Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
50 most recent check-ins by user stephan
|
2025-11-03
| ||
| 20:39 | Add a note to the email-listid setting help text and editor entry that this value is required for unsubscribe links to work. In /secaudit0, emit a warning if notifications are enabled but email-listid is empty. This is in response to forum post 1245b69c. (check-in: 0151018383 ... user: stephan tags: trunk) | |
|
2025-10-21
| ||
| 14:38 | Add (open --reopen REPOFILE), based on a /chat discussion with Martin G., Brickviking, and Richard, and prompted by forum post bac6213f6e59f1f9. This simply forwards that usage to the test-move-repository command. (check-in: ae8a45c7a7 ... user: stephan tags: trunk) | |
| 13:49 | Revert two small sections of [4c3e1728e1b1a9cb] for cases which are not compatible with fsl_strdup()'s passing-on of NULL values. Found while investigating a presumably unrelated crash. (check-in: 20adff9572 ... user: stephan tags: trunk) | |
| 13:06 | Remove a bogus assert which could trigger on an anonymous clone. (check-in: ecf44a280d ... user: stephan tags: trunk) | |
|
2025-10-10
| ||
| 17:16 | Add a checkbox to ticket pages which have multiple comments to reverse the order of the comments, per an off-list request. Making this visible requires resetting the ticket edit/view templates to their defaults or integrating equivalent edits into local versions of those templates. (check-in: cc09064f5c ... user: stephan tags: trunk) | |
|
2025-10-09
| ||
| 18:22 | stash drop help tweak suggested in forum post d5c5c0f980. (check-in: e2783d0789 ... user: stephan tags: trunk) | |
| 09:34 | In the timeline, replace a hard-coded 'trunk' with a db_get('main-branch'), as suggested in forum post 61450a0395 (this time in the correct branch). (check-in: cc5ffebb51 ... user: stephan tags: trunk) | |
| 09:33 | In the timeline, replace a hard-coded 'trunk' with a db_get('main-branch'), as suggested in forum post 61450a0395. (closed check-in: 263c51941a ... user: stephan tags: tktview-newest-first) | |
|
2025-10-07
| ||
| 20:04 | Remove some debug output. (check-in: 52586ea6f9 ... user: stephan tags: tktview-newest-first) | |
| 19:46 | Experimentally add a JS toggle to the /tktview comment list to show the comment history in reverse order (newest first). This toggle only appears if JS is available and is persistent on the client. It was added per an off-list request from Steve Landers. (check-in: 531668f5b1 ... user: stephan tags: tktview-newest-first) | |
|
2025-09-11
| ||
| 10:17 | Add a missing return in cgi_fread() for builds without FOSSIL_ENABLE_SSL. (check-in: 1cd8163045 ... user: stephan tags: trunk) | |
|
2025-09-02
| ||
| 12:52 | Minor internal doc updates. No code changes. (check-in: 65448438e8 ... user: stephan tags: trunk) | |
| 12:51 | Change the link to fnc to use its new canonical home, fnc.sh, as pointed out by Florian in the forum. (check-in: accce714cc ... user: stephan tags: trunk) | |
|
2025-09-01
| ||
| 17:17 | Finish writing a doc sentence started in the previous checkin. (check-in: 7a3d6d7057 ... user: stephan tags: trunk) | |
| 16:58 | Add a CSRF check to /chat-send. (check-in: 4caa8cb9ff ... user: stephan tags: trunk) | |
| 15:37 | Reject all GET/COOKIE vars in which the values contain control characters. (check-in: 0c1419a466 ... user: stephan tags: trunk) | |
| 15:27 | An alternate approach to [ae8fc0e0b5e6] which instead rejects all GET and COOKIE values which, after decoding, contain any control characters. We have(?) no(?) use cases where control characters are legitimately needed for GET/COOKIE values. (closed check-in: c61ae84cab ... user: stephan tags: no-ctrl-chars) | |
|
2025-08-22
| ||
| 15:49 | When deleting cookies via /cookies, use a path of "/" for ROBOT_COOKIE. The alternative would be to set that cookie to be repo-local (i.e. set its path to g.zTop), which would be unfortunate for servers which host many fossils. (check-in: 55c972103f ... user: stephan tags: trunk) | |
|
2025-08-21
| ||
| 14:13 | Add /reports to the default robot-restrict setting. (check-in: 12d871a00a ... user: stephan tags: trunk) | |
|
2025-08-17
| ||
| 19:38 | Wrap the robot_restrict() JS check in an onload handler so that it won't run until the external resources (namely style.css) are loaded. (check-in: e5991efb68 ... user: stephan tags: trunk) | |
| 17:47 | Because this new check is too fast to see the progress indicator, make the final result label more explicit. (check-in: b6cf0c2052 ... user: stephan tags: robotck-instant) | |
| 15:37 | Move the z-level style into default.css, in case the adversaries read inlined STYLE tags (which now, in hindsight, seems more likely to me). Change the HTTP result code from robot_proofofwork() to a non-200 code, the hope being that the adversaries will stop on a non-200 code. (check-in: c7ad43638d ... user: stephan tags: robotck-instant) | |
| 15:00 | Remove some dead code from /chat. (check-in: 144c5dbe00 ... user: stephan tags: trunk) | |
| 14:52 | Correct a mis-calculation of fontSize for /chat attachments which use the Embed checkbox. (check-in: e3f0dcc325 ... user: stephan tags: trunk) | |
| 13:21 | Add a comment explaining why document.body's z-level is explicitly set to 0. Remove some EOL whitespace. (check-in: 7c57a20ebd ... user: stephan tags: robotck-instant) | |
| 12:52 | Add (stash rename) to the changelog. (check-in: c834adb656 ... user: stephan tags: trunk) | |
| 12:50 | Add (stash rename) subcommand to change the label associated with a stash entry. (check-in: 1aaa6fc58d ... user: stephan tags: trunk) | |
| 12:29 | Fix the previous checkin to actually compute the work value. This slows it down by a tiny fraction of a second but it's still effectively instant. This calculation can be moved up a level into the C code to turn this back into an instant operation, but leaving it on the client seems like a reasonable choice. (check-in: c27cfa9f60 ... user: stephan tags: robotck-instant) | |
| 12:10 | An experiment in reducing the proof-of-work to a single operation. (This description is intentionally vague.) (check-in: b765e65267 ... user: stephan tags: robotck-instant) | |
|
2025-08-16
| ||
| 10:10 | Correct the signature of an extern decl of fossil_strndup(), as reported in forum post 21ac5f59a0. (check-in: d546932976 ... user: stephan tags: trunk) | |
|
2025-08-15
| ||
| 12:32 | Allow /xfer to service anonymous clones if they have any of the Clone, Zip, or Read permissions. This is a temporary measure, as described in the code's comments. (closed check-in: f9547c7c84 ... user: stephan tags: relaxed-clone-permissions) | |
|
2025-08-07
| ||
| 19:46 | Add an assert() in a block which cannot happen. It survives 'reconstruct', so we can probably remove the block, but leaving it around for a while seems prudent. (check-in: 7d4af37f39 ... user: stephan tags: trunk) | |
|
2025-08-04
| ||
| 23:58 | Add a NULL check where a change from [4c3e1728e1b1a9cb] inadvertently changed the semantics from NULL=="" to NULL==NULL, triggering a null pointer deref via backlinks parsing. Triggered by rebuild when encountering a tag with no value. (check-in: 441264b759 ... user: stephan tags: trunk) | |
|
2025-08-03
| ||
| 11:31 | Eliminate a superfluous allocation and have freepass() zero out its storage to avoid a duplicate free() in the very off chance that it's ever called twice. These are cleanups made in passing, not fixing known problems. (check-in: 1c9d5cd81d ... user: stephan tags: trunk) | |
|
2025-08-02
| ||
| 17:56 | Add the (user whoami) subcommand, which figures out who you are via db_find_and_open_repository(). In response to forum thread a174e200b018abbd. (check-in: a06df610c9 ... user: stephan tags: user-whoami) | |
|
2025-08-01
| ||
| 13:03 | Fix diff -tk's handling of the file list when the Reload button is tapped and the list of files is changed. Problem reported in /chat. (check-in: 4bb41f9242 ... user: stephan tags: trunk) | |
| 12:08 | Change all datetime() calls in tktsetup.c to use toLocal() as their second argument so that they display in the configured timezone. This should resolve forum thread 82ac9af1533f78f7. (check-in: 2a39681ad1 ... user: stephan tags: trunk) | |
|
2025-07-27
| ||
| 11:58 | When unversioned content is saved, add an entry to the admin log. (check-in: 7991defa6f ... user: stephan tags: trunk) | |
| 11:07 | Teach the sync protocol how to work with an out-of-band login card, saving an extra server-side copy of the sync content which is required only to account for an inlined login card. i.e. it saves RAM, potentially lots of it. The new login card mechanism is instead transported via an HTTP header. This also, not coincidentally, simplifies implementation of the login card in non-fossil(1) clients which are currently learning to speak the sync protocol. (check-in: 18628904c3 ... user: stephan tags: trunk) | |
|
2025-07-25
| ||
| 18:47 | Do not add the sync login cookie unless we know the remote supports it. It's harmless in that case but it doesn't need to be there. Rename the login cookie from the unweildy x-f-x-l (X-Fossil-Xfer-Login) to x-f-l-c (X-Fossil-Login-Card) because the former is unsightly. (closed check-in: 9789e1dce7 ... user: stephan tags: xfer-login-card) | |
| 15:08 | Extend the login card mode version check to include the date and time. It is currently still set to 2.27.1, but if/when merged then the version would need to be reverted to 2.27.0 and the version/date/time check will need to be set to compare against the trunk version from immediately before the merge. This needs more testing but looks like it will resolve the "post-2.26 trunk" incompatibility. (check-in: 86cc923de4 ... user: stephan tags: xfer-login-card) | |
|
2025-07-24
| ||
| 05:26 | Remove the now-obsolete parsing of the X-Fossil-Xfer-Login HTTP header. (check-in: 8dbcf2acba ... user: stephan tags: xfer-login-card) | |
| 05:10 | Use a Cookie, instead of a custom HTTP header and/or URL param, to send the sync login header, as suggested in forum post 9959d2d9d9be22d2. This is simpler. (check-in: 756ad2f23c ... user: stephan tags: xfer-login-card) | |
| 03:16 | Previous checkin should not have compiled - clean rebuild uncovered a stale dep. Re-map the fLoginCardMode to a bitmask so that it's possible to tell when multiple paths toggle that on, and which paths they were. (check-in: 780d3b2fe3 ... user: stephan tags: xfer-login-card) | |
| 03:03 | Doc touchups. (check-in: aa36afc52c ... user: stephan tags: xfer-login-card) | |
| 02:41 | Update the change log and sync.wiki for the login card additions. (check-in: edfa01d9d2 ... user: stephan tags: xfer-login-card) | |
| 02:20 | Doc improvements and internal API renaming for clarity. No functional changes. (check-in: 286110dec0 ... user: stephan tags: xfer-login-card) | |
| 01:12 | Remove some debug output. (check-in: d1b7be2ff8 ... user: stephan tags: xfer-login-card) | |
|
2025-07-23
| ||
| 23:31 | Remove some xfer login process debug output. (check-in: 815a84cbcc ... user: stephan tags: xfer-login-card) | |
| 20:56 | Account for CGI-hosted fossil instances by sending the xfer login card as a URL argument. This is somewhat inelegant but works around their inability to read HTTP headers. This version is still more verbose than it needs to be, and requires more testing for compatibility with trunk fossil versions. (check-in: 439af9348b ... user: stephan tags: xfer-login-card) | |