Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

203 ancestors of version-2.20 back to version-2.19

Version 2.20 ... (check-in: 210e89a0 user: drh tags: trunk, release, version-2.20)
Update the built-in SQLite to the 3.40.0 release. ... (check-in: d0ee8100 user: drh tags: trunk)
Update the built-in SQLite to the 3.40.0 rc1 for testing. ... (check-in: 2ece5d0f user: drh tags: trunk)
Only issue notififications for ticket changes that do not previously appear in the EVENT table. Fix for ticket [ad9aa572e7972f57]. ... (check-in: fb040bb0 user: drh tags: trunk)
Fix the TH_ListAppend() function in TH1 so that it correctly escapes strings that have a '}' character that has no matching '{' to its left. Fix for ticket [4d73b4a2258a78e2]. ... (check-in: 4ec65ebb user: drh tags: trunk)
A proposed fix for ticket [ad9aa572e7972f57]. Use an UPDATE rather than a REPLACE where possible when redoing EVENT table entries for tickets that are being rebuild, in order to avoid unnecessary notification events. ... (Closed-Leaf check-in: 1f0f6226 user: drh tags: ticket-notification-fix)
Yet another shell.c import from SQLite to deal with more typedef issues. ... (check-in: f0e625b1 user: drh tags: trunk)
Update to a newer version of 3.40.0 that includes a fix to shell.c that allows it to be compiled with older C compilers. ... (check-in: 25799e89 user: drh tags: trunk)
Respect `"timeline-utc"` setting when a ticket change artifact is displayed on the /info page. This makes it consistent with other places and fixes a hyperlink to the corresponding item of the /timeline. ... (check-in: 0028a3ca user: george tags: trunk)
Update the built-in SQLite to the latest 3.40.0 beta, for testing. ... (check-in: 10d71748 user: drh tags: trunk)
Also documented the new "clone -u -v" feature. ... (check-in: 0d61fd23 user: wyoung tags: trunk)
Since it seems my clone -u fixes are going to stick, documented them in the changelog. ... (check-in: 02631e35 user: wyoung tags: trunk)
Improve correctness, usability and efficiency for the case when values in a TICKET's column tend to be long and volatile.

Owner of a repository may specify one or several TICKET's columns so that delta-compression is tried for the corresponding ticket change artifacts and the corresponding changes on the /tkthistory page are rendered via unified diffs.

See details in the associated wiki. ... (check-in: 872a3b23 user: george tags: trunk)

Add comments for auxiliary local variables inside ticket_output_change_artifact(). ... (Closed-Leaf check-in: 53b66cf6 user: george tags: deltify-tkt-blobs)
Typo fix in ... (check-in: 141793c4 user: stephan tags: deltify-tkt-blobs)
Merge trunk into deltify-tkt-blobs branch. ... (check-in: 86916df5 user: stephan tags: deltify-tkt-blobs)
Fix a typo in a comment. ... (check-in: a2ed1119 user: george tags: deltify-tkt-blobs)
Add more comments and a changelog item. No code changes. ... (check-in: e690df08 user: george tags: deltify-tkt-blobs)
The check for whether to continue during sync due to outstanding "uvgimme" requests was being skipped in clone -u mode due to misordered tests at the end of the client side of the sync protocol. ... (check-in: 52648d03 user: wyoung tags: trunk)
Since "fossil uv sync -v" turns on UV trace mode, made "fossil clone -u -v" enable that mode as well, since otherwise there's no way to get into UV trace mode during clone. (e.g. There is no global "--uvtrace" option.) ... (check-in: cdd58b1f user: wyoung tags: trunk)
Consolidated two related tests in the sync protocol to avoid re-testing a flag twice and to bring related code closer together. ... (check-in: 6293b282 user: wyoung tags: trunk)
Corrected a difference in the case of a SQLite table name. The DBMS doesn't care, but it risks missing relevant references to this table when searching with a case-sensitive text editor. ... (check-in: 1b1887cb user: wyoung tags: trunk)
Mention the new `fossil branch lsh' subcommand in the change log. ... (check-in: 67c9d929 user: florian tags: trunk)
Typo fix in the 2.20 changelog ... (check-in: c3012508 user: wyoung tags: trunk)
Update the built-in Pikchr source code and WASM/JS builds. ... (check-in: 8f4a32cc user: drh tags: trunk)
Update the built-in SQLite to the latest 3.40.0 alpha version that includes all performance enhancements and bug fixes. ... (check-in: 4aa78375 user: drh tags: trunk)
Update to a still newer version of SQLite 3.40.0 alpha that compiles without warnings on Mac ARM64. ... (Closed-Leaf check-in: 6ff6d495 user: drh tags: busted-build)
Remove the -D_HAVE_SQLITE_CONFIG_H option from the build of SQLite. We haven't had the config.h file for SQLite, so this should be a harmless change. ... (check-in: 2522366f user: drh tags: busted-build)
Update the built-in SQLite to the latest 3.40.0 alpha version that includes all bug fixes and performance enhancements. ... (check-in: c7dc1884 user: drh tags: busted-build)
Fix a comment typo. ... (check-in: db8b14c5 user: drh tags: trunk)
Code maintenance for the `copybtn.js' script: Remove global data, reference DOM elements by function-binding instead of by id (that is possibly reused for the short-lived tooltip), and normalize variable names and string quoting style. ... (check-in: d5f66215 user: florian tags: trunk)
Minor comment reformatting. ... (check-in: 0df4abc7 user: stephan tags: trunk)
Cache get_comment_format() result to avoid that the global config db is queried once per timeline row, which brings fossil to a standstill when ~/ is NFS-mounted. Discussion in 9aaefe4e536e01bf. ... (check-in: 6e62c851 user: stephan tags: trunk)
Add a by-hour-of-day report to the /reports page, prompted by a /chat discussion. (Edit: initial user mis-attribution was caused by a config-pull which changed my local default user.) ... (check-in: bb6f2331 user: stephan tags: trunk)
For the BUILTIN virtual table, map one-based rowids to zero-based array indices, to fix access to the first entry. ... (check-in: cf563c72 user: florian tags: trunk)
Document more consequences of the merge parent-merge child relationship not recorded for private branches. ... (check-in: 3b719a96 user: florian tags: trunk)
Cherry-pick [767b175d90]: Avoid references to private check-ins in Q-cards of public check-in manifests. This ensures consistent behavior regarding leakage of private check-in hashes, possibly generating phantoms on peer repositories, for P- and Q-cards. ... (check-in: 52a66829 user: florian tags: trunk)
Highlight a ticket's change that corresponds to the URL's fragment of the /tkthistory page. ... (check-in: 7afd4db3 user: george tags: deltify-tkt-blobs)
Rework the previous check-in to fix incorrect backlinks' sources for the case when values are appended to a field (i.e. a value of J-card starts with '+'). Consider a reference to 77ab05a0e9 from [caeb7d672df20] for an example which was handled incorrectly by [668e45baff99]. ... (check-in: 4d5ded5e user: george tags: deltify-tkt-blobs)
Grammar fix ... (check-in: 658547aa user: wyoung tags: trunk)
Assorted fixes and improvements to the doc ... (check-in: 27458ef7 user: wyoung tags: trunk)
Updated the debian/ doc for Ubuntu 22.04. The biggie is simplifying the TLS configuration, since the manual method we used to have no longer seems to be required with current versions of Certbot. ... (check-in: 716ae7c0 user: wyoung tags: trunk)
Fixed a few references to the obsolete doc. (It became part of the overall server doc long ago.) ... (check-in: 780b58bc user: wyoung tags: trunk)
Assorted updates surrounding my fslsrv wrapper:
  • Reflected improvements from the version into this simpler alternative. Although we don't generally recommend use of this script any more, preferring systemd to get autostart on boot and autorestart on crash, www/server/any/ still refers to this script, and it feels like a regression to remove it. If someone is interested in simple-as-possible SCGI service, fslsrv is a fit companion.
  • Removed direct reference to fslsrv from www/server/debian/ since the indirect reference via the SCGI doc suffices.
  • The full-strength nginx doc now refers to both of these fslsrv variants in a handwavy way, since it's outside the scope of that doc to care how you get your background SCGI servers running.
... (check-in: 1cbcb38c user: wyoung tags: trunk)
Added hyperlinks to the new changelog entries referencing the files in question. ... (check-in: 2c127ba7 user: wyoung tags: trunk)
Fix the htmlizer so that it converts 0x0d (carriage return) into 0x20 (ordinary space). Fix for the diff problem reported by forum post 2a63b483f5f048c2 ... (check-in: 050ba629 user: drh tags: trunk)
Closing off the containers project: added the doc to the permuted index, noted the changes in the changelog, and removed all the hedging about WAL mode in the doc, having failed to make WAL fail in this scenario. ... (check-in: 92982dc4 user: wyoung tags: trunk)
Fix some broken hyperlinks in documentation files. ... (check-in: a59af25f user: danield tags: trunk)
Fix redundant back-references originating from outdated/superseded values within TICKET table. See forum thread a6ba08e926. ... (check-in: 668e45ba user: george tags: deltify-tkt-blobs)
Fix naming of columns on the /test-backlinks page. ... (check-in: 6a5604f4 user: george tags: deltify-tkt-blobs)
Typo fixes in the /dir browser header: All File ==> All Files. ... (check-in: 7727f9a6 user: stephan tags: trunk)
Simplification to the JS used as part of anti-robot defenses. ... (check-in: 08535b22 user: drh tags: trunk)
Correct skintxt2config.c to be able to handle 0-byte input files. ... (check-in: c7c1c4e8 user: stephan tags: trunk)
'skin:' CGI config directive now accepts an empty value for consistency with the --skin CLI flag. ... (check-in: 6362a98f user: stephan tags: trunk)
--skin "" now forces use of the current edited skin and the warning on the /skins page about a forced skin now distinguishes between /draft and --skin ... usage. ... (check-in: 816f6c04 user: stephan tags: trunk)
Import the latest 3.40.0 alpha version of SQLite into the tree. ... (check-in: fbad2772 user: drh tags: trunk)
add new "Related Work" page linked from the User Links page

Suggested by drh@ with lots of tweaks from wyoung@ ... (check-in: 8ab498bd user: mark tags: trunk)

improve login-group command documentation and output

Prompted by 58f01f6d92, a7d15cc071, and 1c639bcdea. Clarify semantics of -R|--repository in 'fossil login-group join' and make user output more helpful. While here, trim some trailing whitespace. ... (check-in: 83bc81e8 user: mark tags: trunk)

make chatbot message box transparent to avoid collisions

Suggested by mgagnon in /chat. Hint from stephan. ... (check-in: c8b3ec1e user: mark tags: trunk)

Fix a bug in the chat-robot. ... (check-in: b3f87ef7 user: drh tags: trunk)
print stash metadata when popping or applying stash

Feature request from Alfred M. Szmidt in ae3ad9c69f. Minor tweak of original patch by stephan@ ... (check-in: 1392710f user: mark tags: trunk)

Replaced most of the speculation in the walmode section of the containers doc with a link to the walbanger project, where we'll be answering this question. ... (check-in: 96633067 user: wyoung tags: trunk)
The g.fJail global variable should always be set whenever a chroot jail has been entered. ... (check-in: 558cef7c user: drh tags: trunk)
Cherrypick [5ade6fb863e4], inadvertently checked in on a different branch. ... (check-in: 44c5d029 user: stephan tags: trunk)
Correct an outdated path and fix a typo reported in the forum. Doc changes only, no code. ... (check-in: 5ade6fb8 user: stephan tags: markdown-tagrefs)
Update the hyperlink for purchasing a SEE license. ... (check-in: c3ce8a42 user: danield tags: trunk)
fix specified file path case in locate_unmanaged_files()

Only insert unmanaged files into the temp sfile table. This now makes the routine behave consistently whether file, directory, or no paths are passed on the command line, and fixes the `fossil changes --extra` bug report in 452ec8fac167. ... (check-in: 39eb451a user: mark tags: trunk)

tweak `fossil remote` cmd to update the "default" name

Don't delete the current default remote-url when the user invokes the invalid `fossil remote add default` command; instead, output correct usage to update the special "default" symbolic name. Tweak help text to make this more obvious. Prompted by 5748fcb117a99b43. ... (check-in: 2a3e851e user: mark tags: trunk)

Minor changes to option handling for the `ui' command: (A) Abort early with an error message if the specified port number is invalid (instead of later with an assertion failure); (B) Add short form -p for --page; (C) Add short form -B for --nobrowser. ... (check-in: 1431ebae user: florian tags: trunk)
Prevent the web UI side-by-side diffs and their scrollbars from getting truncated on the right. Forum Post f9becc251c. ... (check-in: 1a668d35 user: florian tags: trunk)
Enhancements to the "fossil finfo -i" command such that it only shows the first check-in for the file (unless -v is also used) and so that it shows the modification time as a separate line for easy parsing by scripts. ... (check-in: ac6edb35 user: drh tags: trunk)
Fix the help text for the previous check-in. ... (check-in: c0162a4f user: drh tags: trunk)
Fix the "finfo" command so that -r is not required with -i. If the -r is omitted, then "current" is used in its place. ... (check-in: 35c6d15a user: drh tags: trunk)
Remove an extra newline character from the output of the new "fossil remote hyperlink" command. ... (check-in: 76bc66a9 user: drh tags: trunk)
Add the "fossil remote hyperlink" and "fossil remote ui" subcommands. ... (check-in: b2e2fc03 user: drh tags: trunk)
Backup any unmamaged files that are about to be overwritten by an update or merge. Potentially avoid the loss of a local file if the overwrite warning goes unnoticed, in which case undo is useless. ... (check-in: e99e58c5 user: mgagnon tags: trunk)
Fix a typo in comment (no code change) ... (check-in: 13561519 user: mgagnon tags: trunk)
On the /tkthistory page supply each ticket change item with a corresponding id attribute and make the 'History' button within a submenu of a /tinfo page to link back to that particular element on the /tkthistory page. ... (check-in: 4bb91f38 user: george tags: deltify-tkt-blobs)
Minor optimization and refactoring. ... (check-in: b2049d64 user: george tags: deltify-tkt-blobs)
Add a comment to the tree-view to explain that file ages are relative to the check-in time. ... (check-in: 0fb353c1 user: drh tags: trunk)
Add documentation for chat-timeline-user. ... (check-in: 24c71dfb user: drh tags: trunk)
Add the chat-timeline-user setting to the 2.20 change log. ... (check-in: 0efd583a user: stephan tags: trunk)
Added lmtime value to chat-timeline-user's chat messages, using the server's local time, to fix time display in the /chat message popup. ... (check-in: e1ad4992 user: stephan tags: trunk)
Improved comments on the new chat-timeline-user feature. ... (check-in: c3ed2430 user: drh tags: trunk)
Improved chat messages for the chat-timeline-robot. ... (check-in: 974cf366 user: drh tags: trunk)
Improve /tkthistory page: render selected ticket fields as unified diffs. ... (check-in: b75a9d0f user: george tags: deltify-tkt-blobs)
Do not require that the chat-timeline robot username be an actual user in the USER table. If the chat-timeline-user config variable exists, then timeline events are announced in chat, regardless. ... (check-in: 1f5474ec user: drh tags: trunk)
Remove redundant PRE tags on the /wdiff pages. ... (check-in: 0dd5451d user: george tags: deltify-tkt-blobs)
Add the ability to designate a timeline robot user. If such a user exists, and if chat is enabled, then notifications of all timeline events appear in chat, from the robot user. ... (check-in: e9d7cf3e user: drh tags: trunk)
Minor improvement to SEE integration. ... (check-in: 660c2b15 user: mistachkin tags: trunk)
Sync up custom makefile for MinGW. ... (check-in: a3ed29ea user: mistachkin tags: trunk)
Mentioned containerd+nerdctl in place of runc in the containers doc. A tightened-up version of the prior runc and crun sections are now collected below the Podman section. This gives a better flow: each successive option is smaller than the last, excepting only nspawn, which is a bit bigger than crun. (We leave nspawn last because we can't get it to work!) ... (check-in: 457c14a4 user: wyoung tags: trunk)
Updated the "nojail" patch for our Dockerfile to track the recent changes: rename back from and the layer refactoring. It does essentially the same thing as before. ... (check-in: 19abf0ac user: wyoung tags: trunk)
Update the built-in SQLite to the latest 3.40.0 alpha. ... (check-in: 9d12e964 user: drh tags: trunk)
Broke the Dockerfile up into more layers to allow better local caching at build time. Further optimized build time by producing the Fossil source tarball from the local repo instead of hitting the home site if you use the container-image target, since we can be reasonably certain you're working from a repo checkout and thus have all the info available here locally already. ... (check-in: 1da464ee user: wyoung tags: trunk)
Expanded the paragraph on WAL mode interactions in the container doc into a full section, placed higher up, immediately after the first use of Docker's "--volume" flag, to explain why we don't map just the repo DB file, but the whole directory it sits in. Even if we later convince ourselves WAL is safe under this scenario, it'll be conditional at best, so some remnant of this section must remain, no matter which way the experiments go. ... (check-in: 698587d4 user: wyoung tags: trunk)
Renamed back to Dockerfile so it can be used as-is on non-autosetup systems. Realized that we can pass the Fossil checkin hash prefix in as a build arg instead of regenerating the file on disk from auto.def. If you use the Dockerfile as-shipped, you get a "trunk" build, which risks a stale cache — it thinks it already has a tarball by that name and helpfully refuses to pull it again — but at least Windows users get *something* without hand-hacking the file. ... (check-in: b0c9c26a user: wyoung tags: trunk)
Added a /jail/log directory to the container so someone can pass --errorlog and such to the Fossil instance and have a place to put it. It also acts as a mountpoint for appending to a log out on the host. ... (check-in: ed50ceee user: wyoung tags: trunk)
/dev permissions were too tight in the container. They're still tighter than on a stock Ubuntu box, but they should suffice for Fossil's needs. ... (check-in: 8eeb95e1 user: wyoung tags: trunk)
Restricted the container listeners to localhost in section 6 of the containers doc, and mentioned a few other items related to reverse proxying with nginx. ... (check-in: c9ab736f user: wyoung tags: trunk)
Folded info from an exchange with the Podman devs into the container doc. ... (check-in: 80f4a1dd user: wyoung tags: trunk)
Added section numbers to the containers doc (it was getting confusing) and added a few internal fragment IDs. ... (check-in: 4d51d524 user: wyoung tags: trunk)
Finished all the new topics planned for the new containers doc, adding sections on rootful Podman containers and on building via Docker but running via Podman, using Docker Hub as an intermediary to avoid building on the remote host. ... (check-in: 9c96e499 user: wyoung tags: trunk)
Sanitized a local port number out of previous ... (check-in: 3dfa4581 user: wyoung tags: trunk)
Added my sad tale of failure and woe with systemd-nspawn to the container docs, both as a warning to those who follow, and as a cry for help to someone who can make this work. I can't be bothered to spend more time on it, but there's no point throwing the work away. ... (check-in: 1e8c6655 user: wyoung tags: trunk)
Documented another cause to modify the "m" variable in the runc examples in the container docs. ... (check-in: bf503088 user: wyoung tags: trunk)
Added more jq filters to the runc examples to remove further problematic things left in the automatic conversion from the Docker container configuration file to the one we provide to runc. ... (check-in: 4e8c7479 user: wyoung tags: trunk)
Worked through some difficulties here in applying the runc method on remote systems, then documented what I learned in the containers doc. ... (check-in: 56f4e2ce user: wyoung tags: trunk)
Small fix to previous ... (check-in: d5695c8e user: wyoung tags: trunk)
Expanded the runc section of the container doc to cover "bundle" terminology and to show a method for rsyncing the bundle across to a remote host. Also explained why this is a bad idea unless you've got a rather constrained use case, lest people avoid using podman/docker in places where they could provide real value. ... (check-in: f9f13ce7 user: wyoung tags: trunk)
Documented the runc and crun options for running a container, including the cryptic method for exporting an OCI bundle from Docker, allowing you to use both together: Docker Desktop on your big dev box in the office, then one of the two lightweight runtimes out in the cloud. ... (check-in: c9431ef4 user: wyoung tags: trunk)
Added explicit instructions for patching the Dockerfile for the nojail/podman method and for mapping a single Fossil repo into the container rather than a directory. Also included my best current advice on using WAL mode in these contexts. ... (check-in: 87a23d2a user: wyoung tags: trunk)
Removed a TODO-based section of the new containers doc that wasn't meant to be checked in yet. Made a few improvements to the new Podman material as well. ... (check-in: 5adf6c40 user: wyoung tags: trunk)
Added the "Lightweight Alternatives to Docker" section to the new containers doc, currently limited to a tutorial on converting the stock Dockerfile to work under Podman in its default mode, creating a rootless container. This brings in the second container-related file at the root of the repo, the patch file for this, so we don't have to maintain two nearly-parallel Dockerfiles. As a bonus, it allows us to point to the patch from the prose, making explicit what we had to change. ... (check-in: f0399ea9 user: wyoung tags: trunk)
Moved the busybox-config file from tools/ into a new containers/ subdirectory. We were using that as a junk-drawer directory, for lack of a better place to put it. Now that we're about to have a second container-related file in the repo, that weak excuse is wearing thin. ... (check-in: b08e2bb7 user: wyoung tags: trunk)
Referencing the new file from so we can remove a big redundant block comment from it. While in there, made a few style tweaks that will help the ongoing container document expansion. ... (check-in: be8f721d user: wyoung tags: trunk)
Extracted the Docker containers material from www/ and moved it into a new document dedicated to the topic, It was already pushing the bounds of how much info we want to provide in a single section of that doc, and it's about to get bigger.

As part of the conversion from wiki format to Markdown, did another edit pass on the doc, improving a few things along the way.

Dropped the "docker-" prefix from all internal IDs, as we no longer need them to disambiguate references to other parts of the build doc. ... (check-in: 7129dc98 user: wyoung tags: trunk)

Address builtin_deliver_multiple_js_files() endless loop reported in forum post a9a60fab07. ... (check-in: 76c9bbb3 user: stephan tags: trunk)
Add aliases as a new command type and display these next to the corresponding main command in /help. Make sure that for the 'test-all-help' command and webpage each help string is output at most once. ... (check-in: db708494 user: danield tags: trunk)
Merge in trunk. Resolve a shadowed var in dispatch.c which led to an assigned-but-not-used warning. ... (Closed-Leaf check-in: a257fbd9 user: stephan tags: help-aliases-unique)
Embroidered the "make container-run" target to make it more convenient. ... (check-in: bc09e28a user: wyoung tags: trunk)
The container doc bit on raw sockets now covers the other three Busybox utilities we left out previously. Today's removal of ping and traceroute merely completes the set; it wasn't complete in itself. ... (check-in: b429bd71 user: wyoung tags: trunk)
Clarified the points in §5.2.1 of the Docker container build doc regarding the reason why the server parent process runs as root. ... (check-in: c2eaa60d user: wyoung tags: trunk)
Researched, tested, and documented the set of "docker create --cap-drop" options we can add to strip away unnecessary root privileges inside the container without harming normal operation. Belt-and-suspenders: if any bad actor ever got into the container with root privileges, this would help prevent them from affecting anything outside the container. Added that set to the "make container-run" target so they get applied by default in the easy case. ... (check-in: f715add9 user: wyoung tags: trunk)
Removed ping and traceroute commands from the Docker container. They require raw sockets support, which means if anyone broke into the container and managed a root privilege escalation, they could do a wide array of bad things on any network the container is bound to. ... (check-in: f00a88f8 user: wyoung tags: trunk)
Polishing pass on §5.2 of the container build doc, "Why Chroot?" ... (check-in: e9860314 user: wyoung tags: trunk)
Add a missing closing LI tag for the /tkthistory page. ... (check-in: 2d0b2bda user: george tags: deltify-tkt-blobs)
Minor optimization within getAllTicketFields() function. ... (check-in: c3e7ed30 user: george tags: deltify-tkt-blobs)
Clarified the parent process user ID vs the child process in the explanation of how the chroot feature interacts with the custom user feature of the Docker container. ... (check-in: f9ddd38e user: wyoung tags: trunk)
Made a better distinction between bind mounts and Docker volumes in the new Docker section of the build doc. ... (check-in: 958a6af9 user: wyoung tags: trunk)
Correct a NULL being passed to strcmp() which caused any submit of JS script code in the skin editor to segfault. Reported in forum post 9d9f0580fd. ... (check-in: a8847839 user: stephan tags: trunk)
Make it possible to store similar ticket change artifacts as deltas. This might be useful when a certain column of the TICKET table holds a lengthy text that may undergo frequent modifications.

This is an opt-in feature. It is activated only when TICKET table contains a phony INTEGER column "baseline for $name" where $name stands for the name of the actual column provisioned for the aforementioned frequently changing text. ... (check-in: 0f4a0fe8 user: george tags: deltify-tkt-blobs)

Add the "Timeline" submenu link on the setup_edit page, for ordinary users. Change the "Access Log" link on that same page so that it is only present for ordinary users - not special users like "reader" or "developer". ... (check-in: 6f70a236 user: drh tags: trunk)
Removed a digression in the gitusers doc about Fossil's new clone-and-open mechanisms. That got moved to the ckout-workflows doc quite some time back, and we already point to it from that same section. There's no reason for the redundancy. Also cleaned up some grammar and typos while in there. ... (check-in: f43eaf01 user: wyoung tags: trunk)
Changed the "fossil server --user" flag's argument back to "admin" from "fossil" for the container: I was confusing the Unix user name with the default Fossil repo user name. The new "adduser fossil" stuff doesn't help here; we still want it to be called "admin". ... (check-in: 72d820f3 user: wyoung tags: trunk)
ARM build fixes for the container:
  • QEMU couldn't cope with "make -j" on the BusyBox step (too many processes) so I changed it to -j11
  • Made the new executable compression step conditional, since there is no upx package in Alpine for either ARM flavor. There's a long bug thread for it on GitHub, which doesn't look to be getting resolved any time soon.
... (check-in: 8849abb7 user: wyoung tags: trunk)
Minor fixes to the Docker container build process ... (check-in: 454397b0 user: wyoung tags: trunk)
URL fix necessitated from the rename ... (check-in: 2f67bf94 user: wyoung tags: trunk)
Carved the Docker container image size down still further by stripping out all but two of the stock skins (d* so we get default and darkmode) and packing Fossil and BusyBox with UPX. ... (check-in: e20d044c user: wyoung tags: trunk)
Fixed an Obi Wan error in the new Fossil version prefix stuff in auto.def: it was extracting the first 13 characters of the hash, not the first 12. ... (check-in: 7ecd23e0 user: wyoung tags: trunk)
Added the container-image and container-run top-level build targets to manage dependencies better and to auto-version the build products. ... (check-in: 67386c75 user: wyoung tags: trunk)
Put the "--user fossil" bit back into the fossil server command for the container. Just ran into a situations where it's still needed. ... (check-in: 4c8cc804 user: wyoung tags: trunk)
Polishing pass on the container repo storage section of the build docs. ... (check-in: 3e332637 user: wyoung tags: trunk)
Changed several of the Docker environment variables to build arguments so the user an override them at build time rather than container creation time, and documented them in Using this new mechanism to pull the Fossil source tarball in such a way that we can use the Docker artifact cache without getting stale builds. You can now pass one of the new build args to force the old behavior if you want it. This required generating Dockerfile from at configure time, to inject the current Fossil checkin ID. (This busts the Docker cache when the source tree changes.) ... (check-in: f9384383 user: wyoung tags: trunk)
Adding the BusyBox tarball to the container image with an ADD command rather than wget to avoid triggering GitHub throttling. Unlike the Fossil repo URL, it has a version number baked into it, so it's safe to give it over to Docker's caching behavior. ... (check-in: d06d7c46 user: wyoung tags: trunk)
Noted the container size shrinkage in the fossil-v-git doc ... (check-in: f21de33e user: wyoung tags: trunk)
The container now builds Busybox from source so we can remove utilities that are unhelpful inside the container. We leave a lot behind for expansion (e.g. the runit init system, crond, inetd…) but we remove things that have no possible justification, such as modprobe. We remove everything from /bin that's a shell builtin (echo, printf, test…) and we replace a few BusyBox commands (sha[13]sum) with wrapper shell scripts that call Fossil builtins. We cap that off by adding a "sqlite3" wrapper that calls "fossil sqlite3 --no-repository", just for fun. All together, this trims about a meg of fat. ... (check-in: 953f367e user: wyoung tags: trunk)
Add #ifdef's to fix the Windows build. ... (check-in: f572f752 user: florian tags: trunk)
The chown -R bit added to the Dockerfile touches /jail/bin/fossil, which causes "docker build" to promote it back into a new layer, nearly doubling the container size. Doing a chown now only on two directories, restoring it to its sub-9M size. ... (check-in: 00cc9c3e user: wyoung tags: trunk)
Fossil's chroot feature drops root permissions based on file ownership, but since the container was built with everything-root, its HTTP hit handling children would run as whatever host-side UID/GID pair you used for file ownership. What happened next was complex.

If you let the container create the repo internally, it would be owned as root, so it would drop root permissions for…root! This isn't super-bad, since Fossil is presumed secure and is double-jailed besides. The risk is, if anyone works out an RCE for Fossil, they might be able to get it to create raw sockets or do various other types of escapes despite the double-jail dance.

Attaching a Docker volume brings external permisssions into the container. We were recommending a "chown 0" command on the shared volume to make it similar to the in-container case, but that opens you to the same risks above. If you ignored this and used host-side UID/GID pairs, Fossil would then be left running under IDs that didn't exist internally, which could cause assorted weirdness.

We're now creating an explicit "fossil" user/group pair inside the container and recommending that Docker volumes use these IDs for copied-in files to batten down something that shouldn't've been left flapping.

Updated to cover all this. ... (check-in: ba21bc0b user: wyoung tags: trunk)

Resolved timeline segfault reported in forum post 0bbb66eee4ba35db, triggered by entries with NULL checkin messages. ... (check-in: 20eab785 user: stephan tags: trunk)
Moved the SIGTERM handler up before the "fossil server" HTTP hit handler. We had it clustered with the other signal() calls, but those are to handle signals intended to occur only during CGI processing. This one will normally occur while we're blocked, waiting for the HTTP hit to occur, so it had no useful effect where it was. ... (check-in: d3c55fe0 user: wyoung tags: trunk)
Changed previous to call fossil_exit() instead of exit(3) so we close our databases before dying. ... (check-in: 7c857d22 user: wyoung tags: trunk)
The parent process now handles SIGTERM with an explicit exit(3) call when its PID is 1, as when it's running as "fossil server" in a Docker container. Without this, the container host's shutdown process takes a long time because it's waiting on PID 1 to die and eventually has to time out and kill it. ... (check-in: 1d09e607 user: wyoung tags: trunk)
Markup fix ... (check-in: cf149787 user: wyoung tags: trunk)
Clarified the fact that the "docker cp" command is changing the name of the repository DB file. ... (check-in: f0b15a37 user: wyoung tags: trunk)
Slight emphasis fix in previous ... (check-in: 1441c2e6 user: wyoung tags: trunk)
Edit pass on §5.1 of, fixing a number of unclear bits, particularly with regard to images vs containers. ... (check-in: e2b9114b user: wyoung tags: trunk)
Using the preceding --chroot fixes to make the Docker container serve the repo from /jail/museum/repo.fossil rather than from the chroot dir, /jail. This then allows us to mount a Docker volume at /jail/museum, which has an independent persistence from the container proper, so we can now rebuild the container without destroying the presumably precious repo. Updated to track this change and document the lessons gleaned from doing all of this. ... (check-in: f76e762f user: wyoung tags: trunk)
Moved the chdir() call within enter_chroot_jail() down below the new repo name canonicalization code to allow use of relative path names. Before, you had to give an absolute path to the repo, since we'd cd'd away from that directory before we started to validate the path. ... (check-in: e9462118 user: wyoung tags: trunk)
Moved the setting of g.fJail flag into the repo = "/" case since it exists only to communicate the chroot status to --repolist mode. (This confirms the speculation in the prior commit's comment: the prior behavior existed to serve repolist mode only.) ... (check-in: 324d232c user: wyoung tags: trunk)
Fixed the --chroot flag to "fossil server" and "fossil http" to allow it to work in conjunction with the single-repository case. Before, it blindly assumed --repolist mode. ... (check-in: 6f92ad99 user: wyoung tags: trunk)
Fixed pointless use of interwiki link in the new section 2.2 material of fossil-v-git. ... (check-in: 73c95307 user: wyoung tags: trunk)
Fix a build error introduced by check-in [fc8e5750d7]. ... (check-in: 49a2d136 user: florian tags: trunk)
Merge fixes to the accordion panel JS script. ... (check-in: 44a7149d user: florian tags: trunk)
Record a comment on the findings discovered during repair of the accordion panel JS script. ... (Closed-Leaf check-in: 2fc93df4 user: florian tags: accordion-fix)
Add the new subcommand `fossil branch lsh' to list the most recently modified branches. ... (check-in: fc8e5750 user: florian tags: trunk)
Fix a compiler warning. ... (Closed-Leaf check-in: 877b237b user: florian tags: ls-hot-branches)
Do not show information about the number of chat messages unless the user has read privilege on the chat. ... (check-in: ad0aac2f user: drh tags: trunk)
/setup_config typo fix reported in forum post ec5bd222a2. ... (check-in: 6d5d5f02 user: stephan tags: trunk)
Remove a construct to escape the JS compressor obsoleted by [ffa1c7d0a0]. ... (check-in: 0e7357d2 user: florian tags: accordion-fix)
Fixed a few stray parens in the new material in the fossil-v-git doc, left behind from a prior edit. ... (check-in: ea13701c user: wyoung tags: trunk)
Typo fix ... (check-in: b628a883 user: wyoung tags: trunk)
Fixed a problem in image naming in the new Docker container doc in reported on the forum. ... (check-in: 509447a2 user: wyoung tags: trunk)
Did away with the temporary src.tar.gz file in the new Docker container by streaming the output of wget straight into tar's stdin. This cuts the build time by about five seconds, presumably due to the saving from unnecessary file I/O. Also replaced the explicit "cd src" afterward with an out-of-tree build configuration, since it doesn't matter if we clutter the first stage's /tmp dir. ... (check-in: 289c9b50 user: wyoung tags: trunk)
The build docs for "./configure --static" now reference the section further down on Docker, since you may need to use this indirection to get --static to produce something suitable. ... (check-in: 7bfd7413 user: wyoung tags: trunk)
Replaced Jan Nijtman's Dockerfile with a new one that does a 2-stage build. The first stage runs atop Alpine Linux instead of Fedora, reducing the initial build from ~635 MiB to about 16.

Rather than stop there, I then made it multi-stage, copying two key static binaries — Fossil and Busybox — over from the first stage into a fresh-from-scratch container and set it up to run the former jailed away from the latter.

The result is under 9 MiB, and it's as secure as one can hope, given that it starts up in "PUBLIC" mode. The new build doesn't have all the extra features turned on that the old one did, but it seems right to build the container with Fossil in its default configuration. If you want something else, copy the Dockerfile, hack it, and make it do what you want instead.

Having done all this, I replaced the one-off Dockerfile inline in section 5.0 of the build doc with a reference to this new Dockerfile and rewrote the section in terms of the new capabilities.

Finally, this lets us brag on how small the container can be, as compared to the Gitlab-CE container. Before, we were comparing a standalone binary to the container, which wan't entirely fair. (The desire to produce such a container was the spark that kicked this project off.) ... (check-in: 77d603c6 user: wyoung tags: trunk)

Assorted improvements to the first few sections of the fossil-v-git doc, mainly in updating them to track changes to world facts and to clarify the presentation. ... (check-in: c7afd68b user: wyoung tags: trunk)
Remove some unnecessary `bind()' calls for variables already held in function closure. Apart from that, the approach seems to work well and also covers odd cases, such as the post-expansion timeout to clear maxHeight being shorter than the CSS animation duration (in which case the animation would just jerkily stop, but with the correct element height), or setting a short "decoy value" (say, "100px") instead of the real scrollHeight for maxHeight (in which case the animated area would just be smaller, but with the same end result). ... (check-in: 7b8dd9ca user: florian tags: accordion-fix)
Attempt to fix the accordion for "Changes" sections: (A) "Delay-init" the maxHeight property only right before the closing animation, so that the dynamic diffs have enough time to resize themselves without any constraints, and then set maxHeight to zero to trigger the animation in idle time, to prevent coalescing the maxHeight changes (or there won't be an animation when going from "undefined" to "0"). (B) On expansion, after awaiting the animation duration, clear the maxHeight property, so browsers are again free to resize without any constraints. This is the same trick that works well for the hamburger menu, and fixes another problem with FF to return too small values for scrollHeight with large diffs, so that they would again be truncated (but the error is small enough so it doesn't matter for the animation). ... (check-in: 6c591c3f user: florian tags: accordion-fix)
Remove the accordion from the "Changes" division of the /vinfo page (at least temporarily) because it is cutting off the bottom of the diff. ... (check-in: 69a6f453 user: drh tags: trunk)
Put all sections of the /vinfo page (or the /info page for a check-in) inside an accordion widget. ... (check-in: ab553393 user: drh tags: trunk)
Refactor the `-h' option to its own `lsh' subcommand sibling to `list|ls' to reuse their infrastructure and flags. To produce useful output with the `-r' option, the SQL query to generate the branch list is LIMIT'ed in an inner query, and then ORDER'ed again in an outer query. ... (check-in: dbd6efe2 user: florian tags: ls-hot-branches)
Corrected broken link introduced in the previous commit which works under (fossil ui) but not on the live server (due to the addition of another URI path element). ... (check-in: bf0efda7 user: stephan tags: trunk)
doc index: added a link to the Release Build How-To wiki page, per forum request. ... (check-in: 9f3945fc user: stephan tags: trunk)
Add a new `-h' option to `fossil branch ls' to list the "hot" (first few recently modified) branches. ... (check-in: fe299ee4 user: florian tags: ls-hot-branches)
login-group command: corrected help text for 'join' option to include REPO and extended code to allow REPO to optionally be passed on as -R REPO. Resolves issue reported in forum post 240b6d856a3dd4b5. ... (check-in: 769a7651 user: stephan tags: trunk)
Fix the /alerts page so that access is provided even for users that are not logged in as long as a complete subscription code is provided as the "name" query parameter. ... (check-in: a27c908f user: drh tags: trunk)
The /unsubscribe page now requests comformation. And so email notifications contain only an "Unsubscribe" link, and not a link to subscription management. ... (check-in: f045c5dd user: drh tags: trunk)
Consolidated some minor code drift between pikchr's fiddle and fossil's pikchrshow. ... (check-in: 44cd9753 user: stephan tags: trunk)
Patch the javascript compressor so that it does not elide text after // if the // immediately follows a :, as that text might be part of a URI string literal. ... (check-in: ffa1c7d0 user: drh tags: trunk)
Fix a build problem with zlib on Windows. ... (check-in: 8bd19cad user: drh tags: trunk)
Update the built-in copy of zLib to version 1.2.12. ... (check-in: adb9e8e0 user: drh tags: trunk)
Corrected -DPIC to -fPIC in compaq/zlib/ and filed upstream ticket for that change at ... (Closed-Leaf check-in: 368d9786 user: stephan tags: zlib-update)
Latest upstream pikchr.c and pikchr.wasm. ... (check-in: d5ec3629 user: stephan tags: trunk)
Add zlib1g-dev to the list of libraries needed for building. ... (check-in: 12ce928a user: danield tags: trunk)
auto.def: --with-zlib=tree now fails if compat/zlib is not configured and built in advance, resolving the curious problem that the downstream test for openssl fails if libz is not built. Problem discovered by Daniel D. and reported in /chat. ... (check-in: b0dc2792 user: stephan tags: trunk)
Corrected the --with-see build to use sqlite3-see.c. Problem reported in forum post b3653991172dcd14. The SEE build was broken by the late-December 2021 reworking of the --with-sqlite flag and its related build infrastructure. ... (check-in: 18acd948 user: stephan tags: trunk)
Added --dry-run change to the change log. ... (check-in: 5960a16f user: stephan tags: trunk)
Replaced the remaining --dryrun flags with --dry-run, for consistency, per discussion/monologue in forum post d732b4026f44bdba. ... (check-in: 4a720c26 user: stephan tags: trunk)
Removed an unused var (compiler warning). ... (check-in: 7ca55e92 user: stephan tags: trunk)
Revise the "fossil version -v" command to give less detail. Use -vv or -v -v to get the original full detail. ... (check-in: bbbd7ef8 user: drh tags: trunk)
Updated and VERSION to 2.20. ... (check-in: a3bdee62 user: stephan tags: trunk)
Version 2.19 ... (check-in: 1e131feb user: stephan tags: trunk, release, version-2.19)