Files @ cd8fa11c5c89
Branch filter:

Location: kallithea/scripts/validate-commits

cd8fa11c5c89 1.7 KiB text/plain Show Annotation Show as Raw Download as Raw
mads
repogroups: fix HTML markup of descriptions

Repogroup descriptions were not urlified like repo descriptions are. That
caused incorrect rendering with posibility of XSS.

The problem was introduced in 0.4.0 with 6db3122e4d75.

Thanks to stypr of Flatt Security for reporting this vulnerability.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
#!/bin/bash
# Validate the specified commits against test suite and other checks.

if [ -n "$VIRTUAL_ENV" ]; then
    echo "Please run this script from outside a virtualenv."
    exit 1
fi

if ! hg update --check -q .; then
    echo "Working dir is not clean, please commit/revert changes first."
    exit 1
fi

revset=$1
if [ -z "$revset" ]; then
    echo "Warning: no revisions specified, checking draft changes up to the current one."
    revset='draft() and ancestors(.)'
fi

venv=$(mktemp -d kallithea-validatecommits-env-XXXXXX)
resultfile=$(mktemp kallithea-validatecommits-result-XXXXXX)
echo > "$resultfile"

cleanup()
{
    rm -rf /tmp/kallithea-test*
    rm -rf "$venv"
}
finish()
{
    cleanup
    # print (possibly intermediate) results
    cat "$resultfile"
    rm "$resultfile"
}
trap finish EXIT

for rev in $(hg log -r "$revset" -T '{node}\n'); do
    hg log -r "$rev"
    hg update "$rev"

    cleanup
    python3 -m venv "$venv"
    source "$venv/bin/activate"
    pip install --upgrade pip setuptools
    pip install -e . -r dev_requirements.txt python-ldap python-pam

    # run-all-cleanup
    if ! scripts/run-all-cleanup ; then
        echo "run-all-cleanup encountered errors!"
        result="NOK"
    else
        if ! hg update --check -q .; then
            echo "run-all-cleanup did not give clean results!"
            result="NOK"
            hg diff
            hg revert -a
        else
            result=" OK"
        fi
    fi
    echo "$result: $rev (run-all-cleanup)" >> "$resultfile"

    # pytest
    if py.test; then
        result=" OK"
    else
        result="NOK"
    fi
    echo "$result: $rev (pytest)" >> "$resultfile"

    deactivate
    echo
done
Server instance: clio-22664 This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3. – Support