not pass Perl 5.8's stricter taint checks. The flag will be turned on
again when the port is updated to the next release.
PR: ports/62650, ports/62743
Submitted by: naddy, Palle Girgensohn <girgen@pingpong.net>
2002-05-22 Akinori MUSHA <knu@iDaemons.org>
* cvsweb.cgi: Read configuration files with `do' instead of
`require' to unbreak mod_perl support.
[Submitted by: "Khachaturov, Vassilii" <vassilii@tarunz.org>]
* cvsweb.cgi: Cosmetic fixes. Use and/or rather than &&/|| to
connect sentences.
* cvsweb.cgi: Exit with -1 if exec() fails.
* cvsweb.cgi: Do not print a redundant `Diff' for rev.1.1.
[Submitted by: Ville Skytt,Ad(B <ville.skytta@iki.fi>]
* cvsweb.cgi: Prevent cross-site scripting.
[Submitted by: Motoyuki Konno <motoyuki@bsdclub.org> (modified)]
* cvsweb.cgi: Skip a possible `locked by' clause and extract a
revision number out of a log entry properly.
[Submitted by: "Khachaturov, Vassilii" <vassilii@tarunz.org>]
* cvsweb.cgi: Apply some HTML cleanups and use CSS instead of
ancient HTML 3/4 tags and attributes.
[Submitted by: Ville Skytt,Ad(B <ville.skytta@iki.fi>]
* cvsweb.cgi: Pass `use' features to import to make it more memory
efficient.
[Submitted by: Ville Skytt,Ad(B <ville.skytta@iki.fi>]
* cvsweb.cgi: Add new configuration variables: $allow_log_extra,
$allow_dir_extra, and $allow_source_extra.
[Submitted by: "Khachaturov, Vassilii" <vassilii@tarunz.org>]
* cvsweb.cgi: Release as FreeBSD-cvsweb 2.0.2.
2002-05-11 Akinori MUSHA <knu@iDaemons.org>
* cvsweb.cgi: There are no spaces at EOL in modern rlog output.
[Submitted by: "Khachaturov, Vassilii" <vassilii@tarunz.org>]
2002-05-08 Motoyuki Konno <motoyuki@FreeBSD.org>
* cvsweb.cgi: Fix a cross-site scripting vulnerablity.
2002-05-07 Akinori MUSHA <knu@iDaemons.org>
* cvsweb.conf-netbsd, cvsweb.conf-openbsd: NetBSD and OpenBSD
don't use $CVSHeader$ but $Id$.
[Submitted by: motoyuki@FreeBSD.org]
* cvsweb.cgi: Work around a bug of cvs -p; expand symlinks in a
cvsroot.
[Submitted by: motoyuki@FreeBSD.org]
* cvsweb.cgi: Fix parsing in 'tags' state.
[Submitted by: "Khachaturov, Vassilii" <vassilii@tarunz.org>]
2002-04-11 Akinori MUSHA <knu@iDaemons.org>
* cvsweb.cgi, cvsweb.conf: Perform an HTML cleanup.
[Submitted by: Ville Skytt,Ad(B <ville.skytta@iki.fi>]
* cvsweb.cgi: Call this version FreeBSD-cvsweb 2.0.1.
2002-04-05 Akinori MUSHA <knu@iDaemons.org>
* INSTALL: Somehow description configuration doesn't work if you
put trailing /'s in module names, so fix the document for the
moment.
[Submitted by: Mario Sergio Fujikawa Ferreira <lioux@FreeBSD.org>]
2002-02-06 Akinori MUSHA <knu@iDaemons.org>
* cvsweb.cgi: Use TMPDIR instead of the hardcoded /tmp.
* cvsweb.cgi: Never pass 'MAIN' to cvs(1). 'HEAD' is the valid
tag.
the ECHO macro is set to "echo" by default, but it is set to "true" if
make(1) is invoked with the -s option while ECHO_CMD is always set to
the echo command.
Use command macros where appropriate.
* cvsweb.conf-freebsd: Allow downloading a tarball of a project
directory as well as a port directory.
* cvsweb.cgi, cvsweb.conf: Introduce optional output filter.
[Requested by: Shigeyuki Fukushima <shige@FreeBSD.org>]
* cvsweb.cgi: Fix a bug where it produces wrong download links when
cvsweb.cgi is placed right under the document root.
[Reported by: Arnaud on EFnet]
2001-08-01 Akinori MUSHA <knu@iDaemons.org>
* cvsweb.cgi: perltidy -i=8 -t -pt=2 -bt=2 -sbt=2 -ci=4 -noll -sfs
-nasc -ce
* cvsweb.conf, cvsweb.conf-freebsd, cvsweb.conf-netbsd,
cvsweb.conf-openbsd, cvsweb.conf-ruby: perltidy -i=8 -t -pt=2 -bt=2
-sbt=2 -ci=4 -noll -sfs -nasc -ce
* cvsweb.cgi, cvsweb.conf: MFZ 1.111, but introduce @ForbiddenFiles
instead of @DissallowRead to forbid user to cvs
checkout/diff/annotate specified files.
* cvsweb.cgi: MFZ 1.112: A couple of trivial fixes.
2001-07-26 Akinori MUSHA <knu@iDaemons.org>
* cvsweb.cgi: Chdir to TMPDIR so it works even when the cgi-bin
directory is unreadable.
[Submitted by: Dmitry Morozovsky <marck@rinet.ru>]
* cvsweb.cgi: Let the module/path box appear and work properly
when there is only one repository.
[Submitted by: Dmitry Morozovsky <marck@rinet.ru>]
2001-07-06 Akinori MUSHA <knu@iDaemons.org>
* cvsweb.cgi, cvsweb.conf: Support "zip" as an additional
archiver.
* cvsweb.cgi: MFZ 1.110. But the bug had already been fixed in
knu-cvsweb.
2001-06-22 Akinori MUSHA <knu@iDaemons.org>
* cvsweb.cgi: Get rid of a potential "uninitialized variable
usage" warning.
[Submitted by: Bill Fenner <fenner@FreeBSD.org>]
2001-06-08 Akinori MUSHA <knu@iDaemons.org>
* cvsweb.cgi: MFZ 1.109. Preset the global variable the stores
the per file cvs info to avoid accumulating cruft under modperl.
2001-01-11 11:00 knu
* cvsweb.cgi, cvsweb.conf: Oops.
2001-01-11 10:52 knu
* cvsweb.cgi, cvsweb.conf, cvsweb.conf-freebsd, cvsweb.conf-netbsd,
cvsweb.conf-openbsd: Run "tar cf - ... | gzip -c" rather than "tar
zcf - ..." to avoid tar(1)'s automatic padding of nulls to align
with the block size, which is just garbage for a receiver.
Noted by: Katsuyuki Komatsu <komatsu@sarion.co.jp>
Have $uname variable to hold the OS implementation name.
Move %CMD's initialization part to the beginning of cvsweb.conf so
it can use $uname and configure properly for the OS.
Wrap FreeBSD or OpenBSD specific features in conditional blocks
using $uname.
Fix some open() calls in good manners.
2001-01-05 09:00 knu
* cvsweb.cgi: Delete $ENV{PATH} before everything. (against -T
paranoia) It's nothing to worry since cvsweb.cgi always invokes
executables by full paths, though.
Correct the error messages regarding $command_path.
2001-01-03 17:57 knu
* cvsweb.cgi, cvsweb.conf: Don't rely on perl's $ENV{PATH} search.
Search commands for itself and specify them by full paths.
2001-01-03 11:55 knu
* README.knu, cvsweb.cgi: Don't forget to add $query to the URL
when redirecting. Now module alias redirection and Attic
redirection work with all sticky variables preserved. (Previously
they didn't work against a non-default cvsroot)
Put a text field on each directory view that allows user to jump
directly to an arbitrary module, which can be specified either by a
full module/file path or by a module alias.
2001-01-03 08:34 knu
* README.knu, cvsweb.cgi, cvsweb.conf: List CVS repository entries
in the specified order, not alphabetical.
Now /usr/local/etc/cvsweb/ is the default directory for
configuration files.
2001-01-02 21:23 knu
* cvsweb.cgi, cvsweb.conf: Get cvsweb.cgi to run under perl -T.
Change perl command line:
Change perl5 to perl and just declare `require 5.000'.
Remove -s option that was intended for debug use.
Add -T option to perform security checks.
Change search paths for cvsweb.conf:
Don't adopt the value of $ENV{CVSWEB_CONFIG} that was intended
for
debug use.
Search the same directory that cvsweb.cgi is in instead of the
current directory.
Invoking `last' in `do { ... } while (0);' is wrong. Change the
loop to `while (1) { ... last; }'.
Don't do chdir. Instead, use tar(1)'s -C option and cvs(1)
export's -d option.
Explicitly define $ENV{PATH}.
Turn $allow_compress off by default so user can debug cvsweb.cgi
easily.
- Install cvsweb.conf* files under ${PREFIX}/etc/cvsweb/.
2001-01-02 08:15 knu
* cvsweb.cgi, cvsweb.conf, cvsweb.conf-freebsd, cvsweb.conf-netbsd,
cvsweb.conf-openbsd, cvsweb.conf-ruby: Add $prkeyword variable to
allow user to use (e.g.) `Bug' instead of `PR' as the bug report
identifier.
Add cvsweb.conf-{freebsd,openbsd,netbsd,ruby} files, and move
rather FreeBSD specific configuration values to
cvsweb.conf-freebsd.
Add a %funcline_regexp entry for Ruby. (*.rb)
2001-01-02 06:24 knu
* cvsweb.conf: Add `pending' to the list of PR categories.
2001-01-02 05:57 knu
* cvsweb.cgi: Reduce 'Use of uninitialized value' warnings.
Noticed by: Wolfram Schneider <wosch@schneider.org>
2000-12-30 08:56 knu
* cvsweb.cgi: Oops, I forgot "cvs export" always need a -r/-D.
Specify -rHEAD when no tag/branch is defaulted.
2000-12-30 08:35 knu
* cvsweb.cgi, cvsweb.conf: Add $preformat_in_markup variable and
turn it off by default. This option should be turned off when you
have files in the repository that are in a multibyte encoding which
uses HTML special characters ([<>&"]) as part of a multi-byte
character. (such as iso-2022-jp, ShiftJIS, etc.) Otherwise those
files will get screwed up in markup.
Fix for those systems which tar(1)'s are not GNU tar(1).
- Add @@tar_options variable and make the --ignore-failed-read flag
optional.
- Use cvs export instead of cvs checkout, so the --exclude 'CVS'
flag isn't needed.
Noticed by: Christian Weisgerber <naddy@mips.inka.de>
Fix for those systems which cvs(1)'s don't support -R option.
(Actually, only FreeBSD's and OpenBSD's cvs(1) support it)
- Add @@cvs_options and make the -R flag optional.
2000-12-29 22:29 knu
* cvsweb.cgi: Add charset to all text/* output, including diffs.
Submitted by: Alexey Zelkin <phantom@cris.net>
2000-12-29 18:12 knu
* cvsweb.cgi: The use of `do "file"' is obsolete. Use require
instead.
2000-12-29 17:47 knu
* cvsweb.cgi: Add the prototype declaration for hrefquote().
2000-12-29 03:17 knu
* README.knu: Mention automatic tarball generation feature.
2000-12-29 03:16 knu
* TODO.knu: Directory sorting was fixed at the same time that "show
only tags" feature was fixed.
2000-12-29 03:07 knu
* cvsweb.cgi: Specify --ignore-failed-read on invoking tar(1).
2000-12-29 02:49 knu
* cvsweb.cgi, cvsweb.conf: Add "automatic tarball generation"
feature. You can check out a whole directory in gzipped tarball.
Obtained from: Debian package: cvsweb_1.93-1
Allow space characters in file names. (not tested yet)
2000-12-18 13:25 knu
* TODO.knu, cvsweb.cgi: Revert MFZ: 1.103 -> 1.104 which introduced
a bogus bug. As noone seems to need to use 0.X revisions, I'd just
drop it. This should fix the "show only tags" feature.
2000-12-18 12:47 knu
* cvsweb.cgi: Silence the warnings.
2000-12-18 11:48 knu
* cvsweb.cgi: Add meta tags to prevent WWW robots from crawling
over the cvsweb.
Submitted by: Wolfram Schneider <wolfram@schneider.org>
2000-12-08 00:11 knu
* cvsweb.cgi: Silence `Use of uninitialized value' warnings.
(again)
2000-12-07 03:20 knu
* TODO.knu: Mention "show only tags" feature breakage.
2000-12-07 03:19 knu
* cvsweb.cgi: Emit a rather better error message when a user
requests to check out a deleted file.
Pointed out by: Chris Faulhaber <jedgar@fxp.org>
Cut an out-of-date error message. (adding -R and -l options to the
cvs command line should have obsoleted it)
Optimize, clean up.
2000-11-23 04:26 knu
* cvsweb.cgi, cvsweb.conf: Add a new variable $charset to specify
the charset for HTML output.
Submitted by: SADA Kenji <sada@bsdclub.org>
2000-11-05 00:32 knu
* cvsweb.cgi: Silence `Use of uninitialized value' warnings.
2000-11-03 02:36 knu
* README.knu: Mention cat.1 is hyperlinked as well as cat(1).
2000-11-03 02:34 knu
* cvsweb.cgi: MFZ: 1.104:
2000-11-02 07:05 hnordstrom
* cvsweb.cgi: Allow for 0.X versions. CVS accepts such
version numbers in import -b even if not strictly legal...
2000-11-03 02:33 knu
* cvsweb.conf: Set the default diff type to unidiff for all
browsers, not only text-based ones.
2000-10-21 00:46 knu
* cvsweb.cgi: Always give options to click on a non-colored diff
_and_ a colored diff.
Requested by: SO many people :>
2000-10-20 22:59 knu
* TODO.knu: Hyperlinking was properly fixed.
2000-10-20 21:28 knu
* TODO.knu, cvsweb.cgi: Fix htmllify so that <A href="...">...</A>
won't nest. :)
Do not show additional "(colored)" diff links when long colored
diff is the default.
Reduce the use of `.' operator that is known to be expensive. Fix
indent, clean up.
2000-10-11 06:14 knu
* cvsweb.cgi: Introduce a new function: htmlquote().
Clean up hyperlink tags.
- Use &link() instead of <a href="...">...</a>.
- Do urlencode() or htmlquote() as appropriate.
2000-10-11 03:48 knu
* cvsweb.cgi:
- Recognize "links" as another text mode browser.
- Fix the revision links in the annotation view of a file.
Submitted by: Christian Weisgerber <naddy@mips.inka.de>
2000-10-07 16:44 knu
* cvsweb.cgi: Fix &link() not to put a redundant trailing LF.
Improve manpage linking to support "foo.1" as well as "foo(1)".
2000-10-07 16:35 knu
* cvsweb.cgi: Fix screwups in the last commit.
Parse rlog's output explicitly. Recognize 77 ='s as a file
separator, and 28 -'s as revision separator.
Submitted by: Makoto MATSUSHITA <matusita@jp.FreeBSD.org>
2000-10-03 04:07 knu
* cvsweb.cgi: Cleanup $barequery generation. Undefine "my"
variables when they are done.
2000-10-01 05:10 knu
* cvsweb.cgi: Fix annotation bugs.
- Do not pass gzip'ed directives to cvs. (it never worked, sigh)
- Fix mis-spacing. Now it should look pretty well.
2000-10-01 03:48 knu
* INSTALL, cvsweb.cgi: Specify -R (Read-only mode) and -l (Do not
log in history) flags when doing a cvs annotation so that one does
not need to turn on the write permission on CVSROOT/history for the
user which httpd runs cvsweb.cgi as. (typically "nobody")
2000-10-01 03:27 knu
* cvsweb.cgi: Fix the comment to make how to set $config clear.
Inspired by: "Dan Langille" <dan@langille.org>
2000-09-29 03:06 knu
* cvsweb.cgi: Trap errors in the configuration files on loading and
show error messages. (Previously it failed silently)
Submitted by: Sean Scarff <sean@pavilion.net>