kallithea Files · scripts/shortlog.py

Files @ f08fbf424898

Branch filter:

Location: kallithea/scripts/shortlog.py

f08fbf424898 1.0 KiB text/x-python Show Annotation Show as Raw Download as Raw

mads

auth: don't trust clients too much - only trust the *last* IP in the X-Forwarded-For header

The X-Forwarded-For header contains a list of IP addresses, where each
proxy server appends the IP they see their request coming from.
See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For .

Trusting the *first* IP in HTTP_X_FORWARDED_FOR would allow clients to claim
any IP, which could be used to bypass IP restrictions configured in Kallithea.

Instead, only trust the last proxy in the chain, and thus only use the *last*
IP in HTTP_X_FORWARDED_FOR. (In setups where more than last IP should be
trusted, the last proxy server in the chain must be configured rewrite the
header accordingly.)

#!/usr/bin/env python3
# -*- coding: utf-8 -*-

"""
Kallithea script for generating a quick overview of contributors and their
commit counts in a given revision set.
"""
import argparse
import os
from collections import Counter

import contributor_data


def main():

    parser = argparse.ArgumentParser(description='Generate a list of committers and commit counts.')
    parser.add_argument('revset',
                        help='revision set specifying the commits to count')
    args = parser.parse_args()

    repo_entries = [
        (contributor_data.name_fixes.get(name) or contributor_data.name_fixes.get(name.rsplit('<', 1)[0].strip()) or name).rsplit('<', 1)[0].strip()
        for name in (line.strip()
         for line in os.popen("""hg log -r '%s' -T '{author}\n'""" % args.revset).readlines())
        ]

    counter = Counter(repo_entries)
    for name, count in counter.most_common():
        if name == '':
            continue
        print('%4s %s' % (count, name))


if __name__ == '__main__':
    main()