List for cgit developers and users
 help / color / mirror / Atom feed
* [PATCH 1/1] print git version string in footer
@ 2018-06-04 20:29 list
  2018-06-04 20:51 ` Jason
  2018-06-05 14:46 ` list
  0 siblings, 2 replies; 9+ messages in thread
From: list @ 2018-06-04 20:29 UTC (permalink / raw)


From: Christian Hesse <mail at eworm.de>

Signed-off-by: Christian Hesse <mail at eworm.de>
---
 ui-shared.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/ui-shared.c b/ui-shared.c
index 9d8f66b..c7d442d 100644
--- a/ui-shared.c
+++ b/ui-shared.c
@@ -10,6 +10,7 @@
 #include "ui-shared.h"
 #include "cmd.h"
 #include "html.h"
+#include "version.h"
 
 static const char cgit_doctype[] =
 "<!DOCTYPE html>\n";
@@ -785,8 +786,8 @@ void cgit_print_docend(void)
 	if (ctx.cfg.footer)
 		html_include(ctx.cfg.footer);
 	else {
-		htmlf("<div class='footer'>generated by <a href='https://git.zx2c4.com/cgit/about/'>cgit %s</a> at ",
-			cgit_version);
+		htmlf("<div class='footer'>generated by <a href='https://git.zx2c4.com/cgit/about/'>cgit %s</a> (git %s) at ",
+			cgit_version, git_version_string);
 		html_txt(show_date(time(NULL), 0, cgit_date_mode(DATE_ISO8601)));
 		html("</div>\n");
 	}


^ permalink raw reply	[flat|nested] 9+ messages in thread

* [PATCH 1/1] print git version string in footer
  2018-06-04 20:29 [PATCH 1/1] print git version string in footer list
@ 2018-06-04 20:51 ` Jason
  2018-06-04 20:59   ` list
  2018-06-04 21:02   ` konstantin
  2018-06-05 14:46 ` list
  1 sibling, 2 replies; 9+ messages in thread
From: Jason @ 2018-06-04 20:51 UTC (permalink / raw)


Hey Christian,

I like this idea and I'll probably merge it, because it seems handy.
On the other hand, there's some argument to be made for not wearing
your security bugs on your sleeves by revealing version numbers by
default. I'm wondering what motivated it for you, though.

Jason


^ permalink raw reply	[flat|nested] 9+ messages in thread

* [PATCH 1/1] print git version string in footer
  2018-06-04 20:51 ` Jason
@ 2018-06-04 20:59   ` list
  2018-06-04 21:02   ` konstantin
  1 sibling, 0 replies; 9+ messages in thread
From: list @ 2018-06-04 20:59 UTC (permalink / raw)


"Jason A. Donenfeld" <Jason at zx2c4.com> on Mon, 2018/06/04 22:51:
> Hey Christian,

Hey Jason,
 
> I like this idea and I'll probably merge it, because it seems handy.
> On the other hand, there's some argument to be made for not wearing
> your security bugs on your sleeves by revealing version numbers by
> default. I'm wondering what motivated it for you, though.

Usually it is me who updates the git submodules. Often I run a local cgit
build with custom commits/patches. Sometimes I wonder what git version it was
built with. :-p So I decided to give it a try and added the version to footer.

I thought about security as well, but I do not think this is a big issue: Who
ever has the cgit version can look up the git version anyway. (Except for
builds from git with changed submodule).

On the other hand this brings potential security issues to the
administrators eyes... I think it is worth merging.
-- 
main(a){char*c=/*    Schoene Gruesse                         */"B?IJj;MEH"
"CX:;",b;for(a/*    Best regards             my address:    */=0;b=c[a++];)
putchar(b-1/(/*    Chris            cc -ox -xc - && ./x    */b/42*2-3)*42);}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.zx2c4.com/pipermail/cgit/attachments/20180604/88140ea7/attachment-0001.asc>


^ permalink raw reply	[flat|nested] 9+ messages in thread

* [PATCH 1/1] print git version string in footer
  2018-06-04 20:51 ` Jason
  2018-06-04 20:59   ` list
@ 2018-06-04 21:02   ` konstantin
  1 sibling, 0 replies; 9+ messages in thread
From: konstantin @ 2018-06-04 21:02 UTC (permalink / raw)


On Mon, Jun 04, 2018 at 10:51:30PM +0200, Jason A. Donenfeld wrote:
>Hey Christian,
>
>I like this idea and I'll probably merge it, because it seems handy.
>On the other hand, there's some argument to be made for not wearing
>your security bugs on your sleeves by revealing version numbers by
>default.

It's easy enough to suppress by setting a custom footer, so it's not as
big of a deal, I think.

-K
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/cgit/attachments/20180604/da6593ce/attachment.asc>


^ permalink raw reply	[flat|nested] 9+ messages in thread

* [PATCH 1/1] print git version string in footer
  2018-06-04 20:29 [PATCH 1/1] print git version string in footer list
  2018-06-04 20:51 ` Jason
@ 2018-06-05 14:46 ` list
  2018-06-05 15:08   ` [PATCH v2 " list
  1 sibling, 1 reply; 9+ messages in thread
From: list @ 2018-06-05 14:46 UTC (permalink / raw)


Christian Hesse <list at eworm.de> on Mon, 2018/06/04 22:29:
> From: Christian Hesse <mail at eworm.de>
> 
> Signed-off-by: Christian Hesse <mail at eworm.de>
> ---
>  ui-shared.c | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/ui-shared.c b/ui-shared.c
> index 9d8f66b..c7d442d 100644
> --- a/ui-shared.c
> +++ b/ui-shared.c
> @@ -10,6 +10,7 @@
>  #include "ui-shared.h"
>  #include "cmd.h"
>  #include "html.h"
> +#include "version.h"
>  
>  static const char cgit_doctype[] =
>  "<!DOCTYPE html>\n";
> @@ -785,8 +786,8 @@ void cgit_print_docend(void)
>  	if (ctx.cfg.footer)
>  		html_include(ctx.cfg.footer);
>  	else {
> -		htmlf("<div class='footer'>generated by <a
> href='https://git.zx2c4.com/cgit/about/'>cgit %s</a> at ",
> -			cgit_version);
> +		htmlf("<div class='footer'>generated by <a
> href='https://git.zx2c4.com/cgit/about/'>cgit %s</a> (git %s) at ",
> +			cgit_version, git_version_string);
>  		html_txt(show_date(time(NULL), 0,
> cgit_date_mode(DATE_ISO8601))); html("</div>\n");
>  	}


Do we want to link the git website https://git-scm.com/ ?
-- 
main(a){char*c=/*    Schoene Gruesse                         */"B?IJj;MEH"
"CX:;",b;for(a/*    Best regards             my address:    */=0;b=c[a++];)
putchar(b-1/(/*    Chris            cc -ox -xc - && ./x    */b/42*2-3)*42);}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.zx2c4.com/pipermail/cgit/attachments/20180605/26a54eb7/attachment.asc>


^ permalink raw reply	[flat|nested] 9+ messages in thread

* [PATCH v2 1/1] print git version string in footer
  2018-06-05 14:46 ` list
@ 2018-06-05 15:08   ` list
  2018-06-06  6:24     ` [PATCH v3 " list
  0 siblings, 1 reply; 9+ messages in thread
From: list @ 2018-06-05 15:08 UTC (permalink / raw)


From: Christian Hesse <mail at eworm.de>

This helps tracking what git version cgit uses. The security implications are
low as anybody can look up the version of our submodule anyway. The paranoid
can use a custom footer. :-p

On the other hand this brings potential security issues to the
administrators eyes...

Signed-off-by: Christian Hesse <mail at eworm.de>
---
 ui-shared.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ui-shared.c b/ui-shared.c
index 9d8f66b..8bd1d97 100644
--- a/ui-shared.c
+++ b/ui-shared.c
@@ -10,6 +10,7 @@
 #include "ui-shared.h"
 #include "cmd.h"
 #include "html.h"
+#include "version.h"
 
 static const char cgit_doctype[] =
 "<!DOCTYPE html>\n";
@@ -785,8 +786,9 @@ void cgit_print_docend(void)
 	if (ctx.cfg.footer)
 		html_include(ctx.cfg.footer);
 	else {
-		htmlf("<div class='footer'>generated by <a href='https://git.zx2c4.com/cgit/about/'>cgit %s</a> at ",
+		htmlf("<div class='footer'>generated by <a href='https://git.zx2c4.com/cgit/about/'>cgit %s</a> ",
 			cgit_version);
+		htmlf("(<a href='https://git-scm.com/'>git %s</a>) at ", git_version_string);
 		html_txt(show_date(time(NULL), 0, cgit_date_mode(DATE_ISO8601)));
 		html("</div>\n");
 	}


^ permalink raw reply	[flat|nested] 9+ messages in thread

* [PATCH v3 1/1] print git version string in footer
  2018-06-05 15:08   ` [PATCH v2 " list
@ 2018-06-06  6:24     ` list
  2018-06-06 12:34       ` Jason
  0 siblings, 1 reply; 9+ messages in thread
From: list @ 2018-06-06  6:24 UTC (permalink / raw)


From: Christian Hesse <mail at eworm.de>

This helps tracking what git version cgit uses. The security implications are
low as anybody can look up the version of our submodule anyway. The paranoid
can use a custom footer. :-p

On the other hand this brings potential security issues to the
administrators eyes...

Signed-off-by: Christian Hesse <mail at eworm.de>
---
 ui-shared.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/ui-shared.c b/ui-shared.c
index 9d8f66b..4a87eb6 100644
--- a/ui-shared.c
+++ b/ui-shared.c
@@ -10,6 +10,7 @@
 #include "ui-shared.h"
 #include "cmd.h"
 #include "html.h"
+#include "version.h"
 
 static const char cgit_doctype[] =
 "<!DOCTYPE html>\n";
@@ -785,8 +786,8 @@ void cgit_print_docend(void)
 	if (ctx.cfg.footer)
 		html_include(ctx.cfg.footer);
 	else {
-		htmlf("<div class='footer'>generated by <a href='https://git.zx2c4.com/cgit/about/'>cgit %s</a> at ",
-			cgit_version);
+		htmlf("<div class='footer'>generated by <a href='https://git.zx2c4.com/cgit/about/'>cgit %s</a> "
+			"(<a href='https://git-scm.com/'>git %s</a>) at ", cgit_version, git_version_string);
 		html_txt(show_date(time(NULL), 0, cgit_date_mode(DATE_ISO8601)));
 		html("</div>\n");
 	}


^ permalink raw reply	[flat|nested] 9+ messages in thread

* [PATCH v3 1/1] print git version string in footer
  2018-06-06  6:24     ` [PATCH v3 " list
@ 2018-06-06 12:34       ` Jason
  2018-06-06 21:28         ` list
  0 siblings, 1 reply; 9+ messages in thread
From: Jason @ 2018-06-06 12:34 UTC (permalink / raw)


LGTM.


^ permalink raw reply	[flat|nested] 9+ messages in thread

* [PATCH v3 1/1] print git version string in footer
  2018-06-06 12:34       ` Jason
@ 2018-06-06 21:28         ` list
  0 siblings, 0 replies; 9+ messages in thread
From: list @ 2018-06-06 21:28 UTC (permalink / raw)


"Jason A. Donenfeld" <Jason at zx2c4.com> on Wed, 2018/06/06 14:34:
> LGTM.

Queued it in ch/for-jason.
-- 
main(a){char*c=/*    Schoene Gruesse                         */"B?IJj;MEH"
"CX:;",b;for(a/*    Best regards             my address:    */=0;b=c[a++];)
putchar(b-1/(/*    Chris            cc -ox -xc - && ./x    */b/42*2-3)*42);}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.zx2c4.com/pipermail/cgit/attachments/20180606/c48c656c/attachment.asc>


^ permalink raw reply	[flat|nested] 9+ messages in thread

end of thread, other threads:[~2018-06-06 21:28 UTC | newest]

Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-06-04 20:29 [PATCH 1/1] print git version string in footer list
2018-06-04 20:51 ` Jason
2018-06-04 20:59   ` list
2018-06-04 21:02   ` konstantin
2018-06-05 14:46 ` list
2018-06-05 15:08   ` [PATCH v2 " list
2018-06-06  6:24     ` [PATCH v3 " list
2018-06-06 12:34       ` Jason
2018-06-06 21:28         ` list

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).