Mercurial > kallithea
view LICENSE.md @ 8769:d35d14b05b82
diff: handle some escaped characters in Git diffs
There are some odd characters (like \r and \n) that the Kallithea UI doesn't
allow in filenames in repos. Kallithea (through the routes module) will fail to
generate URLs when browsing Files. That is a known limitation with minimal
real-world impact, non-trivial to work around or fix.
There are very few relevant use cases for tracking files with odd filenames. \t
is valid but is hard to render in a meaningful way in the UI. And ASCII
characters like \ and " are not usable on Windows and should just be avoided.
Kallithea would parse Git diffs with odd characers incorrectly or fail, even
before hitting the known limitation. With this change, Kallithea will parse
diffs with odd filenames correctly (and then hit the limitation).
Git will quote odd filenames and escape the odd characters when emitting diffs.
(Mercurial does by design not allow \r and \n , and Mercurial will thus never
have to quote file names in diffs.)
Quotes are already handled (and ignored). With this change, Kallithea will
handle \ unescaping of \\ and \", the usual letters like \r and \n and \t, and
octal numbers like \033 (for ESC) .
Filenames with \ and " will work perfectly (when not on Windows).
Filenames with \t and ESC will work fine, but without helpful display in the
UI.
Filenames with \r and \n will still make the UI fail when trying to generate
URLs.
Thanks to stypr of Flatt Security for raising this.
| author | Mads Kiilerich <mads@kiilerich.com> |
|---|---|
| date | Sat, 14 Nov 2020 15:41:39 +0100 |
| parents | 006d68c4d7b9 |
| children |
line wrap: on
line source
Kallithea License ================= Kallithea as a whole is copyrighted by various authors and is licensed under the terms of the GNU General Public License, version 3 (GPLv3), which is a license published by the Free Software Foundation, Inc. [A copy of GPLv3](/COPYING) is included herein. Some individual files have copyright notices and those who offer changes to those files should update the copyright notices in those specific files if they so chose. However, the definitive list of copyright holders for this project is kept in [the about page template](kallithea/templates/about.html) so that it is displayed appropriately when Kallithea is installed. This is the most important place to update copyright notices. Third-Party Code Incorporated in Kallithea ========================================== Various third-party code under GPLv3-compatible licenses is included as part of Kallithea. Alembic ------- Kallithea incorporates an [Alembic](http://alembic.zzzcomputing.com/en/latest/) "migration environment" in `kallithea/alembic`, portions of which is: Copyright © 2009-2016 by Michael Bayer. Alembic is a trademark of Michael Bayer. and licensed under the MIT-permissive license, which is [included in this distribution](MIT-Permissive-License.txt). Bootstrap --------- Kallithea uses the web framework called [Bootstrap](http://getbootstrap.com/), which is: Copyright © 2011-2016 Twitter, Inc. and licensed under the MIT-permissive license, which is [included in this distribution](MIT-Permissive-License.txt). It is not distributed with Kallithea, but will be downloaded using the ''kallithea-cli front-end-build'' command. Codemirror ---------- Kallithea uses the Javascript system called [Codemirror](http://codemirror.net/), version 4.7.0, which is primarily: Copyright © 2013-2014 by Marijn Haverbeke <marijnh@gmail.com> and licensed under the MIT-permissive license, which is [included in this distribution](MIT-Permissive-License.txt). Additional files from upstream Codemirror are copyrighted by various authors and licensed under other permissive licenses. It is not distributed with Kallithea, but will be downloaded using the ''kallithea-cli front-end-build'' command. jQuery ------ Kallithea uses the Javascript system called [jQuery](http://jquery.org/). It is Copyright 2013 jQuery Foundation and other contributors http://jquery.com/ and is under an [MIT-permissive license](MIT-Permissive-License.txt). It is not distributed with Kallithea, but will be downloaded using the ''kallithea-cli front-end-build'' command. At.js ----- Kallithea uses the Javascript system called [At.js](http://ichord.github.com/At.js), which can be found together with its Corresponding Source in https://github.com/ichord/At.js at tag v1.5.4. It is Copyright 2013 chord.luo@gmail.com and is under an [MIT-permissive license](MIT-Permissive-License.txt). It is not distributed with Kallithea, but will be downloaded using the ''kallithea-cli front-end-build'' command. Caret.js -------- Kallithea uses the Javascript system called [Caret.js](http://ichord.github.com/Caret.js/), which can be found together with its Corresponding Source in https://github.com/ichord/Caret.js at tag v0.3.1. It is Copyright 2013 chord.luo@gmail.com and is under an [MIT-permissive license](MIT-Permissive-License.txt). It is not distributed with Kallithea, but will be downloaded using the ''kallithea-cli front-end-build'' command. DataTables ---------- Kallithea uses the Javascript system called [DataTables](http://www.datatables.net/). It is Copyright 2008-2015 SpryMedia Ltd. and is under an [MIT-permissive license](MIT-Permissive-License.txt). It is not distributed with Kallithea, but will be downloaded using the ''kallithea-cli front-end-build'' command. Mergely ------- Kallithea incorporates some code from the Javascript system called [Mergely](http://www.mergely.com/), version 3.3.9. [Mergely's license](http://www.mergely.com/license.php), a [copy of which is included in this repository](LICENSE-MERGELY.html), is (GPL|LGPL|MPL). Kallithea as GPLv3'd project chooses the GPL arm of that tri-license. Select2 ------- Kallithea uses the Javascript system called [Select2](http://ivaynberg.github.io/select2/), which is: Copyright 2012 Igor Vaynberg (and probably others) and is licensed [under the following license](https://github.com/ivaynberg/select2/blob/master/LICENSE): > This software is licensed under the Apache License, Version 2.0 (the > "Apache License") or the GNU General Public License version 2 (the "GPL > License"). You may choose either license to govern your use of this > software only upon the condition that you accept all of the terms of either > the Apache License or the GPL License. A [copy of the Apache License 2.0](Apache-License-2.0.txt) is also included in this distribution. Kallithea will take the Apache license fork of the dual license, since Kallithea is GPLv3'd. It is not distributed with Kallithea, but will be downloaded using the ''kallithea-cli front-end-build'' command. Select2-Bootstrap-CSS --------------------- Kallithea uses some CSS from a system called [Select2-bootstrap-css](https://github.com/t0m/select2-bootstrap-css), which is: Copyright © 2013 Tom Terrace (and likely others) and licensed under the MIT-permissive license, which is [included in this distribution](MIT-Permissive-License.txt). It is not distributed with Kallithea, but will be downloaded using the ''kallithea-cli front-end-build'' command. Flot ---- Kallithea uses some parts of a Javascript system called [Flot](http://www.flotcharts.org/), which is: Copyright (c) 2007-2014 IOLA and Ole Laursen Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. It is not distributed with Kallithea, but will be downloaded using the ''kallithea-cli front-end-build'' command. Icon fonts ---------- Kallithea incorporates subsets of both [Font Awesome](http://fontawesome.io) and [GitHub Octicons](https://octicons.github.com) for icons. Font Awesome is: Copyright (c) 2016, Dave Gandy Octicons is: Copyright (c) 2012-2014 GitHub These two sets are distributed under [SIL OFL 1.1](http://scripts.sil.org/OFL) and have been combined into one font called "kallithea." EOF