.  Use this, for example, to
         allow curl scripts and similar to download release tarballs.
    <li> Require at least an anonymous login to access the /blame page and similar.
  </ol>
  <li> [/help?cmd=/timeline|Timeline] enhancements:
  <ol type="a">
    <li> The chng= query parameter on the [/help?cmd=/timeline|timeline page]
         so that it works with other query parameters like p=, d=, from=, and to=.
    <li> Always include nodes identify by sel1= and sel2= in the /timeline display.
    <li> Improved title when p= and d= are different.
  </ol>
  <li> Enable the --editor option on the [/help?cmd=amend|fossil amend] command.
  <li> When walking the filesystem looking for Fossil repositories, avoid descending
       into directories named "/proc".
  <li> Reduce memory requirements for sending authenticated sync protocol
       messages.
  <li> Show numstat-style change statistics in the /info and /ckout pages.
  <li> Add the [/help?cmd=stash | stash rename] subcommand.
  <li> Add the "-h" option to the "[/help?cmd=ls|ls]" command to display
       file hashes for a specific check-in when in verbose mode.
   </ol>

<h2 id='v2_26'>Changes for version 2.26 (2025-04-30)</h2><ol>
 <li>Enhancements to [/help?cmd=diff|fossil diff] and similar:
     <ol type="a">
     <li> The argument to the --from option can be a directory name, causing
          Fossil to use files under that directory as the baseline for the diff.
     <li> For "gdiff", if no [/help?cmd=gdiff-command|gdiff-command setting]
          is defined, Fossil tries to do a --tk diff if "tclsh" and "wish"
          are available, or a --by diff if not.
     <li> The "Reload" button is added to --tk diffs, to bring the displayed
          diff up to date with the latest changes on disk.
     <li> Add the "Hide diffs/Show diffs" toggle to web-UI diff pages that show
          diffs of multiple files.
     </ol>
 <li>Added the [/help?cmd=/ckout|/ckout web page] to provide information
     about pending changes in a working check-out
 <li>Enhancements to the [/help?cmd=ui|fossil ui] command:
     <ol type="a">
     <li> Defaults to using the new [/help?cmd=/ckout|/ckout page] as its
          start page.  Or, if the new "--from PATH" option is present, the
          default start page becomes "/ckout?exbase=PATH".
     <li> The new "--extpage FILENAME" option opens the named file as if it
          where in a [./serverext.wiki|CGI extension].  Example usage: the
          person editing this change log has
          "fossil ui --extpage www/changes.wiki" running and hence can
          press "Reload" on the web browser to view edits.
     <li> Accept both IPv4 and IPv6 connections on all platforms, including
          Windows and OpenBSD.  This also applies to the "fossil server"
          command.
     </ol>
 <li>Enhancements to [/help?cmd=merge|fossil merge]:
     <ol type="a">
     <li> Added the [/help?cmd=merge-info|fossil merge-info] command and
          especially the --tk option to that command, to provide analysis
          of the most recent merge or update operation.
     <li> When a merge conflict occurs, a new section is added to the conflict
          text that shows Fossil's suggested resolution to the conflict.
     </ol>
 <li>Enhancements to [/help?cmd=commit|fossil commit]:
     <ol type="a">
     <li> If Fossil sees potential formatting mistakes (ex: bad hyperlinks)
          in the check-in comment, it will alert the developer and give
          him or her the opportunity to edit the comment before continuing.
          This feature is controllable by the
          [/help?cmd=verify-comments|verify-comments setting].
     <li> The new "--if-changes" option causes the commit to become
          a quiet no-op if there are no pending changes.
     <li> Added the ability to sign check-ins with SSH keys. Artifacts signed
          this way are ignored by all previous fossil versions, as if they
          were plain-text file content instead of Fossil artifacts.
     <li> Issue a warning if a user tries to commit on a check-in where the
          branch has been changed.
     <li> The interactive checkin comment prompt shows the formatting rules
          set for that repository.
     <li> Add the "--editor" option.
     </ol>
 <li>Deprecate the --comfmtflags and --comment-format global options and
     no longer list them in the built-in help, but keep them working for
     backwards compatibility.
     Alternative TTY comment formatting can still be specified using the
     [/help?cmd=comment-format|comment-format setting], if desired.  The
     default comment format is now called "canonical", not "legacy".
 <li>Enhancements to the [/help?cmd=/timeline|/timeline page]:
     <ol type="a">
     <li> Added the "ml=" ("Merge-in List") query parameter that works
          like "rl=" ("Related List") but adds "mionly" style related
          check-ins instead of the full "rel" style.
     <li> For "tl=", "rl=", and "ml=", the order of the branches in the
          graph now tries to match the order of the branches named in
          the list.

          end-points.
     <li> The p= and d= parameters can now reference different check-ins,
          in which case the timeline shows those check-ins that are both
          ancestors of p= and descendants of d=.
     <li> The saturation and intensity of user-specified checkin and branch
          background colors are automatically adjusted to keep the colors
          compatible with the current skin, unless the
          [/help?cmd=raw-bgcolor|raw-bgcolor setting] is turned on.
     </ol>
 <li>The [/help?cmd=/docfile|/docfile webpage] was added.  It works like
     /doc but keeps the title of markdown documents with the document rather
     that moving it up to the page title.
 <li>Added the [/help?cmd=/clusterlist|/clusterlist page] for analysis
     and debugging
 <li>Added the "artifact_to_json(NAME)" SQL function that returns a JSON
     decoding of the artifact described by NAME.
 <li>Improvements to the [/help?cmd=patch|fossil patch] command:
     <ol type="a">
     <li> Fix a bug in "fossil patch create" that causes
          [/help?cmd=revert|fossil revert] operations that happened
          on individualfiles after a [/help?cmd=merge|fossil merge]
          to be omitted from the patch.
     <li>  Added the [/help?cmd=patch|patch alias] command for managing
           aliases for remote checkout names.
     </ol>
 <li>Enhancements to on-line help and the [/help?cmd=help|fossil help] command:
     <ol type="a">
     <li> Add the ability to search the help text, either in the UI
          (on the [/help?cmd=/search|/search page]) or from the command-line
          (using the "[/help?cmd=search|fossil search -h PATTERN]" command.)
     <li> Accepts an optional SUBCOMMAND argument following the
          COMMAND argument and only shows results for the specified
          subcommand, not the entire command.
     <li> The -u (--usage) option shows only the command-line syntax
     <li> The -o (--options) option shows only the command-line options
     </ol>
 <li>Enhancements to the [./tickets.wiki|ticket system]:
     <ol type="a">
     <li> Added the ability to attach wiki pages to a ticket for extended
          descriptions.
     <li> Added submenu to the 'View Ticket' page, to use it as
          template for a new ticket.
     <li> Added button 'Submit and New' to create multiple tickets
          in a row.
     <li> Link the version field in ticket view to a matching checkin or tag.
     <li> Show creation time in report and ticket view.
     <li> Show previous comments in edit ticket as reference.
     </ol>
 <li>Added the "hash" query parameter to the
     [/help?cmd=/whatis|/whatis webpage].
 <li>Add a "user permissions changes" [/doc/trunk/www/alerts.md|subscription]
     which alerts subscribers when an admin creates a new user or
     when a user's permissions change.
 <li>If the FOSSIL_REPOLIST_SHOW environment variable exists and contains
     the substring "description", then the project description for each repository
     is shown on the repository list page.  The login-group for each project is
     now only shown if the FOSSIL_REPOLIST_SHOW environment variable exists and
     contains the substring "login-group". ([./cgi.wiki#repolist|More information])
 <li>The [/doc/trunk/www/th1.md|TH1 script language] is enhanced for improved
     security:
     <ol type="a">
     <li> TH1 now makes a distinction between
          [/doc/trunk/www/th1.md#taint|tainted and untainted string values].
          This makes it more difficult to write custom TH1 scripts that
          contain XSS or SQL-injection bugs.  The
          [/help?cmd=vuln-report|vuln-report] setting was added to control
          what Fossil does when it encounters a potential TH1
          security problem.
     <li> The "--th" option was removed from the [/help?cmd=pikchr|fossil pikchr]
          command.
     <li> The "enable_htmlify" TH1 command was removed.
     </ol>
 <li>Make [/help?cmd=/chat|/chat] better-behaved during server outages, reducing
     the frequency of reconnection attempts over time and providing feedback
     to the user when the connection is down.
 <li>The [/help?cmd=/sqlar|/sqlar] page does not work for users who are not logged
     in, nor are links to that page displayed to users who are not logged in.  Being
     logged in as "anonymous" is sufficient to overcome this restriction, assuming
     that "anonymous" can download tarballs and ZIP archives.
 <li>Many other minor fixes and additions.
</ol>

<h2 id='v2_25'>Changes for version 2.25 (2024-11-06)</h2>

  *  The "[/help?cmd=ui|fossil ui /]" command now works even for repositories
     that have non-ASCII filenames
  *  Add the [/help?cmd=tree|fossil tree] command.
  *  On case-insensitive filesystems, store files using the filesystem's
     preferred case rather than the case typed in by the user.
  *  Change the name "fossil cherry-pick" command to "fossil cherrypick",
     which is more familiar to Git users.  Retain the legacy name for
     compatibility.
  *  Add new query parameters to the [/help?cmd=/timeline|/timeline page]:
     d2=, p2=, and dp2=.
  *  Add options to the [/help?cmd=tag|fossil tag] command that will list tag values.
  *  Add the -b|--brief option to the [/help?cmd=status|fossil status] command.
  *  Add ability to upload unversioned files via the [/help?cmd=/uvlist|/uvlist page].
  *  Add history search to the [/help?cmd=/chat|/chat page].
  *  Add Unix socket support to the [/help?cmd=server|server command].
  *  On Windows, use the root certificates managed by the operating system
     (requires OpenSSL 3.2.0 or greater).
  *  Take into account zero-width and double-width unicode characters when
     formatting the command-line timeline.
  *  Update the built-in SQLite to version 3.47.0.  Precompiled binaries are
     linked against OpenSSL 3.4.0.
  *  Numerous minor fixes and additions.

           select one of the built-in skins as a default, or to specify a
           custom skin.
     </ul>
  *  If an "ssh:" sync fails in a way that suggests that the fossil executable
     could not be found on the remote host, then retry after adding a PATH=
     prefix to the command.  This helps "ssh:" to "just work" when the server
     is a Mac.
  *  Enhancements to the [/help?cmd=/timeline|/timeline page]:
     <ul>
     <li> Add the x= query paramater
     <li> Add the shortcut tl= and rl= query parameters
     <li> Add support for from=,ft= and from=,bt= query parameter combinations
     <li> Automatically highlight the endpoints for from=,to= queries.
     <li> Add the to2=Z query parameter to augment from=X,to=Y so that the
          path from X to Z is shown if Y cannot be found.
     </ul>
  *  Moved the /museum/repo.fossil file referenced from the Dockerfile from
     the ENTRYPOINT to the CMD part to allow use of --repolist mode.
  *  The [/uvlist] page now shows the hash algorithm used so that
     viewers don't have to guess.  The hash is shown in a fixed-width
     font for a more visually pleasing display.
  *  If the [/help?cmd=autosync|autosync setting] contains keyword "all",
     the automatic sync occurs against all defined remote repositories, not
     just the default.
  *  Markdown formatter: improved handling of indented fenced code blocks
     that contain blank lines.
  *  When doing a "[/help?cmd=add|fossil add]" on a system with case-insensitive
     but case-preserving filenames (Mac and Windows) try to use the filename
     case as it is known to the filesystem, not the case entered by the
     user on the command-line.  See
     [forum:/forumpost/30d9c0d131610f53|forum thread 30d9c0d131610f53].
  *  Fix problems with one-click unsubscribe on email notifications.
  *  Import the latest [/doc/trunk/www/pikchr.md|Pikchr] containing support
     for "diamond" objects.
  *  Add ability to render committed Pikchr files to SVG via
     <samp>/doc/…/foo.pikchr?popup</samp> URLs.
  *  Update Fossil's internal robot detection logic so that it correctly
     identifies the new GoogleOther crawler as a robot.

<h2 id='v2_23'>Changes for version 2.23 (2023-11-01)</h2>

  *  Add ability to "close" forum threads, such that unprivileged users
     may no longer respond to them. Only administrators can close
     threads or respond to them by default, and the
     [/help?cmd=forum-close-policy|forum-close-policy setting] can be
     used to add that capability to moderators.
  *  Add the [/help?cmd=all|fossil all whatis] command.
  *  The [/help?cmd=status|fossil status] command and relevant UI pages now
     correctly report files which were both renamed <b>and</b> edited as such.
  *  Show default value of settings that have a default in
     [/help?cmd=help|fossil help SETTING] output.
  *  On timeline graphs, show closed check-ins using an X in the middle of the
     node circle or box.
  *  New options for email notification:  Get email only for the first
     post in each new thread, and/or posts that are in reply to my posts.
  *  Fix a regression bug introduced in version 2.22 that caused FTS5 searches
     to fail for terms containing non-ASCII characters.
  *  Improved defense-in-depth against malicious attack:
     <ul>
     <li> When an attempted SQL injection attack is detected, return
          HTTP result code 418, which can signal the web server to sanction
          the attacking IP address.
     <li> Better defense against cross-site request forgery (CSRF)
          attacks.
     <li> Improvements to static analysis of source code (the codecheck1.c
          file in the source tree).
     </ul>
  *  Enhance the [/help?cmd=/dir|treeview file listings]
     ([/dir?type=tree&ci=trunk|example]) by displaying file sizes
     and adding the option to sort by file size.
  *  The [/help?cmd=fts-config|fossil fts-config] command now shows how much
     repository space is used by the full-text index.
  *  Changing a setting to an empty string is now the same as deleting the
     setting, in most cases.  There are a few exceptions, indicated by the
     keep-empty flag on the setting definition.
  *  The [/help?cmd=branch|fossil branch list] command can now filter branches
     that have/have not been merged into the current branch.
  *  Improvements to interactions with remote repositories over SSH:
     <ul>
     <li> Print the text of the SSH command that is run to do remote interaction,
          for full disclosure to the operator.
     <li> Add a PATH= argument to the [/help?cmd=ui|fossil ui remote:/] and
          [/help?cmd=patch|fossil patch push/pull remote:...] commands so that
          they work when the "remote" machine is a Mac and the "fossil"
          executable is in the $HOME/bin directory.
     </ul>
  *  Update built-in libraries SQLite, ZLib, Pikchr to their latest versions.
  *  Documentation enhancements and typo fixes.


<h2 id='v2_22'>Changes for version 2.22 (2023-05-31)</h2>
  *  Enhancements to the [/help?cmd=/timeline|/timeline webpage]: <ol type="a">
     <li> Add the ft=TAG query parameter which in combination with d=Y
          shows all descendants of Y up to TAG
     <li> Enhance the s=PATTERN (search) query parameter so that forum post
          text is also searched when the "vfx" query parameter is used
     <li> Fix the u= (user) query parameter so that it works with a= and b=
     <li> Add the oldestfirst query parameter to show the events in reverse order.
          Useful in combination with y=f and vfs and perhaps also u= to show all

     inside the jail for Fossil's use.
  *  Add support for the trigram tokenizer for FTS5 search to enable
     searching in Chinese.
  *  Comment lines (starting with a '#') are now supported inside
     [./settings.wiki#versionable|versioned settings].
  *  Default permissions for anonymous users in new repositories are
     changed to "hz".
  *  The [/help?cmd=status|fossil status] command now detects when a
     file used to be a symlink and has been replaced by a regular file.
     (It previously checked for the inverse case only.)
  *  The [/help?cmd=empty-dirs|empty-dirs setting] now reuses the same
     parser as the *-glob settings instead of its prior idiosyncratic
     parser, allowing quoted whitespace in patterns.
  *  Enhancements to the [/help?cmd=/reports|/reports webpage]:
     <ol type="a">
     <li> The by-week, by-month, and by-year options now show an estimated
          size of the current week, month, or year as a dashed box.
     <li> New sub-categories "Merge Check-ins" and "Non-Merge Check-ins".
     </ol>

<h2 id='v2_21'>Changes for version 2.21 (2023-02-25)</h2>
  *  Users can request a password reset.  This feature is disabled by default.
     Use the new [/help?cmd=self-pw-reset|self-pw-reset property] to enable it.
     New web pages [/help?cmd=/resetpw|/resetpw] and
     [/help?cmd=/reqpwreset|/reqpwreset] added.
  *  Add the [/help?cmd=repack|fossil repack] command (together with
     [/help?cmd=all|fossil all repack]) as a convenient way to optimize the
     size of one or all of the repositories on a system.
  *  Add the ability to put text descriptions on ticket report formats.
  *  Upgrade the test-find-pivot command to the [/help/merge-base|merge-base command].
  *  The [/help?cmd=/chat|/chat page] can now embed fossil-rendered
     views of wiki/markdown/pikchr file attachments with the caveat that such
     embedding happens in an iframe and thus does not inherit styles and such
     from the containing browser window.
  *  The [/help?cmd=all|fossil all remote] subcommand added to "fossil all".
  *  Passwords for remembered remote repositories are now stored as irreversible
     hashes rather than obscured clear-text, for improved security.
  *  Add the "nossl" and "nocompress" options to CGI.
  *  Update search infrastructure from FTS4 to FTS5.
  *  Add the [/help?cmd=/deltachain|/deltachain] page for debugging purposes.
  *  Writes to the database are disabled by default if the HTTP request
     does not come from the same origin.  This enhancement is a defense in depth
     measure only; it does not address any known vulnerabilities.
  *  Improvements to automatic detection and mitigation of attacks from
     malicious robots.

<h2 id='v2_20'>Changes for version 2.20 (2022-11-16)</h2>
  *  Added the [/help?cmd=chat-timeline-user|chat-timeline-user setting].  If
     it is not an empty string, then any changes that would appear on the timeline
     are announced in [./chat.md|the chat room].
  *  The /unsubscribe page now requests confirmation. [./alerts.md|Email notifications]
     now contain only an "Unsubscribe" link, and not a link to subscription management.
  *  Added the "[/help?cmd=branch|fossil branch lsh]" subcommand to list the
     most recently modified branches.
  *  More elements of the /info page are now inside of an accordion.
  *  Replace the <tt>--dryrun</tt> flag with <tt>--dry-run</tt> in all
     commands which still used the former name, for consistency.
  *  Rebuilt [/file/Dockerfile | the stock Dockerfile] to create a "from scratch"
     Busybox based container image via an Alpine Linux intermediary
  *  Added [/doc/trunk/www/containers.md | a new document] describing how to

  *  Performance enhancement for the
     [./checkin_names.wiki#root|"root:BRANCHNAME" style of tag],
     accomplished using a Common Table Expression in the underlying SQL.
  *  Sort tag listings (command line and webpage) by taking numbers into
     consideration so as to cater for tags that follow semantic versioning.
  *  On the wiki listings, omit by default wiki pages that are associated with
     check-ins and branches.
  *  Add the new "[/help?cmd=describe|fossil describe]" command.
  *  Markdown subsystem extended with [../src/markdown.md#ftnts|footnotes support].
     See corresponding [../test/markdown-test3.md|test cases],
     [/wiki?name=branch/markdown-footnotes#il|known limitations] and
     [forum:/forumthread/ee1f1597e46ec07a|discussion].
  *  Add the new special name "start:BRANCH" to refer to the first check-in of
     the branch.
  *  Support [/wiki?name=branch/generated-tkt-mimetype&p|generated "mimetype"]
     columns in the <var>TICKET</var> and <var>TICKETCHNG</var> tables.
  *  Fix [/timeline?r=fix_remote_url_overwrite_with_proxy|remote-url-overwrite]
     bug where remote-url is overwritten by the proxy setting during sync
     operation. Also require explicit "system" proxy setting to use
     "http_proxy" environment variable.
  *  Reimplemented the [/pikchrshow] app to use a WebAssembly build of
     pikchr so that it can render pikchrs on the client instead of requiring
     a server round-trip.
  *  Add the [/help?cmd=email-listid|email-listid setting]. If set, it is
     used as the List-ID header for all outbound notification emails.
  *  Add the "--branch" option to the "[/help?cmd=timeline|timeline]" command
     to restrict the displayed items to a specific branch.
  *  Add the "--versions" option to "[/help?cmd=diff|fossil diff]"
     to display details about the compared versions into the patch header.
  *  Numerous other minor enhancements.

<h2 id='v2_18'>Changes for version 2.18 (2022-02-23)</h2>
  *  Added support for [./ssl-server.md|SSL/TLS server mode] for commands
     like "[/help?cmd=server|fossil server]" and "[/help?cmd=http|fossil http]"
  *  The new [/help?cmd=cherry-pick|cherry-pick command] is an alias for
     [/help?cmd=merge|merge --cherrypick].
  *  Add new setting "[/help?cmd=large-file-size|large-file-size]".  If the size
     of any file in a commit exceeds this size, a warning is issued.
  *  Query parameter "year=YYYY" is now accepted by [/help?cmd=/timeline|/timeline].
  *  The [/help?cmd=tar|tar] and [/help?cmd=zip|zip commands] no longer
     sterilize the manifest file.
  *  Further improvement to diff alignment in cases that involve both
     edits and indentation changes.
  *  [/doc/trunk/www/chat.md|Chat] improvements:<ul>
     <li>  [/help?cmd=/chat|The /chat page] input options have been reworked
           again for better cross-browser portability.
     <li>  When sending a [/help?cmd=/chat|/chat] message fails, it is no longer
           immediately lost and sending may optionally be retried.
     <li>  [/help?cmd=/chat|/chat] can now optionally embed attachments of certain
           types directly into message bodies via an iframe.
     <li>  Add the "--as FILENAME" option to the "[/help?cmd=chat|fossil chat send]"
           command.
     <li>  Added the "[/help?cmd=chat|fossil chat pull]" command, available to
           administrators only, for backing up the chat conversation.
     </ul>
  *  Promote the test-detach command into the [/help?cmd=detach|detach command].
  *  For "[/help?cmd=pull|fossil pull]" with the --from-parent-project option,
     if no URL is specified then use the last URL from the most recent prior
     "fossil pull --from-parent-project".
  *  Add options --project-name and --project-desc to the
     "[/help?cmd=init|fossil init]" command.
  *  The [/help?cmd=/ext|/ext page] generates the SERVER_SOFTWARE environment
     variable for clients.
  *  Fix the REQUEST_URI [/doc/trunk/www/aboutcgi.wiki#cgivar|CGI variable] such
     that it includes the query string.  This is how most other systems understand
     REQUEST_URI.
  *  Added the --transport-command option to [/help?cmd=sync|fossil sync]
     and similar.

<h2 id='v2_17'>Changes for version 2.17 (2021-10-09)</h2>

  *  Major improvements to the "diff" subsystem, including: <ul>
     <li> Added new [/help?cmd=diff|formatting options]: --by, -b, --webpage, --json, --tcl.
     <li> Partial-line matching for unified diffs
     <li> Better partial-line matching for side-by-side diffs
     <li> Buttons on web-based diffs to show more context
     <li> Performance improvements
     </ul>
  *  The --branchcolor option on [/help?cmd=commit|fossil commit] and
     [/help?cmd=amend|fossil amend] can now take the value "auto" to
     force Fossil to use its built-in automatic color choosing algorithm.
  *  Fossil now [./concepts.wiki#workflow|autosyncs] prior to running
     [/help?cmd=open|fossil open].
  *  Add the [/help?cmd=ticket-default-report|ticket-default-report setting],
     which if set to the title of a ticket report causes that ticket report
     to be displayed below the search box in the /ticket page.
  *  The "nc" query parameter to the [/help?cmd=/timeline|/timeline] page
     causes all graph coloring to be omitted.
  *  Improvements and bug fixes to the new "[/help?cmd=ui|fossil ui REMOTE]"
     feature so that it works better on a wider variety of platforms.
  *  In [/help?cmd=/wikiedit|/wikiedit], show the list of attachments for
     the current page and list URLs suitable for pasting them into the page.
  *  Add the --no-http-compression option to [/help?cmd=sync|fossil sync]
     and similar.
  *  Print total payload bytes on a [/help?cmd=sync|fossil sync] when using
     the --verbose option.
  *  Add the <tt>close</tt>, <tt>reopen</tt>, <tt>hide</tt>, and
     </tt>unhide</tt> subcommands to [/help?cmd=branch|the branch command].
  *  The "-p" option to [/help?cmd=branch|fossil branch list] shows only
     private branches.
  *  The [/md_rules|Markdown formatter] now interprets the content of
     block HTML markup (such as &lt;table&gt;) in most cases.  Only content
     of &lt;pre&gt; and &lt;script&gt; is passed through verbatim.
  *  The [/help?cmd=wiki|wiki list command] no longer lists "deleted"
     pages by default. Use the new <tt>--all</tt> option to include deleted
     pages in the output.
  *  The [/help?cmd=all|fossil all git status] command only shows reports for
     the subset of repositories that have a configured Git export.
  *  The [/help?cmd=/chat|/chat] configuration was reimplemented and
     provides new options, including the ability for a repository
     administrator to
     [./chat.md#notifications|extend the selection of notification sounds]
     using unversioned files.
  *  Chat now uses fossil's full complement of markdown features,
     instead of the prior small subset of markup it previously supported.
     This retroactively applies to all chat messages, as they are
     markdown-processed when they are sent instead of when they
     are saved.
  *  Added a chat message preview mode so messages can be previewed
     before being sent. Similarly, added a per-message ability to view
     the raw un-parsed message text.
  *  The hotkey to activate preview mode in [/help?cmd=/wikiedit|/wikiedit],
     [/help?cmd=/fileedit|/fileedit], and [/help?cmd=/pikchrshow|/pikchrshow]
     was changed from ctrl-enter to shift-enter in order to align with
     [/help?cmd=/chat|/chat]'s new preview feature and related future
     changes.

<h2 id='v2_16'>Changes for Version 2.16 (2021-07-02)</h2>
  *  <b>Security:</b> Fix the client-side TLS so that it verifies that the
     server hostname matches its certificate.
  *  The default "ssh" command on Windows is changed to "ssh" instead of the
     legacy "plink", as ssh is now generally available on Windows systems.
     Installations that still need to use the legacy "plink" can make that
     happen by running: '<tt>fossil set ssh-command "plink -ssh" --global</tt>'.
  *  Added the [./patchcmd.md|fossil patch] command.
  *  The [/help?cmd=ui|fossil ui] command is enhanced in multiple ways:<ol>
     <li> The REPOSITORY argument can be the name of a check-out directory.
     <li> If the REPOSITORY argument is prefixed by "HOST:" or "USER@HOST:"
          then the ui is run on the remote machine and tunnelled back to the local
          machine using ssh.  (The latest version of fossil must be installed on
          both the local and the remote for this to work correctly.)
     <li> The new --nobrowser and --fossilcmd options is provided.
     </ol>
  *  The [/brlist|/brlist web page] allows the user to
     select multiple branches to be displayed together in a single
     timeline.
  *  The [./forum.wiki|Forum] provides a hyperlink on the author of each
     post that goes to a timeline of recent posts by that same author.
  *  Added the "[/help?cmd=bisect|fossil bisect run]" command for improved
     automation of bisects.
  *  The [/help?cmd=merge|fossil merge] command now does a better job merging
     branches where files have been renamed between the current branch and the
     branch being merged.
  *  The [/help?cmd=open|fossil open] command allows the repository file
     to be inside the working directory without requiring the --force flag.
  *  The [/help?cmd=/wikiedit|/wikiedit] and [/help?cmd=/wikinew|/wikinew]
     pages now default to markdown format.
  *  The [/help?cmd=/login|/login] page now links to a user's forum post
     timeline if the repository has forum posts.
  *  Tags may now be propagated for forum posts, wiki pages, and technotes.
     The [/help?cmd=tag|tag command] can now manipulate and list such tags.
  *  [./caps/login-groups.md|Login-Groups] are now shown on the repository
     list of the "[/help?cmd=all|fossil all ui]" command.
  *  Administrators can configure [./alerts.md|email alerts] to expire
     a specific number of days (ex: 365) after the last user contact with
     the Fossil server. This prevents alert emails being sent to
     abandoned email accounts forever.
  *  SQL that defines [/tktsetup_tab|database objects for tickets] now
     [/timeline?c=c717f1ef9a1a4c91|can DROP] a VIEW or an INDEX provided
     that its name starts with '<code>ticket</code>' or '<code>fx_</code>'.
  *  Update the built-in SQLite to version 3.36.0.
  *  Numerous other minor enhancements.

<h2 id='v2_15'>Changes for Version 2.15 (2021-03-26) and Patch 2.15.1 on (2021-04-07)
    and 2.15.2 on (2021-06-15)</h2>
  *  <b>Patch 2.15.2:</b> Fix the client-side TLS so that it verifies that the
     server hostname matches its certificate. <b>Upgrading to
     the patch is recommended.</b>
  *  <b>Patch 2.15.1:</b> Fix a data exfiltration bug in the server.  <b>Upgrading to
     the patch is recommended.</b>
  *  The [./defcsp.md|default CSP] has been relaxed slightly to allow
     images to be loaded from any URL.  All other resources are still
     locked down by default.
  *  The built-in skins all use the "[/help?cmd=mainmenu|mainmenu]"
     setting to determine the content of the main menu.
     The ability to edit the
     "mainmenu" setting is added on the /Admin/Configuration page.
  *  The hamburger menu is now available on most of the built-in skins.
  *  Any built-in skin named "X" can be used instead of the standard
     repository skin by adding the URL parameter <tt>skin=X</tt> to the
     request.  The selection is persisted using the display
     preferences cookie unless the "once" query parameter is also
     included.  The [/skins] page may be used to select a skin.
  *  The [/cookies] page now gives the user an opportunity to delete
     individual cookies.  And the /cookies page is linked from the
     /sitemap, so that it appears in hamburger menus.
  *  The [/sitemap] extensions are now specified by a single new
     "[/help?cmd=sitemap-extra|sitemap-extra setting]",
     rather than a cluster of various
     "sitemap-*" settings.  The older settings are no longer used.
     <b>This change might require minor server configuration
     adjustments on servers that use /sitemap extensions.</b>
     The /Admin/Configuration page provides the ability to edit
     the new "sitemap-extra" setting.
  *  Added the "--ckout-alias NAME" option to
     [/help?cmd=ui|fossil ui], [/help?cmd=server|fossil server], and
     [/help?cmd=http|fossil http].  This option causes Fossil to
     understand URIs of the form "/doc/NAME/..." as if they were
     "[/help?cmd=/doc|/doc/ckout/...]", to facilitate testing of
     [./embeddeddoc.wiki|embedded documentation] changes prior to
     check-in.
  *  For diff web pages, if the diff type (unified versus side-by-side)
     is not specified by a query parameter, and if the
     "[/help?cmd=preferred-diff-type|preferred-diff-type]"
     setting is omitted or less than 1, then select the diff type based
     on a guess of whether or not the request is coming from a mobile
     device.  Mobile gets unified and desktop gets side-by-side.
  *  The various pages which show diffs now have toggles to show/hide
     individual diffs.
  *  Add the "[/help?cmd=preferred-diff-type|preferred-diff-type]"
     setting to allow an admin to force a default diff type.
  *  The "pikchr-background" setting is now available in
     "detail.txt" skin files, for better control of Pikchr
     colors in inverted color schemes.
  *  Add the <tt>--list</tt> option to the
     [/help?cmd=tarball|tarball],
     [/help?cmd=zip|zip], and [/help?cmd=sqlar|sqlar]
     commands.
  *  The javascript used to implement the hamburger menu on the
     default built-in skin has been made generic so that it is usable
     by a variety of skins, and promoted to an ordinary built-in
     javascript file.
  *  New TH1 commands:
     "[/doc/trunk/www/th1.md#bireqjs|builtin_request_js]",
     "[/doc/trunk/www/th1.md#capexpr|capexpr]",
     "foreach", "lappend", and "string match"
  *  The [/help/leaves|leaves command] now shows the branch point
     of each leaf.
  *  The [/help?cmd=add|fossil add] command refuses to add files whose
     names are reserved by Windows (ex: "aux") unless the --allow-reserved
     option is included.  This helps prevent Unix users from accidentally
     creating check-ins that are unreadable by Windows users.
  *  Add the "re=" query parameter to the [/help?cmd=/dir|/dir] webpage,
     for symmetry with the [/help?cmd=/tree|/tree] page.
  *  Update the built-in SQLite to version 3.35.0.
  *  The ./configure script now has the --print-minimum-sqlite-version option
     that prints the minimum SQLite version required by the current version
     of Fossil.  This might be used by integrators who insist on building
     Fossil to link against the system SQLite library rather than the
     built-in copy of SQLite, to verify that their system SQLite library
     is recent enough.
  *  Webpage that shows [/help?cmd=/whistory|history of a wiki page]
     gained client-side UI to help with comparison between two arbitrary
     versions of a wiki (by the means of anchoring a "baseline" version)
     and the ability to squeeze several sequential edits made by the same
     user into a single "recycled" row (the latest edit in that sequence).

<h2 id='v2_14'>Changes for Version 2.14 (2021-01-20) and Patch 2.14.1 on (2021-04-07)
    and 2.14.2 on (2021-06-15)</h2>

     add content to a repository using Fossil 2.14 or later.  No
     action is needed on your part. However, if you upgrade to
     version 2.14 and then later downgrade or otherwise use an earlier
     version of Fossil, the email notification mechanism may fail
     to send out notifications for some events, due to the missing
     trigger.  If you want to
     permanently downgrade an installation, then you should run
     "[/help?cmd=rebuild|fossil rebuild]" after the downgrade
     to get email notifications working again.  If you are not using
     email notification, then the schema change will not affect you in
     any way.
  *  <b>Schema Update Notice #2:</b>
     This release changes how the descriptions of wiki edits are stored
     in the EVENT table, for improved display on timelines.  You must
     run "[/help?cmd=rebuild|fossil rebuild]" to take advantage of
     this enhancement.  Everything will still work without
     "fossil rebuild", except you will get goofy descriptions of
     wiki updates in the timeline.
  *  Add support for [./chat.md|Fossil chat].
  *  The "[/help?cmd=clone|fossil clone]" command is enhanced so that
     if the repository filename is omitted, an appropriate name is derived
     from the remote URL and the newly cloned repo is opened.  This makes
     the clone command work more like Git, thus making it easier for
     people transitioning from Git.
  *  Added the --mainbranch option to the [/help?cmd=git|fossil git export]
     command.
  *  Added the --format option to the
     "[/help?cmd=timeline|fossil timeline]" command.
  *  Enhance the --numstat option on the
     "[/help?cmd=diff|fossil diff]" command so that it shows a total
     number of lines added and deleted and total number of files
     modified.
  *  Add the "contact" sub-command to [/help?cmd=user|fossil user].
  *  Added commands "[/help?cmd=all|fossil all git export]" and
     "[/help?cmd=all|fossil all git status]".
  *  Added the "df=CHECKIN" query parameter to the
     [/help?cmd=/timeline|/timeline page].
  *  Improvements to the "[/sitemap]" page.  Add subpages
     [/sitemap-timeline] and [/sitemap-test].
  *  Better text position in cylinder objects of Pikchr diagrams.
  *  New "details.txt" settings available to custom skins to better control
     the rendering of Pikchr diagrams:
     <ul>
     <li> pikchr-foreground

<h2 id='v2_13'>Changes for Version 2.13 (2020-11-01)</h2>

  *  Added support for [./interwiki.md|interwiki links].
  *  Enable &lt;del&gt; and &lt;ins&gt; markup in  wiki.
  *  Improvements to the Forum threading display.
  *  Added support for embedding [./pikchr.md|pikchr]
     markup in markdown and fossil-wiki content.
  *  The new "[/help?cmd=pikchr|pikchr]" command can render
     pikchr scripts, optionally pre-processed with
     [/doc/trunk/www/th1.md|TH1] blocks and variables exactly like
     site skins are.
  *  The new [/help?cmd=/pikchrshow|pikchrshow] page provides an
     editor and previewer for pikchr markup.
  *  In [/help?cmd=/wikiedit|/wikiedit] and
     [/help?cmd=/fileedit|/fileedit], Ctrl-Enter can now be used
     initiate a preview and to toggle between the editor and preview
     tabs.
  *  The <tt>/artifact</tt> and <tt>/file</tt> views, when in
     line-number mode, now support interactive selection of a range
     of lines to hyperlink to.
  *  Enhance the [/help?cmd=/finfo|/finfo] webpage so that when query
     parameters identify both a filename and a checkin, the resulting
     graph tracks the identified file across renames.
  *  The built-in SQLite is updated to an alpha of version 3.34.0, and
     the minimum SQLite version is increased to 3.34.0 because the
     /finfo change in the previous bullet depends on enhancements to
     recursive common table expressions that are only available in
     SQLite 3.34.0 and later.
  *  Countless other minor refinements and documentation improvements.

<h2 id='v2_12'>Changes for Version 2.12.1 (2020-08-20)</h2>

  *  (2.12.1): Fix client-side vulnerabilities discovered by Max Justicz.
  *  Security fix in the "[/help?cmd=git|fossil git export]" command.
     The same fix is also backported to version 2.10.1 and 2.11.1.
     New "safety-net" features were added to prevent similar problems
     in the future.
  *  Enhancements to the graph display for cases when there are
     many cherry-pick merges into a single check-in.
     [/timeline?f=2d75e87b760c0a9|Example]
  *  Enhance the [/help?cmd=open|fossil open] command with the new
     --workdir option and the ability to accept a URL as the repository
     name, causing the remote repository to be cloned automatically.
     Do not allow "fossil open" to open in a non-empty working directory
     unless the --keep option or the new --force option is used.
  *  Enhance the markdown formatter to more closely follow the
     [https://spec.commonmark.org/0.29/#emphasis-and-strong-emphasis|CommonMark specification]
     with regard to text highlighting.
     Underscores in the middle of identifiers (ex: fossil_printf())
     no longer need to be escaped.
  *  The markdown-to-html translator can prevent unsafe HTML
     (for example: &lt;script&gt;) on user-contributed pages like forum and
     tickets and wiki.  The admin can adjust this behavior using
     the [/help?cmd=safe-html|safe-html setting] on the Admin/Wiki page.
     The default is to disallow unsafe HTML everywhere.
     [https://fossil-scm.org/forum/forumpost/3714e6568f|Example].
  *  Added the "collapse" and "expand" capability for long forum posts.
     [https://fossil-scm.org/forum/forumpost/9297029862|Example]
  *  The "[/help?cmd=remote-url|fossil remote]" command now has options for
     specifying multiple persistent remotes with symbolic names.  Currently
     only one remote can be used at a time, but that might change in the
     future.
  *  Add the "Remember me?" checkbox on the login page.  Use a session
     cookie for the login if it is not checked.
  *  Added the experimental "[/help?cmd=hook|fossil hook]" command for
     managing "hook scripts" that run before checkin or after a push.
  *  Enhance the [/help?cmd=revert|fossil revert] command so that it
     is able to revert all files beneath a directory.
  *  Add the [/help?cmd=bisect|fossil bisect skip] command.
  *  Add the [/help?cmd=backup|fossil backup] command.
  *  Enhance [/help?cmd=bisect|fossil bisect ui] so that it shows all unchecked
     check-ins in between the innermost "good" and "bad" check-ins.
  *  Added the <tt>--reset</tt> flag to the "[/help?cmd=add|fossil add]",
     "[/help?cmd=rm|fossil rm]", and
     "[/help?cmd=addremove|fossil addremove]" commands.
  *  Added the "<tt>--min</tt> <i>N</i>" and "<tt>--logfile</tt> <i>FILENAME</i>"
     flags to the [/help?cmd=backoffice|backoffice] command, as well as other
     enhancements to make the backoffice command a viable replacement for
     automatic backoffice.  Other incremental backoffice improvements.
  *  Added the [/help?cmd=/fileedit|/fileedit page], which allows
     editing of text files online. Requires explicit activation by
     a setup user.
  *  Translate built-in help text into HTML for display on web pages.
     [/help?cmd=help|Example].
  *  On the [/help?cmd=/timeline|/timeline] webpage, the combination
     of query parameters "p=CHECKIN" and "bt=ANCESTOR" draws all
     ancestors of CHECKIN going back to ANCESTOR.  For example,
     [/timeline?p=202006271506&bt=version-2.11] shows all ancestors
     of the checkin that occurred on 2020-06-27 15:06 going back to
     the 2.11 release.
  *  Update the built-in SQLite so that the
     "[/help?cmd=sql|fossil sql]" command supports new output
     modes ".mode box" and ".mode json".
  *  Add the "<tt>obscure()</tt>" SQL function to the
     "[/help?cmd=sql|fossil sql]" command.
  *  Added virtual tables "<tt>helptext</tt>" and "<tt>builtin</tt>" to
     the "[/help?cmd=sql|fossil sql]" command, providing access to the
     dispatch table including all help text, and the builtin data files,
     respectively.
  *  [./delta_format.wiki|Delta compression] is now applied to forum edits.
  *  The [/help?cmd=/wikiedit|wiki editor] has been modernized and is
     now Ajax-based. The WYSIWYG editing option for Fossil-format wiki
     pages was removed. (Please let us know, via the site's Forum menu,
     if that removal unduly impacts you.) This also changes the semantics
     of the wiki "Sandbox": that pseudo-page may be freely edited but
     no longer saved via the UI (the [/help?cmd=wiki|wiki CLI command]
     can, though).
  *  The [/help?cmd=allow-symlinks|allow-symlinks setting] no longer
     syncs. It must be activated individually on any clones which require
     symlinks.
  *  Countless documentation enhancements.

<h2 id='v2_11'>Changes for Version 2.11 (2020-05-25)</h2>

  *  (2.11.2): Backport security fixes from 2.12.1
  *  (2.11.1): Backport security fix for the "fossil git export" command.
  *  Support [/md_rules|Markdown] in the default ticket configuration.
  *  Timestamp strings in [./checkin_names.wiki|object names]
     can now omit punctation.  So, for example, "202004181942" and
     "2020-04-18 19:42" mean the same thing.
  *  Enhance backlink processing so that it works with Markdown-formatted
     tickets and so that it works for wiki pages.
     Ticket [a3572c6a5b47cd5a].
     <ul><li> "[/help?cmd=rebuild|fossil rebuild]" is needed to
     take full advantage of this fix.  Fossil will continue
     to work without the rebuild, but the new backlinks will be missing.</ul>
  *  The algorithm for finding the
     [./tech_overview.wiki#configloc|location of the configuration database]
     is enhanced to be XDG-compliant.
  *  Add a hide/show feature to
     [./wikitheory.wiki#assocwiki|associated wiki] display on
     check-in and branch information pages.
  *  Enhance the "[/help?cmd=info|fossil info]" command so that it
     works with no arguments even if not within an open check-out.
  *  Many improvements to the forum and especially email notification
     of forum posts, in response to community feedback after switching
     SQLite support from a mailing list over to the forum.
  *  Minimum length of a self-registered user ID increased from 3 to 6
     characters.
  *  When the "vfx" query parameter is used on the
     "[/help?cmd=/timeline|/timeline]" page, it causes the complete
     text of forum posts to be displayed.
  *  Rework the "[/help?cmd=grep|fossil grep]" command to be more useful.
  *  Expose the [/help?cmd=redirect-to-https|redirect-to-https]
     setting to the [/help?cmd=settings|settings] command.
  *  Improve support for CGI on IIS web servers.
  *  The [./serverext.wiki|/ext page] can now render index files,
     in the same way as the embedded docs.
  *  Most commands now support the Unix-conventional "<tt>--</tt>"
     flag to treat all following arguments as filenames
     instead of flags.
  *  Added the [/help?cmd=mimetypes|mimetypes config setting]
     (versionable) to enable mimetype overrides and custom definitions.
  *  Add an option on the /Admin/Timeline setup page to set a default
     timeline style other than "Modern".
  *  In [./embeddeddoc.wiki|embedded documentation], hyperlink URLs
     of the form "/doc/$CURRENT/..." the "$CURRENT" text is translated
     into the check-in hash for the document currently being viewed.
  *  Added the [/help?cmd=/phantoms|/phantoms] webpage that shows all
     phantom artifacts.
  *  Enhancements to phantom processing to try to reduce
     bandwidth-using chatter about phantoms on the sync protocol.
  *  Security: Fossil now assumes that the schema of every
     database it opens has been tampered with by an adversary and takes
     extra precautions to ensure that such tampering is harmless.
  *  Security: Fossil now puts the Content-Security-Policy in the
     HTTP reply header, in addition to also leaving it in the
     HTML &lt;head&gt; section, so that it is always available, even
     if a custom skin overrides the HTML &lt;head&gt; and omits
     the CSP in the process.
  *  Output of the [/help?cmd=diff|fossil diff -y] command automatically
     adjusts according to the terminal width.
  *  The Content-Security-Policy is now set using the
     [/help?cmd=default-csp|default-csp setting].
  *  Merge conflicts caused via the [/help?cmd=merge|merge] and
     [/help?cmd=update|update] commands no longer leave temporary
     files behind unless the new <tt>--keep-merge-files</tt> flag
     is used.
  *  The [/help?cmd=/artifact_stats|/artifact_stats page] is now accessible
     to all users if the new "artifact_stats_enable" setting is turned
     on.  There is a new checkbox under the /Admin/Access menu to turn
     that capability on and off.
  *  Add the [/help?cmd=tls-config|fossil tls-config] command for viewing
     the TLS configuration and the list of SSL Cert exceptions.
  *  Captchas all include a button to read the captcha using an audio
     file, so that they can be completed by the visually impaired.
  *  Stop using the IP address as part of the login cookie.
  *  Bug fix: fix the SSL cert validation logic so that if an exception
     is allowed for particular site, the exception expires as soon as the
     cert changes values.

  *  Many minor enhancements to existing features.

<h2 id='v2_10'>Changes for Version 2.10 (2019-10-04)</h2>

  *  (2.10.2): backport security fixes from 2.12.1
  *  (2.10.1): backport security fix for the "fossil git export" command.
  *  Added support for [./serverext.wiki|CGI-based Server Extensions].
  *  Added the [/help?cmd=repolist-skin|repolist-skin] setting used to
     add style to repository list pages.
  *  Enhance the hierarchical display of Forum threads to do less
     indentation and to provide links back to the previous message
     in the thread.  Provide sequential numbers for all messages in
     a forum thread.
  *  Add support for fenced code blocks and improved hyperlink
     processing to the [/md_rules|markdown formatter].
  *  Add support for hyperlinks to wiki pages in the
     [/md_rules|markdown formatter].
  *  Enhance the [/help?cmd=/stat|/stat] page so that it gives the
     option to show a breakdown of forum posts.
  *  The special check-in name "merge-in:BRANCH" means the source of
     the most recent merge-in from the parent branch of BRANCH.
  *  Add hyperlinks to branch-diffs on the /info page and from
     timelines of a branch.
  *  Add graphical context on the [/help?cmd=/vdiff|/vdiff] page.
  *  Uppercase query parameters, POST parameters, and cookie names are
     converted to all lowercase and entered into the parameter set,
     instead of being discarded.
  *  Change the default [./hashpolicy.wiki|hash policy] to SHA3.
  *  Timeout [./server/any/cgi.md|CGI requests] after 300 seconds, or
     some other value set by the
     [./cgi.wiki#timeout|"timeout:" property] in the CGI script.
  *  The check-in lock interval is reduced from 24 hours to 60 seconds,
     though the interval is now configurable using a setting.
     An additional check for conflicts is added after interactive
     check-in comment entry, to compensate for the reduced lock interval.
  *  Performance optimizations.
  *  Many documentation improvements.

<h2 id='v2_9'>Changes for Version 2.9 (2019-07-13)</h2>

  *  Added the [/help?cmd=git|fossil git export] command and instructions
     for [./mirrortogithub.md|creating a GitHub mirror of a Fossil project].
  *  Improved handling of relative hyperlinks on the
     [/help?cmd=/artifact|/artifact] pages for wiki. For example,
     hyperlinks and the lizard &lt;img&gt; now work correctly
     for both [/artifact/2ff24ab0887cf522] and
     [/doc/0d7ac90d575004c2415/www/index.wiki].
  *  Enhancements to the timeline graph layout, to show more information
     with less clutter.
  *  Added tool-tips to the /timeline graph.  On by default but can be
     disabled by setting the "Tooltip dwell time" to 0 in the timeline
     configuration.
  *  Copy buttons added to various check-in hash and branch name links.
  *  Double-clicking on a /timeline graph node now jumps to the /info page
     for the check-in.  So, repurpose the timestamp hyperlink to show all
     activity around that check-in in time.
  *  Added the [/help?cmd=touch|fossil touch] command, and the --setmtime
     option on the [/help?cmd=open|fossil open] and
     [/help?cmd=update|fossil update] commands.
  *  Many documentation enhancements.
  *  For the "[/help?cmd=update|fossil update]" and
     "[/help?cmd=checkout|fossil checkout]" commands, if a
     managed file is removed because it is no longer part of the target
     check-in and the directory containing the file is empty after the
     file is removed and the directory is not the current working
     directory and is not on the [/help?cmd=empty-dirs|empty-dirs]
     list, then also remove the directory.
  *  Update internal Unicode character tables, used in regular expression
     handling, from version 11.0 to 12.1.
  *  In "[/help?cmd=regexp|fossil regexp]", "[/help?cmd=grep|fossil grep]"
     and the TH1 "regexp" command, the -nocase option now removes multiple
     diacritics from the same character (derived from SQLite's
     remove_diacritics=2)
  *  Added the [/help?cmd=/secureraw|/secureraw] page that requires the
     complete SHA1 or SHA3 hash, not just a prefix, before it will deliver
     content.
  *  Accept purely numeric ISO8601 date/time strings as long as they
     do not conflict with a hash.  Example: "20190510134217" instead of
     "2019-05-10 13:42:17".  This helps keep URLs shorter and less
     complicated
  *  Support both "1)" and "1." for numbered lists in markdown, as
     commonmark does.
  *  The sync and clone HTTP requests omit the extra /xfer path element
     from the end of the request URI. All servers since 2010 know that
     the HTTP request is for a sync or clone from the mimetype so the
     extra path element is not needed.
  *  If an automatic sync gets a permanent redirect request, then update
     the saved remote URL to the new address.
  *  Temporary filenames (for example used for external "diff" commands)
     try to preserve the suffix of the original file.
  *  Added the [/help?cmd=/thisdayinhistory|/thisdayinhistory] web page.
  *  Enhanced parsing of [/help?cmd=/timeline|/timeline] query parameters
     "ymd=", "ym=", and "yw=".  All arguments are option (in which case they
     default to the current time) and all accept ISO8601 date/times without
     punctuation.
  *  Automatically disapprove pending moderation requests for a user when
     that user is deleted.  This helps in dealing with spam-bots.
  *  Improvements to the "Capability Summary" section in the
     [/help?cmd=/secaudit0|Security Audit] web-page.
  *  Use new "ci-lock" and "ci-lock-failed" pragmas in the
     [./sync.wiki|sync protocol] to try to prevent accident forks
     caused by concurrent commits when operating in auto-sync mode.
  *  Fix a bug ([https://fossil-scm.org/forum/forumpost/c51b9a1169|details])
     that can cause repository databases to be overwritten with debugging
     output, thus corrupting the repository. This is only a factor when
     CGI debugging is enabled, and even then is a rare occurrence, but it is

  *  There is an optional "js" file for each skin that can be used to
     hold javascript.  This file can be loaded by reference or can be
     included in the header or footer.
  *  Add the [./backoffice.md|backoffice].
  *  Update internal Unicode character tables, used in regular expression
     handling, from version 10.0 to 11.0.
  *  Improvements to the "Security Audit" administration page
  *  Add the [/help?cmd=branch|fossil branch current] command.
  *  Add the [./grep.md|grep] command.
  *  Update the built-in SQLite to version 3.25.1.
  *  Some code and interfaces are in place to support sending and
     receiving email directly via SMTP, but this feature is not yet
     complete or ready for production use.
  *  The `mv-rm-files` setting is now compiled into Fossil in the
     default Fossil configuration; no longer must you say

     repository.  This fix is the main reason for the current release.
  *  Added the new "Classic" timeline viewing mode.  "Classic" is the
     same as "Verbose" in the previous release.  The "Verbose" mode is
     now like "Compact" except the extra check-in details are shown by
     default.
  *  Add support for ETags:, Last-Modified:, and If-Modified-Since:
     cache control mechanisms.
  *  Enhance the [/help?cmd=/tarball|/tarball],
     [/help?cmd=/zip|/zip], and
     [/help?cmd=/sqlar|/sqlar] pages so that the checkin
     name to be downloaded can be expressed as part of the URI,
     and without the need for query parameters.
  *  On the [/help?cmd=/timeline|/timeline] webpage, add the days=N
     query parameter and enhance the ymd=DATE and yw=DATE query parameters
     to accept 'now' as an argument to show the latest day or week.
  *  In the web page that comes up in response to the
     [/help?cmd=all|fossil all ui] command, show the last modification
     time for each repository, and allow click-to-sort on the modification
     time column.
  *  In the tarball cache replacement algorithm, give extra weight to
     tarballs that have been accessed more than once.
  *  Additional defenses against web-based attacks.  There have not been
     any known vulnerabilities.  We are just being paranoid.
  *  Update the built-in SQLite to an alpha version of 3.24.0.

  *  New feature: URL Aliases.  URL Aliases allow an administrator
     to define their own URLs on the web interface that are rewritten to
     built-in URLs with specific parameters.  Create and configure URL Aliases
     using the /Setup/URL_Aliases menu option in the web interface.
  *  Add tech-note search capability.
  *  Add the -r|--revision and -o|--origin options to the
     [/help?cmd=annotate|annotate] command.
  *  Add the origin= query parameter to the [/help?cmd=/annotate|/annotate]
     webpage.
  *  The [/help?cmd=annotate|fossil annotate] command and the
     [/help?cmd=/annotate|/annotate] web page go backwards in time as far
     as can be computed in 30 milliseconds by default, rather than stopping
     after 20 steps.  The new limit= query parameter or the --limit command-line
     option can be used to alter this timeout.
  *  Provide separate [/help#settings|on-line help screens for each setting].
  *  Back out support for the --no-dir-symlinks option
  *  Remove support from the legacy configuration sync protocol.  The only
     way now to do a configuration push or pull is to use the new protocol that
     was added in 2011.
  *  Add the from= and to= query parameters to [/help?cmd=/fdiff|/fdiff]
     in order to get a diff of two files in the same check-in.
  *  Fix the "ssh://" protocol to prevent an attack whereby the attacker convinces
     a victim to run a "clone" with a dodgy URL and thereby gains access to their
     system.
  *  Provide a checkbox that will temporarily disable all ad-units.
  *  Improvements to the [/help?cmd=/stat|/stat] page
  *  Various new hyperlinks to the [/help?cmd=/bloblist|/bloblist]
     and [/help?cmd=/bigbloblist|/bigbloblist] pages.
  *  Correct the [/help?cmd=/doc|/doc] page to support read-only repositories.
  *  Correct [/help?cmd=/zip|/zip], [/help?cmd=/tarball|/tarball],
     [/help?cmd=zip|zip], and [/help?cmd=tarball|tarball] pages and commands to
     honor the versioned manifest setting when outside of an open checkout
     directory.
  *  The admin-log and access-log settings are now on by default for
     new repositories.
  *  Update the built-in SQLite to version 3.21.0.

<h2 id='v2_3'>Changes for Version 2.3 (2017-07-21)</h2>

  *  Update the built-in SQLite to version 3.20.0 (beta).
  *  Update internal Unicode character tables, used in regular expression
     handling, from version 9.0 to 10.0.
  *  Show the last-sync-URL on the [/help?cmd=/urllist|/urllist] page.
  *  Added the "Event Summary" activity report.
     [/reports?type=ci&view=lastchng|example]
  *  Added the "Security Audit" page, available to administrators only
  *  Added the Last Login time to the user list page, for administrators only
  *  Added the --numstat option to the [/help?cmd=diff|fossil diff] command
  *  Limit the size of the heap and stack on unix systems, as a proactive
     defense against the
     [https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt|Stack Clash]
     attack.
  *  Fix "database locked" warnings caused by "PRAGMA optimize".
  *  Fix a potential XSS vulnerability on the
     [/help?cmd=/help|/help] webpage.
  *  Documentation updates

<h2 id='v2_2'>Changes for Version 2.2 (2017-04-11)</h2>

  *  GIT comment tags are now handled by Fossil during import/export.
  *  Show the content of README files on directory listings.
     ([/file/skins|example])
  *  Support for Basic Authentication if enabled (default off).
  *  Show the hash algorithms used on the
     [/help?cmd=/rcvfromlist|/rcvfromlist] page.
  *  The [/help?cmd=/tarball|/tarball] and [/help?cmd=/zip|/zip] pages
     now use the the r= query parameter
     to select which check-in to deliver.  The uuid= query parameter
     is still accepted for backwards compatibility.
  *  Update the built-in SQLite to version 3.18.0.
  *  Run "[https://www.sqlite.org/pragma.html#pragma_optimize|PRAGMA optimize]"
     on the database connection as it is closing.

<h2 id='v2_1'>Changes for Version 2.1 (2017-03-10)</h2>

  *  Add support for [./hashpolicy.wiki|hash policies] that control which
     of the Hardened-SHA1 or SHA3-256 algorithms is used to name new
     artifacts.
  *  Add the "gshow" and "gcat" subcommands to [/help?cmd=stash|fossil stash].
  *  Add the [/help?cmd=/juvlist|/juvlist] web page and use it to construct
     the [/uv/download.html|Download Page] of the Fossil self-hosting website
     using Ajax.

<h2 id='v2_0'>Changes for Version 2.0 (2017-03-03)</h2>

  *  Use the
     [https://github.com/cr-marcstevens/sha1collisiondetection|hardened SHA1]
     implementation by Marc Stevens and Dan Shumow.
  *  Add the ability to read and understand
     [./fileformat.wiki#names|artifact names] that are based on SHA3-256
     rather than SHA1, but do not actually generate any such names.
  *  Added the [/help?cmd=sha3sum|sha3sum] command.
  *  Update the built-in SQLite to version 3.17.0.

<h2 id='v1_37'>Changes for Version 1.37 (2017-01-16)</h2>

  *  Add checkbox widgets to various web pages.  See [/technote/8d18bf27e9|
     this technote] for more information.  To get the checkboxes to look as
     intended, you must update the CSS in your repository and all clones.
  *  Add the [/help/all|fossil all ui] command
  *  Add the [/help?cmd=/file|/file] webpage
  *  Enhance the [/help?cmd=/brlist|/brlist] webpage to make use of branch colors.
  *  Add support for the ms=EXACT|LIKE|GLOB|REGEXP query parameter on the
     [/help?cmd=/timeline|/timeline] webpage, with associated form widgets.
  *  Enhance the [/help/changes|changes] and [/help/status|status] commands
     with many new filter options so that specific kinds of changes can be
     found without having to pipe through grep or sed.
  *  Enhanced the [/help/sqlite3|fossil sql] command so that it opens the
     [./tech_overview.wiki#localdb|checkout database] and the
     [./tech_overview.wiki#configdb|configuration database] in addition to the
     repository database.
  *  TH1 enhancements:
     <ul><li>Add <nowiki>[unversioned content]</nowiki> command.</li>
     <li>Add <nowiki>[unversioned list]</nowiki> command.</li>
     <li>Add project_description variable.</li>
     </ul>
  *  Rename crnl-glob [/help/settings|setting] to crlf-glob, but keep
     crnl-glob as a compatibility alias.
  *  Added the --command option to the [/help/diff|diff] command.
  *  Fix a C99-ism that prevents the 1.36 release from building with MSVC.
  *  Fix [/help?cmd=ticket|ticket set] when using the "+" prefix with fields
     from the "ticketchng" table.
  *  Remove the "fusefs" command from builds that do not have the underlying
     support enabled.
  *  Fixes for incremental git import/export.
  *  Minor security enhancements to
     [./encryptedrepos.wiki|encrypted repositories].
  *  Update the built-in SQLite to version 3.16.2.
  *  Update the built-in Zlib to version 1.2.11.


<h2 id='v1_36'>Changes for Version 1.36 (2016-10-24)</h2>

  *  Add support for [./unvers.wiki|unversioned content],
     the [/help?cmd=unversioned|fossil unversioned] command and the
     [/help?cmd=/uv|/uv] and [/uvlist] web pages.
  *  The [/uv/download.html|download page] is moved into
     [./unvers.wiki|unversioned content] so that the self-hosting Fossil
     websites no longer uses any external content.
  *  Added the "Search" button to the graphical diff generated by
     the --tk option on the [/help?cmd=diff|diff] command.
  *  Added the "--checkin VERSION" option to the
     [/help?cmd=diff|diff] command.
  *  Various performance enhancements to the [/help?cmd=diff|diff] command.
  *  Update internal Unicode character tables, used in regular expression
     handling, from version 8.0 to 9.0.
  *  Update the built-in SQLite to version 3.15. Fossil now requires
     the SQLITE_DBCONFIG_MAINDBNAME interface of SQLite which is only available
     in SQLite version 3.15 and later and so Fossil will not work with
     earlier SQLite versions.
  *  Fix [https://www.mail-archive.com/fossil-users@lists.fossil-scm.org/msg23618.html|multi-line timeline bug]
  *  Enhance the [/help?cmd=purge|fossil purge] command.
  *  New command [/help?cmd=shell|fossil shell].
  *  SQL parameters whose names are all lower-case in Ticket Report SQL
     queries are filled in using HTTP query parameter values.
  *  Added support for [./childprojects.wiki|child projects] that are
     able to pull from their parent but not push.
  *  Added the -nocomplain option to the TH1 "query" command.
  *  Added support for the chng=GLOBLIST query parameter on the
     [/help?cmd=/timeline|/timeline] webpage.

<h2 id='v1_35'>Changes for Version 1.35 (2016-06-14)</h2>

  *  Enable symlinks by default on all non-Windows platforms.
  *  Enhance the [/md_rules|Markdown formatting] so that hyperlinks that begin
     with "/" are relative to the root of the Fossil repository.
  *  Rework the [/help?cmd=/setup_ulist|/setup_list page] (the User List page)
     to display all users in a click-to-sort table.
  *  Fix backslash-octal escape on filenames while importing from git
  *  When markdown documents begin with &lt;h1&gt; HTML elements, use that
     header at the document title.
  *  Added the [/help?cmd=/bigbloblist|/bigbloblist page].
  *  Enhance the [/help?cmd=/finfo|/finfo page] so that when it is showing
     the ancestors of a particular file version, it only shows direct
     ancestors and omits changes on branches, thus making it show the same set
     of ancestors that are used for [/help?cmd=/blame|/blame].
  *  Added the --page option to the [/help?cmd=ui|fossil ui] command
  *  Added the [/help?cmd=bisect|fossil bisect ui] command
  *  Enhanced the [/help?cmd=diff|fossil diff] command so that it accepts
     directory names as arguments and computes diffs on all files contained
     within those directories.
  *  Fix the [/help?cmd=add|fossil add] command so that it shows "SKIP" for
     files added that were already under management.
  *  TH1 enhancements:
     <ul><li>Add <nowiki>[array exists]</nowiki> command.</li>
     <li>Add minimal <nowiki>[array names]</nowiki> command.</li>
     <li>Add tcl_platform(engine) and tcl_platform(platform) array
     elements.</li>
     </ul>
  *  Get autosetup working with MinGW.
  *  Fix autosetup detection of zlib in the source tree.
  *  Added autosetup detection of OpenSSL when it may be present under the
     "compat" subdirectory of the source tree.
  *  Added the [/help?cmd=reparent|fossil reparent] command
  *  Added --include and --exclude options to [/help?cmd=tarball|fossil tarball]
     and [/help?cmd=zip|fossil zip] and the in= and ex= query parameters to the
     [/help?cmd=/tarball|/tarball] and [/help?cmd=/zip|/zip] web pages.
  *  Add support for [./encryptedrepos.wiki|encrypted Fossil repositories].
  *  If the FOSSIL_PWREADER environment variable is set, then use the program it
     names in place of getpass() to read passwords and passphrases
  *  Option --baseurl now works on Windows.
  *  Numerous documentation improvements.
  *  Update the built-in SQLite to version 3.13.0.

<h2 id='v1_34'>Changes for Version 1.34 (2015-11-02)</h2>

  *  Make the [/help?cmd=clean|fossil clean] command undoable for files less
     than 10MiB.
  *  Update internal Unicode character tables, used in regular expression
     handling, from version 7.0 to 8.0.
  *  Add the new [/help?cmd=amend|amend] command which is used to modify
     tags of a "check-in".
  *  Fix bug in [/help?cmd=import|import] command, handling version 3 of
     the svndump format for subversion.
  *  Add the [/help?cmd=all|all cache] command.
  *  TH1 enhancements:
     <ul><li>Add minimal <nowiki>[lsearch]</nowiki> command. Only exact
     case-sensitive matching is supported.</li>
     <li>Add the <nowiki>[glob_match]</nowiki>, <nowiki>[markdown]</nowiki>,
     <nowiki>[dir]</nowiki>, and <nowiki>[encode64]</nowiki> commands.</li>
     <li>Add the <nowiki>[tclIsSafe] and [tclMakeSafe]</nowiki> commands to
     the Tcl integration subsystem.</li>
     <li>Add 'double', 'integer', and 'list' classes to the
     <nowiki>[string is]</nowiki> command.</li>
     </ul>
  *  Add the --undo option to the [/help?cmd=diff|diff] command.
  *  Build-in Antirez's "linenoise" command-line editing library for use with
     the [/help?cmd=sqlite3|fossil sql] command on Unix platforms.
  *  Add [/help?cmd=stash|stash cat] as an alias for the
     [/help?cmd=stash|stash show] command.
  *  Automatically pull before [/help?cmd=merge|fossil merge] when auto-sync
     is enabled.
  *  Fix --hard option to [/help?cmd=mv|fossil mv] and [/help?cmd=rm|fossil rm]
     to enable them to work properly with certain relative paths.
  *  Change the mimetype for ".n" and ".man" files to text/plain.
  *  Display improvements in the [/help?cmd=bisect|fossil bisect chart] command.
  *  Updated the built-in SQLite to version 3.9.1 and activated JSON1 and FTS5
     support (both currently unused within Fossil).

<h2 id='v1_33'>Changes for Version 1.33 (2015-05-23)</h2>
  *  Improved fork detection on [/help?cmd=update|fossil update],
     [/help?cmd=status|fossil status] and related commands.
  *  Change the default skin to what used to be called "San Francisco Modern".
  *  Add the [/repo-tabsize] web page
  *  Add [/help?cmd=import|fossil import --svn], for importing a subversion
     repository into fossil which was exported using "svnadmin dump".
  *  Add the "--compress-only" option to [/help?cmd=rebuild|fossil rebuild].
  *  Use a pie chart on the [/reports?view=byuser] page.
  *  Enhanced [/help?cmd=clean|fossil clean --verily] so that it ignores
     keep-glob and ignore-glob settings.  Added the -x alias for --verily.
  *  Add the --soft and --hard options to [/help?cmd=rm|fossil rm] and
     [/help?cmd=mv|fossil mv].  The default is still --soft, but that is
     now configurable at compile-time or by the mv-rm-files setting.
  *  Improved ability to [./customgraph.md|customize the timeline graph].
  *  Improvements to the [/sitemap] page.
  *  Automatically adjust the [/help?cmd=timeline|CLI timeline] to the terminal
     width on Linux.
  *  Added <nowiki>[info commands] and [info vars]</nowiki> commands to TH1.
     These commands perform the same function as their Tcl counterparts,
     except they do not accept a pattern argument.
  *  Fix some obscure issues with TH1 expression processing.
  *  Fix titles in search results for documents that are not wiki, markdown,
     or HTML.
  *  Formally translate TH1 to Tcl return codes and vice-versa, where
     necessary, in the Tcl integration subsystem.
  *  Add [/help?cmd=leaves|fossil leaves -multiple], for finding multiple
     leaves on the same branch.
  *  Added the "Blitz" skin option.
  *  Removed the ".fossil-settings/keep-glob" file.  It should not have been
     checked into the repository.
  *  Update the built-in SQLite to version 3.8.10.2.
  *  Make [/help?cmd=open|fossil open] honor ".fossil-settings/allow-symlinks".
  *  Allow [/help?cmd=add|fossil add] to be used on symlinks to nonexistent or
     unreadable files in the same way as [/help?cmd=addremove|fossil addremove].
  *  Added fork warning to be issued if sync produced a fork
  *  Update the [/help?cmd=/info|info] page to report when a file becomes a
     symlink.  Additionally show the UUID for files whose types have changed
     without changing contents or symlink target.
  *  Have [/help?cmd=changes|fossil changes] and
     [/help?cmd=status|fossil status] report when executable or symlink status
     changes on otherwise unmodified files.
  *  Permit filtering weekday and file [/help?cmd=/reports|reports] by user.
     Also ensure the user parameter is preserved when changing types.  Add a
     field for direct entry of the user name to each applicable report.
  *  Create parent directories of [/help?cmd=settings|empty-dirs] if they don't
     already exist.
  *  Inhibit timeline links to wiki pages that have been deleted.

<h2 id='v1_33'>Changes for Version 1.32 (2015-03-14)</h2>
  *  When creating a new repository using [/help?cmd=init|fossil init], ensure
     that the new repository is fully compatible with historical versions of
     Fossil by having a valid manifest as RID 1.
  *  Anti-aliased rendering of arrowheads on timeline graphs.
  *  Added vi/less-style key bindings to the --tk diff GUI.
  *  Documentation updates to fix spellings and changes all "checkins" to
     "check-ins".
  *  Add the --repolist option to server commands such as
     [/help?cmd=server|fossil server] or [/help?cmd=http|fossil http].
  *  Added the "Xekri" skin.
  *  Enhance the "ln=" query parameter on artifact displays to accept multiple
     ranges, separate by spaces (or "+" when URL-encoded).
  *  Added [/help?cmd=forget|fossil forget] as an alias for
     [/help?cmd=rm|fossil rm].

<h2 id='v1_31'>Changes For Version 1.31 (2015-02-23)</h2>
  *  Change the auxiliary schema by adding columns MLINK.ISAUX and MLINK.PMID
     columns to the schema, to support better drawing of file change graphs.
     A [/help?cmd=rebuild|fossil rebuild] is recommended but is not required.
     so that the new graph drawing logic can work effectively.
  *  Added [/search|search] over Check-in comments, Documents, Tickets and
     Wiki.  Disabled by default.  The search can be either a full-scan or it
     can use an index that is kept up-to-date automatically.  The new
     /srchsetup web-page and the [/help?cmd=fts-config|fts-config] command
     were added to help configure the search capability.  Expect further
     enhancements to the search capabilities in subsequent releases.
  *  Added form elements to some submenus (in particular the /timeline)
     for easier operation.
  *  Added the --ifneeded option to [/help?cmd=rebuild|fossil rebuild].
  *  Added "override skins" using the "skin:" line of the CGI script or
     using the --skin LABEL option on the [/help?cmd=server|server],
     [/help?cmd=ui|ui], or [/help?cmd=http|http] commands.
  *  Embedded html documents that begin with
     &lt;doc class="fossil-doc"&gt; are displayed with standard
     headers and footers added.
  *  Allow &lt;div style='...'&gt; markup in [/wiki_rules|wiki].
  *  Renamed "Events" to "Technical Notes", while updating the technote
     display and control pages.  Add support for technotes as plain text
     or as Markdown.
  *  Added the [/md_rules] pages containing summary instructions on the
     Markdown format.
  *  Added the --repolist and --nojail options to the various server commands
     (ex: [/help?cmd=server|fossil server]).
  *  Added the [/help?cmd=all|fossil all add] subcommand to "fossil all".
  *  Improvements to the /login page.  Some hyperlinks to pages that require
     "anonymous" privileges are displayed even if the current user is "nobody"
     but automatically redirect to /login.
  *  The [/help?cmd=/doc|/doc] web-page will now try to deliver the file
     "404.md" from the top-level directory (if such a file exists) in
     place of its built-in 404 text.
  *  Download of Tarballs and ZIP Archives by user "nobody" is now enabled
     by default in new repositories.
  *  Enhancements to the table sorting controls.  More display tables
     are now sortable.
  *  Add IPv6 support to [/help?cmd=sync|fossil sync] and
     [/help?cmd=clone|fossil clone]
  *  Add more skins such as "San Francisco Modern" and "Eagle".
  *  During shutdown, check to see if the check-out database (".fslckout")
     contains a lot of free space, and if it does, VACUUM it.
  *  Added the [/mimetype_list] page.
  *  Added the [/hash-collisions] page.
  *  Allow the user of Common Table Expressions in the SQL that defaults
     ticket reports.
  *  Break out the components (css, footer, and header) for the
     various built-in skins into separate files in the source tree.

<h2 id='v1_30'>Changes For Version 1.30 (2015-01-19)</h2>
  *  Added the [/help?cmd=bundle|fossil bundle] command.
  *  Added the [/help?cmd=purge|fossil purge] command.
  *  Added the [/help?cmd=publish|fossil publish] command.
  *  Added the [/help?cmd=unpublished|fossil unpublished] command.
  *  Enhance the [/tree] webpage to show the age of each file with the option
     to sort by age.
  *  Enhance the [/brlist] webpage to show additional information about each branch
     and to be sortable by clicking on column headers.
  *  Add support for Docker. Just install docker and type
     "sudo docker run -d -p 8080:8080 nijtmans/fossil" to get it running.
  *  Add the [/help/fusefs|fossil fusefs DIRECTORY] command that mounts a
     Fuse Filesystem at the given DIRECTORY and populates it with read-only
     copies of all historical check-ins. This only works on systems that
     support FuseFS.
  *  Add the administrative log that records all configuration.
  *  Added the [/sitemap] webpage.
  *  Added the [/bloblist] web page.
  *  Let [/help?cmd=new|fossil new] no longer create an initial empty commit
     by default. The first commit after checking out an empty repository will
     become the initial commit.
  *  Added the [/help?cmd=all|fossil all dbstat] and
     [/help?cmd=all|fossil all info] commands.
  *  Update SQLite to version 3.8.8.
  *  Added the --verily option to the [/help?cmd=clean|fossil clean] command.
  *  Add the "autosync-tries" setting to control the number of autosync attempts
     before returning an error.
  *  Added a compile-time option (--with-miniz) to build using miniz instead
     of zlib.  Disabled by default.
  *  Support customization of commands and webpages, including the ability to
     add new ones, via the "TH1 hooks" feature.  Disabled by default. Enabled
     via a compile-time option.
  *  Add the <nowiki>[checkout], [render], [styleHeader], [styleFooter],
     [trace], [getParameter], [setParameter], [artifact], and
     [globalState]</nowiki> commands to TH1, primarily for use by TH1 hooks.
  *  Automatically adjust the width of command-line timeline output according to the
     detected width of the terminal.
  *  Prompt the user to optionally fix invalid UTF-8 at check-in.
  *  Added a line-number toggle option to the [/help?cmd=/info|/info]
     and [/help?cmd=/artifact|/artifact] pages.
  *  Most commands now issue errors rather than silently ignoring unrecognized
     command-line options.
  *  Use full 40-character SHA1 hashes (instead of abbreviations) in most
     internal URLs.
  *  The "ssh:" sync method on Windows now uses "plink.exe" instead of "ssh" as
     the secure-shell client program.
  *  Prevent a partial clone when the connection is lost.
  *  Make the distinction between 301 and 302 redirects.
  *  Allow commits against a closed check-in as long as the commit goes onto
     a different branch.
  *  Improved cache control in the web interface reduces unnecessary requests
     for common resources like the page logo and CSS.
  *  Fix a rare and long-standing sync protocol bug
     that would silently prevent the sync from running to completion.  Before
     this bug-fix it was sometimes necessary to do "fossil sync --verily" to
     get two repositories in sync.
  *  Add the [/finfo?name=src/foci.c|files_of_checkin] virtual table - useful
     for ad hoc queries in the [/help?cmd=sqlite3|fossil sql] interface,
     and also used internally.
  *  Added the "$secureurl" TH1 variable for use in headers and footers.
  *  (Internal:) Add the ability to include resources as separate files in the
     source tree that are converted into constant byte arrays in the compiled
     binary.  Use this feature to store the Tk script that implements the --tk
     diff option in a separate file for easier editing.
  *  (Internal:) Implement a system of compile-time checks to help ensure

     to the graphical diff display that results
     from using the --tk option with the [/help/diff | fossil diff] command.
  *  The [/reports] page now requires Read ("o") permissions. The "byweek"
     report now properly propagates the selected year through the event type
     filter links.
  *  The [/help/info | info command] now shows leaf status of the checkout.
  *  Add support for tunneling https through a http proxy (Ticket [e854101c4f]).
  *  Add option --empty to the "[/help?cmd=open | fossil open]" command.
  *  Enhanced [/help?cmd=/fileage|the fileage page] to support a glob parameter.
  *  Add -w|--ignore-all-space and -Z|--ignore-trailing-space options to
     [/help?cmd=annotate|fossil annotate], [/help?cmd=blame|fossil blame],
     [/help?cmd=diff|fossil (g)diff], [/help?cmd=stash|fossil stash diff].
  *  Add --strip-trailing-cr option to [/help?cmd=diff|fossil (g)diff] and
     [/help?cmd=stash|fossil stash diff].
  *  Add button "Ignore Whitespace" to /annotate, /blame, /ci, /fdiff
     and /vdiff UI pages.
  *  Enhance [/reports?view=byweekday|/reports] with a "byweekday" view.
  *  Enhance the [/help?cmd=cat|fossil cat] command so that it works outside
     of a checkout when using the -R command-line option.
  *  Use full-length SHA1 hashes, not abbreviations, in most hyperlinks.
  *  Correctly render the <title> markup on wiki pages in the
     [/help?cmd=/artifact|/artifact] webpage.
  *  Enhance the [/help?cmd=whatis|fossil whatis] command to report on attachments
     and cluster artifacts.  Added the [/help?cmd=test-whatis-all] command for
     testing purposes.
  *  Add support for HTTP Basic Authentication on [/help?cmd=clone|clone] and
     [/help?cmd=sync|sync].
  *  Fix the [/help?cmd=stash|stash] so that it remembers added files and re-adds
     them when the stash is applied.
  *  Fix the server so that it avoids writing to the database (and thus avoids
     database locking issues) on a
     [/help?cmd=pull|pull] or [/help?cmd=clone|clone].
  *  Add support for [./server.wiki#loadmgmt|server load management] using both
     a cache of expensive pages (the [/help?cmd=cache|fossil cache] command)
     and by rejecting expensive page requests when the server load average is too
     high.
  *  Add the [/help?cmd=praise|fossil praise] command as an alias for
     [/help?cmd=blame|fossil blame] for subversion compatibility.
  *  Enhance the [/help?cmd=test-diff|fossil test-diff] command with -y or --tk
     options so that it shows both filenames above their respective columns in
     the side-by-side diff output.
  *  Issue a warning if a [/help?cmd=add|fossil add] command tries to add a file
     that matches the ignore-glob.
  *  Add option -W|--width to "[/help?cmd=stash|fossil stash ls]"
     and "[/help?cmd=leaves|fossil leaves]" commands.
  *  Enhance support for running as the root user. Now works on Haiku.
  *  Added the <tt>-empty</tt> option to [/help?cmd=new|fossil new], which
     causes it to not create an initial empty commit. The first commit after
     checking out a repo created this way will become the initial commit.
  *  Enhance sync operations by committing each round-trip to minimize number
     of retransmits when autosync fails. Include option for
     [/help?cmd=update| fossil update] and [/help?cmd=merge| fossil merge] to
     continue even if missing content.
  *  Minor portability fixes for platforms where the char type is unsigned
     by default.

<h2>Changes For Version 1.28 (2014-01-27)</h2>
  *  Enhance [/help?cmd=/reports | /reports] to support event type filtering.
  *  When cloning a repository, the user name passed via the URL (if any)
     is now used as the default local admin user's name.
  *  Enhance the SSH transport mechanism so that it runs a single instance of
     the "fossil" executable on the remote side, obviating the need for a shell
     on the remote side.  Some users may need to add the "?fossil=/path/to/fossil"
     query parameter to "ssh:" URIs if their fossil binary is not in a standard
     place.
  *  Add the "[/help?cmd=blame | fossil blame]" command that works just like
     "fossil annotate" but uses a different output format that includes the
     user who made each change and omits line numbers.
  *  Add the "Tarball and ZIP-archive Prefix" configuration parameter under
     Admin/Configuration.
  *  Fix CGI processing so that it works on web servers that do not
     supply REQUEST_URI.
  *  Add options --dirsonly, --emptydirs, and --allckouts to the
     "[/help?cmd=clean | fossil clean]" command.
  *  Ten-fold performance improvement in large "fossil blame" or
     "fossil annotate" commands.
  *  Add option -W|--width and --offset to "[/help?cmd=timeline | fossil timeline]"
     and  "[/help?cmd=finfo | fossil finfo]" commands.
  *  Option -n|--limit of "[/help?cmd=timeline | fossil timeline]" now
     specifies the number of entries, just like all other commands which
     have the -n|--limit option. The various timeline-related functions
     now output "--- ?? limit (??) reached ---" at the end whenever
     appropriate. Use "-n 0" if no limit is desired.
  *  Fix handling of password embedded in Fossil URL.
  *  New <tt>--once</tt> option to [/help?cmd=clone | fossil clone] command
     which does not store the URL or password when cloning.
  *  Modify [/help?cmd=ui | fossil ui] to respect "default user" in an open
     repository.
  *  Fossil now hides check-ins that have the "hidden" tag in timeline webpages.
  *  Enhance <tt>/ci_edit</tt> page to add the "hidden" tag to check-ins.
  *  Advanced possibilities for commit and ticket change notifications over
     http using TH1 scripting.
  *  Add --sha1sum and --integrate options
     to the "[/help?cmd=commit | fossil commit]" command.
  *  Add the "clean" and "extra" subcommands to the
     "[/help?cmd=all | fossil all]" command
  *  Add the --whatif option to "[/help?cmd=clean|fossil clean]" that works the
     same as "--dry-run",
     so that the name does not collide with the --dry-run option of "fossil all".
  *  Provide a configuration option to show dates on the web timeline
     as "YYMMMDD HH:MM"
  *  Add an option to the "stats" webpage that allows an administrator to see
     the current repository schema.
  *  Enhancements to the "[/help?cmd=/vdiff|/vdiff]" webpage for more difference
     display options.
  *  Added the "[/tree?ci=trunk&expand | /tree]" webpage as an alternative
     to "/dir" and make it the default way of showing file lists.
  *  Send gzipped HTTP responses to clients that support it.

<h2>Changes For Version 1.27 (2013-09-11)</h2>
  *  Enhance the [/help?cmd=changes | fossil changes],
     [/help?cmd=clean | fossil clean], [/help?cmd=extras | fossil extras],
     [/help?cmd=ls | fossil ls] and [/help?cmd=status | fossil status] commands
     to restrict operation to files and directories named on the command-line.
  *  New --integrate option to [/help?cmd=merge | fossil merge], which
     automatically closes the merged branch when committing.
  *  Renamed <tt>/stats_report</tt> page to [/reports]. Graph width is now
     relative, not absolute.
  *  Added <tt>yw=YYYY-WW</tt> (year-week) filter to timeline to limit the results
     to a specific year and calendar week number, e.g. [/timeline?yw=2013-01].
  *  Updates to SQLite to prevent opening a repository file using file descriptors
     1 or 2 on Unix.  This fixes a bug under which an assertion failure could
     overwrite part of a repository database file, corrupting it.
  *  Added support for unlimited line lengths in side-by-side diffs.
  *  New --close option to [/help?cmd=commit | fossil commit], which
     immediately closes the branch being committed.
  *  Added <tt>chart</tt> option to [/help?cmd=bisect | fossil bisect].
  *  Improvements to the "human or bot?" determination.
  *  Reports errors about missing CGI-standard environment variables for HTTP
     servers which do not support them.
  *  Minor improvements to sync support on Windows.
  *  Added <tt>--scgi</tt> option to [/help?cmd=server | fossil server].
  *  Internal improvements to the sync process.
  *  The internals of the JSON API are now MIT-licensed, so downstream
     users/packagers are no longer affected by the "do no evil" license
     clause.

<h2>Changes For Version 1.26 (2013-06-18)</h2>
  *  The argument to the --port option for the [/help?cmd=ui | fossil ui] and
     [/help?cmd=server | fossil server] commands can take an IP address in addition
     to the port number, causing Fossil to bind to just that one IP address.
  *  After prompting for a password, also ask if that password should be
     remembered.
  *  Performance improvements to the diff engine.
  *  Fix the side-by-side diff engine to work better with multi-byte Unicode text.
  *  Color-coding in the web-based annotation (blame) display.  Fix the annotation
     engine so that it is no longer confused by time-warps.
  *  The markdown formatter is now available by default and can be used for
     tickets, wiki, and embedded documentation.
  *  Add subcommands "fossil bisect log" and "fossil bisect status" to the
     [/help?cmd=bisect | fossil bisect] command, as well as other bisect enhancements.
  *  Enhanced defenses that prevent spiders from using excessive CPU and bandwidth.
  *  Consistent use of the -n or --dry-run command line options.
  *  Win32: Fossil now understands Cygwin paths containing one or more of
     the characters <nowiki>"*:<>?|</nowiki>. Those are normally forbidden in
     win32. This means that the win32 fossil.exe is better usable in a Cygwin
     environment. See
     [http://cygwin.com/cygwin-ug-net/using-specialnames.html#pathnames-specialchars].

cases those settings can be ignored.  The settings control things like
the amount of time that chat messages are retained before being purged
from the repository database.

## <a id="usage"></a>Usage

For users with appropriate permissions, simply browse to the
[/chat](/help?cmd=/chat) to start up a chat session.  The default
skin includes a "Chat" entry on the menu bar on wide screens for
people with chat privilege.  There is also a "Chat" option on
the [Sitemap page](/sitemap), which means that chat will appear
as an option under the hamburger menu for many [skins](./customskin.md).

Chat messages are subject to [Fossil's
full range of Markdown processing](/md_rules). Because chat messages are

show up in that list, nor does the chat infrastructure have a way to
track and present those. That list can be used to filter messages on a
specific user by tapping on that user's name, tapping a second time to
remove the filter.

### <a id="cli"></a> The `fossil chat` Command

Type [fossil chat](/help?cmd=chat) from within any open check-out
to bring up a chatroom for the project that is in that checkout.
The new chat window will attempt to connect to the default sync
target for that check-out (the server whose URL is shown by the
[fossil remote](/help?cmd=remote) command).

### <a id="robots"></a> Chat Messages From Robots

The [fossil chat send](/help?cmd=chat) can be used by project-specific
robots to send notifications to the chatroom.  For example, on the
[SQLite project](https://sqlite.org/) (for which the Fossil chatroom
feature, and indeed all of Fossil, was invented) there are long-running
fuzz servers that sometimes run across obscure problems.  Whenever this
happens, a message is sent to the SQLite developers chatroom alerting
them to the problem.

~~~~

Substitute the appropriate project URL, robot account
name and password, message text and file attachment, of course.

### <a id="chat-robot"></a> Chat Messages For Timeline Events

If the [chat-timeline-user setting](/help?cmd=chat-timeline-user) is not an
empty string, then any change to the repository that would normally result
in a new timeline entry is announced in the chatroom.  The announcement
appears to come from a user whose name is given by the chat-timeline-user
setting.

This mechanism is similar to [email notification](./alerts.md) except that
the notification is sent via chat instead of via email.

## Implementation Details

*You do not need to understand how Fossil chat works in order to use it.
But many developers prefer to know how their tools work.
This section is provided for the benefit of those curious developers.*

The [/chat](/help?cmd=/chat) webpage downloads a small amount of HTML
and a small amount of javascript to run the chat session.  The
javascript uses XMLHttpRequest (XHR) to download chat content, post
new content, or delete historical messages.  The following web
interfaces are used by the XHR:

  *  [/chat-poll](/help?name=/chat-poll) →
     Downloads chat content as JSON.

  file  BLOB        -- Text of the uploaded file, or NULL
);
~~~

The CHAT table is not cross-linked with any other tables in the repository
schema.  An administrator can "DROP TABLE chat;" at any time, without
harm (apart from deleting all chat history, of course).  The CHAT table
is dropped when running [fossil scrub --verily](/help?cmd=scrub).

On the server-side, message text is stored exactly as entered by the
users.  The /chat-poll page queries the CHAT table and constructs a
JSON reply described in the [/chat-poll
documentation](/help?cmd=/chat-poll).  The message text is translated
into HTML before being converted to JSON so that the text can be
safely added to the display using assignment to `innerHTML`. Though
`innerHTML` assignment is generally considered unsafe, it is only so
with untrusted content from untrusted sources. The chat content goes
through sanitization steps which eliminate any potential security
vulnerabilities of assigning that content to `innerHTML`.

The repository is now a separate project, independent from its parent.
Clone the new project to the developers as needed.

The child project and the parent project will not normally be able to sync
with one another, since they are now separate projects with distinct
project codes.  However, if the
"--from-parent-project" command-line option is provided to the
"[/help?cmd=pull|fossil pull]" command in the child, and the URL of
parent repository is also provided on the command-line, then updates to
the parent project that occurred after the child was created will be added
to the child repository.  Thus, by periodically doing a
pull --from-parent-project, the child project is able to stay up to date
with all the latest changes in the parent.

*   any shared libraries your `fossil` binary is linked to, unless you
    [configured Fossil with `--static`][bld] to avoid it

Fossil does all of this as one of many layers of defense against
hacks and exploits. You can prevent Fossil from entering the chroot
jail using the <tt>--nojail</tt> option to the 
[fossil server command](/help?cmd=server)
but you cannot make Fossil hold onto root privileges.  Fossil always drops
root privilege before accepting inputs, for security.


[bld]: https://fossil-scm.org/home/doc/trunk/www/build.wiki
[cj]:  https://en.wikipedia.org/wiki/Chroot
[fls]: ./loadmgmt.md

    fossil clone https://dev.example.com/repo/my-project

The `/repo` addition is the key: whatever comes after is used as the
repository name. [See the docs][clone] for more details.

[caod]:  https://fossil-scm.org/forum/forumpost/3f143cec74
[clone]: /help?cmd=clone

<div style="height:50em" id="this-space-intentionally-left-blank"></div>

    provide a good reason to develop a habit of using `fossil checkout`
    instead.

In summary, these are two separate commands; neither is an alias for the
other. They overlap enough that they can be used interchangeably for
some use cases, but `update` is more powerful and more broadly useful.

[co]:    /help?cmd=checkout
[cvsmu]: http://web.mit.edu/gnu/doc/html/cvs_7.html#SEC37
[up]:    /help?cmd=update

With other configuration management software, setting up a server is
a lot of work and normally takes time, patience, and a lot of system
knowledge.  Fossil is designed to avoid this frustration.  Setting up
a server with Fossil is ridiculously easy.  You have four options:

  #  <b>Stand-alone server.</b>
     Simply run the [/help?cmd=server|fossil server] or
     [/help?cmd=ui|fossil ui] command from the command-line.
     <br><br>
  #  <b>CGI.</b>
     Install a 2-line CGI script on a CGI-enabled web-server like Apache.
     <br><br>
  #  <b>SCGI.</b>
     Start an SCGI server using the
     [/help?cmd=server| fossil server --scgi] command for handling
     SCGI requests from web-servers like Nginx.
     <br><br>
  #  <b>Inetd or Stunnel.</b>
     Configure programs like inetd, xinetd, or stunnel to hand off HTTP requests
     directly to the [/help?cmd=http|fossil http] command.

See the [./server/ | How To Configure A Fossil Server] document
for details.

<h2>6.0 Review Of Key Concepts</h2>

<ul>

[https://fossil-scm.org/forum | the forum] or email them to
<a href="mailto:drh@sqlite.org">drh@sqlite.org</a>.  Be sure to
describe in detail what the patch does and which version of Fossil
it is written against. It's best to make patches against tip-of-trunk
rather than against past releases.

If your change is more complicated than a patch can properly encode, you
may submit [/help?cmd=bundle | a Fossil bundle] instead. Unlike patches,
bundles can contain multiple commits, check-in comments, file renames,
file deletions, branching decisions, and more which <tt>patch(1)</tt>
files cannot. It's best to make a bundle of a new branch so the change
can be integrated, tested, enhanced, and merged down to trunk in a
controlled fashion.

A contributor agreement is not strictly necessary to submit a patch or bundle,

   * css.txt
   * details.txt
   * footer.txt
   * header.txt
   * js.txt

Try out the built-in skins by using the --skin option on the
[fossil ui](/help?cmd=ui) or [fossil server](/help?cmd=server) commands.

## <a id="sharing"></a>Sharing Skins

The skin of a repository is not part of the versioned state and does not
"push" or "pull" like checked-in files.  The skin is local to the
repository.  However, skins can be shared between repositories using
the [fossil config](/help?cmd=configuration) command.
The "fossil config push skin" command will send the local skin to a remote
repository and the "fossil config pull skin" command will import a skin
from a remote repository.  The "fossil config export skin FILENAME"
will export the skin for a repository into a file FILENAME.  This file
can then be imported into a different repository using the
"fossil config import FILENAME" command.  Unlike "push" and "pull",
the "export" and "import" commands are able to move skins between

working as desired, the draft skin is "published" and becomes the
new live skin that most users see.

### Skin Development Using A Local Text Editor

An alternative approach is to copy the five control files for your
baseline skin into a temporary working directory (here called
"./newskin") and then launch the [fossil ui](/help?cmd=ui) command
with the "--skin ./newskin" option.  If the argument to the --skin
option contains a "/" character, then the five control files are
read out of the directory named.  You can then edit the control
files in the ./newskin folder using you favorite text editor, and
press "Reload" on your browser to see the effects.

       be copied directly out of one of the subdirectories under skins.  If
       sources are not easily at hand, then a copy/paste out of the
       CSS, footer, and header editing screens under the Admin menu will
       work just as well.  The important point is that the three files
       be named exactly "css.txt", "footer.txt", and "header.txt" and that
       they all be in the same directory.

   2.  Run the [fossil ui](/help?cmd=ui) command with an extra
       option "--skin SKINDIR" where SKINDIR is the name of the directory
       in which the three txt files were stored in step 1.   This will bring
       up the Fossil website using the tree files in SKINDIR.

   3.  Edit the *.txt files in SKINDIR.  After making each small change,
       press Reload on the web browser to see the effect of that change.
       Iterate until the desired look is achieved.

script-src 'self' 'nonce-$nonce';
style-src 'self' 'unsafe-inline';
img-src * data:;
</pre>

The default is recommended for most installations.  However,
the site administrators can overwrite this default CSP using the
[default-csp setting](/help?cmd=default-csp).  For example,
CSP restrictions can be completely disabled by setting the default-csp to:

    default-src *;

The following sections detail the maining of the default CSP setting.

### <a id="base"></a> default-src 'self' data:

    external resources in the backup copies, so that when the main repo
    site disappears, so do those files.

Unversioned content is in the middle of the first list above — between
fully-external content and fully in-repo content — because it isn’t
included in a clone unless you give the `--unversioned` flag. If you
then want updates to the unversioned content to be included in syncs,
you have to give the same flag to [a `sync` command](/help?cmd=sync).
There is no equivalent with other commands such as `up` and `pull`, so
you must then remember to give `fossil uv` commands when necessary to
pull new unversioned content down.

Thus our recommendation that you refer to in-repo resources exclusively.

[du]:   /help?cmd=/doc
[fp]:   ./forum.wiki
[ru]:   /help?cmd=/raw
[spof]: https://en.wikipedia.org/wiki/Single_point_of_failure
[tkt]:  ./tickets.wiki
[tn]:   ./event.wiki
[tls]:  ./server/debian/nginx.md 
[uu]:   /help?cmd=/uv
[uv]:   ./unvers.wiki
[wiki]: ./wikitheory.wiki


## <a id="override"></a>Overriding the Default CSP

If you wish to relax the default CSP’s restrictions or to tighten them
further, there are multiple ways to accomplish that.

The following methods are listed in top-down order to give the simplest
and most straightforward method first.  Further methods dig down deeper
into the stack, which is helpful to understand even if you end up using
a higher-level method.


### <a id="cspsetting"></a>The `default-csp` Setting

If the [`default-csp` setting](/help?cmd=default-csp) is defined and is
not an empty string, its value is injected into the page using
[TH1](./th1.md) via one or more of the methods below, depending on the
skin you’re using and local configuration.

Changing this setting is the easiest way to set a nonstandard CSP on
your site.

contained in the [../src/deltacmd.c|deltacmd.c] source file.  SQL functions
to create, apply, and analyze deltas are implemented by code in the
[../src/deltafunc.c|deltafunc.c] source file.

The following command-line tools are available to create and apply
deltas and to test the delta logic:

   *   [/help?cmd=test-delta|fossil test-delta] → Run self-tests of
       the delta logic

   *   [/help?cmd=test-delta-create|fossil test-delta-create X Y] → compute
       a delta that converts file X into file Y.  Output that delta.

   *   [/help?cmd=test-delta-apply|fossil test-delta-apply X D] → apply
       delta D to input file X and output the result.

   *   [/help?cmd=test-delta-analyze|fossil test-delta-analyze X Y] → compute
       and delta that converts file X into file Y but instead of writing the
       delta to output, write performance information about the delta.

When running the [/help?cmd=sqlite3|fossil sql] command to get an
interactive SQL session connected to the repository, the following
additional SQL functions are provided:

   *   <b>delta_create(</b><i>X</i><b>,</b><i>Y</i><b>)</b> &rarr;
       Compute a data that carries blob X into blob Y and return that delta
       as a blob.

<pre>
<i>&lt;baseurl&gt;</i><big><b>/doc/</b></big><i>&lt;version&gt;</i><big><b>/</b></big><i>&lt;filename&gt;</i>
</pre>

The <i>&lt;baseurl&gt;</i> is the main URL used to access the fossil web server.
For example, the <i>&lt;baseurl&gt;</i> for the fossil project itself is
[https://fossil-scm.org/home].
If you launch the web server using the "[/help?cmd=ui|fossil ui]" command line,
then the <i>&lt;baseurl&gt;</i> is usually
<b>http://localhost:8080/</b>.

The <i>&lt;version&gt;</i> is the
[./checkin_names.wiki|name of a check-in]
that contains the embedded document.  This might be a hash prefix for
the check-in, or it might be the name of a branch or tag, or it might
be a timestamp.  See the prior link
for more possibilities and examples.

The <i id="ckout">&lt;version&gt;</i> can
also be the special identifier "<b>ckout</b>".
The "<b>ckout</b>" keywords means to
pull the documentation file from the local source tree on disk, not
from the any check-in.  The "<b>ckout</b>" keyword
only works when you start your server using the 
"[/help?cmd=server|fossil server]" or "[/help?cmd=ui|fossil ui]"
commands.  The "/doc/ckout" URL is intended to show a preview of
the documentation you are currently editing but have not yet checked in.

The original designed purpose of the "ckout" feature is to allow the
user to preview local changes to documentation before committing the
change.  This is an important facility, since unlike other document
languages like HTML, there is still a lot of variation among rendering

`REQUEST_URI`: If defined, included in error log messages.

`SCRIPT_NAME`: If defined, included in error log messages.

`SSH_CONNECTION`: Informs CGI processing if the remote client is SSH.

`SSL_CERT_FILE`, `SSL_CERT_DIR`: Override the [`ssl-ca-location`]
(/help?cmd=ssl-ca-location) setting.

`SQLITE_FORCE_PROXY_LOCKING`: From `sqlite3.c`, 1 means force always
use proxy, 0 means never use proxy, and undefined means use proxy for
non-local files only.

`SQLITE_TMPDIR`: Names the temporary file location for SQLite.  When
set, this will be used instead of `TMPDIR`.

Release Notes 2021-07-02

This note describes changes in the Fossil snapshot for ...
</verbatim>

The <b>-t|--technote</b> option to the <b>export</b> subcommand takes one of
three identifiers: <b>DATETIME</b>; <b>TECHNOTE-ID</b>; and <b>TAG</b>.
See the [/help?cmd=wiki | wiki help] for specifics.

Users must have check-in privileges (permission "i") in order to
create or edit technotes.  In addition, users must have create-wiki
privilege (permission "f") to create new technotes and edit-wiki
privilege (permission "k") in order to edit existing technotes.

Technote content may be formatted as [/wiki_rules | Fossil wiki],

browser halfway around the world comes with several obligatory caveats
and disclaimers...

## <a id="cap"></a> `/fileedit` Does *Nothing* by Default.

In order to "activate" it, a user with [the "setup"
permission](./caps/index.md) must set the
[fileedit-glob](/help?cmd=fileedit-glob) repository setting to a
comma- or newline-delimited list of globs representing a whitelist of
files which may be edited online. Any user with commit access may then
edit files matching one of those globs. Certain pages within the UI
get an "edit" link added to them when the current user's permissions
and the whitelist both permit editing of that file.

## <a id="csrf"></a> CSRF & HTTP Referrer Headers

</ol>

<h2 id="close-post">Closing Forum Posts</h2>

As of version 2.23, the forum interface supports the notion of
"closing" posts. By default, only users with the [./caps/index.md|'s'
and 'a' capabilities] may close or re-open posts, or reply to closed
posts. If the [/help?cmd=forum-close-policy|forum-close-policy
configuration option] is enabled then users with
[./caps/index.md|forum-moderator permissions] may also perform those
actions.

Closing a post has the following implications:

  *  Only authorized users may edit or respond to such posts, recursively

Git provides file versioning services only, whereas Fossil adds
an integrated [./wikitheory.wiki | wiki],
[./bugtheory.wiki | ticketing & bug tracking],
[./embeddeddoc.wiki | embedded documentation], 
[./event.wiki | technical notes], a [./forum.wiki | web forum],
and a [./chat.md | chat service],
all within a single nicely-designed [./customskin.md|skinnable] web
[/help?cmd=ui|UI],
protected by [./caps/ | a fine-grained role-based
access control system].
These additional capabilities are available for Git as 3rd-party
add-ons, but with Fossil they are integrated into
the design, to the point that it approximates
"[https://github.com/ | GitHub]-in-a-box."

You get the same capability with several other Fossil
sub-commands as well, such as "<tt>fossil all changes</tt>" to get a list of files
that you forgot to commit prior to the end of your working day, across
all repos.

Whenever Fossil is told to modify the local checkout in some destructive
way ([/help?cmd=rm|fossil rm], [/help?cmd=update|fossil update],
[/help?cmd=revert|fossil revert], etc.) Fossil remembers the prior state
and is able to return the check-out directory to that state with a
<tt>fossil undo</tt> command. While you cannot undo a commit in Fossil
— [#history | on purpose!] — as long as the change remains confined to
the local check-out directory only, Fossil makes undo
[https://git-scm.com/book/en/v2/Git-Basics-Undoing-Things|easier than in
Git].

     organizations].
 
  *  <b>No easy drive-by contributions:</b> Git
     [https://www.git-scm.com/docs/git-request-pull|pull requests] offer
     a low-friction path to accepting
     [https://www.jonobacon.com/2012/07/25/building-strong-community-structural-integrity/|drive-by
     contributions]. Fossil's closest equivalents are its unique
     [/help?cmd=bundle|bundle] and [/help?cmd=patch|patch] features, which require higher engagement
     than firing off a PR.⁷ This difference comes directly from the
     initial designed purpose for each tool: the SQLite project doesn't
     accept outside contributions from previously-unknown developers, but
     the Linux kernel does.
 
  *  <b>No rebasing:</b> When your local repo clone syncs changes
     up to its parent, those changes are sent exactly as they were
     committed locally. [#history|There is no rebasing mechanism in
     Fossil, on purpose.]
 
  *  <b>Sync over push:</b> Explicit pushes are uncommon in
     Fossil-based projects: the default is to rely on
     [/help?cmd=autosync|autosync mode] instead, in which each commit
     syncs immediately to its parent repository. This is a mode so you
     can turn it off temporarily when needed, such as when working
     offline. Fossil is still a truly distributed version control system;
     it's just that its starting default is to assume you're rarely out
     of communication with the parent repo.
     <br><br>
     This is not merely a reflection of modern always-connected computing

Because Git commingles the repository data with the initial checkout of
that repository, the default mode of operation in Git is to stick to that
single work/repo tree, even when that's a shortsighted way of working.

Fossil doesn't work that way. A Fossil repository is an SQLite database
file which is normally stored outside the working checkout directory. You can
[/help?cmd=open | open] a Fossil repository any number of times into
any number of working directories. A common usage pattern is to have one
working directory per active working branch, so that switching branches
is done with a <tt>cd</tt> command rather than by checking out the
branches successively in a single working directory.

Fossil does allow you to switch branches within a working checkout
directory, and this is also often done. It is simply that there is no

including all of the messy errors, dead-ends, experimental branches, and
so forth.  One might argue that this
makes the history of a Fossil project "messy," but another point of view
is that this makes the history "accurate."  In actual practice, the
superior reporting tools available in Fossil mean that this incidental mess
is not a factor.

Like Git, Fossil has an [/help?cmd=amend|amend command] for modifying
prior commits, but unlike in Git, this works not by replacing data in
the repository, but by adding a correction record to the repository that
affects how later Fossil operations present the corrected data. The old
information is still there in the repository, it is just overridden from
the amendment point forward.

Fossil lacks almost every other history rewriting mechanism listed on

shun certain committed artifacts, but a person cannot force their local
shun requests into another repo without having admin-level control over
the receiving repo as well. Fossil's shun feature isn't for fixing up
everyday bad commits, it's for dealing with extreme situations: public
commits of secret material, ticket/wiki/forum spam, law enforcement
takedown demands, etc.

There is also the experimental [/help?cmd=purge | <tt>purge</tt>
command], which differs from shunning in ways that aren't especially
important in the context of this document. At a 30000 foot level, you
can think of purging as useful only when you've turned off Fossil's
autosync feature and want to pluck artifacts out of its hash tree before
they get pushed. In that sense, it's approximately the same as
<tt>git rebase -i, drop</tt>. However, given that Fossil defaults to
having autosync enabled [#devorg | for good reason], the purge command

much work gets applied — just one check-in or a whole branch — and the
merge direction.  This is the sort of thing we mean when we point out
that Fossil's command interface is simpler than Git's: there are fewer
concepts to keep track of in your mental model of Fossil's internal
operation.

Fossil's implementation of the feature is also simpler to describe. The
brief online help for <tt>[/help?cmd=merge | fossil merge]</tt> is
currently 41 lines long, to which you want to add the 600 lines of
[./branching.wiki | the branching document]. The equivalent
documentation in Git is the aggregation of the man pages for the above
three commands, which is over 1000 lines, much of it mutually redundant.
(e.g.  Git's <tt>--edit</tt> and <tt>--no-commit</tt> options get
described three times, each time differently.) Fossil's
documentation is not only more concise, it gives a nice split of brief

Forum][ffor].

While we do try to explain Fossil-specific terminology inline here
as-needed, you may find it helpful to skim [the Fossil glossary][gloss].
It will give you another take on our definitions here, and it may help
you to understand some of the other Fossil docs better.

[fbis]:  /help?cmd=bisect
[gbis]:  https://git-scm.com/docs/git-bisect
[ffor]:  https://fossil-scm.org/forum
[fvg]:   ./fossil-v-git.wiki


<a id="mwd"></a>
## Repositories and Checkouts Are Distinct

than `fossil checkout`. That said, one of those differences does match
up with Git users’ expectations: `fossil checkout` doesn’t pull changes
from the remote repository into the local clone as `fossil update` does.
We think this is less broadly useful, but that’s the subject of the next
section.

[ckwf]: ./ckout-workflows.md
[co]:   /help?cmd=checkout


#### <a id="pullup"></a> Update vs Pull

The closest equivalent to [`git pull`][gpull] is not
[`fossil pull`][fpull], but in fact [`fossil up`][up].

In fact, these are the same operation, so they’re the same command in
Fossil. The first form simply allows the `VERSION` to be implicit: the
tip of the current branch.

We think this is a more sensible command design than `git pull` vs
`git checkout`. ([…vs `git checkout` vs `git checkout`!][gcokoan])

[fpull]:   /help?cmd=pull
[gpull]:   https://git-scm.com/docs/git-pull
[gcokoan]: https://stevelosh.com/blog/2013/04/git-koans/#s2-one-thing-well


#### <a id="close" name="dotfile"></a> Closing a Check-Out

The [`fossil close`][close] command dissociates a check-out directory from the

Closing a check-out directory is a rare operation. One use case
is that you’re about to delete the directory, so you want Fossil to forget about it
for the purposes of commands like [`fossil all`][all]. Even that isn’t
necessary, because Fossil will detect that this has happened and forget
the working directory for you.

[all]: /help?cmd=all


#### <a id="worktree"></a> Git Worktrees

There are at least three different ways to get [Fossil-style multiple
check-out directories][mcw] with Git.

Git, not to commend this `.fsl`-at-project-root trick to you. A better
choice would be `~/museum/home/long-established-project.fossil`, if
you’re following [the directory scheme exemplified in the glossary](./glossary.md#repository). That said, it
does emphasize an earlier point: Fossil doesn’t care where you put the
repo DB file or what you name it.


[clone]:  /help?cmd=clone
[close]:  /help?cmd=close
[gloss]:  ./glossary.md
[open]:   /help?cmd=open
[set]:    /help?cmd=setting
[server]: /help?cmd=server
[stash]:  /help?cmd=stash
[undo]:   /help?cmd=undo


## <a id="log"></a> Fossil’s Timeline Is the “Log”

Git users often need to use the `git log` command to dig linearly through
commit histories due to its [weak data model][wdm], giving [O(n)
performance][ocomp].

Granted, that’s rather obscure, but you you can also choose something
intermediate like “`f time desc curr`”, which is reasonably clear.

[35pct]: https://www.sqlite.org/fasterthanfs.html
[btree]: https://sqlite.org/btreemodule.html
[gcn]:   https://git-scm.com/docs/gitrevisions
[infoc]: /help?cmd=info
[infow]: /help?cmd=/info
[ocomp]: https://www.bigocheatsheet.com/
[tlc]:   /help?cmd=timeline
[tlw]:   /help?cmd=/timeline
[up]:    /help?cmd=update
[wdm]:   ./fossil-v-git.wiki#durable


## <a id="dhead"></a> Detached HEAD State

The SQL indexes in Fossil which we brought up above have a useful
side benefit: you cannot have a [detached HEAD state][gdh] in Fossil,

Fossil doesn’t need to be told what to push or where to push it: it just
keeps using the same remote server URL you gave it last
until you [tell it to do something different][rem]. It pushes all
branches, not just one named local branch.

[capt]: ./cap-theorem.md
[rem]:  /help?cmd=remote


<a id="autosync"></a>
## Autosync

Fossil’s [autosync][wflow] feature, normally enabled, has no
equivalent in Git. If you want Fossil to behave like Git, you can turn

diff implementation, bypassing [your local `diff-command` setting][dcset]
since the `--numstat` option has no effect when you have an external diff
command set.

If you leave off the `-v` flag in the second example, the `diffstat`
output won’t include info about any newly-added files.

[dcset]: https://fossil-scm.org/home/help?cmd=diff-command
[dst]:   https://invisible-island.net/diffstat/diffstat.html


<a id="btnames"></a>
## Branch and Tag Names

Fossil has no special restrictions on the names of tags and branches,

release in a project that uses this tagging convention.

[The `fossil git export` command][fge] squashes repeated tags down to a
single instance to avoid confusing Git, exporting only the newest tag,
emulating Fossil’s own ambiguity resolution rule as best it can within
Git’s limitations.

[fge]:  /help?cmd=git
[gcrf]: https://git-scm.com/docs/git-check-ref-format




<a id="cpickrev"></a>
## Cherry-Picking and Reverting Commits

Git’s separate "`git cherry-pick`" and “`git revert`” commands are
options to the [`fossil merge` command][merge]: `--cherrypick` and
`--backout`, respectively. We view this as sensible, since these are
both merge operations, and the two actions differ only in direction.

Unlike in Git, the Fossil file format remembers cherrypicks and backouts
and can later show them as dashed lines on the graphical timeline.

[merge]: /help?cmd=merge



<a id="mvrm"></a>
## File Moves and Renames Are Soft by Default

The "[`fossil mv`][mv]" and "[`fossil rm`][rm]" commands work like they

this setting hasn’t been overridden locally.

If you want to keep Fossil’s soft `mv/rm` behavior most of the time, you
can cast it away on a per-command basis:

    fossil mv --hard old-name new-name

[mv]: /help?cmd=mv
[rm]: /help?cmd=rm


----


## <a id="cvdate" name="cs1"></a> Case Study 1: Checking Out a Version by Date

than archiving the entire checkin.

The commands [`http`][], [`cgi`][], [`server`][], and [`ui`][] that
implement or support with web servers provide a mechanism to name some
files to serve with static content where a list of glob patterns
specifies what content may be served.

[`add`]:       /help?cmd=add
[`addremove`]: /help?cmd=addremove
[`changes`]:   /help?cmd=changes
[`clean`]:     /help?cmd=clean
[`commit`]:    /help?cmd=commit
[`extras`]:    /help?cmd=extras
[`merge`]:     /help?cmd=merge
[`settings`]:  /help?cmd=settings
[`status`]:    /help?cmd=status
[`touch`]:     /help?cmd=touch
[`unset`]:     /help?cmd=unset

[`tarball`]:   /help?cmd=tarball
[`zip`]:       /help?cmd=zip

[`http`]:      /help?cmd=http
[`cgi`]:       /help?cmd=cgi
[`server`]:    /help?cmd=server
[`ui`]:        /help?cmd=ui


### Web Pages that Refer to Globs

The [`/timeline`][] page supports the query parameter `chng=GLOBLIST` that
names a list of glob patterns defining which files to focus the
timeline on. It also has the query parameters `t=TAG` and `r=TAG` that
names a tag to focus on, which can be configured with `ms=STYLE` to
use a glob pattern to match tag names instead of the default exact
match or a couple of other comparison styles.

The pages [`/tarball`][] and [`/zip`][] generate compressed archives
of a specific checkin. They may be further restricted by query
parameters that specify glob patterns that name files to include or
exclude rather than taking the entire checkin.

[`/timeline`]: /help?cmd=/timeline
[`/tarball`]:  /help?cmd=/tarball
[`/zip`]:      /help?cmd=/zip


## Platform Quirks

Fossil glob patterns are based on the glob pattern feature of POSIX
shells. Fossil glob patterns also have a quoting mechanism, discussed
[above](#syntax). Because other parts of your operating system may interpret glob

    $ fossil test-echo setting crlf-glob "*"
    C:\> echo * | fossil test-echo setting crlf-glob --args -

The [`test-glob`][] command is also handy to test if a string
matches a glob pattern.

[`test-echo`]: /help?cmd=test-echo
[`test-glob`]: /help?cmd=test-glob


## Converting `.gitignore` to `ignore-glob`

Many other version control systems handle the specific case of
ignoring certain files differently from Fossil: they have you create
individual "ignore" files in each folder, which specify things ignored

    backup utility.

    As a counterexample, a project tracking your [Vim] configuration
    history is a much better use of Fossil, because it’s all held within
    `~/.vim`, and your user has full rights to that subdirectory.

[AIF]:     https://docs.asciidoctor.org/asciidoc/latest/directives/include/
[IGS]:     /help?cmd=ignore-glob
[IFRS]:    ./image-format-vs-repo-size.md
[tarball]: /help?cmd=tarball
[tw]:      /help?cmd=/tarball
[Vim]:     https://www.vim.org/
[zip]:     /help?cmd=zip
[zw]:      /help?cmd=/zip


## Repository <a id="repository" name="repo"></a>

A single file that contains all historical versions of all files in a
project, which can be [cloned] to other machines and
[synchronized][sync] with them. Jargon: repo.

box "other/" fit
move right 0.1
line dotted right until even with previous line.end
move right 0.05
box invis "clones of Fossil itself, SQLite, etc." ljust
```

[asdis]:   /help?cmd=autosync
[backup]:  ./backup.md
[CAP]:     ./cap-theorem.md
[cloned]:  /help?cmd=clone
[pull]:    /help?cmd=pull
[push]:    /help?cmd=push
[svrcmd]:  /help?cmd=server
[sync]:    /help?cmd=sync

[repository]:   #repo
[repositories]: #repo


## Version / Revision / Hash / UUID <a id="version" name="hash"></a>

  that Fossil will capture only changes to files you’ve [added][add] to
  the [repository], not to everything in [the check-out directory](#co)
  at the time of the snapshot. (Thus [the `extras` command][extras].)
  Contrast a snapshot taken by a virtual machine system or a
  [snapshotting file system][snfs], which captures changes to everything
  on the managed storage volume.

[add]:    /help?cmd=add
[ciname]: ./checkin_names.wiki
[extras]: /help?cmd=extras
[stash]:  /help?cmd=stash
[undo]:   /help?cmd=undo



## Check-out <a id="check-out" name="co"></a>

A set of files extracted from a [repository] that represent a
particular [check-in](#ci) of the [project](#project).

    Fossil plugin for Visual Studio Code][fpvsc] defaults to storing the
    repo clone within the project directory as a file called `.fsl`, but
    this is because VSCode’s version control features assume it’s being
    used with Git, where the repository is the `.git` subdirectory
    contents. With Fossil, [different check-out workflows][cwork] are
    preferred.

[commit]: /help?cmd=commit
[cwork]:  ./ckout-workflows.md
[h2cflp]: https://www.sqlite.org/howtocorrupt.html#_file_locking_problems
[fpvsc]:  https://marketplace.visualstudio.com/items?itemName=koog1000.fossil
[open]:   /help?cmd=open
[mwd]:    ./ckout-workflows.md#mcw
[update]: /help?cmd=update


## <a id="docs"></a>Embedded Documentation

Serving as an alternative to Fossil’s built-in [wiki], the [embedded
documentation feature][edoc] stores the same type of marked-up text
files, but under Fossil’s powerful version control features.

[cin]:  ./checkin_names.wiki
[ctkt]: ./custom_ticket.wiki
[hpol]: ./hashpolicy.wiki
[japi]: ./json-api/
[jart]: ./json-api/api-artifact.md
[jtim]: ./json-api/api-timeline.md
[mset]: /help?cmd=manifest
[th1]:  ./th1.md
[trss]: /help?cmd=/timeline.rss
[tvb]:  ./branching.wiki
[uuid]: https://en.wikipedia.org/wiki/Universally_unique_identifier

automatically switched to "sha3" mode and thereafter generated
only SHA3 hashes.

When a new repository is created by cloning, the hash policy is copied
from the parent.

For new repositories created using the
[/help?cmd=new|fossil new] command the default hash policy is "sha3".
That means new repositories
will normally hold nothing except SHA3 hashes.  The hash policy for new
repositories can be overridden using the "--sha1" option to the
"fossil new" command.

If you are still on Fossil 2.1 through 2.9 but you want Fossil to go
ahead and start using SHA3 hashes, change the hash policy to

<title>Fossil Tips And Usage Hints</title>

A collection of useful hints and tricks in no particular order:

  1.  Click on two nodes of any timeline graph in succession
      to see a diff between the two versions.

  2.  Add the "--tk" option to "[/help?cmd=diff | fossil diff]" commands
      to get a pop-up
      window containing a complete side-by-side diff.  (NB:  The pop-up
      window is run as a separate Tcl/Tk process, so you will need to
      have Tcl/Tk installed on your machine for this to work.  Visit
      [http://www.activestate.com/activetcl] for a quick download of
      Tcl/Tk if you do not already have it on your system.)

  3.  The "[/help/clean | fossil clean -x]" command is a great
      alternative to "make clean". You can use "[/help/clean | fossil clean -f]"
      as a slightly safer alternative if the "ignore-glob" setting is
      not set. WARNING: make sure you did a "fossil add" for all source-files
      you plan to commit, otherwise those files will be deleted without warning.

  4.  Use "[/help?cmd=all | fossil all changes]" to look for any uncommitted
      edits in any of your Fossil projects.  Use
      "[/help?cmd=all | fossil all pull]" on your laptop
      prior to going off network (for example, on a long plane ride)
      to make sure you have all the latest content locally.  Then run
      "[/help/all|fossil all push]" when you get back online to upload
      your changes.

  5.  To see an entire timeline, type "all" into the "Max:" entry box.

  6.  You can manually add a "c=CHECKIN" query parameter to the timeline
      URL to get a snapshot of what was going on about the time of some
      check-in.  The "CHECKIN" can be
      [./checkin_names.wiki | any valid check-in or version name], including
      tags, branch names, and dates.  For example, to see what was going
      on in the Fossil repository on 2008-01-01, visit
      [/timeline?c=2008-01-01].

  7.  Further to the previous two hints, there are lots of query parameters
      that you can add to timeline pages.  The available query parameters
      are tersely documented [/help?cmd=/timeline | here].

  8.  You can run "[/help?cmd=xdiff | fossil xdiff --tk $file1 $file2]"
      to get a Tk pop-up window with side-by-side diffs of two files, even if
      neither of the two files is part of any Fossil repository.  Note that
      this command is "xdiff", not "diff".  Change <nobr>--tk</nobr> to
      <nobr>--by</nobr> to see the diff in your web browser.

  9.  On web pages showing the content of a file (for example
      [/artifact/c7dd1de9f]) you can manually

      a mimetype of text/plain, of course.

  10.  When editing documentation to be checked in as managed files, you can
       preview what the documentation will look like by using the special
       "ckout" branch name in the "doc" URL while running "fossil ui".
       See the [./embeddeddoc.wiki | embedded documentation] for details.

  11.  Use the "[/help?cmd=ui|fossil ui /]" command to bring up a menu of
       all of your local Fossil repositories in your web browser.

  12.  If you have a bunch of Fossil repositories living on a remote machine
       that you are able to access using ssh using a command like
       "ssh login@remote", then you can bring up a user interface for all
       those remote repositories using the command:
       "[/help?cmd=ui|fossil ui login@remote:/]".  This works by tunneling
       all HTTP traffic through SSH to the remote machine.

interchange formats, and so for compatibility, use of the
--git option is recommended.

<a id="fx_git"></a>
Note that in new imports, Fossil defaults to using the email component of the
Git <em>committer</em> (or <em>author</em> if <code>--use-author</code> is
passed) to attribute check-ins in the imported repository. Alternatively, the
[/help?cmd=import | <code>--attribute</code>] option can be passed to have all
commits by a given committer attributed to a desired username. This will create
and populate the new <code>fx_git</code> table in the repository database to
maintain a record of correspondent usernames and email addresses that can be
used in subsequent exports or incremental imports.

<h3>Converting Repositories on Windows</h3>

<a id="intermap"></a>
## Intermap

The intermap defines a mapping from interwiki Tags to full URLs.  The
Intermap can be viewed and managed using the [fossil interwiki][iwiki]
command or the [/intermap][imap] webpage.

[iwiki]: /help?cmd=interwiki
[imap]: /intermap

The current intermap for a server is seen on the [/intermap][imap] page
(which is read-only for non-Setup users) and at the bottom of the built-in
[Fossil Wiki rules](/wiki_rules) and [Markdown rules](/md_rules)
documentation pages.

     shows up in the "References" section of the target check-in.
     ([example](31af805348690958).  In other words, Fossil tracks not just
     "_source→target_", but it also tracks "_target→source_".
     But backtracking does not work for interwiki links, since the Fossil
     running on the target has no way of scanning the source text and
     hence has no way of knowing that it is a target of a link from the source.

[fcfg]: /help?cmd=config

## Intermap Storage Details

The intermap is stored in the CONFIG table of the repository database,
in entries with names of the form "<tt>interwiki:</tt><i>Tag</i>".  The
value for each such entry is a JSON string that defines the base URL
and extensions for Hash and Wiki links.

## See Also

  1. [](https://www.mediawiki.org/wiki/Manual:Interwiki)
  2. [](https://duckduckgo.com/?q=interwiki+links&ia=web)

[2cbsd]:  https://fossil-scm.org/home/doc/trunk/COPYRIGHT-BSD2.txt
[ciu]:    https://caniuse.com/
[cskin]:  ./customskin.md
[dcsp]:   ./defcsp.md
[es2015]: https://ecma-international.org/ecma-262/6.0/
[es6dep]: https://caniuse.com/#feat=es6
[fcgi]:   /help?cmd=cgi
[ffor]:   https://fossil-scm.org/forum/
[flic]:   /doc/trunk/COPYRIGHT-BSD2.txt
[fshome]: /doc/trunk/www/server/
[fslpl]:  /doc/trunk/www/fossil-v-git.wiki#portable
[fsrc]:   https://fossil-scm.org/home/file/src
[fsrv]:   /help?cmd=server
[hljs]:   https://fossil-scm.org/forum/forumpost/9150bc22ca
[ie11x]:  https://techcommunity.microsoft.com/t5/microsoft-365-blog/microsoft-365-apps-say-farewell-to-internet-explorer-11-and/ba-p/1591666
[ns]:     https://noscript.net/
[pjs]:    https://fossil-scm.org/forum/forumpost/1198651c6d
[s1]:     https://blockmetry.com/blog/javascript-disabled
[s2]:     https://gds.blog.gov.uk/2013/10/21/how-many-people-are-missing-out-on-javascript-enhancement/
[s3]:     https://w3techs.com/technologies/overview/client_side_language/all

  ...write, write, write yet more...
:w !fossil wiki commit -                 # vi buffer updates article
```

Extending this concept to other text editors is an exercise left to the
reader.

[fwc]: /help?cmd=wiki
[fwt]: ./wikitheory.wiki


### <a id="fedit"></a>The File Editor

Fossil’s [optional file editor feature][fedit] works
much like [the new wiki editor](#wedit), only on files committed to the

### <a id="ln"></a>Line Numbering

When viewing source files, Fossil offers to show line numbers in some
cases. ([Example][mainc].) Toggling them on and off is currently handled
in JavaScript, rather than forcing a page-reload via a button click.

_Workaround:_ Manually edit the URL to give the “`ln`” query parameter
per [the `/file` docs](/help?cmd=/file).

_Potential Better Workaround:_ Someone sufficiently interested could
[provide a patch][cg] to add a `<noscript>` wrapped HTML button that
would reload the page with this parameter included/excluded to implement
the toggle via a server round-trip.

A related feature is Fossil’s JavaScript-based interactive method

-   **Binary data:** JSON is a text serialization method, and it takes
    up the “payload” area of each HTTP request, so there is no
    reasonable way to include binary data in the JSON message without
    some sort of codec like Base64, for which there is no provision in
    the current JSON API. You will therefore find no JSON API for
    committing changes to a file in the repository, for example. Other
    Fossil APIs such as [`/raw`](/help?cmd=/raw) or
    [`/fileedit`](../fileedit-page.md) may serve you better.
-   **64-bit integers:** The JSON standard does not specify integer precision,
    because it targets many different platforms, and not all of
    them can support more than 32 bits. JavaScript (from which JSON
    derives) supports 53 bits of integer precision, which may affect how
    a given client-side JSON implementation sends large integers to Fossil’s JSON
    API. Our JSON parser can cope with integers larger than 32 bits on input, and it

unable to find the load average. This can either be because it is in a
`chroot(2)` jail without `/proc` access, or because it is running on a
system that does not support `getloadavg()` and so the load-average
limiter will not function.


[503]: http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.5.4
[hte]: /help?cmd=/test-env
[gla]: https://linux.die.net/man/3/getloadavg
[lin]: http://www.linode.com
[sh]:  ./selfhost.wiki

  6.  shell.c

All three SQLite source files are byte-for-byte copies of files by
the same name in the
standard [http://www.sqlite.org/amalgamation.html | amalgamation].
The sqlite3.c file implements the database engine.  The shell.c file
implements the command-line shell, which is accessed in fossil using
the [/help?cmd=sqlite3 | fossil sql] command.

The shell.c command-line shell uses the [https://github.com/antirez/linenoise |
linenoise] library to implement line editing.  linenoise comprises two
source files which were copied from the upstream repository with only
very minor portability edits:

  7.  linenoise.c

byte-array constants that contain various resources such as scripts and
images.  The builtin_data.h header file is generated from the original
resource files using a small program called:

  12   [/file/tools/mkbuiltin.c | mkbuiltin.c]

Examples of built-in resources include the [/file/src/diff.tcl | diff.tcl]
script used to implement the --tk option to [/help?cmd=diff| fossil diff],
the [/file/src/markdown.md | markdown documentation], and the various
CSS scripts, headers, and footers used to implement built-in skins.  New
resources files are added to the "extra_files" variable in
[/file/tools/makemake.tcl | makemake.tcl].

The src/ subdirectory also contains documentation about the
makeheaders preprocessor program:

  *  -DSQLITE_LIKE_DOESNT_MATCH_BLOBS=1
  *  -DSQLITE_THREADSAFE=0
  *  -DSQLITE_DEFAULT_FILE_FORMAT=4
  *  -DSQLITE_ENABLE_EXPLAIN_COMMENTS=1

The first three symbol definitions above are required; the others are merely
recommended.  Extension loading is omitted as a security measure. The dbstat
virtual table is needed for the [/help?cmd=/repo-tabsize|/repo-tabsize] page.
FTS4 is needed for the search feature.  Fossil is single-threaded so mutexing
is disabled in SQLite as a performance enhancement.  The
SQLITE_ENABLE_EXPLAIN_COMMENTS option makes the output of "EXPLAIN" queries
in the  "[/help?cmd=sqlite3|fossil sql]" command much more readable.

When compiling the shell.c source file, these macros are required:

  *  -Dmain=sqlite3_main
  *  -DSQLITE_OMIT_LOAD_EXTENSION=1

The "main()" routine in the shell must be changed into sqlite3_main()

The $ROOT prefix on markdown links is superfluous.  The same link
works without the $ROOT prefix.  (Though: the $ROOT prefix is required
for HTML documents.)

  *   Timeline:  [](/timeline)

  *   Help: [](/help?cmd=help)

  *   Site-map:  [](/sitemap)

## The Magic $CURRENT Document Version Translation

In URI text of the form `.../doc/$CURRENT/...` the
$CURRENT value is converted to the version number of the document

# Limitations On Git Mirrors

The "<tt>[fossil git export](/help?cmd=git)</tt>" command can be used to
mirror a Fossil repository to Git.
([Setup instructions](./mirrortogithub.md) and an
[example](https://github.com/drhsqlite/fossil-mirror).)
But the export to Git is not perfect. Some information is lost during
export due to limitations in Git.  This page describes what content of
Fossil is not included in an export to Git.

     Fossil [UI][ui] browser window or with the [`user contact`][usercmd]
     subcommand on the command line. Alternatively, if this repository was
     previously imported from Git using the [`--attribute`][attr] option, the
     [`fx_git`][fxgit] table will be queried for correspondent email addresses.
     Only if neither of these methods produce a user specified email will the
     abovementioned generic address be used.

[attr]: /help?cmd=import
[fxgit]: ./inout.wiki#fx_git
[ui]: /help?cmd=ui
[usercmd]: /help?cmd=user


## <a id='ex1'></a>Example GitHub Mirrors

As of this writing (2019-03-16) Fossil’s own repository is mirrored
on GitHub at:

"developer", "reader", or "nobody" and the authentication protocol
for "anonymous" uses one-time captchas not persistent passwords.

<h2>Web Interface Authentication</h2>

When a user logs into Fossil using the web interface, the login name
and password are sent in the clear to the server.  For most modern fossil
server setups with [/help?cmd=redirect-to-https|redirect-to-https] enabled,
this will be protected by the
SSL connection over HTTPS so it cannot be easily viewed. The server then
hashes the password and compares it against the value stored in USER.PW.
If they match, the server sets a cookie on the client to record the
login.  This cookie contains a large amount of high-quality randomness
and is thus intractable to guess.  The value of the cookie and the IP
address of the client is stored in the USER.COOKIE and USER.IPADDR fields

# The "fossil patch" command

The "[fossil patch](/help?cmd=patch)" command is designed to transfer
uncommitted changes from one check-out to another, including transfering
those changes to other machines.

For example, if you are working on a Windows desktop and you want to
test your changes on a Linux server before you commit, you can use the
"fossil patch push" command to make a copy of all your changes on the
remote Linux server:

<div class="sidebar">
To avoid generating a missing artifact
reference on peer repositories without the private branch, the merge parent
is not recorded when merging the private branch into a public branch.  As a
consequence, the web UI timeline does not draw a merge line from the private
merge parent to the public merge child.  Moreover, repeat private-to-public
merge operations (without the [/help?cmd=merge | --force option]) with files
added on the private branch may only work once, but later abort with
"WARNING: no common ancestor for FILE", as the parent-child relationship is
not recorded. (See the [/doc/trunk/www/branching.wiki | Branching, Forking,
Merging, and Tagging] document for more information.)
</div>

The <code>--integrate</code> option of <code>fossil merge</code> (to close

the repository, being what you get when you "fossil open" a repository
without specifying a version, populating the working directory.

To see the most recent changes made to the repository by other users, use "fossil timeline" to
find out the most recent commit, and then "fossil diff" between that commit and the
current tree:

<pre><b>fossil timeline
=== 2021-03-28 === 
03:18:54 [ad75dfa4a0] *CURRENT* Added details to frobnicate command (user: user-one tags: trunk) 
=== 2021-03-27 === 
23:58:05 [ab975c6632] Update README.md. (user: user-two tags: trunk) 
     ⋮ 

fossil diff --from current --to ab975c6632
Index: frobnicate.c
============================================================
--- frobnicate.c
+++ frobnicate.c
@@ -1,10 +1,11 @@
+/* made a change to the source file */
# Original text
</b></pre>

"current" is an alias for the checkout version, so the command
"fossil diff --from ad75dfa4a0 --to ab975c6632" gives identical results.

To commit your changes to a local-only repository:

<pre><b>fossil commit</b>     <i>(... Fossil will start your editor, if defined)</i><b>

(Contrast the [#server | many <i>other</i> ways] of setting Fossil up
as an HTTP server, where the repo DB is on the other side of the HTTP
server wall, inaccessible by all means other than Fossil's own
mediation. For this reason, the "localhost bypasses access control"
policy does <i>not</i> apply to these other interfaces. That is a very
good thing, since without this difference in policy, it would be unsafe
to bind a [/help?cmd=server | <b>fossil server</b>] instance to
localhost on a high-numbered port and then reverse-proxy it out to the
world via HTTPS, a practice this author does engage in, with confidence.)

Once you are finished configuring Fossil, you may safely Control-C out
of the <b>fossil&nbsp;ui</b> command to shut down this privileged
built-in web server. Moreover, you may by grace of SQLite do this <i>at
any time</i>: all changes are either committed durably to the repo DB or

developers to make intuitive leaps that the original developer was
unable to make. In other words, you are asking your future maintenance
developers to be smarter than the original developers!  That's a
beautiful wish, but there's a sharp limit to how far you can carry it.
Eventually you hit the limits of human brilliance.

When the operation of some bit of code is not obvious, both Fossil and
Git let you run a [`blame`](/help?cmd=blame) on the code file to get
information about each line of code, and from that which check-in last
touched a given line of code. If you squash the check-ins on a branch
down to a single check-in, you throw away the information leading up to
that finished form. Fossil not only preserves the check-ins surrounding
the one that included the line of code you're trying to understand, its
[superior data model][sdm] lets you see the surrounding check-ins in
both directions; not only what lead up to it, but what came next. Git

/usr/local/bin/fossil all sync -u
</pre>

Server (2) is a
<a href="http://www.linode.com/">Linode</a> located in Newark, NJ
and set up just like the canonical server (1) with the addition of a
cron job for synchronization.  The same cron job also runs the
[/help?cmd=git|fossil git export] command after each sync in order to
[./mirrortogithub.md#ex1|mirror all changes to GitHub].

Fossil server, with links to more detailed instructions specific to
particular systems, should you want extra help.</p>


<h2 id="prep">Repository Prep</h2>

<p>Prior to serving a Fossil repository to others, consider running <a
href="$ROOT/help?cmd=ui"><tt>fossil ui</tt></a> locally and taking these
minimum recommended preparation steps:</p>

<ol>
  <li><p>Fossil creates only one user in a <a
  href="$ROOT/help?cmd=new">new repository</a> and gives it the <a
  href="../caps/admin-v-setup.md#apsu">all-powerful Setup capability</a>.
  The 10-digit random password generated for that user is fairly strong
  against remote attack, even without explicit password guess rate
  limiting, but because that user has so much power, you may want to
  give it a much stronger password under Admin → Users.</a></li>

  <li><p>Run the Admin → Security-Audit tool to verify that other

<h3 id="cgi">CGI</h3>

<p>Most ordinary web servers can <a href="any/cgi.md">run Fossil as a
CGI script</a>. This method is known to work with Apache,
<tt>lighttpd</tt>, and <a
href="any/althttpd.md"><tt>althttpd</tt></a>.  The Fossil server
administrator places a <a href="$ROOT/help?cmd=cgi">short CGI script</a> in
the web server's document hierarchy and when a client requests the URL
that corresponds to that script, Fossil runs and generates the
response.</p>

<p>CGI is a good choice for merging Fossil into an existing web site,
particularly on hosts that have CGI set up and working.
The Fossil <a href="../selfhost.wiki">self-hosting repositories</a> are
implemented with CGI underneath <tt>althttpd</tt>.</p>

<h3 id="slist">Socket Listener</h3>

<p>Socket listener daemons such as
<a id="inetd" href="any/inetd.md"><tt>inetd</tt></a>, <a id="xinetd"
href="any/xinetd.md"><tt>xinetd</tt></a>, <a id="stunnel"
href="any/stunnel.md"><tt>stunnel</tt></a>, <a
href="macos/service.md"><tt>launchd</tt></a>, and <a
href="debian/service.md"><tt>systemd</tt></a>
can be configured to invoke the the
<a href="$ROOT/help?cmd=http"><tt>fossil http</tt></a> command to handle
each incoming HTTP request.  The "<tt>fossil http</tt>" command reads
the HTTP request off of standard input, computes an appropriate
reply, and writes the reply on standard output.  There is a separate
invocation of the "<tt>fossil http</tt>" command for each HTTP request.
The socket listener daemon takes care of relaying content to and from
the client, and (in the case of <a href="any/stunnel.md">stunnel</a>) 
handling TLS decryption and encryption.

<h3 id="standalone">Stand-alone HTTP Server</h3>

<p>This is the <a href="any/none.md">easiest method</a>.
A stand-alone server uses the
<a href="$ROOT/help?cmd=server"><tt>fossil server</tt></a> command to run a
process that listens for incoming HTTP requests on a socket and then
dispatches a copy of itself to deal with each incoming request. You can
expose Fossil directly to the clients in this way or you can interpose a
<a href="https://en.wikipedia.org/wiki/Reverse_proxy">reverse proxy</a>
layer between the clients and Fossil.</p>

<h3 id="scgi">SCGI</h3>

<p>The Fossil standalone server can also handle <a href="any/scgi.md">SCGI</a>.
When the <a href="$ROOT/help?cmd=server"><tt>fossil server</tt></a> command is
run with the extra <tt>--scgi</tt> option, it listens for incoming
SCGI requests rather than HTTP requests. This allows Fossil to
respond to requests from web servers <a href="debian/nginx.md">such as
nginx</a> that don't support CGI. SCGI is a simpler protocol to proxy
than HTTP, since the HTTP doesn't have to be re-interpreted in terms of
the proxy's existing HTTP implementation, but it's more complex to set
up because you also have to set up an SCGI-to-HTTP proxy for it. It is

  <li><p>If the repository includes <a
  href="../embeddeddoc.wiki">embedded documentation</a>, consider
  activating the search feature (Admin → Search) so that visitors can do
  full-text search on your documentation.</p></li>

  <li><p>Now that others can be making changes to the repository,
  consider monitoring them via <a href="../alerts.md">email alerts</a>
  or the <a href="$ROOT/help?cmd=/timeline.rss">timeline RSS
  feed</a>.</p></li>

  <li><p>Turn on the various logging features.</p></li>
</ol>

<p>Reload the Admin → Security-Audit page occasionally during this
process to double check that you have not mistakenly configured the

your system by accessing the `/test-env` webpage. 
Excluding this subdirectory will avoid certain rare failures where the
fossil.exe process is unable to use the directory normally during a scan.

### <a id='PowerShell'></a>Advanced service installation using PowerShell

As great as `fossil winsrv` is, it does not have one to one reflection of all of
the `fossil server` [options](/help?cmd=server).  When you need to use some of
the more advanced options, such as `--https`, `--skin`, or `--extroot`, you will
need to use PowerShell to configure and install the Windows service.

PowerShell provides the [New-Service](https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.management/new-service?view=powershell-5.1)
command, which we can use to install and configure Fossil as a service.  The
below should all be entered as a single line in an Administrative PowerShell
console.

```PowerShell
New-Service -Name fossil -DisplayName fossil -BinaryPathName '"C:\Program Files\FossilSCM\fossil.exe" server --port 8080 --repolist "D:/Path/to/Repos"' -StartupType Automatic
```

Please note the use of forward slashes in the repolist path passed to Fossil.
Windows will accept either back slashes or forward slashes in path names, but
Fossil has a preference for forward slashes.  The use of `--repolist` will make
this a multiple repository server.  If you want to serve only a single
repository, then leave off the `--repolist` parameter and provide the full path
to the proper repository file. Other options are listed in the
[fossil server](/help?cmd=server) documentation.

The service will be installed by default to use the Local Service account.
Since Fossil only needs access to local files, this is fine and causes no
issues.  The service will not be running once installed.  You will need to start
it to proceed (the `-StartupType Automatic` parameter to `New-Service` will
result in the service auto-starting on boot).  This can be done by entering

Files in the DOCUMENT_ROOT are accessed via URLs like this:

<pre>
    https://example-project.org/ext/<i>FILENAME</i>
</pre>

In other words, access files in DOCUMENT_ROOT by appending the filename
relative to DOCUMENT_ROOT to the [/help?cmd=/ext|/ext]
page of the Fossil server.

  *  Files that are readable but not executable are returned as static
     content.

  *  Files that are executable are run as CGI.

the user upload a file using a form, and then displays that file in the reply.
There is a link on the page that causes the fileup1 script to return a copy
of its own source-code, so you can see how it works.

<h3>2.3 Example #3</h3>

For Fossil versions dated 2025-03-23 and later, the "--extpage FILENAME"
option to the [/help?cmd=ui|fossil ui] command is a short cut that treats
FILENAME as a CGI extension.  When the ui command starts up a new web browser
pages, it points that page to the FILENAME extension.  So if FILENAME is
a static content file (such as an HTML file or 
[/md_rules|Markdown] or [/wiki_rules|Wiki] document), then the
rendered content of the file is displayed.  Meanwhile, the user can be
editing the source text for that document in a separate window, and
periodically pressing "Reload" on the web browser to instantly view the

# SSL/TLS Server Mode

## History

Fossil has supported [client-side SSL/TLS][0] since [2010][1].  This means
that commands like "[fossil sync](/help?cmd=sync)" could use SSL/TLS when
contacting a server.  But on the server side, commands like
"[fossil server](/help?cmd=server)" operated in clear-text only.  To implement
an encrypted server, you had to put Fossil behind a web server or reverse
proxy that handled the SSL/TLS decryption/encryption and passed cleartext
down to Fossil.

[0]: ./ssl.wiki
[1]: /timeline?c=b05cb4a0e15d0712&y=ci&n=13

Beginning in [late December 2021](/timeline?c=f6263bb64195b07f&y=a&n=13),
Fossil servers are now able to converse directly over TLS.  Commands like

  * "[fossil server](/help?cmd=server)"
  * "[fossil ui](/help?cmd=ui)", and
  * "[fossil http](/help?cmd=http)"

may now handle the encryption natively when suitably configured, without
requiring a third-party proxy layer.

## <a id="usage"></a>Usage

To put any of the Fossil server commands into SSL/TLS mode, simply

that if you have a PEM-formatted private key and a separate PEM-formatted
certificate, you can concatenate the two into a single file, and the
individual components will still be easily accessible.

### <a id="cat"></a>Separate or Concatenated?

Given a single concatenated file that holds both your private key and your
cert, you can hand it off to the "[fossil server](/help?cmd=server)"
command using the `--cert` option, like this:

    fossil server --port 443 --cert mycert.pem /home/www/myproject.fossil

The command above is sufficient to run a fully-encrypted web site for
the "myproject.fossil" Fossil repository.  This command must be run as
root, since it wants to listen on TCP port 443, and only root processes are

  6.  It then deletes the secret one-time-use token it used to prove
      domain control. ACME’s design precludes replay attacks.

In order for all of this to happen, certbot needs to be able to create
a subdirectory named ".well-known", within a directory you specify,
then populate that subdirectory with a token file of some kind.  To support
this, the "[fossil server](/help?cmd=server)" and
"[fossil http](/help?cmd=http)" commands have the --acme option.

When specified, Fossil sees a URL where the path
begins with ".well-known", then instead of doing its normal processing, it
looks for a file with that pathname and returns it to the client.  If
the "server" or "http" command is referencing a single Fossil repository,
then the ".well-known" sub-directory should be in the same directory as
the repository file.  If the "server" or "http" command are run against

employed that usually reduce the number of hashes that need to be
shared to a few dozen.

Each repository also has local state.  The local state determines
the web-page formatting preferences, authorized users, ticket formats,
and similar information that varies from one repository to another.
The local state is not usually transferred during a sync.  Except,
some local state is transferred during a [/help?cmd=clone|clone]
in order to initialize the local state of the new repository.  Also,
an administrator can sync local state using
the [/help?cmd=configuration|config push] and
[/help?cmd=configuration|config pull]
commands.

<h3 id="crdt">1.1 Conflict-Free Replicated Datatypes</h3>

The "bag of artifacts" data model used by Fossil is apparently an
implementation of a particular
[https://en.wikipedia.org/wiki/Conflict-free_replicated_data_type|Conflict-Free

All communication between client and server is via HTTP requests.
The server is listening for incoming HTTP requests.  The client
issues one or more HTTP requests and receives replies for each
request.

The server might be running as an independent server
using the [/help?cmd=server|"fossil server" command], or it
might be launched from inetd or xinetd using the
[/help?cmd=http|"fossil http" command].  Or the server might
be [./server/any/cgi.md|launched from CGI] or from
[./server/any/scgi.md|SCGI].
(See "[./server/|How To Configure A Fossil Server]" for details.)
The specifics of how the server listens
for incoming HTTP requests is immaterial to this protocol.
The important point is that the server is listening for requests and
the client is the issuer of the requests.

A single [/help?cmd=push|push],
[/help?cmd=pull|pull], or [/help?cmd=sync|sync]
might involve multiple HTTP requests.
The client maintains state between all requests.  But on the server
side, each request is independent.  The server does not preserve
any information about the client from one request to the next.

Note: Throughout this article, we use the terms "server" and "client"
to represent the listener and initiator of the interaction, respectively.

The second case is the one that usually determines the name. Note that the
FOSSIL_HOME environment variable can always be set to determine the 
location of the configuration database.  Note also that the configuration
database file itself is called ".fossil" or "fossil.db" on unix but
"_fossil" on windows.

The [/help?cmd=info|fossil info] command will show the location of
the configuration database on a line that starts with "config-db:".

<h3>2.2 Repository Databases</h3>

The repository database is the file that is commonly referred to as
"the repository".  This is because the repository database contains,
among other things, the complete revision, ticket, and wiki history for

Beginning with Fossil version 2.26 (circa 2025), TH1 distinguishes between
"tainted" and "untainted" strings.  Tainted strings are strings that are
derived from user inputs that might contain text that is designed to subvert
the script.  Untainted strings are known to come from secure sources and
are assumed to contain no malicious content.

Beginning with Fossil version 2.26, and depending on the value of the
[vuln-report setting](/help?cmd=vuln-report), TH1 will prevent tainted
strings from being used in ways that might lead to XSS or SQL-injection
attacks.  This feature helps to ensure that XSS and SQL-injection
vulnerabilities are not *accidentally* added to Fossil when
custom TH1 scripts for headers or footers or tickets are added to a
repository.  Note that the tainted/untainted distinction in strings does
not make it impossible to introduce XSS and SQL-injections vulnerabilities
using poorly-written TH1 scripts; it just makes it more difficult and

Unversioned files are intended to be accessible as web pages using
URLs of the form: "<tt>https://example.com/cgi-script/<b>uv</b>/<i>FILENAME</i></tt>".
In other words, the URI method "<b>uv</b>" (short for "unversioned")
followed by the name of the unversioned file will retrieve the content
of the file.  The MIME type is inferred from the filename suffix.

The content of unversioned files can also be retrieved using the
[/help?cmd=unversioned|fossil unvers cat <i>FILENAME...</i>]
or [/help?cmd=unversioned|fossil unvers export <i>FILENAME</i>] commands.

A list of all unversioned files on a server can be seen using
the [/help?cmd=/uvlist|/uvlist] URL.  ([/uvlist|example].)

<h2>Syncing Unversioned Files</h2>

Unversioned content does not sync between repositories by default.
One must request it via commands such as:

<pre>
fossil sync <b>-u</b>
fossil clone <b>-u</b> <i>URL local-repo-name</i>
fossil unversioned sync
</pre>

The [/help?cmd=sync|fossil sync] and [/help?cmd=clone|fossil clone]
commands will synchronize unversioned content if and only if they're
given the "-u" (or "--unversioned") command-line option.  The
[/help?cmd=unversioned|fossil unversioned sync] command synchronizes the
unversioned content without synchronizing anything else.

Notice that the "-u" option does not work on
[/help?cmd=push|fossil push] or [/help?cmd=pull|fossil pull].
The "-u" option is only available on "sync" and "clone".
A rough equivalent of an unversioned pull would be the
[/help?cmd=unversioned|fossil unversioned revert] command.  The
"unversioned revert"
command causes the unversioned content on the local repository to be
overwritten by the unversioned content found on the remote repository.