| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | | |/
| |/|
| | |
| | | |
- new python 3 versions warn/errors about this usage
|
| |\ \ \
| |/ /
|/| | |
Update SSHD to version 1.7.0 and add support for EdDSA user keys
|
| | | | |
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| | |
(cherry picked from commit d8fbdda2ab3fa48e92bdf37399d4b75c48409c5c@rpardini:master)
# Conflicts:
# .classpath
# build.moxie
# src/test/java/com/gitblit/tests/SshUnitTest.java
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Instead of adding another setting and having to explain how the new one
and the existing `requireClientCertificates` setting are interdependent,
let's use the existing setting and add new values.
It is changed from a boolean to a string, with the values `required`,
`optional` and `disabled`. To keep backward compatibility with the old
values, the `true` value is mapped to `required` and the `false` value
is mapped to `optional`.
|
| |/| |
| | |
| | |
| | | |
oddeirik-disable-client-certs
|
| | | | |
|
| |\ \ \
| | | |
| | | |
| | | | |
This pulls in the rebased branch from PR #1100.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This also removes the additional Set. What changes is that the order of
the repositories is kept, but the resulting list will have user and team
permissions intertwined.
|
| | | | | |
|
| |/ / /
| | |
| | |
| | | |
different permissions
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
The contribution branch was rebased to current master.
This should close #1065 as merged.
|
| | | | |
| | | |
| | | |
| | | | |
These show more clearly what the code is supposed to do.
|
| | | | | |
|
| | | | | |
|
| |/ / /
| | |
| | |
| | |
| | | |
Tabs are not always 4 spaces large. It completes the line to the 4th
character.
|
| | | |
| | |
| | | |
This closes #1418
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
For some reason the secret gate doesn't work and the main Gitblit
repo also attempts to deploy the nightly to Docker which must fail.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
It was still pointing to Google Code.
This closes #1408
|
| | | | |
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
Merge fix branch from 1.9 mainenance line into
master branch.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The `StoredUserConfig` only escaped the escape character, i.e. backslash.
But it does not escape control characters like tab or newline. This
introduces a vulnerability where an attacker can create new entries
in their user account and create new accounts.
In addition, other characters are also not properly handled. Field values
with a comment character need to be quoted. This only happens for the
`#` character and only when the value starts with it. Also the quote
is note escaped in values.
This change completely rewrites the `escape` method of `StoredUserConfig`.
It takes care of properly escaping characters that need escaping for the
git configuration file format.
This fixes #1410
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Te `StoredUserConfig` did not handle sections without a subsection.
When the subsection did not exist, i.e. was `null`, then the subsection
name would be set to the string "null". This is not how the config file
format works. It should create a `[SECTIONNAME]` entry instead.
This fix handles a `null` subsection correctly, by handling it as a
section without a subsection.
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Add unit tests for exploiting the email address or display name
in the config user service by using newlines in the values.
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| |\ \ \ \
| | | | |
| | | | |
| | | | | |
This merges rebased and enhanced pull request #1219
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| |/ / / /
| | | |
| | | | |
Fixes #1218
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Enable a switch for manual workflow triggering that overrides the check
if a new commits were made since the last build. If the input is set to
'true', a new build is run even when no new commits are present.
This is mainly so that changes to the gitblit-docker repo can be included
in builds. This could also be automated in the workflow, if need be.
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The link to the nightly docker images points to the actual image layer,
which is removed when a new nightly is pushed.
Instead, we should point to the images page, filtering on the tag 'nightly'.
|
| |/ / / |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Since Bintray seized operation, the packages for versions 1.4.0 - 1.8.0
have been uploaded to Cloudsmith. Adjust the links appropriately.
An attribution is added to comply with Cloudsmith's OSS hosting policy.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
To determine what the release version is to be, use a simple grep over
the moxie.build file and cut off the `-SNAPSHOT` part. The moxie
tag command doesn't do anything else, either. But the problem is that
when using the moxie tag command on the release branch, where the
version has already been set to a release version, it would create
a second release version, like so: 1.9.2-1.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When creating a release draft and uploading assets, provision for the case
that a draft release already exists. In that case, instead of creating a
release, the existing release (changelog) is edited and the assets are
deleted before the new built ones are uploaded.
This commit also introduces the `${gh.repo}` property in build.xml,
so that the Github project could be chosen dynamically. Not really needed,
to be honest, but, yeah, whatever.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Refactor the creation of the release process script, from
`release.template` into a `macrodef`.
Add a new target `releaseScript`, so that the release script can be
created after the `tagRelease` target was run.
This is helpful if the `tagRelease` target is run by a different,
earlier process than the actual release creation process.
|
| | | | |
|
