aboutsummaryrefslogtreecommitdiff
path: root/ikiwiki.in
Commit message (Collapse)AuthorAge
* Exclude working directory from library path (CVE-2016-1238)Simon McVittie2016-07-28
| | | | | | | | | | | | | | | | | | | | | Current Perl versions put '.' at the end of the library search path @INC, although this will be fixed in a future Perl release. This means that when software loads an optionally-present module, it will be looked for in the current working directory before giving up. An attacker could use this to execute arbitrary Perl code from ikiwiki's current working directory. Removing '.' from the library search path in Perl is the correct fix for this vulnerability, but is not trivial to do due to backwards-compatibility concerns. Mitigate this (even if ikiwiki is run with a vulnerable Perl version) by explicitly removing '.' from the search path, and instead looking for ikiwiki's own modules relative to the absolute path of the executable when run from the source directory. In tests that specifically want to use the current working directory, use "-I".getcwd instead of "-I." so we use its absolute path, which is immune to the removal of ".".
* Standardize on --long-option instead of -long-optionSimon McVittie2015-03-01
| | | | | | | | | | [[forum/refresh_and_setup]] indicates some confusion between --setup and -setup. Both work, but it's clearer if we stick to one in documentation and code. A 2012 commit to [[plugins/theme]] claims that "-setup" is required and "--setup" won't work, but I cannot find any evidence in ikiwiki's source code that this has ever been the case.
* Switch to YAML::XS to work around insanity in YAML::Mo. Closes: #657533Joey Hess2012-01-28
| | | | | | | | | https://rt.cpan.org/Ticket/Display.html?id=74487 Gave up trying to support multiple YAML backends. The XS one requires ugly manual encoding to get unicode right, and doesn't allow dumping yaml fragments w/o the yaml header, but at least it doesn't randomly crash on import like YAML::Mo has started to.
* call checkconfig in --dumpsetupJoey Hess2011-08-05
| | | | | This avoids warnings when building a setup file from scratch, in which case some default settings need to be used.
* Remove PATH overriding code in ikiwiki script that was present to make perl ↵Joey Hess2010-09-07
| | | | taint checking happy, but taint checking is disabled.
* move wrapper building loop into Wrapper.pmJoey Hess2010-07-24
|
* Add --changesetup mode that allows easily changing options in a setup file.Joey Hess2010-07-08
|
* version IkIWiki use, to help prevent wacky mismatch errorsJoey Hess2010-05-04
|
* automatically run --gettime, and optimise it for gitJoey Hess2010-04-16
| | | | | | | | | | * Automatically run --gettime the first time ikiwiki is run on a given srcdir. * Optimise --gettime for git, so it's appropriatly screamingly fast. (This could be done for other backends too.) * However, --gettime for git no longer follows renames. * Use above to fix up timestamps on docwiki, as well as ensure that timestamps on basewiki files shipped in the deb are sane.
* --gettime revampJoey Hess2010-04-16
| | | | | | | | * Rename --getctime to --gettime. (The old name still works for backwards compatability.) * --gettime now also looks up last modification time. * Add rcs_getmtime to plugin API; currently only implemented for git.
* work around silly warningJoey Hess2010-03-24
|
* fix unicode with YAML::SyckJoey Hess2010-03-24
| | | | Syck-- it doesn't use unicode by default?! Hello, 2010 calling..
* add newline to --set-yaml valueJoey Hess2010-03-24
| | | | | YAML is picky about the data ending with a newline, and this makes it easier to accomplish that
* fall back from YAML::Any to just YAMLJoey Hess2010-03-24
| | | | for portabilty to old YAML in Debian stable that lacks the former.
* Add --set-yaml switch for setting more complex config file options.Joey Hess2010-03-24
|
* Add a include setting, which can be used to make ikiwiki process wiki source ↵Joey Hess2010-03-14
| | | | files, such as .htaccess, that would normally be skipped for security or other reasons. Closes: #447267 (Thanks to Aaron Wilson for the original patch.)
* Add new --clean option; this makes ikiwiki remove all built files in the ↵Joey Hess2010-02-28
| | | | destdir, as well as wrappers and the .ikiwiki directory.
* clean up use of IkiWiki::ReceiveJoey Hess2009-09-10
| | | | | | | | | | Loading and use of IkiWiki::Receive can all be pushed into the git plugin, rather than scattered around. I had at first wanted to make a receive plugin and move it there, but a plugin was not a good fit; you don't want users to have to manually load it, and making the git plugin load the receive plugin at the right times would need more, and ugly code.
* remove -T from ikiwiki.in, add back if NOTAINT=0Joey Hess2009-05-22
|
* Fix unusual --setup --post-commit command line option combo.Joey Hess2009-02-09
|
* Coding style change: Remove explcit vim folding markers.Joey Hess2008-12-17
|
* Correct --dumpsetup to include the srcdir in the setup file.Joey Hess1997-08-14
|
* fix --wrappergroupJoey Hess1997-08-14
| | | | Was documented to work at command line, but didn't
* require srcdir and destdir params when --render used w/o --setupJoey Hess2008-10-30
| | | | | The srcdir is needed by --render, so if --setup is not specified, read it at the command line.
* fix --setup --renderJoey Hess2008-10-30
| | | | In this mode, rebuild mode should not be on
* Preserve syslog setting when doing `ikiwiki -setup foo -dumpsetup bar`Joey Hess2008-10-29
| | | | | | | The syslog value from the setup file is purposfully ignored when doing ikiwiki -setup, so that it will output to stdout (while generating wrappers that do use the syslog). But that caused -dumpsetup to not preserve the syslog value from the setup file.
* do no-op post_commit test in wrapperJoey Hess2008-10-26
| | | | | | | | | | | | | | | | | | | This speeds up web commits by 1/4th of a second or so, since perl does not have to start up for the post commit hook. perl's locking is completly FuBar, since it's impossible to tell what perl flock() really does, and thus difficult to write code in other languages that interoperates with perl's locking. (Let alone interoperating with existing fcntl locking from perl...) In this particular case, I think I was able to find a way to avoid the insanity, mostly. The C code does a true flock(2), and if perl is using an incompatable lock method that does not use the same locking primative at the kernel level, then the C code's test will fail, and it will go ahead and run the perl code. Then the perl code's test will test the right thing. On Debian, at least lately, perl's flock() does a true flock(2), so the optimisation does work.
* move untrusted committer test into the wrapperJoey Hess2008-10-26
| | | | | This saves around 1/4th second per trusted commit since ikiwiki doesn't need to start up.
* untrusted committers code seems to be fully workingJoey Hess2008-10-23
| | | | Still need to investigate possible races, and test some more.
* more work on untrusted committersJoey Hess2008-10-23
| | | | | Wired up check_canedit and check_canremove, still need to deal with check_canattach, and test.
* Merge branch 'master' into git-anonJoey Hess2008-10-23
|\
| * Optimise the no-op post-commit hook in the web edit case by skipping loading ↵Joey Hess2008-10-23
| | | | | | | | plugins. (Particularly a win when using external plugins.)
* | initial support for git repos with untrusted committersJoey Hess2008-10-22
|/ | | | | Still need to wire up the calls to check_* , but it's cold out here and my hands are going numb, so enough for now.
* typoJoey Hess2008-10-01
|
* don't say rebuilding wiki when refreshingJoey Hess2008-09-30
| | | | | If run w/o --refresh, it should still say "refreshing wiki", if there's no setup file specifed.
* Epand usage message and add --help. Closes: #500344Joey Hess2008-09-27
|
* allow setup file to enable verbose modeJoey Hess2008-09-23
|
* Fix reversion in use of ikiwiki -verbose -setup with a setup file that ↵Joey Hess2008-09-20
| | | | | | | | | | | | | | enables syslog. Setup output is once again output to stdout in this case. Implemented by stashing the verbose/syslog values set in the setup file, and using those values in the generated wrappers, but not allowing them to take effect during the setup operation itself, so that command-line options, appearing before or after -setup, are honored. Also, some cleanups to how %config is generated for wrappers, removing some fields that do not need to be recorded inside the wrapper.
* Avoid uninitialised value when --dumpsetup is used and no srcdir/destdir ↵Joey Hess2008-09-08
| | | | specified.
* Options set in the setup file are now immediatly loaded by ikiwiki -setup. ↵Joey Hess2008-08-06
| | | | This allows later switches to override them. Previously, setup file options overrode most command line options.
* remove WRAPPED_OPTIONS once loadedJoey Hess2008-08-05
| | | | This makes reentrant ikiwiki calls from wrappers work.
* avoid forcing verbose offJoey Hess2008-08-05
| | | | | Setting to undef rather than 0 means that setup files generated from the cgi wrapper will not have verbose set to 0, but instead commented out.
* Revert "typo"Joey Hess2008-08-05
| | | | This reverts commit c8d3626c51bdc53781d9431b1da88ae1e92dc2d5.
* typoJoey Hess2008-08-05
|
* checkconfig before wrapper setupJoey Hess2008-07-27
| | | | Necessary now that the plugins control what wrappers are built.
* allow --dumpsetup to be used w/o specifying srcdir and destdirJoey Hess2008-07-26
| | | | | shortcut tried to use srcdir in checkconfig; change it to not so this will work.
* refactorJoey Hess2008-07-26
|
* can now dump fully functional setup filesJoey Hess2008-07-26
|
* don't clear syslog config when dumpingJoey Hess2008-07-26
|
* httpauth removed long agoJoey Hess2008-07-26
|