Mercurial > public > mercurial-scm > hg-stable

diff tests/test-subrepo-svn.t @ 34965:846942fd6d15 stable

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
subrepo: disable git and svn subrepos by default (BC) (SEC) We have a security issue with git subrepos. I'm not sure if svn subrepo is vulnerable, but it seems not 100% safe to allow writing arbitrary data into a metadata directory. So for now, only hg subrepo is enabled by default. Maybe we should improve the help to describe why git/svn subrepos are disabled.
author Yuya Nishihara <yuya@tcha.org>
date Sun, 05 Nov 2017 21:51:42 +0900
parents 3fee7f7d2da0
children 1a314176da9c
line wrap: on
line diff
--- a/tests/test-subrepo-svn.t	Sun Nov 05 21:48:58 2017 +0900
+++ b/tests/test-subrepo-svn.t	Sun Nov 05 21:51:42 2017 +0900
@@ -57,6 +57,21 @@
   $ mkdir subdir
   $ svn co --quiet "$SVNREPOURL"/src subdir/s
   $ hg add .hgsub
+
+svn subrepo is disabled by default
+
+  $ hg ci -m1
+  abort: subrepo type svn not allowed
+  (see 'hg help config.subrepos' for details)
+  [255]
+
+so enable it
+
+  $ cat >> $HGRCPATH <<EOF
+  > [subrepos]
+  > allowed = hg, svn
+  > EOF
+
   $ hg ci -m1
 
 make sure we avoid empty commits (issue2445)