Files @ cd8fa11c5c89
Branch filter:

Location: kallithea/.coveragerc

cd8fa11c5c89 1.1 KiB text/plain Show Annotation Show as Raw Download as Raw
mads
repogroups: fix HTML markup of descriptions

Repogroup descriptions were not urlified like repo descriptions are. That
caused incorrect rendering with posibility of XSS.

The problem was introduced in 0.4.0 with 6db3122e4d75.

Thanks to stypr of Flatt Security for reporting this vulnerability.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
[run]
omit =
    # the bin scripts are not part of the Kallithea web app
    kallithea/bin/*
    # we ship with no active extensions
    kallithea/config/rcextensions/*
    # dbmigrate is not a part of the Kallithea web app
    kallithea/lib/dbmigrate/*
    # the tests themselves should not be part of the coverage report
    kallithea/tests/*
    # the scm hooks are not run in the kallithea process
    kallithea/config/post_receive_tmpl.py
    kallithea/config/pre_receive_tmpl.py

# same omit lines should be present in sections 'run' and 'report'
[report]
omit =
    # the bin scripts are not part of the Kallithea web app
    kallithea/bin/*
    # we ship with no active extensions
    kallithea/config/rcextensions/*
    # dbmigrate is not a part of the Kallithea web app
    kallithea/lib/dbmigrate/*
    # the tests themselves should not be part of the coverage report
    kallithea/tests/*
    # the scm hooks are not run in the kallithea process
    kallithea/config/post_receive_tmpl.py
    kallithea/config/pre_receive_tmpl.py

[paths]
source =
    kallithea/
    **/workspace/*/kallithea
Server instance: clio-27212 This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3. – Support