Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
50 descendants and 50 ancestors of dcd8f1d8f494601a
|
2019-09-12
| ||
| 16:51 | Use strspn() to improve the performance of validate16(). check-in: c550d6e021 user: drh tags: trunk | |
| 16:43 | Add the --limit N option to the test-parse-all-blobs test command, so that we can easily limit the run-time of that command for cachegrind performance testing. check-in: 52211ccc2f user: drh tags: trunk | |
| 16:31 | Performance optimization in the control artifact parser. check-in: 3d802ec514 user: drh tags: trunk | |
| 07:31 | Add the lock-timeout setting. check-in: 6d3daf74e3 user: drh tags: trunk | |
|
2019-09-10
| ||
| 11:30 | Performance optimization in fossil_strcmp(). check-in: 72a4b61347 user: drh tags: trunk | |
|
2019-09-07
| ||
| 15:03 | Adjust test case for TH1 permissions tests. WrUnver (y) is not enabled by default and must be intentionally set. check-in: 582d335737 user: andybradford tags: trunk | |
|
2019-09-06
| ||
| 20:38 | Minor editorial changes to rebaseharm.md, in an attempt to improve clarity and readability. check-in: 9b32c180eb user: drh tags: trunk | |
| 14:39 | Fix a typo in the rebaseharm.md document. check-in: 82f75864d5 user: drh tags: trunk | |
| 14:01 | Include new repolist-skin setting in list of all settings so tests will pass. check-in: 2e3bffaa7d user: andybradford tags: trunk | |
| 13:49 | Add the noreadme query parameter to /dir check-in: bf3383b957 user: drh tags: trunk | |
| 10:36 | makeheaders.c: suggestions from https://fossil-scm.org/forum/forumpost/00ff64e63e: do not emit main() decl, elide C++ constructor member initialization, and add a missing fclose(). check-in: 9512ed93d3 user: stephan tags: trunk | |
|
2019-09-05
| ||
| 13:33 | Remove the "Draft" notation from the rebase document. Link the new document into the documentation index. check-in: 569cc741d6 user: drh tags: trunk | |
| 03:45 | Replaced ASCII art diagrams in the new rebase document with yEd SVG diagrams. Same semantic content. check-in: d6222f8945 user: wyoung tags: trunk | |
| 02:33 | Upper-case query parameter, POST parameter, and cookie names are converted to lower-case prior to entering them into the parameter set. Before this change, upper-case names were silently rejected. check-in: 19bbd2c5ea user: drh tags: trunk | |
| 02:31 | Minor tweaks prior to merging. Closed-Leaf check-in: 4231d4b634 user: drh tags: noJsonCgiFlag | |
| 02:29 | Fixed a bug introduced in [bcdc4c55] which breaks capabilities for all Admin and Setup users. check-in: a6ffdaf2c1 user: wyoung tags: trunk | |
| 01:39 | Correct a minor grammatical error in a sentence for new rebase document. check-in: 049c42df2a user: andybradford tags: trunk | |
| 01:33 | An extension of the now-merged code-in-pre branch to allow it to work on /artifact pages and such when the ln parameter is given. This branch is a proof of concept only, for demonstrating a point and experimentation, not to be merged. See [https://fossil-scm.org/forum/forumpost/0c4b91b48a | the forum discussion] for details. Closed-Leaf check-in: a65834a727 user: wyoung tags: code-in-pre-with-ln | |
| 00:41 | Fixed a few spelling and grammar errors in www/rebaseharm.md check-in: 708696d88a user: wyoung tags: trunk | |
|
2019-09-04
| ||
| 23:44 | Small tweaks to previous. check-in: 1ff41ddaea user: wyoung tags: trunk | |
| 23:37 | Updated caps docs to cover the two "missing" caps on Admin and Setup users better, including this recent decision to deny them cap x. This check-in also fixes a number of links broken within these docs during the stage where we were breaking the docs up and moving things around, which should have been caught before merging this down to trunk. check-in: 8a77f4593e user: wyoung tags: trunk | |
| 22:46 | Removed 'x' from the string of caps reported for Admin and Setup users in capability_expand(), which is used within the SQLite extension function fullcaps(), which among other things affects the output of /setup_ucap_list. We were still reporting that Admin and Setup users have Private capability despite [bcdc4c55]. check-in: 63581ec8ba user: wyoung tags: trunk | |
| 21:01 | Remove a spurious line from the header comment of the makeheaders.c utility program. check-in: d5a6ea969c user: drh tags: trunk | |
| 20:09 | Add section numbers to the Rebase document. check-in: 237bde9638 user: drh tags: trunk | |
| 20:02 | More typo fixes in the Rebase document. check-in: aaacce23cd user: drh tags: trunk | |
| 20:01 | Merge updates from trunk. check-in: 20c64950a9 user: mistachkin tags: noJsonCgiFlag | |
| 19:56 | Setup and Admin users should not automatically have have the Private capability. This reverses the principal change from check-in [b241130222]. check-in: bcdc4c5546 user: mistachkin tags: trunk | |
| 19:34 | Fix a typo in the Rebase document. check-in: 18e58e29cc user: drh tags: trunk | |
| 19:23 | Minor edits to Rebase Considered Harmful, for clarity. check-in: a2ea815183 user: drh tags: trunk | |
| 19:04 | Add initial draft of the "Rebase Considered Harmful" document. check-in: 4f79941f9e user: drh tags: trunk | |
| 15:41 | Update the built-in SQLite to the latest 3.30.0 alpha, as an SQLite beta test. check-in: f8823ae809 user: drh tags: trunk | |
| 10:49 | Update the 'reconstruct' command to issue an error instead of a warning on failure importing the list of private artifacts, so no new repository with all-public contents is created. check-in: 8c4ef2c016 user: florian tags: private-branches | |
| 10:34 | Update the Private Branches document to explain how to publish private branches (i.e. how to make them non-private), and mention why the --integrate option is ignored when merging private branches. check-in: 86ecdeefc8 user: florian tags: private-branches | |
| 10:09 | Reflow the help screens for 'deconstruct' and 'reconstruct', and add the new --keep-private option. check-in: dc8fcc7ff2 user: florian tags: private-branches | |
| 09:53 | Enhance the 'deconstruct' and 'reconstruct' commands with a new command-line option to save and restore the list of private artifacts. check-in: 66a14e93c7 user: florian tags: private-branches | |
| 09:09 | Update the 'commit --private' command to only apply default branch name ("private") and color ("orange") if not specified otherwise on the command-line, and if the parent is not already private, to simplify the management of private branches with distinct names. check-in: 836a85cbae user: florian tags: private-branches | |
| 08:46 | Make sure the check-in manifest of a merge child does not include a +close tag referring to the leaf check-in on a private branch, so as not to generate a missing artifact reference on repository clones without that private branch. check-in: 8268c5dafb user: florian tags: private-branches | |
| 08:32 | Update the 'branch new' command to track the status of private branches in the PRIVATE table, instead of using +private tags. check-in: 70849e7641 user: florian tags: private-branches | |
| 00:58 | Merged caps-doc branch down to trunk, improving documentation of user capabilities in Fossil. check-in: 779ddefa19 user: wyoung tags: trunk | |
| 00:49 | Fixed discussion of "x" cap in www/private.wiki to match its current implementation. check-in: c5561039e1 user: wyoung tags: trunk | |
|
2019-09-03
| ||
| 21:22 | Back out check-in [3ad81c3c499599b4] which was causing sync to fail. check-in: e1962ef67f user: drh tags: trunk | |
| 20:36 | Wiki test fixes. check-in: b40f1ac135 user: drh tags: trunk | |
| 20:22 | Make calls to db_begin_write() instead of db_begin_transaction() where appropriate. check-in: 3ad81c3c49 user: drh tags: trunk | |
| 20:20 | Include the "js" property in the configuration export for skins. check-in: 498fc87ac1 user: drh tags: trunk | |
| 20:19 | When displaying documents, provide class hints about the language of the document to syntax highlighter extensions. check-in: 74b538f614 user: drh tags: trunk | |
| 20:17 | Improvements to /vdiff. Provide the branch= query parameter. In the name decoder, all "merge-in:BRANCH" to mean the most recent merge-in to BRANCH from its parent. Provide "Diff" links for branches that show all changes since the most recent merge-in. check-in: e632a092a8 user: drh tags: trunk | |
| 20:08 | Fix a possible UNIQUE constraint violation in the new /vdiff logic. Closed-Leaf check-in: 8e175a6708 user: drh tags: vdiff-improvements | |
|
2019-08-27
| ||
| 12:36 | Add hyperlinks to the branch diff page from branch timeline and from /info. check-in: 833b220adc user: drh tags: vdiff-improvements | |
| 02:08 | Minor wording change in the header of /vdiff. check-in: 69adb45da0 user: drh tags: vdiff-improvements | |
| 02:07 | Updates to the /vdiff page with the branch=BRANCH query parameter so that it uses merge-in: instead of root: and thus excludes merge-in check-ins from the diff. check-in: b36dc6f121 user: drh tags: vdiff-improvements | |
| 01:47 | Add the "merge-in:NAME" name type, similar to "root:NAME" except that it finds the youngest anscestor of NAME that is in the branch from which the branch of NAME derived. check-in: dcd8f1d8f4 user: drh tags: vdiff-improvements | |
| 00:29 | Merge in documentation enhancements from trunk. check-in: c1b62c3260 user: drh tags: vdiff-improvements | |
| 00:29 | Remove an unused subroutine. Fix a minor CSS problem. check-in: 2078c746a5 user: drh tags: vdiff-improvements | |
| 00:11 | On the /vdiff page, show a timeline with both check-ins using different highlights on each check-in. check-in: 6e40f866ab user: drh tags: vdiff-improvements | |
|
2019-08-25
| ||
| 13:24 | Added HTTP proxying info to Debian nginx server setup guide. check-in: c6a033cea6 user: wyoung tags: trunk | |
| 12:39 | Replaced the content of "Running Fossil in SCGI Mode" within www/server/debian/nginx.md with references to our other Fossil server docs. This also reduces the prior focus of this section on fslsrv to a single sentence, since we now prefer the systemd option, now that we have it. check-in: a4bb92f791 user: wyoung tags: trunk | |
| 12:29 | Swapped the simple foo.net "whole site is Fossil" example in www/server/debian/nginx.md for the more complicated example.com one where only /code is served by Fossil. This is probably going to be more common, and it shows off the important detail of setting SCRIPT_NAME properly. Made a minor adjustment to any/scgi.md to track this change, so there is not a pointless difference between these two nginx configs. check-in: 653e90ca62 user: wyoung tags: trunk | |
| 11:52 | Clarified use of scgi_params, SCRIPT_NAME, and service starting in the generic SCGI server setup doc. check-in: 5a58ac3141 user: wyoung tags: trunk | |
|
2019-08-24
| ||
| 18:32 | Merge fork check-in: 6c6aae9782 user: andygoth tags: trunk | |
|
2019-08-23
| ||
| 12:42 | Add the fossil_random_password() utility function and use it to generate a stronger initial admin-user password in the "fossil new" command. check-in: 23a9f9bac2 user: drh tags: trunk | |
| 12:23 | If the test-markdown-render or test-wiki-render commands are invoked without a repository in which to check for Wiki page names and artifact hashes, then substitute a temporary, empty, in-memory repository so that the commands will still work and won't give SQL errors. check-in: 0ac64dad80 user: drh tags: trunk | |
| 11:07 | Markdown hyperlinks are only converted to links to wiki if the named wikipage actually exists. Otherwise, the link becomes a relative link. This is for backwards compatibility. check-in: 3b10e64468 user: drh tags: trunk | |
| 05:32 | Fixed a few fatal error messages from the login-group command that referred to an "add" command, which is now called "join". The symptom I saw is that "fossil login-group add" complained that "add" is not a valid command and that you should give '"add" or "leave"' instead! check-in: 09c65d7527 user: wyoung tags: trunk | |
| 05:22 | Fixed a few messages from the login-group command that referred to an apparent older name for the "join" sub-command, "add". This lead to a confusing symptom: "fossil login-group add foo" -> {unknown command "add" - should be "add" or "leave"}. check-in: 739cd8720e user: wyoung tags: trunk | |
|
2019-08-22
| ||
| 15:06 | Stronger recommendation for changing the default user's random hex password prior to setting up a Fossil server after learning it's 6 hex digits, not 8 as I thoght when I wrote that! check-in: 9fcd6e443c user: wyoung tags: trunk | |
| 14:14 | Added bullet list detailing the sources for <script nonce=""> from a Fossil server and the reasons we consider each path safe. check-in: 91377ae432 user: wyoung tags: trunk | |
| 13:31 | Reworked the material explaining why in-page <style> is currently allowed by Fossil's default CSP to make it clearer that this is most likely a temporary situation and that local custom CSS should go in the skin instead. check-in: 092eeebf40 user: wyoung tags: trunk | |
| 13:13 | Expanded the discussion of in-repo and out-of-repo resource links in defcsp.md. check-in: 23fcd765f6 user: wyoung tags: trunk | |
| 12:39 | Reworked the new introductory material in defcsp.md to be less about the CSP as last-resort and more about being a secondary filter to our other measures. Gave examples to clarify the tensions that prevent a purely server-side solution from being a practical solution. check-in: 1c4df5bf0a user: wyoung tags: trunk | |
| 11:54 | "RaspberryPI" -> "Raspberry Pi" check-in: 5182be99c9 user: wyoung tags: trunk | |
| 11:53 | Assorted refinements to the new pre- and post-activation advice sections in www/server/index.html: nix passive voice, add a few details, add some links to related docs, etc. Also fixed a CSS indenting problem preventing correct use of <p> in <li>, then made use of the new freedom in these sections' numbered lists. check-in: b5c2c9bf31 user: wyoung tags: trunk | |
|
2019-08-21
| ||
| 19:18 | Fix the $ROOT mechanism in HTML documents so that it accepts any whitespace character before href= and script=. Add $ROOT in appropriate places in the server documentation. check-in: 3e183bfad8 user: drh tags: trunk | |
| 18:15 | Outline how to configure a repository before and after server activation. check-in: 154ea087af user: drh tags: trunk | |
| 17:37 | Improvements to the althttpd documentation. check-in: 44f1df9fef user: drh tags: trunk | |
| 17:21 | Further improvements to the server document. check-in: c2c4d3039f user: drh tags: trunk | |
| 16:57 | Extra defenses against running fossil_atexit() more than once. check-in: bc7683e15a user: drh tags: trunk | |
| 16:55 | Fix the "shell" command so that it avoids invoking the atexit() handler more than once. check-in: 07a5a2118e user: drh tags: trunk | |
| 15:56 | Server documentation updates. check-in: b2426c2786 user: drh tags: trunk | |
| 12:32 | Disallow versioning of security sensitive settings tcl-setup, th1-setup, and th1-uri-regexp. For effective security, these settings should only be controllable by an administrator. check-in: 2da704c5a1 user: drh tags: trunk | |
| 11:26 | Update to the default CSP page. Attempted to resolve merge conflicts, but more editting is likely necessary. check-in: 33a7b8babe user: drh tags: trunk | |
| 11:09 | Added a header to the new XSS material in defcsp.md so we can refer directly to it. check-in: 7b843f2d43 user: wyoung tags: trunk | |
| 11:01 | More thorough explanation of <script nonce> in www/defcsp.md, and explained the reason why Fossil has no way of providing that nonce in most content types rather than link to the "XSS via check-in rights" forum post. This new presentation of that post's ideas is more detailed and includes discussion of the feature's interaction with the TH1 docs feature. check-in: 8d43bb8786 user: wyoung tags: trunk | |
| 09:40 | Major improvements to the new defcsp.md article. Expanded the introductory material to better describe what the CSP does; added named anchors to headers; moved the discussion of $default_csp overrides into this document from customskin.md, which now just says how you use that variable read-only; and added an entirely new section, "Replacing the Default CSP". check-in: 366b23a180 user: wyoung tags: trunk | |
| 08:52 | Replaced the redundant copy of the default CSP in skins/bootstrap/header.txt with "$default_csp", allowing the TH1 setup script to override the CSP as in all the other stock skins. (Bootstrap is the last stock skin to define a custom <head> element.) check-in: 14ac2cacdd user: wyoung tags: trunk | |
|
2019-08-20
| ||
| 19:16 | Fix memcpy() compiler warnings. check-in: 7ae4b1a719 user: drh tags: trunk | |
| 16:11 | Fix possible misaligned pointer to a 16-bit object. check-in: f7c41be825 user: drh tags: trunk | |
| 15:04 | Updated and expanded documentation on how to set up a Fossil server. check-in: f146e21af9 user: drh tags: trunk | |
| 14:55 | Add the --with-sanitizer option to the ./configure script. check-in: 231d693314 user: drh tags: trunk | |
| 07:01 | Fixed a link punctuation bug introduced in [74a6578c]. Closed-Leaf check-in: c57e17931d user: wyoung tags: server-docs | |
| 06:45 | The merge from trunk accidentally reverted part of the new text in www/embeddeddoc.wiki. (This part was manually merged, and I missed a diff relative to trunk.) check-in: 8976a9dae3 user: wyoung tags: server-docs | |
| 06:35 | Missed a link to server.wiki that should have been checked in with [74a6578c]. check-in: d5def0c8c4 user: wyoung tags: server-docs | |
| 06:34 | Merged in trunk improvements check-in: 42d28c0286 user: wyoung tags: server-docs | |
| 06:28 | Reverted src/doc.c to the trunk version. The "Plan Z" reversion in [8264fd75] was incomplete, causing bad TH1 variable expansion. I believe this explains the symptom I worked around in [9bdf650f0b8]. This check-in also cherry-picks [3d6a4fd95c] onto the branch. check-in: 3cdf764c2c user: wyoung tags: server-docs | |
| 06:03 | Updated all of the internal hyperlinks referencing www/server.wiki to point at either www/server/index.html or one of the docs it now points at. check-in: 74a6578cd4 user: wyoung tags: server-docs | |
| 04:57 | Fixed an unwanted "$nonce" variable expansion within the new customskin.md introduced by [9044fd2dbe] which only occurs *sometimes*: not on fossil-scm.org, and apparently not in my earlier ckout testing prior to checking it in, but now in a different ckout test. This has to be a TH1 thing, but I don't understand why we didn't see this earlier. This is just a workaround for the symptom. check-in: 9bdf650f0b user: wyoung tags: trunk | |
| 04:34 | Fixed a link from the new material in embeddeddoc.wiki to the new CSP material: that briefly lived in customskin.md before checking it in, but then I moved it to a new document and forgot to update the link. check-in: f4cbfd5acc user: wyoung tags: trunk | |
| 04:24 | Fixed a couple of Tcl syntax fixes that caused the new --with-sanitizer code to a) run unconditionally irrespective of the option's setting and b) to check for the existence of libubsan whether it was actually needed or not. Closed-Leaf check-in: 66fdab7605 user: wyoung tags: configure-updates | |
| 04:07 | Added www/defcsp.md, which documents the default Content Security Policy applied by Fossil to the HTML pages it serves. Linked that into embeddeddoc.wik and customskin.md, which touched on this topic before but didn't go into much detail. check-in: 4e6d36d7d4 user: wyoung tags: trunk | |
| 02:09 | Fix a compiler warning in the security-audit page. check-in: 3243a6c148 user: drh tags: trunk | |
| 01:34 | Added --with-sanitizer configure-time option for appending -fsanitize=VALUE to CFLAGS and LDFLAGS, plus automatic detection of -lubsan for GCC, which doesn't automatically link to that with -fsanitize=undefined as Clang does. EDIT: This check-in breaks the built on Ubuntu 18.04. check-in: 7907b6ffae user: wyoung tags: configure-updates | |
| 00:41 | Removed "known to work with IIS" bit from www/server/index.html in the CGI section, since that is not actually true. We can put it back once someone figures out [https://fossil-scm.org/forum/forumpost/de18dc32c0 | the IIS + CGI + Fossil CPU pegging problem]. check-in: 8b7c17de3f user: wyoung tags: server-docs | |