##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

sslutil: require TLS 1.1+ when supported...
sslutil: require TLS 1.1+ when supported Currently, Mercurial will use TLS 1.0 or newer when connecting to remote servers, selecting the highest TLS version supported by both peers. On older Pythons, only TLS 1.0 is available. On newer Pythons, TLS 1.1 and 1.2 should be available. Security professionals recommend avoiding TLS 1.0 if possible. PCI DSS 3.1 "strongly encourages" the use of TLS 1.2. Known attacks like BEAST and POODLE exist against TLS 1.0 (although mitigations are available and properly configured servers aren't vulnerable). I asked Eric Rescorla - Mozilla's resident crypto expert - whether Mercurial should drop support for TLS 1.0. His response was "if you can get away with it." Essentially, a number of servers on the Internet don't support TLS 1.1+. This is why web browsers continue to support TLS 1.0 despite desires from security experts. This patch changes Mercurial's default behavior on modern Python versions to require TLS 1.1+, thus avoiding known security issues with TLS 1.0 and making Mercurial more secure by default. Rather than drop TLS 1.0 support wholesale, we still allow TLS 1.0 to be used if configured. This is a compromise solution - ideally we'd disallow TLS 1.0. However, since we're not sure how many Mercurial servers don't support TLS 1.1+ and we're not sure how much user inconvenience this change will bring, I think it is prudent to ship an escape hatch that still allows usage of TLS 1.0. In the default case our users get better security. In the worst case, they are no worse off than before this patch. This patch has no effect when running on Python versions that don't support TLS 1.1+. As the added test shows, connecting to a server that doesn't support TLS 1.1+ will display a warning message with a link to our wiki, where we can guide people to configure their client to allow less secure connections.
FUJIWARA Katsunori - - Load All Authors

File last commit:

r28447:4eb5496c default
r29560:303e9300 default
Show More
test-fileset.t
369 lines | 6.6 KiB | text/troff | Tads3Lexer
/ tests / test-fileset.t
History | Source | Raw |Copy content |Copy permalink
Patrick Mezard
tests: test filesets with test-fileset.t
 r17362 $ fileset() {
> hg debugfileset "$@"
> }
$ hg init repo
$ cd repo
$ echo a > a1
$ echo a > a2
$ echo b > b1
Patrick Mezard
test-fileset: test file status predicates
 r17364 $ echo b > b2
Patrick Mezard
tests: test filesets with test-fileset.t
 r17362 $ hg ci -Am addfiles
adding a1
adding a2
adding b1
Patrick Mezard
test-fileset: test file status predicates
 r17364 adding b2
Patrick Mezard
tests: test filesets with test-fileset.t
 r17362
Test operators and basic patterns
Yuya Nishihara
fileset: pretty print syntax tree in debug output
 r25255 $ fileset -v a1
('symbol', 'a1')
Patrick Mezard
tests: test filesets with test-fileset.t
 r17362 a1
Yuya Nishihara
fileset: pretty print syntax tree in debug output
 r25255 $ fileset -v 'a*'
('symbol', 'a*')
Patrick Mezard
tests: test filesets with test-fileset.t
 r17362 a1
a2
Yuya Nishihara
fileset: pretty print syntax tree in debug output
 r25255 $ fileset -v '"re:a\d"'
('string', 're:a\\d')
Patrick Mezard
tests: test filesets with test-fileset.t
 r17362 a1
a2
Yuya Nishihara
fileset: pretty print syntax tree in debug output
 r25255 $ fileset -v 'a1 or a2'
(or
('symbol', 'a1')
('symbol', 'a2'))
Patrick Mezard
tests: test filesets with test-fileset.t
 r17362 a1
a2
$ fileset 'a1 | a2'
a1
a2
$ fileset 'a* and "*1"'
a1
$ fileset 'a* & "*1"'
a1
$ fileset 'not (r"a*")'
b1
Patrick Mezard
test-fileset: test file status predicates
 r17364 b2
Patrick Mezard
tests: test filesets with test-fileset.t
 r17362 $ fileset '! ("a*")'
b1
Patrick Mezard
test-fileset: test file status predicates
 r17364 b2
Patrick Mezard
fileset: actually implement 'minusset'...
 r17363 $ fileset 'a* - a1'
a2
Matt Mackall
fileset: handle underbar in symbols...
 r19470 $ fileset 'a_b'
Yuya Nishihara
fileset: handle error of string unescaping
 r26233 $ fileset '"\xy"'
hg: parse error: invalid \x escape
[255]
Patrick Mezard
tests: test filesets with test-fileset.t
 r17362
Patrick Mezard
test-fileset: test file status predicates
 r17364 Test files status
$ rm a1
$ hg rm a2
$ echo b >> b2
$ hg cp b1 c1
$ echo c > c2
$ echo c > c3
$ cat > .hgignore <<EOF
> \.hgignore
> 2$
> EOF
$ fileset 'modified()'
b2
$ fileset 'added()'
c1
$ fileset 'removed()'
a2
$ fileset 'deleted()'
a1
liscju
fileset: add missing() predicate (issue4925)...
 r27024 $ fileset 'missing()'
a1
Patrick Mezard
test-fileset: test file status predicates
 r17364 $ fileset 'unknown()'
c3
$ fileset 'ignored()'
.hgignore
c2
$ fileset 'hgignore()'
a2
b2
$ fileset 'clean()'
b1
$ fileset 'copied()'
c1
Patrick Mezard
fileset: exclude deleted files from matchctx.existing()...
 r17365 Test files properties
>>> file('bin', 'wb').write('\0a')
$ fileset 'binary()'
Patrick Mezard
fileset: matchctx.existing() must consider unknown files...
 r17366 $ fileset 'binary() and unknown()'
bin
Patrick Mezard
fileset: matchctx.existing() must consider ignored files...
 r17367 $ echo '^bin$' >> .hgignore
$ fileset 'binary() and ignored()'
bin
Patrick Mezard
fileset: matchctx.existing() must consider unknown files...
 r17366 $ hg add bin
$ fileset 'binary()'
bin
Patrick Mezard
fileset: exclude deleted files from matchctx.existing()...
 r17365
Patrick Mezard
fileset: do not traceback on invalid grep pattern
 r17368 $ fileset 'grep("b{1}")'
b2
c1
b1
$ fileset 'grep("missingparens(")'
hg: parse error: invalid match pattern: unbalanced parenthesis
[255]
Patrick Mezard
test-fileset: test remaining predicates...
 r17369 #if execbit
$ chmod +x b2
$ fileset 'exec()'
b2
#endif
#if symlink
$ ln -s b2 b2link
$ fileset 'symlink() and unknown()'
b2link
$ hg add b2link
#endif
Siddharth Agarwal
fileset: add a fileset for portable filenames...
 r24408 #if no-windows
$ echo foo > con.xml
Siddharth Agarwal
test-fileset.t: remove 'bar ' and 'baz\' from tested filenames...
 r24430 $ fileset 'not portable()'
Siddharth Agarwal
fileset: add a fileset for portable filenames...
 r24408 con.xml
Siddharth Agarwal
test-fileset.t: remove 'bar ' and 'baz\' from tested filenames...
 r24430 $ hg --config ui.portablefilenames=ignore add con.xml
Siddharth Agarwal
fileset: add a fileset for portable filenames...
 r24408 #endif
Patrick Mezard
test-fileset: test remaining predicates...
 r17369 >>> file('1k', 'wb').write(' '*1024)
>>> file('2k', 'wb').write(' '*2048)
$ hg add 1k 2k
$ fileset 'size("bar")'
hg: parse error: couldn't parse size: bar
[255]
timeless
fileset: add hint for list error to use or
 r27518 $ fileset '(1k, 2k)'
hg: parse error: can't use a list in this context
(see hg help "filesets.x or y")
[255]
Patrick Mezard
test-fileset: test remaining predicates...
 r17369 $ fileset 'size(1k)'
1k
$ fileset '(1k or 2k) and size("< 2k")'
1k
$ fileset '(1k or 2k) and size("<=2k")'
1k
2k
$ fileset '(1k or 2k) and size("> 1k")'
2k
$ fileset '(1k or 2k) and size(">=1K")'
1k
2k
$ fileset '(1k or 2k) and size(".5KB - 1.5kB")'
1k
av6
filesets: ignore unit case in size() predicate for single value...
 r25925 $ fileset 'size("1M")'
$ fileset 'size("1 GB")'
Patrick Mezard
test-fileset: test remaining predicates...
 r17369
Test merge states
$ hg ci -m manychanges
$ hg up -C 0
* files updated, 0 files merged, * files removed, 0 files unresolved (glob)
$ echo c >> b2
$ hg ci -m diverging b2
created new head
$ fileset 'resolved()'
$ fileset 'unresolved()'
$ hg merge
merging b2
Siddharth Agarwal
simplemerge: move conflict warning message to filemerge...
 r26614 warning: conflicts while merging b2! (edit, then use 'hg resolve --mark')
Matt Harbison
test-fileset: glob the updated file count for Windows stability...
 r26953 * files updated, 0 files merged, 1 files removed, 1 files unresolved (glob)
Patrick Mezard
test-fileset: test remaining predicates...
 r17369 use 'hg resolve' to retry unresolved file merges or 'hg update -C .' to abandon
[1]
$ fileset 'resolved()'
$ fileset 'unresolved()'
b2
$ echo e > b2
$ hg resolve -m b2
Pierre-Yves David
resolve: add parenthesis around "no more unresolved files" message...
 r21947 (no more unresolved files)
Patrick Mezard
test-fileset: test remaining predicates...
 r17369 $ fileset 'resolved()'
b2
$ fileset 'unresolved()'
$ hg ci -m merge
Test subrepo predicate
$ hg init sub
$ echo a > sub/suba
$ hg -R sub add sub/suba
$ hg -R sub ci -m sub
$ echo 'sub = sub' > .hgsub
Matt Harbison
convert: support incremental conversion with hg subrepos...
 r25558 $ hg init sub2
$ echo b > sub2/b
$ hg -R sub2 ci -Am sub2
adding b
$ echo 'sub2 = sub2' >> .hgsub
Patrick Mezard
test-fileset: test remaining predicates...
 r17369 $ fileset 'subrepo()'
$ hg add .hgsub
$ fileset 'subrepo()'
sub
Matt Harbison
convert: support incremental conversion with hg subrepos...
 r25558 sub2
Patrick Mezard
test-fileset: test remaining predicates...
 r17369 $ fileset 'subrepo("sub")'
sub
$ fileset 'subrepo("glob:*")'
sub
Matt Harbison
convert: support incremental conversion with hg subrepos...
 r25558 sub2
Patrick Mezard
debugfileset: implement --rev, more tests
 r17370 $ hg ci -m subrepo
Patrick Mezard
test-fileset: test remaining predicates...
 r17369
Matt Harbison
convert: support incremental conversion with hg subrepos...
 r25558 Test that .hgsubstate is updated as appropriate during a conversion. The
saverev property is enough to alter the hashes of the subrepo.
$ hg init ../converted
$ hg --config extensions.convert= convert --config convert.hg.saverev=True \
> sub ../converted/sub
initializing destination ../converted/sub repository
scanning source...
sorting...
converting...
0 sub
$ hg clone -U sub2 ../converted/sub2
$ hg --config extensions.convert= convert --config convert.hg.saverev=True \
> . ../converted
scanning source...
sorting...
converting...
4 addfiles
3 manychanges
2 diverging
1 merge
0 subrepo
no ".hgsubstate" updates will be made for "sub2"
$ hg up -q -R ../converted -r tip
$ hg --cwd ../converted cat sub/suba sub2/b -r tip
a
b
$ oldnode=`hg log -r tip -T "{node}\n"`
$ newnode=`hg log -R ../converted -r tip -T "{node}\n"`
Yuya Nishihara
test-fileset: remove bashism, use test instead of '[[ ]]'...
 r25587 $ [ "$oldnode" != "$newnode" ] || echo "nothing changed"
Matt Harbison
convert: support incremental conversion with hg subrepos...
 r25558
Patrick Mezard
debugfileset: implement --rev, more tests
 r17370 Test with a revision
$ hg log -G --template '{rev} {desc}\n'
@ 4 subrepo
|
o 3 merge
|\
| o 2 diverging
| |
o | 1 manychanges
|/
o 0 addfiles
$ echo unknown > unknown
$ fileset -r1 'modified()'
b2
$ fileset -r1 'added() and c1'
c1
$ fileset -r1 'removed()'
a2
$ fileset -r1 'deleted()'
$ fileset -r1 'unknown()'
$ fileset -r1 'ignored()'
$ fileset -r1 'hgignore()'
b2
bin
$ fileset -r1 'binary()'
bin
$ fileset -r1 'size(1k)'
1k
$ fileset -r3 'resolved()'
$ fileset -r3 'unresolved()'
#if execbit
$ fileset -r1 'exec()'
b2
#endif
#if symlink
$ fileset -r1 'symlink()'
b2link
#endif
Siddharth Agarwal
fileset: add a fileset for portable filenames...
 r24408 #if no-windows
$ fileset -r1 'not portable()'
con.xml
Matt Harbison
test-fileset: forget non-portable files to avoid failures on Windows...
 r24424 $ hg forget 'con.xml'
Siddharth Agarwal
fileset: add a fileset for portable filenames...
 r24408 #endif
Patrick Mezard
debugfileset: implement --rev, more tests
 r17370 $ fileset -r4 'subrepo("re:su.*")'
sub
Matt Harbison
convert: support incremental conversion with hg subrepos...
 r25558 sub2
Patrick Mezard
debugfileset: implement --rev, more tests
 r17370 $ fileset -r4 'subrepo("sub")'
sub
Patrick Mezard
fileset: fix generator vs list bug in fast path...
 r17371 $ fileset -r4 'b2 or c1'
b2
c1
Patrick Mezard
debugfileset: implement --rev, more tests
 r17370
Matt Mackall
filesets: add eol predicate
 r18842 >>> open('dos', 'wb').write("dos\r\n")
>>> open('mixed', 'wb').write("dos\r\nunix\n")
>>> open('mac', 'wb').write("mac\r")
$ hg add dos mixed mac
FUJIWARA Katsunori
fileset: treat encoding and eol as the predicate calling _existing...
 r27459 (remove a1, to examine safety of 'eol' on removed files)
$ rm a1
Matt Mackall
filesets: add eol predicate
 r18842 $ fileset 'eol(dos)'
dos
mixed
$ fileset 'eol(unix)'
FUJIWARA Katsunori
fileset: treat encoding and eol as the predicate calling _existing...
 r27459 mixed
Matt Mackall
filesets: add eol predicate
 r18842 .hgsub
.hgsubstate
b1
b2
c1
$ fileset 'eol(mac)'
mac
FUJIWARA Katsunori
fileset: treat encoding and eol as the predicate calling _existing...
 r27459
Test safety of 'encoding' on removed files
Matt Harbison
test-fileset: conditionalize output with symlink
 r27477 #if symlink
FUJIWARA Katsunori
fileset: treat encoding and eol as the predicate calling _existing...
 r27459 $ fileset 'encoding("ascii")'
dos
mac
mixed
.hgsub
.hgsubstate
1k
2k
b1
b2
b2link
bin
c1
Matt Harbison
test-fileset: conditionalize output with symlink
 r27477 #else
$ fileset 'encoding("ascii")'
dos
mac
mixed
.hgsub
.hgsubstate
1k
2k
b1
b2
bin
c1
#endif
FUJIWARA Katsunori
fileset: detect unintentional existing() invocation at runtime...
 r27464
Test detection of unintentional 'matchctx.existing()' invocation
$ cat > $TESTTMP/existingcaller.py <<EOF
FUJIWARA Katsunori
registrar: add filesetpredicate to mark a function as fileset predicate...
 r28447 > from mercurial import registrar
FUJIWARA Katsunori
fileset: detect unintentional existing() invocation at runtime...
 r27464 >
FUJIWARA Katsunori
registrar: add filesetpredicate to mark a function as fileset predicate...
 r28447 > filesetpredicate = registrar.filesetpredicate()
> @filesetpredicate('existingcaller()', callexisting=False)
FUJIWARA Katsunori
fileset: detect unintentional existing() invocation at runtime...
 r27464 > def existingcaller(mctx, x):
> # this 'mctx.existing()' invocation is unintentional
> return [f for f in mctx.existing()]
> EOF
$ cat >> .hg/hgrc <<EOF
> [extensions]
> existingcaller = $TESTTMP/existingcaller.py
> EOF
$ fileset 'existingcaller()' 2>&1 | tail -1
AssertionError: unexpected existing() invocation