cgit with patches for sandboxing using qssb
Αναζήτηση αρχείου
Jason A. Donenfeld a6a932e198 CGIT-0.9.1
Enhancements:
- path-selected submodule links
- intelligent default branch guessing
- /etc/mime.types lookup
- gitweb.* and cgit.* git-config support
- case insensitive sorting and age sorting
- commit, repository, and section sorting
- bold currently viewed page in pagination
- support BSDs in makefile

Security:
- CVE-2012-4465: heap-buffer overflow in parsing.c
- CVE-2012-4548: syntax highlighting command injection

Bug Fixes:
- transition maintainer to Jason Donenfeld (zx2c4)
- download git snapshot from github instead of Lars' old server
- css fixes
- stablization of tests
- more compatible default highlight script
- suppress gzip timestamp so that tarballs only use tar timestamps
- treat ctags as target in makefile
- do not let global variables override certain local repo settings
- print ampersand as proper html entity
- use placeholder for empty commit subject
- format diff view for addition and removal of files
- point links at correct blob from ssdiff

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2012-11-15 01:28:59 +01:00
filters syntax-highlighting.sh: Fix command injection. 2012-10-27 20:05:50 -06:00
git@7ed863a85a Use GIT-1.7.4 2011-02-19 13:55:43 +01:00
tests tests: check for proper html entity 2012-10-17 17:18:35 +02:00
.gitignore Fix doc-related glitches in Makefile and .gitignore 2009-03-15 09:27:54 +01:00
.gitmodules Delete submodules.sh and prepare for using git-submodule 2007-09-03 22:54:51 +02:00
cache.c Fix some warnings to allow -Werror 2008-11-06 19:18:07 +01:00
cache.h use __attribute__ to catch printf format mistakes 2010-09-04 11:11:40 -04:00
cgit-doc.css Add cgit-doc.css 2009-02-12 10:24:25 +01:00
cgit.c ui-log: Add "commit-sort" option for controlling commit ordering 2012-10-17 16:30:29 +02:00
cgit.css ui-repolist: Bold the currently viewed page. 2012-10-08 23:29:29 +02:00
cgit.h ui-log: Add "commit-sort" option for controlling commit ordering 2012-10-17 16:30:29 +02:00
cgit.png Use transparent background for the cgit logo 2011-02-19 14:41:39 +01:00
cgitrc.5.txt man: show mime type default value 2012-11-15 01:26:06 +01:00
cmd.c ui-log: Add "commit-sort" option for controlling commit ordering 2012-10-17 16:30:29 +02:00
cmd.h Add is_clone flag to available commands 2011-02-19 14:57:48 +01:00
configfile.c Move function for configfile parsing into configfile.[ch] 2008-03-28 00:09:11 +01:00
configfile.h Move function for configfile parsing into configfile.[ch] 2008-03-28 00:09:11 +01:00
COPYING Add license file and copyright notices 2006-12-10 22:41:14 +01:00
gen-version.sh gen-version.sh: don't sed the output from git describe 2007-10-01 12:09:41 +02:00
html.c Merge branch 'stable' 2011-07-21 14:27:03 +00:00
html.h html.c: add html_intoption() 2011-03-06 23:57:26 +01:00
Makefile CGIT-0.9.1 2012-11-15 01:28:59 +01:00
parsing.c do not write outside heap buffer 2012-10-02 04:03:47 +02:00
README README: times, they are a-changin 2012-10-09 13:21:30 +02:00
scan-tree.c scan-tree: Unify gitweb.* and cgit.* settings into one config option. 2012-10-17 16:30:09 +02:00
scan-tree.h Add support for 'project-list' option 2010-08-04 03:09:32 +02:00
shared.c ui-log: Add "commit-sort" option for controlling commit ordering 2012-10-17 16:30:29 +02:00
ui-atom.c Append path and branch to atom feed title 2010-11-07 16:35:54 +01:00
ui-atom.h Add atom-support 2008-08-01 22:12:34 +02:00
ui-blob.c prefer html_raw() to write() 2010-09-04 14:30:10 -04:00
ui-blob.h Support refspecs in about-filter. 2010-08-20 18:57:30 +02:00
ui-clone.c Supply status description to html_status() 2008-08-06 22:57:44 +02:00
ui-clone.h Add support for cloning over http 2008-08-06 11:21:09 +02:00
ui-commit.c cgit.c: always setup cgit repo environment variables 2011-06-13 23:03:46 +00:00
ui-commit.h ui-commit: Limit diff based on path limit in qry.path 2010-06-19 10:40:23 +02:00
ui-diff.c Format git diff headers correctly when adding or removing files. 2012-11-15 00:56:20 +01:00
ui-diff.h ui-diff.c: create a control panel for diff options 2011-03-06 23:59:56 +01:00
ui-log.c ui-log: Add "commit-sort" option for controlling commit ordering 2012-10-17 16:30:29 +02:00
ui-log.h ui-log: Add "commit-sort" option for controlling commit ordering 2012-10-17 16:30:29 +02:00
ui-patch.c Format git diff headers correctly when adding or removing files. 2012-11-15 00:56:20 +01:00
ui-patch.h ui-patch: Apply path limit to generated patch 2010-06-19 10:40:23 +02:00
ui-plain.c Merge branch 'fh/mimetypes' 2012-03-18 21:01:28 +00:00
ui-plain.h Implement plain view 2008-08-06 11:21:30 +02:00
ui-refs.c Merge branch 'stable' 2010-08-03 22:52:11 +02:00
ui-refs.h Add separate header-files for each page/view 2008-03-24 16:38:47 +01:00
ui-repolist.c ui-repolist: Add "section-sort" flag to control section sorting. 2012-10-17 16:30:22 +02:00
ui-repolist.h Prepare for 'about site' page / add 'root-readme' option to cgitrc 2008-04-29 01:06:30 +02:00
ui-shared.c ui-shared: use placeholder for empty commit subject 2012-10-28 11:53:58 -06:00
ui-shared.h Merge branch 'lh/module-links' 2012-03-18 20:59:36 +00:00
ui-snapshot.c ui-snapshot: pass -n to gzip, to suppress timestamp 2012-09-27 03:35:25 +02:00
ui-snapshot.h Set prefix in snapshots when using dwimmery 2008-11-30 13:39:53 +01:00
ui-ssdiff.c ssdiff: point line links at exact blob by prepending "id=" 2012-11-15 01:03:50 +01:00
ui-ssdiff.h ui-ssdiff: move LCS table away from the stack 2012-01-03 15:16:01 +00:00
ui-stats.c ui-stats.c: fix invalid html 2011-05-30 22:21:22 +00:00
ui-stats.h Add and use cgit_find_stats_periodname() in print_repo() 2009-08-24 11:02:48 +02:00
ui-summary.c ui-log: Add "commit-sort" option for controlling commit ordering 2012-10-17 16:30:29 +02:00
ui-summary.h ui-summary: enable arbitrary paths below repo.readme 2009-08-09 13:41:54 +02:00
ui-tag.c ui-tag: make output more similar to commit view 2009-10-06 20:33:04 +02:00
ui-tag.h Add separate header-files for each page/view 2008-03-24 16:38:47 +01:00
ui-tree.c ui-tree.c: add support for path-selected submodule links 2011-06-15 10:40:13 +02:00
ui-tree.h Add separate header-files for each page/view 2008-03-24 16:38:47 +01:00
vector.c Add vector utility functions 2010-11-10 00:22:41 +01:00
vector.h Add vector utility functions 2010-11-10 00:22:41 +01:00

                       cgit - cgi for git


This is an attempt to create a fast web interface for the git scm, using a
builtin cache to decrease server io-pressure.


Installation

Building cgit involves building a proper version of git. How to do this
depends on how you obtained the cgit sources:

a) If you're working in a cloned cgit repository, you first need to
initialize and update the git submodule:

  $ git submodule init     # register the git submodule in .git/config
  $ $EDITOR .git/config    # if you want to specify a different url for git
  $ git submodule update   # clone/fetch and checkout correct git version

b) If you're building from a cgit tarball, you can download a proper git
version like this:

  $ make get-git


When either a) or b) has been performed, you can build and install cgit like
this:

  $ make
  $ sudo make install

This will install cgit.cgi and cgit.css into "/var/www/htdocs/cgit". You can
configure this location (and a few other things) by providing a "cgit.conf"
file (see the Makefile for details).


Dependencies:
  -git 1.7.4
  -zip lib
  -crypto lib
  -openssl lib


Apache configuration

A new Directory-section must probably be added for cgit, possibly something
like this:

  <Directory "/var/www/htdocs/cgit/">
      AllowOverride None
      Options +ExecCGI
      Order allow,deny
      Allow from all
  </Directory>


Runtime configuration

The file /etc/cgitrc is read by cgit before handling a request. In addition
to runtime parameters, this file may also contain a list of repositories
displayed by cgit (see cgitrc.5.txt for further details).


The cache

When cgit is invoked it looks for a cachefile matching the request and
returns it to the client. If no such cachefile exist (or if it has expired),
the content for the request is written into the proper cachefile before the
file is returned.

If the cachefile has expired but cgit is unable to obtain a lock for it, the
stale cachefile is returned to the client. This is done to favour page
throughput over page freshness.

The generated content contains the complete response to the client, including
the http-headers "Modified" and "Expires".


Online presence

* The cgit homepage is hosted by cgit at http://git.zx2c4.com/cgit/about

* Patches, bugreports, discussions and support should go to the cgit
  mailing list: cgit@hjemli.net