Simon McVittie
5f6f9a1bea
Wrapper: allocate new environment dynamically
...
Otherwise, if third-party plugins extend newenviron by more than
3 entries, we could overflow the array. It seems unlikely that any
third-party plugin manipulates newenviron in practice, so this
is mostly theoretical. Just in case, I have deliberately avoided
using "i" as the variable name, so that any third-party plugin
that was manipulating newenviron directly will now result in the
wrapper failing to compile.
I have not assumed that realloc(NULL, ...) works as an equivalent of
malloc(...), in case there are still operating systems where that
doesn't work.
2016-05-11 09:18:14 +01:00
Simon McVittie
062dbf1373
3.20160509
2016-05-09 21:59:50 +01:00
Simon McVittie
ab97cd56f3
Reference CVE-2016-4561 in 3.20160506 changelog
2016-05-09 21:57:34 +01:00
Simon McVittie
2020bd88a5
Remove spurious changelog entry
...
This change was new in 3.20141016.3, but was applied to the master
branch several releases ago, so it is not new in 3.20160506.
2016-05-09 21:46:04 +01:00
Simon McVittie
9fe33a4c94
3.20160506
2016-05-06 07:54:47 +01:00
Simon McVittie
984ba82f1b
img: Add back support for SVG images, bypassing ImageMagick and simply passing the SVG through to the browser
...
SVG scaling by img directives has subtly changed; where before size=wxh
would preserve aspect ratio, this cannot be done when passing them through
and so specifying both a width and height can change the SVG's aspect
ratio.
(This patch looks significantly more complex than it was, because a large
block of code had to be indented.)
[smcv: drop trailing whitespace, fix some spelling]
2016-05-06 06:57:12 +01:00
Joey Hess
7ff6221ac9
changelog for smcv's security fixes
...
[smcv: omit a change that was already in 3.20160514]
2016-05-06 06:53:41 +01:00
Amitai Schlair
6253567127
Changelog: process .md files iff created directly.
2016-03-08 14:34:02 -05:00
Joey Hess
8d28f70b37
loginselector: When only openid and emailauth are enabled, but passwordauth is not, avoid showing a "Other" box which opens an empty form.
2016-03-02 16:35:16 -04:00
Simon McVittie
a3ee60f2f8
d/control: add Vcs-Browser
2016-01-22 00:55:03 +00:00
Simon McVittie
7db255ff60
d/control: use https for Homepage
2016-01-22 00:55:03 +00:00
Simon McVittie
53b10a64f0
3.20160121
2016-01-21 09:53:28 +00:00
Simon McVittie
0cc21b69e4
document recent inline and syslog fixes
2016-01-21 09:36:16 +00:00
Simon McVittie
179807e742
changelog: sort user-visible changes before packaging and test fixes
2016-01-21 09:31:07 +00:00
Simon McVittie
b0627aef10
img test: use the right filenames when testing that deletion occurs
...
Also use a less misleading name for the sample SVG: it is no longer empty.
Since commit 105f285a
it has contained a blue square.
2016-01-19 11:24:18 +00:00
Simon McVittie
5dceeb28d8
img test: skip testing PDFs if unsupported
2016-01-19 11:24:18 +00:00
Simon McVittie
317d19842c
Silence "used only once: possible typo" warnings for variables that are part of modules' APIs
2016-01-19 11:24:18 +00:00
Simon McVittie
e33b4678c7
d/control: Standards-Version: 3.9.6, no changes required
2016-01-19 11:24:18 +00:00
Simon McVittie
509a5a48d7
d/control: remove leading article from Description (lintian: description-synopsis-starts-with-article)
2016-01-19 11:24:18 +00:00
Simon McVittie
64d9729601
Change dependencies from transitional package perlmagick to libimage-magick-perl ( Closes : #789221 )
2016-01-19 11:24:18 +00:00
Simon McVittie
245109fa39
changelog: mention pagestats enhancement
2016-01-19 11:24:18 +00:00
Simon McVittie
fc02c7fb69
Add license info to javascript underlay
2016-01-19 11:24:18 +00:00
Simon McVittie
b199349ffd
Merge remote-tracking branch 'smcv/ready/limit'
2015-11-30 20:55:34 +00:00
Simon McVittie
ed1e1ebe70
git: if no committer identity is known, set it to "IkiWiki <ikiwiki.info>" in .git/config
...
This resolves commit errors in versions of git that require a non-trivial
committer identity.
2015-11-30 19:34:04 +00:00
Simon McVittie
719612a976
debian/copyright: update for the rename of openid-selector to login-selector
2015-11-30 18:52:19 +00:00
Simon McVittie
a71ade73ff
Add enough build-dependencies to run all tests, except for non-git VCSs
2015-11-30 18:26:23 +00:00
Simon McVittie
1124a7c459
Wrap and sort control files (wrap-and-sort -abst)
2015-11-30 18:26:23 +00:00
Simon McVittie
d90002b8d7
tests: consistently use done_testing instead of no_plan
2015-11-30 18:26:23 +00:00
Simon McVittie
6b322448ca
t/img.t: do not spuriously skip
2015-11-30 18:26:23 +00:00
Simon McVittie
cdfb4ab1a3
Run autopkgtest tests using autodep8 and the pkg-perl team's infrastructure
2015-11-30 18:26:22 +00:00
Simon McVittie
78a47d44c7
Add more changelog entries
2015-11-29 17:37:40 +00:00
Joey Hess
70c87f56a2
Modified page.tmpl to to set html lang= and dir= when values have been specified for them, which the po plugin does.
...
Note that I modified the patch slightly, to avoid blank lines before the
<html>, on the off chance bad html parsers care.
2015-10-26 15:45:40 -04:00
Joey Hess
32923e732b
emailauth: Added emailauth_sender config.
2015-10-02 11:49:47 -04:00
Amitai Schlair
ee13598aa8
Changelog my recent commits, prompted by joeyh.
2015-08-27 13:00:01 -04:00
Simon McVittie
8ab2005ec9
3.20150614
2015-06-14 18:15:35 +01:00
Simon McVittie
841a86a4f3
img test: set old timestamp on source file that will change
...
This is so that the test will pass even if it takes less than 1 second.
2015-06-14 18:13:17 +01:00
Simon McVittie
7a2117bf8c
img: stop ImageMagick trying to be clever if filenames contain a colon
...
$im->Read() takes a filename-like argument with several sets of special
syntax. Most of the possible metacharacters are escaped by the
default `wiki_file_chars` (and in any case not particularly disruptive),
but the colon ":" is not.
It seems the way to force ImageMagick to treat colons within the
filename as literal is to prepend a colon, so do that.
2015-06-13 20:00:08 +01:00
Simon McVittie
f2365c3e66
inline: change default sort order from age to "age title" for determinism
2015-06-13 19:58:37 +01:00
Simon McVittie
412f9ea2bb
3.20150610
2015-06-10 21:59:11 +01:00
Simon McVittie
014b9eb1b7
polygen: if deterministic build is requested, use a well-known random seed
2015-06-09 22:30:44 +01:00
Simon McVittie
361076e55d
haiku: if deterministic build is requested, return a hard-coded haiku
2015-06-09 22:30:43 +01:00
Simon McVittie
15939a2528
Add deterministic option and use it for the docwiki
...
It doesn't do anything yet.
2015-06-09 22:30:43 +01:00
Simon McVittie
6add4fd4fc
Sort backlinks deterministically, by falling back to sorting by href if the link text is identical
2015-06-09 22:30:43 +01:00
Simon McVittie
d18b77c107
Add [[!meta date]] to news items and tips
...
The git checkout and build process can leave the checkout
date in the tarball release, leading to unstable sorting.
I tried to use `git restore-mtime`, but that doesn't work for
ikiwiki, because dgit interferes with it.
2015-06-09 22:29:38 +01:00
Simon McVittie
8e007666d4
brokenlinks: sort the pages that link to the missing page, for better reproducibility
2015-06-09 22:28:31 +01:00
Simon McVittie
7a96363c6d
debian/copyright: turn comments on provenance into Comment
2015-06-09 22:28:30 +01:00
Simon McVittie
bde823191e
debian/copyright: consolidate permissive licenses
2015-06-09 22:28:28 +01:00
Simon McVittie
de38423a59
debian: build the docwiki with LC_ALL=C.UTF-8 and TZ=UTC for a more reproducible build
2015-06-09 22:25:26 +01:00
Simon McVittie
2fe003dac4
Populate pagectime from mtime or inode change time, whichever is older
...
When building ikiwiki from a tarball, the mtime (conceptually, the
last modification date of the file) is preserved by tar, but the inode
change time (creation/metadata-change date of *this copy* of the file)
is not. This seems to lead to unstable sort ordering and
unreproducible builds.
The page can't possibly have been modified before it was created, so
we can assume that the modification date is an upper bound for the
creation date.
2015-06-09 22:22:54 +01:00
Simon McVittie
b6388d6fbd
changelog
2015-06-09 22:22:10 +01:00
Simon McVittie
7a52c87a8c
Make the attachment plugin work with CGI.pm 4.x ( Closes : #786586 ; workaround for #786587 in libcgi-pm-perl)
2015-06-07 14:51:13 +01:00
Simon McVittie
2afb0dd663
Do not directly enable emailauth by default, only indirectly via openid
...
This avoids nasty surprises on upgrade if a site is using httpauth,
or passwordauth with an account_creation_password, and relying on
only a select group of users being able to edit the site. We can revisit
this for ikiwiki 4.
2015-05-27 08:52:01 +01:00
Joey Hess
fecfa53988
changelog
2015-05-19 15:35:25 -04:00
Joey Hess
85a529db3d
passwordauth: Don't allow registering accounts that look like openids.
...
Also prohibit @ in account names, in case the file regexp was relaxed to
allow it.
2015-05-14 10:57:56 -04:00
Joey Hess
bf8b7fe2d1
changelog
2015-05-13 23:38:46 -04:00
Joey Hess
5b459737a5
Converted openid-selector into a more generic loginselector helper plugin.
2015-05-13 18:50:29 -04:00
Joey Hess
ec72b4c95b
When openid and passwordauth are the only enabled auth plugins, make the openid selector display "Password" instead of "Other", so users are more likely to click on it when they don't have an openid.
2015-05-13 12:18:22 -04:00
Joey Hess
aefb780eee
Re-remove google from openid selector; their openid provider is gone for good.
2015-04-28 12:24:32 -04:00
Simon McVittie
d8a550e7de
release 3.20150329
2015-03-29 22:11:38 +01:00
Joey Hess
18dfba868f
Fix XSS in openid selector. Thanks, Raghav Bisht.
2015-03-27 12:17:39 -04:00
Simon McVittie
9497fc1b6c
t/inline.t: accept translations of "Add a new post titled:" ( Closes : #779365 )
2015-03-01 17:15:13 +00:00
Simon McVittie
943ec015da
If neither timezone nor TZ is set, set both to :/etc/localtime if we're on a GNU system and that file exists, or GMT otherwise
2015-03-01 15:01:05 +00:00
Simon McVittie
bd3eb42b02
changelog
2015-03-01 12:46:49 +00:00
Joey Hess
b0861d8162
heh, MOM wants you
2015-01-25 00:03:43 -04:00
Joey Hess
fe0eaf1870
Fix NULL ptr deref on ENOMOM in wrapper. (Thanks, igli)
...
Probably not exploitable, but who knows..
2015-01-25 00:00:40 -04:00
Simon McVittie
c34b86f12e
release
2015-01-07 09:14:47 +00:00
Joey Hess
0048442831
close debian bug I opened about blogspam
2015-01-02 16:45:26 -04:00
Amitai Schlair
0451dc4133
Update blogspam to the 2.0 API.
2015-01-02 13:55:10 -05:00
Joey Hess
f88e109bec
po: If msgmerge falls over on a problem po file, print a warning message, but don't let this problem crash ikiwiki entirely.
2014-12-30 15:51:50 -04:00
Amitai Schlair
c668c2c7e2
Changelog the $(MAKE) patch.
2014-12-27 17:32:20 -05:00
Simon McVittie
5c30886dbf
changelog, close bug
2014-12-09 22:19:15 +00:00
Simon McVittie
44e320c1d5
changelog and NEWS entry for responsive layout
2014-12-01 21:29:46 +00:00
Simon McVittie
c01f53d74e
core: generate HTML5 by default, but keep avoiding new elements like <section> that require specific browser support unless html5 is set to 1.
2014-11-26 12:00:31 +00:00
Simon McVittie
dc0744a423
search: add more classes as a hook for CSS. Thanks, sajolida
2014-11-26 11:57:58 +00:00
Simon McVittie
1ff99b19ca
calendar: add calendar_autocreate option, with which "ikiwiki --refresh" can mostly supersede the ikiwiki-calendar command. Thanks, Louis Paternault
2014-11-26 09:28:18 +00:00
Joey Hess
33ca02581b
Set Debian package maintainer to Simon McVittie as I'm retiring from Debian.
2014-11-08 00:08:33 -04:00
Joey Hess
ea8c7a7e02
openid: Stop suppressing the email field on the Preferences page.
...
This is needed for notifyemail, and not all openid providers report an
email address, or necessarily the one the user wants to get email.
2014-11-06 15:00:09 -04:00
Joey Hess
d858ce3e93
Add missing build-depends on libcgi-formbuilder-perl, needed for t/relativity.t
2014-10-20 12:28:54 -04:00
Joey Hess
82a4fb49ae
add ikiwiki-comment program
2014-10-20 12:08:07 -04:00
Simon McVittie
a89dbd9892
release
2014-10-16 23:28:35 +01:00
Simon McVittie
44e05edaf4
debian: fix some wrong paths in the copyright file
2014-10-16 23:28:23 +01:00
Simon McVittie
0e783e915b
debian: rename debian/link to debian/links so the intended symlinks appear
2014-10-16 23:04:11 +01:00
Simon McVittie
37296bcb5a
close a bug
2014-10-16 23:03:48 +01:00
Simon McVittie
0c73a825d1
Drop unused python-support dependency
2014-10-16 22:48:09 +01:00
Simon McVittie
3429e81596
changelog so far
2014-10-16 22:44:29 +01:00
Joey Hess
6294894f31
Fix crash that can occur when only_committed_changes is set and a file is deleted from the underlay.
...
srcfile_stat got called on a file from the underlay that no longer existed.
I am not 100% sure of the circumstances of that; I was able to reproduce
the bug but neglected to snapshot the tree, and then accidentially
got it to stop crashing. I know that a transient tag page got deleted using
the web interface to trigger the crash.
It seems that process_changed_files must have returned the file, despite it
being deleted. And since the file was not checked into git, it seems it
must have not been included in @IkiWiki::underlayfiles, which would have
caused process_changed_files to not return it.
I do not know why a transient tag page would not be in
@IkiWiki::underlayfiles. There is a bug here that I don't understand.
This is just a workaround -- run srcfile_stat such that it won't crash,
and if it is unable to stat a file, find_changed knows it's not changed,
so it's ok to skip it.
Also made find_new_files run srcfile_stat such that it won't crash, just
because I was there.
2014-09-26 18:55:09 -04:00
Simon McVittie
84993495f3
Build-depend on libmagickcore-6.q16-2-extra | libmagickcore-extra so we can thumbnail SVGs in the docwiki
2014-09-16 11:22:05 +01:00
Simon McVittie
9d08f18a13
Add myself to Uploaders and release to Debian
2014-09-16 10:03:24 +01:00
Simon McVittie
30c23b5e72
Add package dependencies for scalable img support
...
- suggest ghostscript (required for PDF-to-PNG thumbnailing)
and libmagickcore-extra (required for SVG-to-PNG thumbnailing)
- build-depend on ghostscript so the test for scalable images can be run
2014-09-16 10:00:40 +01:00
Simon McVittie
5ff68d5171
changelog, close bugs
2014-09-15 22:12:45 +01:00
Simon McVittie
7660979f74
changelog, close bug
2014-09-15 21:49:48 +01:00
Simon McVittie
3d1de970f1
changelog, close bug
2014-09-15 21:11:17 +01:00
Simon McVittie
303f183d45
write changelog, close bug
2014-09-15 09:53:52 +01:00
Simon McVittie
fdfd5ffac7
more bug-closing
2014-09-12 22:02:54 +01:00
Simon McVittie
70a4857624
more changelog and bug-closing
2014-09-12 21:50:20 +01:00
Simon McVittie
a5536103e7
changelog/close bugs
2014-09-12 21:32:13 +01:00
Joey Hess
230749ad15
prep release
2014-08-31 14:17:49 -07:00
Joey Hess
40d6ccbadb
Make --no-gettime work in initial build. Closes : #755075
2014-08-28 19:08:09 -07:00
Joey Hess
174efbfa9c
typo
2014-08-15 13:05:59 -04:00
Joey Hess
9ade0db518
prep release
2014-08-15 12:58:36 -04:00