Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
50 events occurring around 1441c2e6d3d1b986.
|
2022-08-16
| ||
| 20:54 | • Edit [8849abb733c619b8|8849abb733]: Edit check-in comment. ... (artifact: b548aee2eb user: wyoung) | |
| 11:05 | Changed the "fossil server --user" flag's argument back to "admin" from "fossil" for the container: I was confusing the Unix user name with the default Fossil repo user name. The new "adduser fossil" stuff doesn't help here; we still want it to be called "admin". ... (check-in: 72d820f320 user: wyoung tags: trunk) | |
| 11:04 | ARM build fixes for the container: * QEMU couldn't cope with "make -j" on the BusyBox step (too many processes) so I changed it to -j11 * Made the new executable compression step conditional, since there is no upx package in Alpine for either ARM flavor. There's [https://github.com/upx/upx/issues/441 | a long bug thread] for it on GitHub, which doesn't look to be getting resolved any time soon. ... (check-in: 8849abb733 user: wyoung tags: trunk) | |
| 09:39 | Minor fixes to the Docker container build process ... (check-in: 454397b0cd user: wyoung tags: trunk) | |
| 07:14 | URL fix necessitated from the Dockerfile.in rename ... (check-in: 2f67bf941a user: wyoung tags: trunk) | |
| 07:03 | Carved the Docker container image size down still further by stripping out all but two of the stock skins (d* so we get default and darkmode) and packing Fossil and BusyBox with UPX. ... (check-in: e20d044cc0 user: wyoung tags: trunk) | |
| 06:49 | Fixed an Obi Wan error in the new Fossil version prefix stuff in auto.def: it was extracting the first 13 characters of the hash, not the first 12. ... (check-in: 7ecd23e0ef user: wyoung tags: trunk) | |
|
2022-08-15
| ||
| 23:21 | Added the container-image and container-run top-level build targets to manage dependencies better and to auto-version the build products. ... (check-in: 67386c75f5 user: wyoung tags: trunk) | |
| 23:07 | Put the "--user fossil" bit back into the fossil server command for the container. Just ran into a situations where it's still needed. ... (check-in: 4c8cc80450 user: wyoung tags: trunk) | |
| 22:13 | Polishing pass on the container repo storage section of the build docs. ... (check-in: 3e332637f1 user: wyoung tags: trunk) | |
| 22:02 | Changed several of the Docker environment variables to build arguments so the user an override them at build time rather than container creation time, and documented them in build.wiki. Using this new mechanism to pull the Fossil source tarball in such a way that we can use the Docker artifact cache without getting stale builds. You can now pass one of the new build args to force the old behavior if you want it. This required generating Dockerfile from Dockerfile.in at configure time, to inject the current Fossil checkin ID. (This busts the Docker cache when the source tree changes.) ... (check-in: f938438380 user: wyoung tags: trunk) | |
| 15:32 | Adding the BusyBox tarball to the container image with an ADD command rather than wget to avoid triggering GitHub throttling. Unlike the Fossil repo URL, it has a version number baked into it, so it's safe to give it over to Docker's caching behavior. ... (check-in: d06d7c464e user: wyoung tags: trunk) | |
| 14:48 | Noted the container size shrinkage in the fossil-v-git doc ... (check-in: f21de33e97 user: wyoung tags: trunk) | |
| 14:42 | The container now builds Busybox from source so we can remove utilities that are unhelpful inside the container. We leave a lot behind for expansion (e.g. the runit init system, crond, inetd…) but we remove things that have no possible justification, such as modprobe. We remove everything from /bin that's a shell builtin (echo, printf, test…) and we replace a few BusyBox commands (sha[13]sum) with wrapper shell scripts that call Fossil builtins. We cap that off by adding a "sqlite3" wrapper that calls "fossil sqlite3 --no-repository", just for fun. All together, this trims about a meg of fat. ... (check-in: 953f367e94 user: wyoung tags: trunk) | |
| 10:28 | Add #ifdef's to fix the Windows build. ... (check-in: f572f7524d user: florian tags: trunk) | |
| 10:25 | Simplification and harmonisation of the help text. ... (check-in: 6d10841735 user: florian tags: timeline-keyboard-navigation) | |
| 10:21 | Also disable shortcut handling if the View Style drop-down list has keyboard focus. ... (check-in: f419c7ebe7 user: florian tags: timeline-keyboard-navigation) | |
|
2022-08-14
| ||
| 19:53 | The chown -R bit added to the Dockerfile touches /jail/bin/fossil, which causes "docker build" to promote it back into a new layer, nearly doubling the container size. Doing a chown now only on two directories, restoring it to its sub-9M size. ... (check-in: 00cc9c3eb1 user: wyoung tags: trunk) | |
| 19:42 | Fossil's chroot feature drops root permissions based on file ownership, but since the container was built with everything-root, its HTTP hit handling children would run as whatever host-side UID/GID pair you used for file ownership. What happened next was complex. If you let the container create the repo internally, it would be owned as root, so it would drop root permissions for…root! This isn't super-bad, since Fossil is presumed secure and is double-jailed besides. The risk is, if anyone works out an RCE for Fossil, they might be able to get it to create raw sockets or do various other types of escapes despite the double-jail dance. Attaching a Docker volume brings external permisssions into the container. We were recommending a "chown 0" command on the shared volume to make it similar to the in-container case, but that opens you to the same risks above. If you ignored this and used host-side UID/GID pairs, Fossil would then be left running under IDs that didn't exist internally, which could cause assorted weirdness. We're now creating an explicit "fossil" user/group pair inside the container and recommending that Docker volumes use these IDs for copied-in files to batten down something that shouldn't've been left flapping. Updated build.wiki to cover all this. ... (check-in: ba21bc0b8f user: wyoung tags: trunk) | |
| 19:33 | Resolved timeline segfault reported in [forum:0bbb66eee4ba35db|forum post 0bbb66eee4ba35db], triggered by entries with NULL checkin messages. ... (check-in: 20eab78592 user: stephan tags: trunk) | |
| 18:48 | Moved the SIGTERM handler up before the "fossil server" HTTP hit handler. We had it clustered with the other signal() calls, but those are to handle signals intended to occur only during CGI processing. This one will normally occur while we're blocked, waiting for the HTTP hit to occur, so it had no useful effect where it was. ... (check-in: d3c55fe024 user: wyoung tags: trunk) | |
| 18:01 | Changed previous to call fossil_exit() instead of exit(3) so we close our databases before dying. ... (check-in: 7c857d2233 user: wyoung tags: trunk) | |
| 17:59 | The parent process now handles SIGTERM with an explicit exit(3) call when its PID is 1, as when it's running as "fossil server" in a Docker container. Without this, the container host's shutdown process takes a long time because it's waiting on PID 1 to die and eventually has to time out and kill it. ... (check-in: 1d09e60739 user: wyoung tags: trunk) | |
| 16:19 | Markup fix ... (check-in: cf1497877a user: wyoung tags: trunk) | |
| 16:18 | Clarified the fact that the "docker cp" command is changing the name of the repository DB file. ... (check-in: f0b15a37fc user: wyoung tags: trunk) | |
| 16:15 | Slight emphasis fix in previous ... (check-in: 1441c2e6d3 user: wyoung tags: trunk) | |
| 16:13 | Edit pass on §5.1 of build.wiki, fixing a number of unclear bits, particularly with regard to images vs containers. ... (check-in: e2b9114b18 user: wyoung tags: trunk) | |
| 08:54 | Merge with trunk to get the latest web UI fixes. ... (check-in: e317872280 user: florian tags: timeline-keyboard-navigation) | |
| 08:16 | Comment and TODO updates. ... (check-in: cfed59c9d1 user: florian tags: timeline-keyboard-navigation) | |
| 08:07 | Cancel default actions and further bubbling of handled keys, in case of conflicts with browser (extension) defaults. ... (check-in: 5257960080 user: florian tags: timeline-keyboard-navigation) | |
| 08:03 | Fix the shortcut handler to cycle between selected, check-out and ticked entries getting stuck, and give highest priority to ticked entries. ... (check-in: b6a656b520 user: florian tags: timeline-keyboard-navigation) | |
| 07:56 | Remap keyboard shortcuts, and ensure only letter keys are combined with SHIFT, as non-letter keys may produce different key code pairs with and without SHIFT depending on the keyboard layout. ... (check-in: 33f9315d44 user: florian tags: timeline-keyboard-navigation) | |
|
2022-08-13
| ||
| 23:39 | Using the preceding --chroot fixes to make the Docker container serve the repo from /jail/museum/repo.fossil rather than from the chroot dir, /jail. This then allows us to mount a Docker volume at /jail/museum, which has an independent persistence from the container proper, so we can now rebuild the container without destroying the presumably precious repo. Updated build.wiki to track this change and document the lessons gleaned from doing all of this. ... (check-in: f76e762fb7 user: wyoung tags: trunk) | |
| 22:15 | Moved the chdir() call within enter_chroot_jail() down below the new repo name canonicalization code to allow use of relative path names. Before, you had to give an absolute path to the repo, since we'd cd'd away from that directory before we started to validate the path. ... (check-in: e94621186f user: wyoung tags: trunk) | |
| 22:14 | Moved the setting of g.fJail flag into the repo = "/" case since it exists only to communicate the chroot status to --repolist mode. (This confirms the speculation in the prior commit's comment: the prior behavior existed to serve repolist mode only.) ... (check-in: 324d232c25 user: wyoung tags: trunk) | |
| 21:21 | Fixed the --chroot flag to "fossil server" and "fossil http" to allow it to work in conjunction with the single-repository case. Before, it blindly assumed --repolist mode. ... (check-in: 6f92ad99d9 user: wyoung tags: trunk) | |
|
2022-08-12
| ||
| 17:01 | Fixed pointless use of interwiki link in the new section 2.2 material of fossil-v-git. ... (check-in: 73c95307c9 user: wyoung tags: trunk) | |
|
2022-08-11
| ||
| 10:02 | Potential, minimally-tested fix for (remote add default URL) not working, as reported in [forum:5748fcb117a99b43|forum post 5748fcb117a99b43]. ... (check-in: c06f58b565 user: stephan tags: remote-add-fix) | |
| 06:42 | Another attempt to make the CSS for the focus indicator work with any skin foreground and background colors and branch colors: instead of changing just the background color, the foreground color is also adjusted, so the indicator can still be recognized even if similar to a branch color. Besides, no more editing of SVG code is necessary to make adjustments. ... (check-in: a8d306bec6 user: florian tags: timeline-keyboard-navigation) | |
| 06:17 | Mention in the help text that ticking the second entry node opens the diff page. Again, thanks @rouilj! ... (check-in: 13e0f32e3b user: florian tags: timeline-keyboard-navigation) | |
| 06:12 | Swap semantics of the "primary" and "secondary" highlighted entries to improve selection of the default focused entry. The "secondary" corresponds to the "To:" entry on /vdiff pages and hance is the last focused entry, so should also be the default when returning to /timeline both by keyboard shortcut or the browser "backwards" command. Thanks @rouilj for spotting this! ... (check-in: 63c1be8c31 user: florian tags: timeline-keyboard-navigation) | |
| 05:57 | Shortcut "." (period) to set focus to the entry closest to the center of the viewport. (The keys need to be reassigned later, since non-letter keys don't produce the same characters with or without SHIFT pressed on all keyboard layouts.) Thanks @rouilj for the suggestion and the hint! ... (check-in: e1796f2df2 user: florian tags: timeline-keyboard-navigation) | |
| 05:48 | Refactorings to cookie handling. ... (check-in: cf38f5abb8 user: florian tags: timeline-keyboard-navigation) | |
| 03:58 | • Edit [49a2d1361f6c6932|49a2d1361f]: Edit check-in comment. ... (artifact: 4d4dc762d7 user: florian) | |
| 03:54 | • Edit [2fc93df48f9ce81c|2fc93df48f]: Mark "Closed". ... (artifact: fc23aa8011 user: florian) | |
| 03:53 | Fix a build error introduced by check-in [fc8e5750d7]. ... (check-in: 49a2d1361f user: florian tags: trunk) | |
|
2022-08-10
| ||
| 06:03 | Merge fixes to the accordion panel JS script. ... (check-in: 44a7149dc7 user: florian tags: trunk) | |
| 06:02 | Record a comment on the findings discovered during repair of the accordion panel JS script. ... (Closed-Leaf check-in: 2fc93df48f user: florian tags: accordion-fix) | |
| 06:00 | Add the new subcommand `fossil branch lsh' to list the most recently modified branches. ... (check-in: fc8e5750d7 user: florian tags: trunk) | |
| 05:56 | Fix a compiler warning. ... (Closed-Leaf check-in: 877b237ba2 user: florian tags: ls-hot-branches) | |