##// END OF EJS Templates
censor: be more verbose about the other steps too...
censor: be more verbose about the other steps too If we informs the user about head checking, we should tell him when the other operation happens too. Otherwise the user can imagine to still be in the head checking part.

File last commit:

r52162:db121ddd default
r52162:db121ddd default
Show More
censor.py
144 lines | 4.6 KiB | text/x-python | PythonLexer
# Copyright (C) 2015 - Mike Edgar <adgar@google.com>
#
# This extension enables removal of file content at a given revision,
# rewriting the data/metadata of successive revisions to preserve revision log
# integrity.
"""erase file content at a given revision
The censor command instructs Mercurial to erase all content of a file at a given
revision *without updating the changeset hash.* This allows existing history to
remain valid while preventing future clones/pulls from receiving the erased
data.
Typical uses for censor are due to security or legal requirements, including::
* Passwords, private keys, cryptographic material
* Licensed data/code/libraries for which the license has expired
* Personally Identifiable Information or other private data
Censored nodes can interrupt mercurial's typical operation whenever the excised
data needs to be materialized. Some commands, like ``hg cat``/``hg revert``,
simply fail when asked to produce censored data. Others, like ``hg verify`` and
``hg update``, must be capable of tolerating censored data to continue to
function in a meaningful way. Such commands only tolerate censored file
As having a censored version in a checkout is impractical. The current head
revisions of the repository are checked. If the revision to be censored is in
any of them the command will abort.
A few informative commands such as ``hg grep`` will unconditionally
ignore censored data and merely report that it was encountered.
"""
from mercurial.i18n import _
from mercurial.node import short
from mercurial import (
error,
logcmdutil,
registrar,
scmutil,
)
cmdtable = {}
command = registrar.command(cmdtable)
# Note for extension authors: ONLY specify testedwith = 'ships-with-hg-core' for
# extensions which SHIP WITH MERCURIAL. Non-mainline extensions should
# be specifying the version(s) of Mercurial they are tested with, or
# leave the attribute unspecified.
testedwith = b'ships-with-hg-core'
@command(
b'censor',
[
(
b'r',
b'rev',
b'',
_(b'censor file from specified revision'),
_(b'REV'),
),
(
b'',
b'check-heads',
True,
_(b'check that repository heads are not affected'),
),
(b't', b'tombstone', b'', _(b'replacement tombstone data'), _(b'TEXT')),
],
_(b'-r REV [-t TEXT] [FILE]'),
helpcategory=command.CATEGORY_MAINTENANCE,
)
def censor(ui, repo, path, rev=b'', tombstone=b'', check_heads=True, **opts):
with repo.wlock(), repo.lock():
return _docensor(
ui,
repo,
path,
rev,
tombstone,
check_heads=check_heads,
**opts,
)
def _docensor(ui, repo, path, rev=b'', tombstone=b'', check_heads=True, **opts):
if not path:
raise error.Abort(_(b'must specify file path to censor'))
if not rev:
raise error.Abort(_(b'must specify revision to censor'))
wctx = repo[None]
m = scmutil.match(wctx, (path,))
if m.anypats() or len(m.files()) != 1:
raise error.Abort(_(b'can only specify an explicit filename'))
path = m.files()[0]
flog = repo.file(path)
if not len(flog):
raise error.Abort(_(b'cannot censor file with no history'))
rev = logcmdutil.revsingle(repo, rev, rev).rev()
try:
ctx = repo[rev]
except KeyError:
raise error.Abort(_(b'invalid revision identifier %s') % rev)
try:
fctx = ctx.filectx(path)
except error.LookupError:
raise error.Abort(_(b'file does not exist at revision %s') % rev)
fnode = fctx.filenode()
if check_heads:
heads = []
repo_heads = repo.heads()
msg = b'checking for the censored content in %d heads\n'
msg %= len(repo_heads)
ui.status(msg)
for headnode in repo_heads:
hc = repo[headnode]
if path in hc and hc.filenode(path) == fnode:
heads.append(hc)
if heads:
headlist = b', '.join([short(c.node()) for c in heads])
raise error.Abort(
_(b'cannot censor file in heads (%s)') % headlist,
hint=_(b'clean/delete and commit first'),
)
msg = b'checking for the censored content in the working directory\n'
ui.status(msg)
wp = wctx.parents()
if ctx.node() in [p.node() for p in wp]:
raise error.Abort(
_(b'cannot censor working directory'),
hint=_(b'clean/delete/update first'),
)
msg = b'censoring 1 file revision\n'
ui.status(msg)
with repo.transaction(b'censor') as tr:
flog.censorrevision(tr, fnode, tombstone=tombstone)