|2 years 11 months||Write-protect git repository over HTTP!
I totally misunderstood the access control mechanism (but it's logical
that it behaves the way it does), and so on git projects with "open"
source access, repos were write-for-all.
This should fix it by enforcing member-or-owner auth for writes.
Signed-off-by: Patrick Georgi <firstname.lastname@example.org>
|3 years 7 days||Use idf_exec_prefix when git tools are called|
|3 years 7 days||Make HTTP auth cover all popular FastCGI workarounds|
|3 years 7 days||Use REDIRECT_* for FastCGI/PHP Authorization handling|
|3 years 7 days||Document HTTP repository access for git|
|3 years 11 days||If necessary, create git repository on first http access|
|3 years 11 days||Use new semantics for adding an stdin stream to PassThru|
|3 years 11 days||Stylistic fixes|
|3 years 11 days||Move http repository access to /r/$project
It's a shorter URL and also helps git derive the right name
for the clone.
|3 years 12 days||Provide http access to git repositories
/p/$project/source/repo for git repos now exposes both
"dumb" and "smart" http protocol access.
|3 years 13 days||Add basic framework for web based repository access
/p/$project/source/repo/ is assigned to a method that
takes care of providing repository access.
For now, this results in an exception on all SCMs.
|3 years 15 days||Improve the 'parents' parsing for git and ignore any empty parts;
react gracefully if we could not parse the parents for some weird reason.
|3 years 20 days||Reworked the option / argument handling in the SVN interface to
have less code duplication.
|3 years 20 days||Dropped a few more not needed files.|
|3 years 20 days||- Make the SVN test case work without specific test configuration.
- Rename the test repo to match the test function so we can create
more test repositories for other tests at a later stage.
- Remove useless hooks and configs from the repo (they are not used
for our specific test and just need memory).
- Note the fix for issue 721 in NEWS.mdtext.
|3 years 20 days||Make SVN backend more robust
The SVN backend failed when trying to access historical information on deleted files.
There's also an initial test case for the SVN backend, testing this issue
and issue 364, which is about a similar problem for renamed files.
Reverting any of these fixes breaks the test.
|3 years 1 month||Note the change from issue 716.|
|3 years 1 month||Merge branch 'feature.content-md5' into develop|
|3 years 1 month||Provide MD5 value of downloads to HTTP client
Content-MD5 is a HTTP header to provide end-to-end integrity checks
(see RFC2616, 14.15). This doesn't protect against malicious
modifications, but against transmissions errors and storage errors
on the server.
The change also removes one redirect when downloading files.
|3 years 1 month||Merge branch 'develop' of projects.ceondo.com:indefero into develop|
|3 years 1 month||Fix issue 247 : cron overwrites authorized_keys during cron run|
|3 years 2 months||Postgres needs a VARCHAR cast, which MySQL doesn't understand, of
|3 years 2 months||Postgres (and probably others as well) needs an explicit char cast.|
|3 years 2 months||Fix the rendering of issue changes in a mail template and the issue feed fragment.|
|3 years 2 months||Fixed stupid missing semicolon.|