Page MenuHomePhabricator

Upgrading: Unique, Sensible Repository Slugs
Closed, ResolvedPublic

Description

Currently, Diffusion allows you to enter an optional "Clone/Checkout As" name for repositories. This is used when constructing clone commands and clone URIs to make it easier to get a clone with a name you expect.

Historically, there was no meaningful validation on these names and you could enter garbage like ../... This garbage was never dangerous, but some garbage values did not work. T7938 has details.

After D14986, these names must adhere to a reasonable grammar and must be unique.

The associated migration will preserve valid, unique names, but discard duplicate or invalid names and emit a notification to the console.

Here are some valid names:

phabricator
sensible-repository
AReasonableRepositoryName
node.io

Here are some invalid names:

1
ABC
../../etc/passwd
$$O___O$$
''; SELECT * FROM passwords; /*
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

Here are some examples of the notifications that may be emitted to the console when the migration runs:

Invalid Name: Repository rHGTESTX has a "Clone/Checkout As" name which is no longer valid ("../.."). You can edit the repository to give it a new, valid short name.

Duplicate Name: Repository rHGTEST has a duplicate "Clone/Checkout As" name ("DOG1"). Each name must now be unique. You can edit the repository to give it a new, unique short name.

If a repository with an invalid or duplicate name is dropped in the migration, use Diffusion(Choose a Repository)Edit RepositoryEdit Basic Information to select a new, sensible, unique name.

This is a step toward making repository callsigns optional. See T4245 for discussion.

Event Timeline

This has been live for a few weeks without any issues, and I generally expect it to have nearly zero impact on reasonable workflows, so I'm going to assume the best and close this out.