Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Commits on May 8, 2015
  1. Travis: don't build with ghc 7.6.3.

    authored
    [skip ci]
  2. Travis: build with ghc 7.6.

    authored
Commits on May 7, 2015
  1. Fixed profiling options.

    authored
  2. Added .travis.yml.

    authored
Commits on Apr 22, 2015
  1. Merge pull request #488 from mantkiew/master

    authored
    allow both time >= 1.5.0.0 and time < 1.5.0.0 with old-locale
  2. @mantkiew
Commits on Apr 3, 2015
  1. Updated CHANGES.

    authored
  2. Bumped upper version bounds.

    authored
  3. Bump version to 0.10.6.2

    authored
Commits on Dec 13, 2014
  1. Merge pull request #476 from ivuk/fix-typo-readme

    authored
    Fix typos in README.markdown
  2. @ivuk

    Fix typos in README.markdown

    ivuk authored
Commits on Nov 4, 2014
  1. Merge pull request #469 from waldyrious/patch-1

    authored
    update issues link
Commits on Nov 3, 2014
  1. @waldyrious

    update issues link

    waldyrious authored
    According to https://code.google.com/p/gitit/, "This google code site is no longer used. Please see the github site for the source code **and issue tracker.**" (emphasis mine)
Commits on Oct 28, 2014
  1. Update CHANGES.

    authored
  2. Update version to 0.10.6.1.

    authored
  3. Updated CHANGES.

    authored
  4. Version bump to 0.10.6

    authored
Commits on Oct 27, 2014
  1. Escape HTML characters in user name when showing it on a web page.

    authored
    This addresses a security flaw in previous versions, pointed out
    by Davy Stoffel.  A fake password reset email could be provided
    to users, with the link:
    
        http://gitit.net/_doResetPassword?reset_code=azeaze&username=davy%3Cscript%3Ealert%281%29%3C/script%3E
    
    If the person clicked the link, the unknown username would be
    displayed (unescaped), and the javascript would run.
    
    This fix addresses the flaw, not by preventing the funny user name,
    but by ensuring that the HTML tags are escaped when the user name
    is shown on the page.
Commits on Oct 12, 2014
  1. @jefdaj
Commits on Oct 9, 2014
  1. Merge pull request #456 from ajtowns/jquery-sdist

    authored
    Include jquery sources in sdist tarballs.
  2. Merge pull request #453 from freiric/github-org-correction

    authored
    README: added missing -f in splitted configuration section
  3. Merge pull request #458 from freiric/githublogin3/better-error-message

    authored
    split error message in user for display and details for log and show mes...
  4. Merge branch 'master' of https://github.com/jraygauthier/gitit into j…

    authored
    …raygauthier-master
    
    Conflicts:
    	Network/Gitit/Util.hs
Commits on Oct 3, 2014
  1. Enable readerParseRaw for all formats.

    authored
    This will enable things like script and iframe tags to get
    parsed from HTML sources, and unrecognized latex tags from
    LaTeX.
  2. @freiric
Commits on Sep 29, 2014
  1. @ajtowns
Commits on Sep 28, 2014
  1. @freiric
Commits on Sep 27, 2014
  1. Merge pull request #452 from freiric/github-org

    authored
    Github org
  2. @freiric
  3. @freiric
Something went wrong with that request. Please try again.