Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
223 check-ins that are derived from version-2.26 and contribute to version-2.27
|
2025-09-30
| ||
| 11:03 | Version 2.27 (check-in: 99675884a9 ... user: drh tags: trunk, release, version-2.27) | |
|
2025-09-27
| ||
| 15:05 | Avoid an unnecessary mprintf(). (check-in: bd4cec1240 ... user: danield tags: trunk) | |
| 11:57 | Further reduce divergence between the SQLite and Fossil implementations of regexp.c. Fix compiler warnings for MSVC. (check-in: a18dab4184 ... user: drh tags: trunk) | |
| 11:10 | Update the built-in SQLite to the latest trunk version so that it will compile without warnings on Windows. (check-in: 702a56d116 ... user: drh tags: trunk) | |
|
2025-09-26
| ||
| 20:07 | Add a new setting "regexp-limit" that determines the maximum size of a REGEXP virtual machine. Default value 1000. (check-in: 82888a0d35 ... user: drh tags: trunk) | |
| 14:23 | Updates to the changelog. (check-in: 28483bfc5a ... user: danield tags: trunk) | |
| 14:12 | Update the change log. (check-in: 3a0dfc8920 ... user: drh tags: trunk) | |
| 13:36 | Bring the built-in SQLite and the regexp implementation into alignment with upstream. (check-in: 9642cde384 ... user: drh tags: trunk) | |
| 12:48 | Prevent the cell background colors from extending beyond the outer rounded borders of the diff table in WebKit-based browsers. (check-in: b666bbc54d ... user: florian tags: trunk) | |
| 11:58 | Add the -h option to the "ls" command to display file hashes for a specific check-in when in verbose mode. (check-in: 4c0ff6ed62 ... user: danield tags: trunk) | |
|
2025-09-25
| ||
| 08:30 | Simplify the previous commit. (check-in: b12e52aaf7 ... user: florian tags: trunk) | |
| 08:00 | Prevent successfully completed robot checks from reappearing and force incomplete checks to start over when navigating back and forward. (check-in: 4cc0881dec ... user: florian tags: trunk) | |
|
2025-09-24
| ||
| 19:29 | Update the built-in SQLite to the latest trunk check-in for testing. (check-in: 3041904dae ... user: drh tags: trunk) | |
|
2025-09-21
| ||
| 04:16 | Fix an out-of-bounds array access in the function to decode a UTF-8 sequence (similar to a problem reported on the SQLite Forum: https://sqlite.org/forum/forumpost/184b372388). (check-in: 59879abe16 ... user: florian tags: trunk) | |
|
2025-09-11
| ||
| 21:44 | Fix the "Download" submenu item on the /artifact page such that the at= query parameter is the actual basename of the file being downloaded, when available. (check-in: b1e811c3e7 ... user: drh tags: trunk) | |
| 15:43 | Fix links with truncated symbolic names in /vdiff, as reported in forum post 690436f85e. (check-in: 2871b39a62 ... user: danield tags: trunk) | |
| 10:17 | Add a missing return in cgi_fread() for builds without FOSSIL_ENABLE_SSL. (check-in: 1cd8163045 ... user: stephan tags: trunk) | |
|
2025-09-10
| ||
| 14:29 | Update to a newer SQLite that fixes a bug in the SQLite CLI so that it will once again compile on 32-bit windows. (check-in: fb8697872b ... user: drh tags: trunk) | |
| 11:40 | Update to the change log (check-in: 1042d64538 ... user: drh tags: trunk) | |
| 10:51 | Update the built-in SQLite to the latest trunk for testing. (check-in: dc45faa3b7 ... user: drh tags: trunk) | |
| 10:49 | Fix encoding of hyperlinks synthesized by the manifest parser. (check-in: 55e9a2ff09 ... user: drh tags: trunk) | |
| 02:46 | Correct misspelled word in timeline HTML output. (check-in: 3d1a1ec0e3 ... user: andybradford tags: trunk) | |
|
2025-09-09
| ||
| 14:23 | This should be encoded for URL/HTTP not HTML to avoid broken URLs when symbolic tags have spaces, ampersands, and other things that need proper escaping. (closed check-in: 25c0da0126 ... user: andybradford tags: fix-timeline-moves) | |
|
2025-09-05
| ||
| 15:20 | Fix the error log parsing so that timeouts do not appear as panics. (check-in: b2ace8830a ... user: drh tags: trunk) | |
|
2025-09-04
| ||
| 12:00 | Fix compiler warning and improve performance in previous check-in. (check-in: 9d7c15d409 ... user: drh tags: trunk) | |
|
2025-09-02
| ||
| 22:10 | Allow the plus sign in MIME types again, needed for example in 'application/rss+xml'. (check-in: 639c040474 ... user: danield tags: trunk) | |
| 12:52 | Minor internal doc updates. No code changes. (check-in: 65448438e8 ... user: stephan tags: trunk) | |
| 12:51 | Change the link to fnc to use its new canonical home, fnc.sh, as pointed out by Florian in the forum. (check-in: accce714cc ... user: stephan tags: trunk) | |
|
2025-09-01
| ||
| 17:17 | Finish writing a doc sentence started in the previous checkin. (check-in: 7a3d6d7057 ... user: stephan tags: trunk) | |
| 16:58 | Add a CSRF check to /chat-send. (check-in: 4caa8cb9ff ... user: stephan tags: trunk) | |
| 15:37 | Reject all GET/COOKIE vars in which the values contain control characters. (check-in: 0c1419a466 ... user: stephan tags: trunk) | |
| 15:27 | An alternate approach to [ae8fc0e0b5e6] which instead rejects all GET and COOKIE values which, after decoding, contain any control characters. We have(?) no(?) use cases where control characters are legitimately needed for GET/COOKIE values. (closed check-in: c61ae84cab ... user: stephan tags: no-ctrl-chars) | |
| 14:15 | Primative validation of request-supplied mime-types. (check-in: ae8fc0e0b5 ... user: drh tags: trunk) | |
|
2025-08-22
| ||
| 15:49 | When deleting cookies via /cookies, use a path of "/" for ROBOT_COOKIE. The alternative would be to set that cookie to be repo-local (i.e. set its path to g.zTop), which would be unfortunate for servers which host many fossils. (check-in: 55c972103f ... user: stephan tags: trunk) | |
| 13:59 | Add the /re_rules page. (check-in: 8779bd0b3a ... user: drh tags: trunk) | |
| 01:51 | Fix a typo in the regular expression example for robot-exception (check-in: 31b09807ef ... user: drh tags: trunk) | |
|
2025-08-21
| ||
| 19:10 | Activate the robot-restrict "timelineX" flag if the c= query parameter is used. (check-in: 59ae0e0b18 ... user: drh tags: trunk) | |
| 16:21 | Do not change the /info diff-type to 0 if robot-restrict is turned off. Forum post 1bef6821de. (check-in: 879deeda66 ... user: drh tags: trunk) | |
| 15:40 | Show numstat-style statistics in the /ckout page as well. (check-in: cb4d17078f ... user: danield tags: trunk) | |
| 14:16 | Avoid excess backslash excaping in text in the new robot-exception setup. (check-in: 5dc9f9b97c ... user: drh tags: trunk) | |
| 14:13 | Add /reports to the default robot-restrict setting. (check-in: 12d871a00a ... user: stephan tags: trunk) | |
| 14:08 | Add the robot-exception setting. (check-in: 86b6ef7fe3 ... user: drh tags: trunk) | |
| 12:02 | Change [3710202914] to call the function to load the diff-related JS code even for blocked diffs. By default, the loader function is already a no-op if diffs are blocked, so the behavior intended by [3710202914] is retained. But other branches are patching the loader function because they rely on the JS code even if the diffs are hidden. (check-in: 171127fd14 ... user: florian tags: trunk) | |
| 10:51 | Rearrange fields in the Robot Defense setup to make it easier to understand. (check-in: 58a48e3abe ... user: drh tags: trunk) | |
|
2025-08-20
| ||
| 15:02 | When appending the ssh signature, use a more direct function with the same result. (check-in: 5d040f1ff0 ... user: danield tags: trunk) | |
| 00:03 | Performance optimization in Th_RenderToBlob(). (check-in: b853b5d471 ... user: drh tags: trunk) | |
|
2025-08-19
| ||
| 22:55 | Do not duplicate the "name" query parameter in the robot.c captcha. (check-in: 118540fa84 ... user: drh tags: trunk) | |
| 18:54 | Improvements to robot-restrict. (check-in: 4e73f31473 ... user: drh tags: trunk) | |
| 16:57 | Create a new interface for checking to see if a tag exists in the robot-restrict setting. (check-in: 8784c600ce ... user: drh tags: trunk) | |
| 16:35 | Attempt to make recent robot defense improvements portable to IE. I do not have access to IE and hence cannot test this, so the changes are mostly a guess. Forum post e18c040d32. (check-in: 3d32a10930 ... user: drh tags: trunk) | |
| 16:02 | Do not show diffs on the /vinfo page unless we know that the client is not a robot. (check-in: 3710202914 ... user: drh tags: trunk) | |
| 15:42 | Refactor the code in robot.c to make interfaces available to other parts of the system. (check-in: 4fa618faf1 ... user: drh tags: trunk) | |
| 10:57 | Check to see that CSS has been loaded before activating hyperlinks if the user is "nobody". (check-in: 3f6a6bdce4 ... user: drh tags: trunk) | |
| 10:37 | Make "off" the preferred way to diable robot-restrict (check-in: db69c47abd ... user: drh tags: trunk) | |
| 10:28 | Documentation update: Make the robot-restrict setting "none" or "off" to disable all restrictions. (check-in: 26a9b03336 ... user: drh tags: trunk) | |
|
2025-08-18
| ||
| 15:49 | New setting "anon-cookie-lifespan" sets the life span of an anonymous login cookie. The default is 8 hours. Set to zero to disable anonymous login. (check-in: 7d2b47a7c3 ... user: drh tags: trunk) | |
| 11:45 | Additional obfuscation of the javascript that runs to implement the anti-robot defense. (check-in: 4c4bce351d ... user: drh tags: trunk) | |
|
2025-08-17
| ||
| 19:38 | Wrap the robot_restrict() JS check in an onload handler so that it won't run until the external resources (namely style.css) are loaded. (check-in: e5991efb68 ... user: stephan tags: trunk) | |
| 19:04 | Improvements to robot detection in the robot_restrict() function. (check-in: e5b00c610d ... user: drh tags: trunk) | |
| 19:02 | Obfuscation of the robot-test code. (closed check-in: 2fdd7ace52 ... user: drh tags: robotck-instant) | |
| 18:44 | Merge the robot tests from trunk with the new tests from this branch so that *all* the tests are run. (check-in: 95a57c637f ... user: drh tags: robotck-instant) | |
| 18:33 | Merge recent trunk enhancements into the robotck-instant branch. (check-in: dd11b563f4 ... user: drh tags: robotck-instant) | |
| 18:20 | Use the UserAgent value from the HTTP request header, rather than the client IP address, as the additional factor in the anonymous login cookie hash, since some client are on networks where their IP address can shift frequently. (check-in: 0693766805 ... user: drh tags: trunk) | |
| 17:47 | Because this new check is too fast to see the progress indicator, make the final result label more explicit. (check-in: b6cf0c2052 ... user: stephan tags: robotck-instant) | |
| 17:16 | Make anonymous cookies valid for 8 hours. Include the client IP address as part of the cookie hash, but do not display the client IP address within the text of the cookie. (check-in: 68da4784aa ... user: drh tags: trunk) | |
| 15:37 | Move the z-level style into default.css, in case the adversaries read inlined STYLE tags (which now, in hindsight, seems more likely to me). Change the HTTP result code from robot_proofofwork() to a non-200 code, the hope being that the adversaries will stop on a non-200 code. (check-in: c7ad43638d ... user: stephan tags: robotck-instant) | |
| 15:00 | Remove some dead code from /chat. (check-in: 144c5dbe00 ... user: stephan tags: trunk) | |
| 14:52 | Correct a mis-calculation of fontSize for /chat attachments which use the Embed checkbox. (check-in: e3f0dcc325 ... user: stephan tags: trunk) | |
| 13:21 | Add a comment explaining why document.body's z-level is explicitly set to 0. Remove some EOL whitespace. (check-in: 7c57a20ebd ... user: stephan tags: robotck-instant) | |
| 12:52 | Add (stash rename) to the changelog. (check-in: c834adb656 ... user: stephan tags: trunk) | |
| 12:50 | Add (stash rename) subcommand to change the label associated with a stash entry. (check-in: 1aaa6fc58d ... user: stephan tags: trunk) | |
| 12:29 | Fix the previous checkin to actually compute the work value. This slows it down by a tiny fraction of a second but it's still effectively instant. This calculation can be moved up a level into the C code to turn this back into an instant operation, but leaving it on the client seems like a reasonable choice. (check-in: c27cfa9f60 ... user: stephan tags: robotck-instant) | |
| 12:10 | An experiment in reducing the proof-of-work to a single operation. (This description is intentionally vague.) (check-in: b765e65267 ... user: stephan tags: robotck-instant) | |
|
2025-08-16
| ||
| 16:48 | Add a simple UI that allows any registered user (not "anonymous" or "nobody") to create access tokens. (check-in: 2a3d303124 ... user: drh tags: trunk) | |
| 15:54 | Change the name of the robot-test cookie to fossil-client-ok. Decode that cookie's meaning on the /cookies page. (check-in: dc2232c6bd ... user: drh tags: trunk) | |
| 14:44 | Cache the results of calling robot_restrict() so that subsequent calls are very fast. (check-in: 1bdda5d01d ... user: drh tags: trunk) | |
| 14:20 | Open up access to /test-robotck to all users. Clear the "Press OK to continue" from the screen when the Ok button is pressed, so that it does not linger for zip and tarball downloads. (check-in: 508d3cd98a ... user: drh tags: trunk) | |
| 13:59 | Improvements and simplifications to anti-robot defenses. (check-in: 16b33097fe ... user: drh tags: trunk) | |
| 13:57 | Improved anti-robot captcha. (closed check-in: 206089acd1 ... user: drh tags: robot-restrict-simplified) | |
| 10:10 | Correct the signature of an extern decl of fossil_strndup(), as reported in forum post 21ac5f59a0. (check-in: d546932976 ... user: stephan tags: trunk) | |
| 00:36 | Add the "timelineX" tag to robot-restrict processing. Move /honeypot over to the captcha.c file and have it use the resources found there. (check-in: 54afc94ce0 ... user: drh tags: robot-restrict-simplified) | |
|
2025-08-15
| ||
| 23:46 | Convert the g.isHuman variable into g.isRobot. (check-in: 6422bca15d ... user: drh tags: robot-restrict-simplified) | |
| 23:18 | Simplifications to the logic that tries to keep robots out. (check-in: 02adced1c1 ... user: drh tags: robot-restrict-simplified) | |
| 19:58 | Add /zip and /tarball pages to the robot-squelch mechanism. (check-in: 661991aa62 ... user: drh tags: trunk) | |
| 19:07 | Add the "robot-squelch" defense against bot-nets. Still incomplete, but sufficient to hold off the latest attacks. (check-in: de66eeaab7 ... user: drh tags: trunk) | |
| 18:49 | Bug fix in the new cgi_is_qp() routine of the previous check-in. (closed check-in: ef57ecf260 ... user: drh tags: robot-squelch) | |
| 18:47 | Further improvements to the squelch captcha. (check-in: 055908da97 ... user: drh tags: robot-squelch) | |
| 16:21 | Slightly more sophisticated captcha. (check-in: a10e785dfb ... user: drh tags: robot-squelch) | |
| 15:11 | Merge trunk enhancements into the robot-squelch branch. (check-in: a46ffe0fb7 ... user: drh tags: robot-squelch) | |
| 15:06 | Add a really simple captcha - the user just has to press a button. (check-in: b3337295f1 ... user: drh tags: robot-squelch) | |
| 13:55 | Prototyping new defenses against bot-nets (check-in: 3f4885a983 ... user: drh tags: robot-squelch) | |
| 05:10 | Update [6c8c93a5f7] to fix redirects to the captcha screen and set the keyboard focus to the password input field if there's no user ID input field. (check-in: b8731485b0 ... user: florian tags: trunk) | |
| 04:50 | Merge the revamped Copy Buttons. (check-in: 63712b631c ... user: florian tags: trunk) | |
|
2025-08-14
| ||
| 21:01 | The "/login?anon=2" page demonstrates the captcha even if the user is currently logged in. (check-in: e58112a4f3 ... user: drh tags: trunk) | |
| 19:35 | Improved captcha screen. Less clutter. Easier for first-time visitors to digest. (check-in: 6c8c93a5f7 ... user: drh tags: trunk) | |
| 12:46 | Reduce the timeout for anonymous logins to 1 hours. Add the IP address to the anonymous login cookie. (check-in: 60a9fac4e1 ... user: drh tags: trunk) | |
|
2025-08-13
| ||
| 15:48 | Allow the mimetype query parameter for non-CGI content in /ext. (check-in: 639b96b9ad ... user: drh tags: trunk) | |
|
2025-08-12
| ||
| 15:27 | Use equal horizontal spacing for normal and "flipped" Copy Buttons (where the latter are positioned after the text to be copied). The idea is for the buttons to be tied to "their" text without spaces in between, resulting in a somewhat narrower spacing to emphasize the connection, but to have normal HTML whitespace on the other side. (closed check-in: 2bc2f7249c ... user: florian tags: copybtn.js-responsive) | |
| 15:20 | Add some higher-specificity CSS declarations to prevent dark-mode skins from overriding the relevant styles of the Copy Button layout, so users don't need to sync their skin customizations with the changes on this branch. (check-in: b7f2c9f329 ... user: florian tags: copybtn.js-responsive) | |
| 15:04 | Revamp the Copy Buttons for a more responsive user experience. See the wiki page linked to this branch for more details. (check-in: 32c3a210c8 ... user: florian tags: copybtn.js-responsive) | |
|
2025-08-10
| ||
| 10:28 | Raise an error when trying to insert an unversioned file if the file size would cause the database row to exceed SQLITE_LIMIT_LENGTH. (check-in: c6265bb3a7 ... user: drh tags: trunk) | |
|
2025-08-07
| ||
| 19:46 | Add an assert() in a block which cannot happen. It survives 'reconstruct', so we can probably remove the block, but leaving it around for a while seems prudent. (check-in: 7d4af37f39 ... user: stephan tags: trunk) | |
|
2025-08-06
| ||
| 10:30 | Show numstat-style statistics in the 'Changes' section of /info and friends. (check-in: 18151a8615 ... user: danield tags: trunk) | |
|
2025-08-04
| ||
| 23:58 | Add a NULL check where a change from [4c3e1728e1b1a9cb] inadvertently changed the semantics from NULL=="" to NULL==NULL, triggering a null pointer deref via backlinks parsing. Triggered by rebuild when encountering a tag with no value. (check-in: 441264b759 ... user: stephan tags: trunk) | |
|
2025-08-03
| ||
| 22:47 | Attempt to augment the "attempt to write a readonly database" error from Fossil by listing all databases it is using that are read-only. (check-in: 0ea8703b60 ... user: drh tags: trunk) | |
| 11:31 | Eliminate a superfluous allocation and have freepass() zero out its storage to avoid a duplicate free() in the very off chance that it's ever called twice. These are cleanups made in passing, not fixing known problems. (check-in: 1c9d5cd81d ... user: stephan tags: trunk) | |
|
2025-08-01
| ||
| 13:03 | Fix diff -tk's handling of the file list when the Reload button is tapped and the list of files is changed. Problem reported in /chat. (check-in: 4bb41f9242 ... user: stephan tags: trunk) | |
| 12:08 | Change all datetime() calls in tktsetup.c to use toLocal() as their second argument so that they display in the configured timezone. This should resolve forum thread 82ac9af1533f78f7. (check-in: 2a39681ad1 ... user: stephan tags: trunk) | |
| 04:59 | Typo fix in help output, noted on the forum. (check-in: 0d94d71d25 ... user: wyoung tags: trunk) | |
|
2025-07-31
| ||
| 12:50 | Shorten line statistics text for the benefit of devices with limited screen width. (closed check-in: 941f67a83e ... user: danield tags: gui-diff-numstat) | |
|
2025-07-30
| ||
| 17:48 | Fix a compiler warning in the previous check-in. (check-in: a8ef11b63c ... user: danield tags: trunk) | |
| 17:26 | Show numstat-style statistics in the 'Changes' section of /info and friends. (check-in: 25e156c9b7 ... user: danield tags: gui-diff-numstat) | |
| 17:14 | Add the test-generate-uuid command. (check-in: 062bb67c03 ... user: danield tags: trunk) | |
| 16:54 | Update the built-in SQLite to the latest trunk version for testing. (check-in: 104c079dcd ... user: drh tags: trunk) | |
|
2025-07-27
| ||
| 11:58 | When unversioned content is saved, add an entry to the admin log. (check-in: 7991defa6f ... user: stephan tags: trunk) | |
| 11:07 | Teach the sync protocol how to work with an out-of-band login card, saving an extra server-side copy of the sync content which is required only to account for an inlined login card. i.e. it saves RAM, potentially lots of it. The new login card mechanism is instead transported via an HTTP header. This also, not coincidentally, simplifies implementation of the login card in non-fossil(1) clients which are currently learning to speak the sync protocol. (check-in: 18628904c3 ... user: stephan tags: trunk) | |
|
2025-07-25
| ||
| 18:47 | Do not add the sync login cookie unless we know the remote supports it. It's harmless in that case but it doesn't need to be there. Rename the login cookie from the unweildy x-f-x-l (X-Fossil-Xfer-Login) to x-f-l-c (X-Fossil-Login-Card) because the former is unsightly. (closed check-in: 9789e1dce7 ... user: stephan tags: xfer-login-card) | |
| 15:08 | Extend the login card mode version check to include the date and time. It is currently still set to 2.27.1, but if/when merged then the version would need to be reverted to 2.27.0 and the version/date/time check will need to be set to compare against the trunk version from immediately before the merge. This needs more testing but looks like it will resolve the "post-2.26 trunk" incompatibility. (check-in: 86cc923de4 ... user: stephan tags: xfer-login-card) | |
|
2025-07-24
| ||
| 05:26 | Remove the now-obsolete parsing of the X-Fossil-Xfer-Login HTTP header. (check-in: 8dbcf2acba ... user: stephan tags: xfer-login-card) | |
| 05:10 | Use a Cookie, instead of a custom HTTP header and/or URL param, to send the sync login header, as suggested in forum post 9959d2d9d9be22d2. This is simpler. (check-in: 756ad2f23c ... user: stephan tags: xfer-login-card) | |
| 03:16 | Previous checkin should not have compiled - clean rebuild uncovered a stale dep. Re-map the fLoginCardMode to a bitmask so that it's possible to tell when multiple paths toggle that on, and which paths they were. (check-in: 780d3b2fe3 ... user: stephan tags: xfer-login-card) | |
| 03:03 | Doc touchups. (check-in: aa36afc52c ... user: stephan tags: xfer-login-card) | |
| 02:41 | Update the change log and sync.wiki for the login card additions. (check-in: edfa01d9d2 ... user: stephan tags: xfer-login-card) | |
| 02:20 | Doc improvements and internal API renaming for clarity. No functional changes. (check-in: 286110dec0 ... user: stephan tags: xfer-login-card) | |
| 01:12 | Remove some debug output. (check-in: d1b7be2ff8 ... user: stephan tags: xfer-login-card) | |
|
2025-07-23
| ||
| 23:31 | Remove some xfer login process debug output. (check-in: 815a84cbcc ... user: stephan tags: xfer-login-card) | |
| 20:56 | Account for CGI-hosted fossil instances by sending the xfer login card as a URL argument. This is somewhat inelegant but works around their inability to read HTTP headers. This version is still more verbose than it needs to be, and requires more testing for compatibility with trunk fossil versions. (check-in: 439af9348b ... user: stephan tags: xfer-login-card) | |
| 17:39 | Add the x-fossil-xfer-login header check in one additional place. With the help of the included debug output, the login problem seems to be caused by CGI (only) instances not reading the inbound HTTP headers. My attempts to make it do have, so far, only triggered HTTP 500 responses. (Edit: i'd forgotten that CGIs don't get headers. The headers are necessarily consumed by the web server to find the CGI script and populate its environment.) (check-in: 6c900645ea ... user: stephan tags: xfer-login-card) | |
| 15:58 | Minor optimization: replace calls to mprintf("%s", X) with fossil_strdup(X). (check-in: 4c3e1728e1 ... user: danield tags: trunk) | |
|
2025-07-22
| ||
| 22:53 | Add some debugging 'message' cards to help trace how the remote is handling the login. (check-in: 21be2978af ... user: stephan tags: xfer-login-card) | |
| 18:11 | Remove some dead code. Add some internal docs. Add a couple of const qualifiers to help me reason through the xfer payload buffer's lifetime. (check-in: 459d0cbbc7 ... user: stephan tags: xfer-login-card) | |
| 17:52 | Remove lots of debug output. Replace a couple of mprintf() with fossil_strdup() and a couple free() with fossil_free(). Milestone: libfossil has successfully logged in to this version of fossil. (check-in: 1078a123c1 ... user: stephan tags: xfer-login-card) | |
| 15:53 | Doc typo fixes. (check-in: 2250a684cc ... user: stephan tags: xfer-login-card) | |
| 15:51 | Set g.syncInfo.bLoginCardHeader=1 if that inbound header is detected, rather than delaying it until the /xfer handling. Internal doc additions. (check-in: 4fc13c5c88 ... user: stephan tags: xfer-login-card) | |
| 15:41 | Enable the HTTP login header if the xfer server-version is high enough, analog to the same check for the client-version. (check-in: bc3ad94411 ... user: stephan tags: xfer-login-card) | |
| 15:12 | Get sync working from both login card forms and add a temporary --login-card-header CLI flag to force it to emit the HTTP header form of the card in output requests. If all is well, this checkin should be able to push to the canonical repo, despite their differences. (check-in: 042560df54 ... user: stephan tags: xfer-login-card) | |
| 02:32 | The previous checkin left me unable to push because (of course) the remote trunk doesn't know how to use the login card header. This checkin disables, via a macro toggle, the use of that header on outbound sync requests. (check-in: cb42278d84 ... user: stephan tags: xfer-login-card) | |
| 02:16 | For testing purposes only, unconditionally use the X-Fossil-Xfer-Login HTTP header for sync requests, rather than add it to the payload (which seems to work okay). This is primarily so that apples-to-apples comparisons can be made in libfossil's testing, and will be reverted (or applied conditionally) once the libfossil side is working. (check-in: ff942066d5 ... user: stephan tags: xfer-login-card) | |
|
2025-07-21
| ||
| 23:45 | Move the X-Fossil-Xfer-Login header check to the correct end of the connection. It is receiving these from libfossil tests but is failing to validate them, but that may well be a bug in that brand new downstream code. (check-in: b49c9b3685 ... user: stephan tags: xfer-login-card) | |
| 19:47 | Update sync.wiki for [12cc5bbf227e3]. (check-in: a4c5a2a961 ... user: stephan tags: xfer-login-card) | |
| 19:39 | Do not allow more than one login card in the sync protocol. (check-in: 12cc5bbf22 ... user: drh tags: xfer-login-card) | |
| 18:42 | Replace an mprintf() with fossil_strdup(). (check-in: 73a2bd06b1 ... user: stephan tags: xfer-login-card) | |
| 18:40 | And this time compile before committing. (check-in: a62ffc1922 ... user: stephan tags: xfer-login-card) | |
| 18:38 | Enable an /xfer login card to be delivered via the X-Fossil-Xfer-Login HTTP header, which is expected to be in the same format as the sync protocol's login card. The purpose of this is to simplify generation of the login card from non-fossil(1) clients, namely libfossil. This is untested until libfossil can generate such cards (it's just missing a bit of glue for that). (check-in: cfddded40e ... user: stephan tags: xfer-login-card) | |
| 17:16 | Account for [638b7e094b899a] when building with --json, as reported in forum post 9acc3d0022. (check-in: c6f0d7aecd ... user: stephan tags: trunk) | |
| 13:20 | Remove FossilUserPerms::Query, as it's unused and its designated capabilities letter 'q' collides with ModTkt. It's been there since 2011-09-14 but went unnoticed until today when that struct was emacs-macro-reformatted into libfossil and triggered a duplicate case value for the letter 'q'. (check-in: 638b7e094b ... user: stephan tags: trunk) | |
|
2025-07-15
| ||
| 20:11 | Update the built-in SQLite to the latest trunk version, for testing. (check-in: 01855974c9 ... user: drh tags: trunk) | |
|
2025-07-14
| ||
| 17:31 | Add mentions in changes.wiki and signing.md that SSH-signed artifacts are "ignored" by fossil versions prior to 2.26, as suggested in forum post 9348885dd6. (check-in: 3f8d014f99 ... user: stephan tags: trunk) | |
| 13:13 | Add the -l and -x options to the test-filezip command. (check-in: 932d351ea5 ... user: drh tags: trunk) | |
|
2025-07-13
| ||
| 20:57 | Update the (undocumented) test-filezip command so that the ZIP archvie it creates has correct timestamps. (check-in: 6368fce274 ... user: drh tags: trunk) | |
|
2025-07-09
| ||
| 21:54 | improve whatis output when lising checkins contain some file artifact by showing on which branch belong the checkin. (just like the /whatis webpage) (check-in: d3896c2acd ... user: mgagnon tags: trunk) | |
| 14:16 | Update the change log for version 2.27 (check-in: a403e11b6f ... user: drh tags: trunk) | |
| 13:52 | Update the built-in SQLite to a version that fixes a possible UAF following OOM. (check-in: a6d506ecc4 ... user: drh tags: trunk) | |
| 13:46 | Do not give unnecessary clues to user anonymous (which is the login used by most attack robots) that something has gone wrong inside of Fossil. (check-in: c66b038cae ... user: drh tags: trunk) | |
| 13:01 | Fix the non-standard %q format specifier in Fossil's custom printf() implementation so that the precision refers to the number of input characters, not the number of output characters. (check-in: 0971536165 ... user: drh tags: trunk) | |
|
2025-07-08
| ||
| 20:35 | Update the built-in SQLite to the latest trunk version for testing. (check-in: d62593b787 ... user: drh tags: trunk) | |
|
2025-07-07
| ||
| 15:11 | Add a function for generating a random (v4) UUID and a test command using it. (check-in: 9472f708c9 ... user: danield tags: gen-uuid) | |
|
2025-07-05
| ||
| 11:35 | On the 'user capabilities changed' notification, correct /setup_uedit?uid=... to /setup_uedit?id=... (check-in: c786b19094 ... user: stephan tags: trunk) | |
|
2025-07-03
| ||
| 16:33 | Squished a stray character accidentally left behind by [1fd407f61a], noted on the forum. (check-in: 2b4a8b4c73 ... user: wyoung tags: trunk) | |
|
2025-07-02
| ||
| 10:55 | Add a confirmer wrapper around the forum post close/reopen button to help avoid accidental closing of posts via mis-clicks, per /chat discussion. (check-in: 751dbe28ce ... user: stephan tags: trunk) | |
|
2025-06-30
| ||
| 17:00 | Merge the latest SQLite enhancements from upstream, for testing. (check-in: bcbf150dc2 ... user: drh tags: trunk) | |
|
2025-06-28
| ||
| 23:59 | Update the built-in SQLite to the latest trunk version. (check-in: cdaec3a431 ... user: drh tags: trunk) | |
| 20:58 | Require at least an "anonymous" login in order to access the /blame and similar pages. Rationale: Those pages can be expensive to compute, depending on parameters. And lately we've had millions of robot requests to /blame. By requiring at least an "anonymous" login, that should reduce the number of robots. Any nobody really needs to see /blame with a one-click. If they are interested in that level of detail, they can take the time to log in. (check-in: f51e8d36cb ... user: drh tags: trunk) | |
|
2025-06-27
| ||
| 10:11 | Correct the starting clone_seqno in sync.wiki (1 instead of 0). (check-in: bbc4b70275 ... user: stephan tags: trunk) | |
|
2025-06-25
| ||
| 10:25 | Small additions and a broken link fix in sync.wiki. (check-in: 22191108aa ... user: stephan tags: trunk) | |
|
2025-06-24
| ||
| 16:46 | Update the built-in SQLite to the latest from upstream. (check-in: 07a16b7933 ... user: drh tags: trunk) | |
|
2025-06-23
| ||
| 16:54 | Update the built-in SQLite to the latest trunk version. (check-in: 746a9636ab ... user: drh tags: trunk) | |
| 13:53 | Add SQL errors as a new logfile message category. (check-in: e3c6e011be ... user: drh tags: trunk) | |
|
2025-06-22
| ||
| 10:35 | (Grammar) Correction for diffcmd help text. (check-in: e879d1ef2c ... user: brickviking tags: trunk) | |
| 09:32 | Resolve two 'db transaction never commits' warnings from /xfer in cases where it response to invalid inputs from the remote (found via libfossil testing). (check-in: bb8604921c ... user: stephan tags: trunk) | |
|
2025-06-20
| ||
| 23:16 | Add new link-tester cases. (check-in: 96c0fc9e88 ... user: drh tags: trunk) | |
| 17:32 | In wiki_submenu_to_read_wiki(), do not show the menu entry for branch/... pages. This is a proposed solution for forum post ff453de2f30791dd, in which the /wiki/foo link on /timeline?r=foo redirects back to /timeline?r=foo. Similar treatment may be needed for the other special wiki types. (check-in: f15b634402 ... user: stephan tags: trunk) | |
| 14:37 | Add some link-tester docs and tweak the resize handler to get a slightly better fit. (check-in: aef937dab5 ... user: stephan tags: trunk) | |
| 14:10 | Remove an extraneous level of DOM element wrapper. Minor link-tester.json tweaks. (check-in: 9713297f03 ... user: stephan tags: trunk) | |
| 14:00 | Minor doc update. (check-in: 91f92da0f8 ... user: stephan tags: trunk) | |
| 13:57 | Add link-tester.json, a set of links for link-tester.html (format is described near the bottom of link-tester.js). Add a link to link-tester which opens the current page in a new tab. (check-in: 1acf766268 ... user: stephan tags: trunk) | |
| 12:48 | Teach link-tester.js to be able to run when invoked from /doc/branchname/test. (check-in: 6ede23a1ab ... user: stephan tags: trunk) | |
| 12:28 | Initial draft of a "manual link tester" page. TODO is loading the list of link from a JSON file. Instructions are at the top of link-tester.html. (check-in: 3eef0e230d ... user: stephan tags: trunk) | |
| 12:26 | Doc tweaks inadvertently sent to the wrong branch. (check-in: 15b0110ac5 ... user: stephan tags: trunk) | |
| 12:23 | Minor sync protocol doc fix. (leaf check-in: eeed9b5392 ... user: stephan tags: markdown-details-open) | |
| 12:23 | Minor internal doc update. (check-in: d9c991a91b ... user: stephan tags: markdown-details-open) | |
|
2025-06-19
| ||
| 20:24 | Update the built-in SQLite to the latest trunk version. (check-in: b10fbd8047 ... user: drh tags: trunk) | |
|
2025-06-17
| ||
| 16:42 | When walking the filesystem in order to construct a repository list, avoid walking into any directory name "proc". See forum thread d9553c52fc for rationale. (check-in: a8c96a64c4 ... user: drh tags: trunk) | |
|
2025-06-08
| ||
| 22:46 | Replace a couple old references to fossil-scm.org/fossil with /home. (check-in: ca5ecf2223 ... user: stephan tags: trunk) | |
|
2025-06-05
| ||
| 13:07 | Add SQLITE_ENABLE_SETLK_TIMEOUT to the default SQLite configuration. (check-in: c953e01c9e ... user: drh tags: trunk) | |
|
2025-06-04
| ||
| 08:15 | When creating a hyperlink via line selection and the mouse in the /file view, do not decode the inbound URL, to avoid mis-handling of filenames which contain + signs. This resolves forum post 6f276193d2cfa5ab. (check-in: 7641c82961 ... user: stephan tags: trunk) | |
|
2025-06-03
| ||
| 15:14 | Update the built-in SQLite to the latest trunk version for testing and to make bug fixes available to Fossil. (check-in: 92cdafddbb ... user: drh tags: trunk) | |
| 15:11 | Always include nodes identified by sel1= and sel2= query parameters in the /timeline display. (check-in: f7af223e1a ... user: drh tags: trunk) | |
|
2025-05-31
| ||
| 15:08 | Backout recent changes which was reporting error when external diff command exit with non 0 value. It's common for cli diff programs (e.g. gnu-diff and bsd-diff) to return 1 when files differ. Looking for a more "generic" solution. (check-in: 9b04150885 ... user: mgagnon tags: trunk) | |
|
2025-05-30
| ||
| 04:27 | Enclose ETag header values in double quotes. Suggested in Forum Post 70bacf5cf8. (check-in: ad51cc61c6 ... user: florian tags: trunk) | |
|
2025-05-29
| ||
| 14:21 | Update the built-in SQLite to the 3.50.0 release. (check-in: ce65d09a56 ... user: drh tags: trunk) | |
| 14:17 | Replace the broken link for the "detached head" entry in fossil-v-git.wiki, as suggested in forum post 5c06018718. (check-in: 788db46a58 ... user: stephan tags: trunk) | |
| 08:33 | Tiny change to www/changes.wiki (check-in: 13df8244fd ... user: brickviking tags: trunk) | |
|
2025-05-28
| ||
| 12:06 | Improved display of "Project Age" on the /stat page. (check-in: 6594e003ab ... user: drh tags: trunk) | |
|
2025-05-26
| ||
| 14:12 | Fix several minor typos in HTTP error messages and HTTP test commands. Remove the unavailable --debug option from the test-http command help screen. (check-in: 9cabc138da ... user: florian tags: trunk) | |
| 14:08 | Also accept a single ETag enclosed in double quotes when checking the If-Modified-Since HTTP header. Suggested in Forum Post 058cd829f9. (check-in: 174091aa6f ... user: florian tags: trunk) | |
| 10:55 | Update the built-in SQLite to the latest 3.50.0 beta, for testing. (check-in: 56795263f7 ... user: drh tags: trunk) | |
|
2025-05-23
| ||
| 18:12 | Do not require repo write permissions to preview a chat post. (check-in: 3ecef40695 ... user: drh tags: trunk) | |
|
2025-05-18
| ||
| 18:16 | Update the change log to record /timeline enhancements. (check-in: 4f4698c54d ... user: drh tags: trunk) | |
| 17:38 | Honor the chng= query parameter to /timeline on queries that use p=, d=, from=, and similar. (check-in: 365a1ecc28 ... user: drh tags: trunk) | |
| 02:52 | www/th1.md: Fix missing word (check-in: 8a28e91555 ... user: js tags: trunk) | |
|
2025-05-17
| ||
| 18:52 | Improved timeline title when both p= and d= query parameters are provided and refer to different checkins. (check-in: 5253f0cf02 ... user: drh tags: trunk) | |
|
2025-05-15
| ||
| 11:29 | Update the built-in SQLite to the latest 3.50.0 beta that contains fixes to the CLI so that it will hopefully compile without warnings in VS2025. (check-in: a1a4adfa27 ... user: drh tags: trunk) | |
|
2025-05-14
| ||
| 16:46 | Update the built-in SQLite to the first 3.50.0 beta for testing. (check-in: f40c00b3b5 ... user: drh tags: trunk) | |
| 13:20 | Update the unix makefile to correct a dependency problem discovered by --shuffle=reverse in Gnu make. (check-in: ae137399cb ... user: drh tags: trunk) | |
| 10:43 | Updates to the unix makefile so that it works with Gnu-make 4.4 and later with --shuffle=reverse. forum thread 664f41bf7 (closed check-in: 70464b4032 ... user: drh tags: shuffle-reverse) | |
|
2025-05-12
| ||
| 12:17 | Another correction to the xfer status counters. (check-in: 04b9b0136d ... user: drh tags: trunk) | |
| 12:05 | Move the increment of the round-trip counter for sync. (check-in: dca483a80c ... user: drh tags: trunk) | |
| 10:54 | Fix typo in help for the "tag" command. (check-in: d328168677 ... user: drh tags: trunk) | |
|
2025-05-09
| ||
| 06:15 | Enable the --editor option for `fossil amend'. (check-in: bb3fbffefa ... user: florian tags: trunk) | |
|
2025-05-08
| ||
| 13:38 | Fix some doc hyperlinks, and remove some long-dead ones, as suggested in forum post 5022f7b600. The git-detached-head link in that post was not fixed because the Internet Archive link to it is not working for me. (check-in: 56e59a3c50 ... user: stephan tags: trunk) | |
| 11:25 | Replace a C++-style comment. No functional changes. (check-in: a68a7eacd3 ... user: stephan tags: trunk) | |
| 11:11 | For the timeline command, fix special case where -n|-limit is 0 when using after keyword. (check-in: 6e3dde3afd ... user: mgagnon tags: trunk) | |
|
2025-05-07
| ||
| 13:23 | Adjust comment to http_build_login_card() to include clarification regarding the source of randomness in NONCE for the login card. No functional changes. (check-in: ea40cbb0c0 ... user: andybradford tags: trunk) | |
|
2025-05-06
| ||
| 18:12 | Update the built-in SQLite to the latest 3.50.0 alpha that includes the NOT NULL optimization fix. (check-in: 02d0432ed4 ... user: drh tags: trunk) | |
| 11:26 | In the --tk diff GUI, fix the "Save As..." button so that it works again. Do not show the "Reload" button on a GUI brought up from a Save As. (check-in: 31fc6290c3 ... user: drh tags: trunk) | |
|
2025-05-03
| ||
| 20:00 | Update the /thisdayinhistory page to show changes from 25 years ago. (check-in: 99aeebadef ... user: drh tags: trunk) | |
| 11:38 | Typo fix in `fossil help comment-format` output (check-in: 7438f5b0ff ... user: wyoung tags: trunk) | |
| 08:09 | Fix (likely unintentional) variable shadowing to restore ANSI C-89 conformance. (check-in: 2ce32f7546 ... user: florian tags: trunk) | |
|
2025-05-02
| ||
| 11:31 | Fix a coding mistake on an error path in the HTTP server logic. Because the mistake is on an error path, it is actually harmless, but it needs to be fixed nevertheless. (check-in: 85067dc919 ... user: drh tags: trunk) | |
| 10:30 | Increase the version number to 2.27 for the next release cycle. Add the 2_27 tag to the change log. (check-in: 8b24838e95 ... user: danield tags: trunk) | |
|
2025-05-01
| ||
| 06:10 | Add parameters to declarations for dynamically loaded functions, to fix builds with latest GCC on Windows. Reported in forum post 3b3b741661. (check-in: 51ac554e35 ... user: florian tags: trunk) | |
|
2025-04-30
| ||
| 16:57 | Version 2.26 (check-in: 1205ec86cb ... user: drh tags: trunk, release, version-2.26) | |