- User Since
- Aug 28 2013, 6:46 PM (461 w, 1 d)
Dec 28 2018
I'm not an Windows expert. But to my knowledge there are a couple of things missing here:
Nov 21 2017
That's a good point! I wish it was designed like that since the beginning. I guess it won't happen with the current compatibility rules since it is likely to break automation.
https://phab.mercurial-scm.org/D1483 should make it possible to use -- to defend against non-flag user input. For inputs that are flags, use the form --flag=X and avoid --flag X.
Sep 10 2017
Aug 27 2017
For hg, set HGPLAIN=1 will disable translations. See hg help scripting for details.
Aug 11 2017
Thanks for the detailed explanations! I should have thought more carefully. Note old Mercurial also fails to do correct shell quoting on Windows (It uses ' where Windows needs "). But Phabricator does not run on Windows, it shouldn't be an issue.
The subrepo issue is when .hgsub has malicious content (ex. foo = ssh://-oProxyCommand=touch%20BAR/). It's not related to command line or config files.
Jul 21 2017
Jul 9 2017
Jul 2 2017
Parsing hg export metadata is an elegant solution. # HG changeset patch could imply sourceControlSystem = 'hg'. Thanks for merging the task!
The background is the Mercurial community wants to try Phabricator as an experimental review system. It's using emails now. I'd like to make Phabricator workflow as convenient as traditional email workflow.