##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

sslutil: issue warning when [hostfingerprint] is used...
sslutil: issue warning when [hostfingerprint] is used Mercurial 3.9 added the [hostsecurity] section, which is better than [hostfingerprints] in every way. One of the ways that [hostsecurity] is better is that it supports SHA-256 and SHA-512 fingerprints, not just SHA-1 fingerprints. The world is moving away from SHA-1 because it is borderline secure. Mercurial should be part of that movement. This patch adds a warning when a valid SHA-1 fingerprint from the [hostfingerprints] section is being used. The warning informs users to switch to [hostsecurity]. It even prints the config option they should set. It uses the SHA-256 fingerprint because recommending a SHA-1 fingerprint in 2017 would be ill-advised. The warning will print itself on every connection to a server until it is fixed. There is no way to suppress the warning. I admit this is annoying. But given the security implications of sticking with SHA-1, I think this is justified. If this patch is accepted, I'll likely send a follow-up to start warning on SHA-1 certificates in [hostsecurity] as well. Then sometime down the road, we can drop support for SHA-1 fingerprints. Credit for this idea comes from timeless in issue 5466.
eloimorlaas - - Load All Authors

File last commit:

r31065:7074589c stable
r31290:f819aa9d default
Show More
record.py
153 lines | 5.0 KiB | text/x-python | PythonLexer
/ hgext / record.py
History | Annotation | Raw |Copy content |Copy permalink
# record.py
#
# Copyright 2007 Bryan O'Sullivan <bos@serpentine.com>
#
# This software may be used and distributed according to the terms of the
# GNU General Public License version 2 or any later version.
'''commands to interactively select changes for commit/qrefresh (DEPRECATED)
The feature provided by this extension has been moved into core Mercurial as
:hg:`commit --interactive`.'''
from __future__ import absolute_import
from mercurial.i18n import _
from mercurial import (
cmdutil,
commands,
error,
extensions,
)
cmdtable = {}
command = cmdutil.command(cmdtable)
# Note for extension authors: ONLY specify testedwith = 'ships-with-hg-core' for
# extensions which SHIP WITH MERCURIAL. Non-mainline extensions should
# be specifying the version(s) of Mercurial they are tested with, or
# leave the attribute unspecified.
testedwith = 'ships-with-hg-core'
@command("record",
# same options as commit + white space diff options
[c for c in commands.table['^commit|ci'][1][:]
if c[1] != "interactive"] + commands.diffwsopts,
_('hg record [OPTION]... [FILE]...'))
def record(ui, repo, *pats, **opts):
'''interactively select changes to commit
If a list of files is omitted, all changes reported by :hg:`status`
will be candidates for recording.
See :hg:`help dates` for a list of formats valid for -d/--date.
If using the text interface (see :hg:`help config`),
you will be prompted for whether to record changes to each
modified file, and for files with multiple changes, for each
change to use. For each query, the following responses are
possible::
y - record this change
n - skip this change
e - edit this change manually
s - skip remaining changes to this file
f - record remaining changes to this file
d - done, skip remaining changes and files
a - record all changes to all remaining files
q - quit, recording no changes
? - display help
This command is not available when committing a merge.'''
if not ui.interactive():
raise error.Abort(_('running non-interactively, use %s instead') %
'commit')
opts["interactive"] = True
backup = ui.backupconfig('experimental', 'crecord')
try:
ui.setconfig('experimental', 'crecord', False, 'record')
return commands.commit(ui, repo, *pats, **opts)
finally:
ui.restoreconfig(backup)
def qrefresh(origfn, ui, repo, *pats, **opts):
if not opts['interactive']:
return origfn(ui, repo, *pats, **opts)
mq = extensions.find('mq')
def committomq(ui, repo, *pats, **opts):
# At this point the working copy contains only changes that
# were accepted. All other changes were reverted.
# We can't pass *pats here since qrefresh will undo all other
# changed files in the patch that aren't in pats.
mq.refresh(ui, repo, **opts)
# backup all changed files
cmdutil.dorecord(ui, repo, committomq, None, True,
cmdutil.recordfilter, *pats, **opts)
# This command registration is replaced during uisetup().
@command('qrecord',
[],
_('hg qrecord [OPTION]... PATCH [FILE]...'),
inferrepo=True)
def qrecord(ui, repo, patch, *pats, **opts):
'''interactively record a new patch
See :hg:`help qnew` & :hg:`help record` for more information and
usage.
'''
return _qrecord('qnew', ui, repo, patch, *pats, **opts)
def _qrecord(cmdsuggest, ui, repo, patch, *pats, **opts):
try:
mq = extensions.find('mq')
except KeyError:
raise error.Abort(_("'mq' extension not loaded"))
repo.mq.checkpatchname(patch)
def committomq(ui, repo, *pats, **opts):
opts['checkname'] = False
mq.new(ui, repo, patch, *pats, **opts)
backup = ui.backupconfig('experimental', 'crecord')
try:
ui.setconfig('experimental', 'crecord', False, 'record')
cmdutil.dorecord(ui, repo, committomq, cmdsuggest, False,
cmdutil.recordfilter, *pats, **opts)
finally:
ui.restoreconfig(backup)
def qnew(origfn, ui, repo, patch, *args, **opts):
if opts['interactive']:
return _qrecord(None, ui, repo, patch, *args, **opts)
return origfn(ui, repo, patch, *args, **opts)
def uisetup(ui):
try:
mq = extensions.find('mq')
except KeyError:
return
cmdtable["qrecord"] = \
(qrecord,
# same options as qnew, but copy them so we don't get
# -i/--interactive for qrecord and add white space diff options
mq.cmdtable['^qnew'][1][:] + commands.diffwsopts,
_('hg qrecord [OPTION]... PATCH [FILE]...'))
_wrapcmd('qnew', mq.cmdtable, qnew, _("interactively record a new patch"))
_wrapcmd('qrefresh', mq.cmdtable, qrefresh,
_("interactively select changes to refresh"))
def _wrapcmd(cmd, table, wrapfn, msg):
entry = extensions.wrapcommand(table, cmd, wrapfn)
entry[1].append(('i', 'interactive', None, msg))