kallithea Files · scripts/whitespacecleanup.sh

Files @ cd8fa11c5c89

Branch filter:

Location: kallithea/scripts/whitespacecleanup.sh - annotation

cd8fa11c5c89 1.1 KiB text/x-sh Show Source Show as Raw Download as Raw

mads

repogroups: fix HTML markup of descriptions

Repogroup descriptions were not urlified like repo descriptions are. That
caused incorrect rendering with posibility of XSS.

The problem was introduced in 0.4.0 with 6db3122e4d75.

Thanks to stypr of Flatt Security for reporting this vulnerability.

bf85e6018daa
fce926a9d7c7
fce926a9d7c7
fce926a9d7c7
0288dd052033
fce926a9d7c7
6e952212bf06
fce926a9d7c7
fce926a9d7c7
edb24bc0f71a
fce926a9d7c7
fce926a9d7c7
fce926a9d7c7
fce926a9d7c7
fce926a9d7c7
fce926a9d7c7
fce926a9d7c7
fce926a9d7c7
fce926a9d7c7
5698307382de
5b1f43027662
5698307382de
8d663d23ab85
fce926a9d7c7

#!/bin/bash -xe

# Enforce some consistency in whitespace - just to avoid spurious whitespaces changes

files=`hg mani | egrep -v '/fontello/|/email_templates/|(^LICENSE-MERGELY.html|^docs/Makefile|^scripts/whitespacecleanup.sh|/(graph|mergely|native.history)\.js|/test_dump_html_mails.ref.html|\.png|\.gif|\.ico|\.pot|\.po|\.mo|\.tar\.gz|\.diff)$'`

sed -i "s/`printf '\r'`//g" $files
sed -i -e "s,`printf '\t'`,    ,g" $files
sed -i -e "s,  *$,,g" $files
sed -i -e 's,\([^ ]\)\\$,\1 \\,g' -e 's,\(["'"'"']["'"'"']["'"'"']\) \\$,\1\\,g' $files
# ensure one trailing newline - remove empty last line and make last line include trailing newline:
sed -i -e '$,${/^$/d}' -e '$a\' $files

sed -i -e 's,\([^ /]\){,\1 {,g' `hg loc '*.css'`
sed -i -e 's|^\([^ /].*,\)\([^ ]\)|\1 \2|g' `hg loc '*.css'`

hg mani | xargs chmod -x
hg loc 'set:!binary()&grep("^#!")&!(**_tmpl.py)&!(**/template**)' | xargs chmod +x

# isort is installed from dev_requirements.txt
hg loc 'set:!binary()&grep("^#!.*python")' '*.py' | xargs isort --line-width 160 --lines-after-imports 2

echo "diff after $0:"
hg diff