Commits on Mar 5, 2013
  1. v3.4

    sitaramc committed Mar 5, 2013
  2. refex-expr

    sitaramc committed Mar 3, 2013
Commits on Mar 3, 2013
  1. rc file format change (please read below)

    sitaramc committed Jan 10, 2013
    First: if you have an old rc file it will still work.  In fact
    internally the new rc file data gets converted to the old one.  So you
    do not have to do anything normally.
    This changes the rc file in the following way, taking mirroring as an
    example.  Simple enough for most purposes but you really should read the
        INPUT                       =>
        PRE_GIT                     =>
        POST_GIT                    =>
        ENABLE  =>
            # COMMANDS
                ... several commands ...
            # Triggers
                ... several triggers ...
Commits on Mar 2, 2013
  1. (minor) README docfix about empty config values

    sral committed with sitaramc Mar 2, 2013
    (this should have been part of d8df4a9)
Commits on Feb 28, 2013
Commits on Feb 27, 2013
Commits on Feb 24, 2013
  1. Fix a warning about ambiguous shift usage

    jwadamson committed with sitaramc Feb 24, 2013
    [committer's note: newer perl's don't have this problem, but 5.8.8 at
    least appears to require the parens]
Commits on Feb 18, 2013
  1. allow non-gitolite keys to have options/command, etc

    sitaramc committed Feb 18, 2013
    Apparently, ssh-keygen can take fingerprints of entire authkeys files
    also.  This is totally undocumented.
    Since 'man ssh-keygen' only says: "Show fingerprint of specified public
    key file." and makes no mention of authorized_keys files, I had assumed
    that it treated a file containing this
        command="/usr/bin/backup" ssh-rsa .....
    (i.e., a non-gitolite key that nevertheless contains a command) as just
    a special type of pubkey file.  This meant, to me, that the presence or
    absence of a newline should not matter, because *without* the 'command='
    it certainly doesn't.
    But what's actually happening is that it is treating this as an
    authorized_keys file, and in *that* mode, it requires a newline.
    I still don't see why it should require a newline as a *terminator*;
    having it as a *separator* should be sufficient, but it's pointless to
    argue about that when the feature itself is undocumented.
    Wizmaster (code at wizmaster at fr) had to dig into the openssh source
    code to figure this out and explain it to me.
Commits on Feb 5, 2013
  1. fix typo in ssh-authkeys

    hemmecke committed with sitaramc Jan 24, 2013
Commits on Jan 24, 2013
  1. (minor) perms would not print the correct message sometimes...

    sitaramc committed Jan 24, 2013
    i.e., if getperms had an error.  (The same error for setperms would
    print the correct message)
Commits on Jan 23, 2013
  1. sshkeys-lint: accept ecdsa keys also

    sitaramc committed Jan 23, 2013
    thanks to Richard Salts
Commits on Jan 11, 2013
  1. access(): the pattern for refs is too strict for filenames

    sitaramc committed Jan 11, 2013
    a filename also becomes a "ref" if you use VREF/NAME.
    For some reason[1], it seems some people use crazy filenames like foo(0)
    or bar%20baz, and these things blow up on that test.
    [1] viz., the lack of someone with good taste, like me, leading their
    project ;-)
Commits on Jan 8, 2013
  1. should mention $HOME also

    sitaramc committed Jan 8, 2013
    ...thanks to Alan Ott
Commits on Jan 7, 2013
  1. update-git-configs: 'SAFE_CONFIG'...

    sitaramc committed Jan 7, 2013
    allow macros to ease the pain of UNSAFE_PATT
    See or equivalent.
Commits on Dec 31, 2012
  1. on removing a repo...

    sitaramc committed Dec 31, 2012
    Not following through on instructions to remove a repo, per [1], is not
    sufficient.  Even if you did just the first step, the repo should  no
    longer be accessible.  See [2] for discussion.
    As a bonus, we get rid of one pesky warning that always confused people.
    (In hindsight -- this confusion itself should have been a warning that
    something is wrong and needed fixing!)
  2. list-dangling-repos: are we there yet?

    sitaramc committed Dec 31, 2012
    <sigh>First I forgot @groups that may contain repos and patterns, then I
    forgot patterns where the CREATOR token is used (this is the fix here).
Commits on Dec 29, 2012
  1. v3.3

    sitaramc committed Dec 29, 2012
  2. perms batch mode confuses; print something to help

    sitaramc committed Dec 29, 2012
    What happens is that running
        ssh git@host perms reponame
    appears to hang, since it is waiting for STDIN.  I added a message to
    help, since we don't want users losing files accidentally!
    (The other alternative is to add a specific option for batch mode, but
    this is backward incompatible for people who have scripts that may be
    doing this).
    thanks to Caleb Cushing for catching this
    The "make sure Ctrl-C gets caught" thing needs some explanation.
    Without it, a user could inadvertently lose his gl-perms file if he ran
    the command in batch mode.  You'd think that the Ctrl-C would hit the
        for (<>) {
    line and bail, but it manages to reach the
        _print( $pf, @a );
    line somehow.  Even trapping SIG INT does not help.
    I suspect it is to do with how signals are propagated by ssh across a
    "no-pty" session, but am not sure.
  3. bug fix: perms propagation to slaves...

    sitaramc committed Dec 29, 2012
    Sometime after v3.2, I fixed what looked like an information disclosure
    issue, where a user could determine if an arbitrary repo existed or not,
    even if he had no rights to see the repo.  This was:
        96cc2ea "new features relating to creating wild repos:"
    Unfortunately, this appears to have broken gl-perms propagation to
    slaves, because now running "perm -c" on an existing repo dies!
    If you run
        git diff 96cc2ea^ <this commit> -- src/commands/perms
    you'll see how simple the fix *should* have been :-(
  4. minor bugly...

    sitaramc committed Dec 29, 2012
    please remember we make up words here, like refex was a word we created
    to mean "a regex that matches a ref".
    A "bugly", then, is a bug that's merely ugly (and not a real problem!)
Commits on Dec 19, 2012
  1. fix bug in list-dangling-repos

    sitaramc committed Dec 19, 2012
    Still, I would advise caution if you use this as a basis for deleting
    repos from the file system.  A bug in this program could cause you to
    lose important data!
  2. CREATOR need only be a "word" in wild repo patterns

    sitaramc committed Dec 14, 2012
    this was a v2 compat breakage, caught by Dominik Schäfer
    (schaedpq at gmail)
Commits on Dec 14, 2012
  1. add more detail to error message

    sitaramc committed Dec 14, 2012
    this error normally happens due to some permission issue on the log
    file, but we weren't printing the actual cause, so it was confusing
  2. (minor) macro buglets

    sitaramc committed Dec 13, 2012
      - allow parameter-less macros
      - allow macro body to start on next line
  3. new trigger: update-gitweb-daemon-from-options

    sitaramc committed Dec 13, 2012
    another way to update gitweb and daemon access lists
Commits on Dec 9, 2012
  1. Set Content-Type to text/plain for gitolite commands over http

    csware committed with sitaramc Dec 9, 2012
    Explicitly set "Content-Type: text/plain" for gitolite commands when
    issued over http, so that it is possible to see the output with normal
    (At least) Apache httpd might set the Content-Type to something
    different and triggers a download instead of showing the text directly.
    Signed-off-by: Sven Strickroth <>
Commits on Dec 7, 2012
  1. (minor) lint had syntax errors

    sitaramc committed Dec 7, 2012
    thanks to xcat on #gitolite for catching it
    (shows you how often it gets used I guess!)
Commits on Dec 5, 2012
  1. bugfix: don't delete description file when running perms

    sitaramc committed Dec 5, 2012
    thanks to drue on #gitolite for catching it
Commits on Dec 4, 2012
  1. a few minor changes

    sitaramc committed Nov 22, 2012
      * minor typos
      * perltidy on Tsh
      * a minor optimisation to "do" in gl-conf
      * remove inapplicable caveat in fork command
Commits on Nov 28, 2012
  1. prevent empty %groups being created in compiled conf

    sitaramc committed Nov 28, 2012
    this would happen if @all was used but no actual groups were defined,
    and would in turn cause a parse error on the compiled conf because it
    now ends with a 'false'.
    thanks to Jelle Raaijmakers
  2. oops; hashes were getting printed twice in certain cases...

    sitaramc committed Nov 28, 2012
    harmless but wasteful