Tag the 1.1.18 final release.

git-svn-id: http://viewvc.tigris.org/svn/viewvc/tags/1.1.18@2848 8cb11bc2-c004-0410-86c3-e597b4017df7

CHANGES

@@ -1,3 +1,84 @@
+Version 1.1.18 (released 28-Feb-2013)
+
+  * fix exception raised by BDB-backed SVN repositories (issue #519)
+  * hide revision-less files when rcsparse is in use
+  * include branchpoints in branch views using rcsparse (issue #347)
+  * miscellaneous cvsdb improvements:
+    - add --port option to make-database (issue #521)
+    - explicitly name columns in queries (issue #522)
+    - update MySQL syntax to avoid discontinued "TYPE=" terms
+
+Version 1.1.17 (released 25-Oct-2012)
+
+  * fix exception caused by uninitialized variable usage (issue #516)
+
+Version 1.1.16 (released 24-Oct-2012)
+
+  * security fix: escape "extra" diff info to avoid XSS attack (issue #515)
+  * add 'binary_mime_types' configuration option and handling (issue #510)
+  * fix 'select for diffs' persistence across log pages (issue #512)
+  * remove lock status and filesize check on directories in remote SVN views
+  * fix bogus 'Annotation of' page title for non-annotated view (issue #514)
+
+Version 1.1.15 (released 22-Jun-2012)
+
+  * security fix: complete authz support for remote SVN views (issue #353)
+  * security fix: log msg leak in SVN revision view with unreadable copy source
+  * fix several instances of incorrect information in remote SVN views
+  * increase performance of some revision metadata lookups in remote SVN views
+  * fix RSS feed regression introduced in 1.1.14
+
+Version 1.1.14 (released 12-Jun-2012)
+
+  * fix annotation of svn files with non-URI-safe paths (issue #504)
+  * handle file:/// Subversion rootpaths as local roots (issue #446)
+  * fix bug caused by trying to case-normalize anon usernames (issue #505)
+  * speed up log handling by reusing tokenization results (issue #506)
+  * add support for custom revision log markup rules (issue #246)
+
+Version 1.1.13 (released 23-Jan-2012)
+
+  * fix svndbadmin failure on deleted paths under Subversion 1.7 (issue #499)
+  * fix annotation of files in svn roots with non-URI-safe paths
+  * fix stray annotation warning in markup display of images
+  * more gracefully handle attempts to display binary content (issue #501)
+
+Version 1.1.12 (released 03-Nov-2011)
+
+  * fix path display in patch and certain diff views (issue #485)
+  * fix broken cvsdb glob searching (issue 486)
+  * allow svn revision specifiers to have leading r's (issue #441, #448) 
+  * allow environmental override of configuration location (issue #494)
+  * fix exception HTML-escaping non-string data under WSGI (issue #454)
+  * add links to root logs from roots view (issue #470)
+  * use Pygments lexer-guessing functionality (issue #495)
+
+Version 1.1.11 (released 17-May-2011)
+
+  * security fix: remove user-reachable override of cvsdb row limit
+  * fix broken standalone.py -c and -d options handling
+  * add --help option to standalone.py
+  * fix stack trace when asked to checkout a directory (issue #478)
+  * improve memory usage and speed of revision log markup (issue #477)
+  * fix broken annotation view in CVS keyword-bearing files (issue #479)
+  * warn users when query results are incomplete (issue #433)
+  * avoid parsing errors on RCS newphrases in the admin section (issue #483)
+  * make rlog parsing code more robust in certain error cases (issue #444)
+
+Version 1.1.10 (released 15-Mar-2011)
+
+  * fix stack trace in Subversion revision info logic (issue #475, issue #476)
+
+Version 1.1.9 (released 18-Feb-2011)
+
+  * vcauth universal access determinations (issue #425)
+  * rework svn revision info cache for performance
+  * make revision log "extra pages" count configurable
+  * fix Subversion 1.4.x revision log compatibility code regression
+  * display sanitized error when authzfile is malformed
+  * restore markup of URLs in file contents (issue #455)
+  * optionally display last-committed metadata in roots view (issue #457)
+
 Version 1.1.8 (released 02-Dec-2010)
 
   * fix slowness triggered by allow_compress=1 configuration (issue #467)

INSTALL

@@ -19,7 +19,7 @@ Congratulations on getting this far. :-)
 
     For CVS Support: 
 
-      * Python 1.5.2 or later
+      * Python 1.5.2 or later (sorry, no 3.x support yet)
           (http://www.python.org/)
       * RCS, Revision Control System
           (http://www.cs.purdue.edu/homes/trinkle/RCS/)
@@ -30,11 +30,11 @@ Congratulations on getting this far. :-)
 
     For Subversion Support:
 
-      * Python 2.0 or later
+      * Python 2.0 or later (sorry, no 3.x support yet)
           (http://www.python.org/)
       * Subversion, Version Control System, 1.3.1 or later
           (binary installation and Python bindings)
-          (http://subversion.tigris.org/)
+          (http://subversion.apache.org/)
 
     Optional:
 
@@ -176,7 +176,24 @@ APACHE CONFIGURATION
    or /etc/local. Use the vendor documentation or the find utility if
    in doubt.
 
-2) Configure Apache to expose ViewVC to users at the URL of your choice.
+2) Depending on how your Apache configuration is setup by default, you
+   might need to explicitly allow high-level access to the ViewVC
+   install location.
+
+      <Directory <VIEWVC_INSTALLATION_DIRECTORY>>
+        Order allow,deny
+        Allow from all
+      </Directory>
+
+   For example, if ViewVC is installed in /usr/local/viewvc-1.0 on
+   your system:
+
+      <Directory /usr/local/viewvc-1.0>
+        Order allow,deny
+        Allow from all
+      </Directory>
+
+3) Configure Apache to expose ViewVC to users at the URL of your choice.
 
    ViewVC provides several different ways to do this.  Choose one of
    the following methods:
@@ -187,13 +204,13 @@ APACHE CONFIGURATION
    The ScriptAlias directive is very useful for pointing 
    directly to the viewvc.cgi script.  Simply insert a line containing
 
-     ScriptAlias /viewvc <VIEWVC_INSTALLATION_DIRECTORY>/bin/cgi/viewvc.cgi
+      ScriptAlias /viewvc <VIEWVC_INSTALLATION_DIRECTORY>/bin/cgi/viewvc.cgi
 
    into your httpd.conf file.  Choose the location in httpd.conf where 
    also the other ScriptAlias lines reside.  Some examples:
 
-     ScriptAlias /viewvc /usr/local/viewvc-1.0/bin/cgi/viewvc.cgi
-     ScriptAlias /query /usr/local/viewvc-1.0/bin/cgi/query.cgi
+      ScriptAlias /viewvc /usr/local/viewvc-1.0/bin/cgi/viewvc.cgi
+      ScriptAlias /query /usr/local/viewvc-1.0/bin/cgi/query.cgi
 
    ----------------------------------------
    METHOD B:  CGI mode in cgi-bin directory
@@ -201,6 +218,10 @@ APACHE CONFIGURATION
    Copy the CGI scripts from 
    <VIEWVC_INSTALLATION_DIRECTORY>/bin/cgi/*.cgi
    to the /cgi-bin/ directory configured in your httpd.conf file.
+
+   You can override configuration file location using:
+
+       SetEnv VIEWVC_CONF_PATHNAME /etc/viewvc.conf
    
    ------------------------------------------
    METHOD C:  CGI mode in ExecCGI'd directory
@@ -210,8 +231,8 @@ APACHE CONFIGURATION
    to the directory of your choosing in the Document Root adding the following
    Apache directives for the directory in httpd.conf or an .htaccess file:
 
-     Options +ExecCGI
-     AddHandler cgi-script .cgi
+      Options +ExecCGI
+      AddHandler cgi-script .cgi
      
    Note: For this to work mod_cgi has to be loaded.  And for the .htaccess file
    to be effective, "AllowOverride All" or "AllowOverride Options FileInfo"
@@ -227,6 +248,10 @@ APACHE CONFIGURATION
    In httpd.conf, make sure that "AllowOverride All" or at least 
    "AllowOverride FileInfo Options" are enabled for the directory
    you copied the files to.
+
+   You can override configuration file location using:
+
+       SetEnv VIEWVC_CONF_PATHNAME /etc/viewvc.conf
    
    Note: If you are using Mod_Python under Apache 1.3 the tarball generation
    feature may not work because it uses multithreading.  This works fine
@@ -278,13 +303,6 @@ APACHE CONFIGURATION
       ScriptAlias /viewvc /usr/local/viewvc/bin/wsgi/viewvc.fcgi
       ScriptAlias /query /usr/local/viewvc/bin/wsgi/query.fcgi
 
-3) Restart Apache.
-
-   The commands to do this vary.  "httpd -k restart" and "apache -k
-   restart" are two common variants.  On RedHat Linux it is done using
-   the command "/sbin/service httpd restart" and on SuSE Linux it is
-   done with "rcapache restart".  Other systems use "apachectl restart".
-
 4) [Optional] Add access control.
 
    In your httpd.conf you can control access to certain modules by
@@ -306,7 +324,14 @@ APACHE CONFIGURATION
       http://<server_name>/viewvc/~checkout~/<module_name>
       http://<server_name>/viewvc/<module_name>.tar.gz?view=tar
 
-5) Optional: Protect your ViewVC instance from server-whacking webcrawlers.
+5) Restart Apache.
+
+   The commands to do this vary.  "httpd -k restart" and "apache -k
+   restart" are two common variants.  On RedHat Linux it is done using
+   the command "/sbin/service httpd restart" and on SuSE Linux it is
+   done with "rcapache restart".  Other systems use "apachectl restart".
+
+6) Optional: Protect your ViewVC instance from server-whacking webcrawlers.
 
    As ViewVC is a web-based application which each page containing various
    links to other pages and views, you can expect your server's performance

LICENSE.html

@@ -15,7 +15,7 @@
 
 <blockquote>
 
-<p><strong>Copyright &copy; 1999-2010 The ViewCVS Group.  All rights
+<p><strong>Copyright &copy; 1999-2013 The ViewCVS Group.  All rights
    reserved.</strong></p>
 
 <p>By using ViewVC, you agree to the terms and conditions set forth
@@ -61,6 +61,9 @@
   <li>February 22, 2008 &mdash; copyright years updated</li>
   <li>March 18, 2009 &mdash; copyright years updated</li>
   <li>March 29, 2010 &mdash; copyright years updated</li>
+  <li>February 18, 2011 &mdash; copyright years updated</li>
+  <li>January 23, 2012 &mdash; copyright years updated</li>
+  <li>January 04, 2013 &mdash; copyright years updated</li>
 </ul>
 
 </body>

bin/asp/query.asp

@@ -3,7 +3,7 @@
 
 # -*-python-*-
 #
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

bin/asp/viewvc.asp

@@ -3,7 +3,7 @@
 
 # -*-python-*-
 #
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

bin/cgi/query.cgi

@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*-python-*-
 #
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

bin/cgi/viewvc.cgi

@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*-python-*-
 #
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

bin/cvsdbadmin

@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

bin/loginfo-handler

@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

bin/make-database

@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*-python-*-
 #
-# Copyright (C) 1999-2009 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -40,7 +40,7 @@ CREATE TABLE branches (
   branch varchar(64) binary DEFAULT '' NOT NULL,
   PRIMARY KEY (id),
   UNIQUE branch (branch)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;
 
 DROP TABLE IF EXISTS checkins;
 CREATE TABLE checkins (
@@ -63,7 +63,7 @@ CREATE TABLE checkins (
   KEY dirid (dirid),
   KEY fileid (fileid),
   KEY branchid (branchid)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;
 
 DROP TABLE IF EXISTS descs;
 CREATE TABLE descs (
@@ -72,7 +72,7 @@ CREATE TABLE descs (
   hash bigint(20) DEFAULT '0' NOT NULL,
   PRIMARY KEY (id),
   KEY hash (hash)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;
 
 DROP TABLE IF EXISTS dirs;
 CREATE TABLE dirs (
@@ -80,7 +80,7 @@ CREATE TABLE dirs (
   dir varchar(255) binary DEFAULT '' NOT NULL,
   PRIMARY KEY (id),
   UNIQUE dir (dir)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;
 
 DROP TABLE IF EXISTS files;
 CREATE TABLE files (
@@ -88,7 +88,7 @@ CREATE TABLE files (
   file varchar(255) binary DEFAULT '' NOT NULL,
   PRIMARY KEY (id),
   UNIQUE file (file)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;
 
 DROP TABLE IF EXISTS people;
 CREATE TABLE people (
@@ -96,7 +96,7 @@ CREATE TABLE people (
   who varchar(128) binary DEFAULT '' NOT NULL,
   PRIMARY KEY (id),
   UNIQUE who (who)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;
 
 DROP TABLE IF EXISTS repositories;
 CREATE TABLE repositories (
@@ -104,7 +104,7 @@ CREATE TABLE repositories (
   repository varchar(64) binary DEFAULT '' NOT NULL,
   PRIMARY KEY (id),
   UNIQUE repository (repository)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;
 
 DROP TABLE IF EXISTS tags;
 CREATE TABLE tags (
@@ -118,7 +118,7 @@ CREATE TABLE tags (
   KEY dirid (dirid),
   KEY fileid (fileid),
   KEY branchid (branchid)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;
 """
 
 ## ------------------------------------------------------------------------
@@ -132,7 +132,7 @@ CREATE TABLE branches (
   branch varchar(64) binary DEFAULT '' NOT NULL,
   PRIMARY KEY (id),
   UNIQUE branch (branch)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;
 
 DROP TABLE IF EXISTS commits;
 CREATE TABLE commits (
@@ -156,7 +156,7 @@ CREATE TABLE commits (
   KEY fileid (fileid),
   KEY branchid (branchid),
   KEY descid (descid)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;
 
 DROP TABLE IF EXISTS descs;
 CREATE TABLE descs (
@@ -165,7 +165,7 @@ CREATE TABLE descs (
   hash bigint(20) DEFAULT '0' NOT NULL,
   PRIMARY KEY (id),
   KEY hash (hash)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;
 
 DROP TABLE IF EXISTS dirs;
 CREATE TABLE dirs (
@@ -173,7 +173,7 @@ CREATE TABLE dirs (
   dir varchar(255) binary DEFAULT '' NOT NULL,
   PRIMARY KEY (id),
   UNIQUE dir (dir)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;
 
 DROP TABLE IF EXISTS files;
 CREATE TABLE files (
@@ -181,7 +181,7 @@ CREATE TABLE files (
   file varchar(255) binary DEFAULT '' NOT NULL,
   PRIMARY KEY (id),
   UNIQUE file (file)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;
 
 DROP TABLE IF EXISTS people;
 CREATE TABLE people (
@@ -189,7 +189,7 @@ CREATE TABLE people (
   who varchar(128) binary DEFAULT '' NOT NULL,
   PRIMARY KEY (id),
   UNIQUE who (who)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;
 
 DROP TABLE IF EXISTS repositories;
 CREATE TABLE repositories (
@@ -197,7 +197,7 @@ CREATE TABLE repositories (
   repository varchar(64) binary DEFAULT '' NOT NULL,
   PRIMARY KEY (id),
   UNIQUE repository (repository)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;
 
 DROP TABLE IF EXISTS tags;
 CREATE TABLE tags (
@@ -211,7 +211,7 @@ CREATE TABLE tags (
   KEY dirid (dirid),
   KEY fileid (fileid),
   KEY branchid (branchid)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;
 
 DROP TABLE IF EXISTS metadata;
 CREATE TABLE metadata (
@@ -219,7 +219,7 @@ CREATE TABLE metadata (
   value text,
   PRIMARY KEY (name),
   UNIQUE name (name)
-) TYPE=MyISAM;
+) ENGINE=MyISAM;
 INSERT INTO metadata (name, value) VALUES ('version', '1');
 """
 
@@ -245,6 +245,10 @@ options.)  This script will use the 'mysql' program to create the
 database for you.  You will then need to set the appropriate
 parameters in the [cvsdb] section of your viewvc.conf file.
 
+NOTE: If a hostname or port is supplied at the command line or during
+interactive prompting, this script will pass '--protocol=TCP' to
+'mysql'.
+
 Options:
 
   --dbname=ARG        Use ARG as the ViewVC database name to create.
@@ -253,7 +257,8 @@ Options:
   --help              Show this usage message.
   
   --hostname=ARG      Use ARG as the hostname for the MySQL connection.
-                      [Default: localhost]
+
+  --port=ARG          Use ARG as the port for the MySQL connection.
 
   --password=ARG      Use ARG as the password for the MySQL connection.
 
@@ -273,10 +278,11 @@ Options:
 if __name__ == "__main__":
   try:
     # Parse the command-line options, if any.
-    dbname = version = hostname = username = password = None
+    dbname = version = hostname = port = username = password = None
     opts, args = getopt.getopt(sys.argv[1:], '', [ 'dbname=',
                                                    'help',
                                                    'hostname=',
+                                                   'port=',
                                                    'password=',
                                                    'username=',
                                                    'version=',
@@ -290,6 +296,8 @@ if __name__ == "__main__":
         dbname = value
       elif name == '--hostname':
         hostname = value
+      elif name == '--port':
+        port = value
       elif name == '--username':
         username = value
       elif name == '--password':
@@ -302,7 +310,9 @@ if __name__ == "__main__":
 
     # Prompt for information not provided via command-line options.
     if hostname is None:
-      hostname = raw_input("MySQL Hostname [default: localhost]: ") or ""
+      hostname = raw_input("MySQL Hostname (leave blank for default): ")
+    if port is None:
+      port = raw_input("MySQL Port (leave blank for default): ")
     if username is None:
       username = raw_input("MySQL User: ")
     if password is None:
@@ -310,7 +320,7 @@ if __name__ == "__main__":
     if dbname is None:
       dbname = raw_input("ViewVC Database Name [default: ViewVC]: ") or "ViewVC"
 
-    # Create the database
+    # Create the database.
     dscript = string.replace(DATABASE_SCRIPT_COMMON, "<dbname>", dbname)
     if version == "1.0":
       print BONSAI_COMPAT
@@ -318,16 +328,22 @@ if __name__ == "__main__":
     else:
       dscript = dscript + DATABASE_SCRIPT_VERSION_1
 
-    host_option = hostname and "--host=%s" % (hostname) or ""
+    # Calculate command arguments.
+    cmd_args = "--user=%s --password=%s" % (username, password)
+    if hostname or port:
+      cmd_args = cmd_args + " --protocol=TCP"
+    if hostname:
+      cmd_args = cmd_args + " --host=%s" % (hostname)
+    if port:
+      cmd_args = cmd_args + " --port=%s" % (port)
+      
     if sys.platform == "win32":
-      cmd = "mysql --user=%s --password=%s %s "\
-            % (username, password, host_option)
+      cmd = "mysql %s" % (cmd_args)
       mysql = os.popen(cmd, "w") # popen2.Popen3 is not provided on windows
       mysql.write(dscript)
       status = mysql.close()
     else:
-      cmd = "{ mysql --user=%s --password=%s %s ; } 2>&1" \
-            % (username, password, host_option)
+      cmd = "{ mysql %s ; } 2>&1" % (cmd_args)
       pipes = popen2.Popen3(cmd)
       pipes.tochild.write(dscript)
       pipes.tochild.close()

bin/mod_python/handler.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

bin/mod_python/query.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2010 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

bin/mod_python/viewvc.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

bin/standalone.py

@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*-python-*-
 #
-# Copyright (C) 1999-2010 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -76,8 +76,6 @@ except ImportError:
 
 class Options:
   port = 49152      # default TCP/IP port used for the server
-  start_gui = 0     # No GUI unless requested.
-  daemon = 0        # stay in the foreground by default
   repositories = {} # use default repositories specified in config
   host = sys.platform == 'mac' and '127.0.0.1' or 'localhost'
   script_alias = 'viewvc'
@@ -707,13 +705,66 @@ def gui(host, port):
 
 # --- command-line interface: ----------------------------------------------
 
-def cli(argv):
+
+def usage():
+  clean_options = Options()
+  cmd = os.path.basename(sys.argv[0])
+  port = clean_options.port
+  host = clean_options.host
+  script_alias = clean_options.script_alias
+  sys.stderr.write("""Usage: %(cmd)s [OPTIONS]
+
+Run a simple, standalone HTTP server configured to serve up ViewVC requests.
+
+Options:
+
+  --config-file=FILE (-c)    Read configuration options from FILE.  If not
+                             specified, ViewVC will look for a configuration
+                             file in its installation tree, falling back to
+                             built-in default values.  (Not valid in GUI mode.)
+                             
+  --daemon (-d)              Background the server process.
+
+  --gui (-g)                 Pop up a graphical configuration interface.
+                             Requires a valid X11 display connection.
+
+  --help                     Show this usage message and exit.
+  
+  --host=HOSTNAME (-h)       Listen on HOSTNAME.  Required for access from a
+                             remote machine.  [default: %(host)s]
+
+  --htpasswd-file=FILE       Authenticate incoming requests, validating against
+                             against FILE, which is an Apache HTTP Server
+                             htpasswd file.  (CRYPT only; no DIGEST support.)
+
+  --port=PORT (-p)           Listen on PORT.  [default: %(port)d]
+
+  --repository=PATH (-r)     Serve the Subversion or CVS repository located
+                             at PATH.  This option may be used more than once.
+
+  --script-alias=PATH (-s)   Use PATH as the virtual script location (similar
+                             to Apache HTTP Server's ScriptAlias directive).
+                             For example, "--script-alias=repo/view" will serve
+                             ViewVC at "http://HOSTNAME:PORT/repo/view".
+                             [default: %(script_alias)s]
+""" % locals())
+  sys.exit(0)
+
+
+def badusage(errstr):
+  cmd = os.path.basename(sys.argv[0])
+  sys.stderr.write("ERROR: %s\n\n"
+                   "Try '%s --help' for detailed usage information.\n"
+                   % (errstr, cmd))
+  sys.exit(1)
+
+
+def main(argv):
   """Command-line interface (looks at argv to decide what to do)."""
   import getopt
-  class BadUsage(Exception): pass
 
-  short_opts = string.join(['c',
-                            'd:',
+  short_opts = string.join(['c:',
+                            'd',
                             'g',
                             'h:',
                             'p:',
@@ -723,6 +774,7 @@ def cli(argv):
   long_opts = ['daemon',
                'config-file=',
                'gui',
+               'help',
                'host=',
                'htpasswd-file=',
                'port=',
@@ -730,113 +782,98 @@ def cli(argv):
                'script-alias=',
                ]
     
-  try:
+  opt_daemon = 0
+  opt_gui = 0
+  opt_host = None
+  opt_port = None
+  opt_htpasswd_file = None
+  opt_config_file = None
+  opt_script_alias = None
+  opt_repositories = []
+
+  # Parse command-line options.
+  try:  
     opts, args = getopt.getopt(argv[1:], short_opts, long_opts)
     for opt, val in opts:
-      if opt in ('-g', '--gui'):
-        options.start_gui = 1
-      elif opt in ('-r', '--repository'):
-        if options.repositories: # option may be used more than once:
-          num = len(options.repositories.keys())+1
-          symbolic_name = "Repository"+str(num)
-          options.repositories[symbolic_name] = val
-        else:
-          options.repositories["Development"] = val
-      elif opt in ('-d', '--daemon'):
-        options.daemon = 1
-      elif opt in ('-p', '--port'):
-        try:
-          options.port = int(val)
-        except ValueError:
-          raise BadUsage, "Port '%s' is not a valid port number" % (val)
-      elif opt in ('-h', '--host'):
-        options.host = val
-      elif opt in ('-s', '--script-alias'):
-        options.script_alias = \
-          string.join(filter(None, string.split(val, '/')), '/')
-      elif opt in ('-c', '--config-file'):
-        if not os.path.isfile(val):
-          raise BadUsage, "'%s' does not appear to be a valid " \
-                          "configuration file." % (val)
-        options.config_file = val
-      elif opt in ('-c', '--htpasswd-file'):
-        if not os.path.isfile(val):
-          raise BadUsage, "'%s' does not appear to be a valid " \
-                          "htpasswd file." % (val)
-        if not has_crypt:
-          raise BadUsage, "Unable to locate suitable `crypt' module for use " \
-                          "with --htpasswd-file option.  If your Python " \
-                          "distribution does not include this module (as is " \
-                          "the case on many non-Unix platforms), consider " \
-                          "installing the `fcrypt' module instead (see " \
-                          "http://carey.geek.nz/code/python-fcrypt/)."
-        options.htpasswd_file = val
-    if options.start_gui and options.config_file:
-      raise BadUsage, "--config-file option is not valid in GUI mode."
-    if not options.start_gui and not options.port:
-      raise BadUsage, "You must supply a valid port, or run in GUI mode."
-    if options.daemon:
-      pid = os.fork()
-      if pid != 0:
-        sys.exit()  
-    if options.start_gui:
-      gui(options.host, options.port)
-      return
-    elif options.port:
-      def ready(server):
-        print 'server ready at %s%s' % (server.url, options.script_alias)
-      serve(options.host, options.port, ready)
-      return
-  except (getopt.error, BadUsage), err:
-    cmd = os.path.basename(sys.argv[0])
-    port = options.port
-    host = options.host
-    script_alias = options.script_alias
-    if str(err):
-      sys.stderr.write("ERROR: %s\n\n" % (str(err)))
-    sys.stderr.write("""Usage: %(cmd)s [OPTIONS]
+      if opt in ['--help']:
+        usage()
+      elif opt in ['-g', '--gui']:
+        opt_gui = 1
+      elif opt in ['-r', '--repository']: # may be used more than once
+        opt_repositories.append(val)
+      elif opt in ['-d', '--daemon']:
+        opt_daemon = 1
+      elif opt in ['-p', '--port']:
+        opt_port = val
+      elif opt in ['-h', '--host']:
+        opt_host = val
+      elif opt in ['-s', '--script-alias']:
+        opt_script_alias = val
+      elif opt in ['-c', '--config-file']:
+        opt_config_file = val
+      elif opt in ['--htpasswd-file']:
+        opt_htpasswd_file = val
+  except getopt.error, err:
+    badusage(str(err))
 
-Run a simple, standalone HTTP server configured to serve up ViewVC
-requests.
+  # Validate options that need validating.
+  class BadUsage(Exception): pass
+  try:
+    if opt_port is not None:
+      try:
+        options.port = int(opt_port)
+      except ValueError:
+        raise BadUsage("Port '%s' is not a valid port number" % (opt_port))
+      if not options.port:
+        raise BadUsage("You must supply a valid port.")
+    if opt_htpasswd_file is not None:
+      if not os.path.isfile(opt_htpasswd_file):
+        raise BadUsage("'%s' does not appear to be a valid htpasswd file."
+                       % (opt_htpasswd_file))
+      if not has_crypt:
+        raise BadUsage("Unable to locate suitable `crypt' module for use "
+                       "with --htpasswd-file option.  If your Python "
+                       "distribution does not include this module (as is "
+                       "the case on many non-Unix platforms), consider "
+                       "installing the `fcrypt' module instead (see "
+                       "http://carey.geek.nz/code/python-fcrypt/).")
+      options.htpasswd_file = opt_htpasswd_file
+    if opt_config_file is not None:
+      if not os.path.isfile(opt_config_file):
+        raise BadUsage("'%s' does not appear to be a valid configuration file."
+                       % (opt_config_file))
+      options.config_file = opt_config_file
+    if opt_host is not None:
+      options.host = opt_host
+    if opt_script_alias is not None:
+      options.script_alias = string.join(filter(None,
+                                                string.split(opt_script_alias,
+                                                             '/')),
+                                         '/')
+    for repository in opt_repositories:
+      if not options.repositories.has_key('Development'):
+        rootname = 'Development'
+      else:
+        rootname = 'Repository%d' % (len(options.repositories.keys()) + 1)
+      options.repositories[rootname] = repository
+  except BadUsage, err:
+    badusage(str(err))
+      
+  # Fork if we're in daemon mode.
+  if opt_daemon:
+    pid = os.fork()
+    if pid != 0:
+      sys.exit()
 
-Options:
+  # Finaly, start the server.
+  if opt_gui:
+    gui(options.host, options.port)
+  else:
+    def ready(server):
+      print 'server ready at %s%s' % (server.url, options.script_alias)
+    serve(options.host, options.port, ready)
 
-  --config-file=PATH (-c)    Use the file at PATH as the ViewVC configuration
-                             file.  If not specified, ViewVC will try to use
-                             the configuration file in its installation tree;
-                             otherwise, built-in default values are used.
-                             (Not valid in GUI mode.)
-                             
-  --daemon (-d)              Background the server process.
-  
-  --host=HOST (-h)           Start the server listening on HOST.  You need
-                             to provide the hostname if you want to
-                             access the standalone server from a remote
-                             machine.  [default: %(host)s]
-
-  --port=PORT (-p)           Start the server on the given PORT.
-                             [default: %(port)d]
-
-  --repository=PATH (-r)     Serve up the Subversion or CVS repository located
-                             at PATH.  This option may be used more than once.
-
-  --script-alias=PATH (-s)   Specify the ScriptAlias, the artificial path
-                             location that at which ViewVC appears to be
-                             located.  For example, if your ScriptAlias is
-                             "cgi-bin/viewvc", then ViewVC will be accessible
-                             at "http://%(host)s:%(port)s/cgi-bin/viewvc".
-                             [default: %(script_alias)s]
-
-  --htpasswd-file=FILE       Demand authentication from clients, validating
-                             authentication credentials against FILE, which is
-                             an Apache htpasswd file that employs CRYPT
-                             encryption.  (Sorry, no DIGEST support yet.)
-
-  --gui (-g)                 Pop up a graphical interface for serving and
-                             testing ViewVC.  NOTE: this requires a valid
-                             X11 display connection.
-""" % locals())
 
 if __name__ == '__main__':
   options = Options()
-  cli(sys.argv)
+  main(sys.argv)

bin/svndbadmin

@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*-python-*-
 #
-# Copyright (C) 2004-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 2004-2013 The ViewCVS Group. All Rights Reserved.
 # Copyright (C) 2004-2007 James Henstridge
 #
 # By using this file, you agree to the terms and conditions set forth in
@@ -153,7 +153,7 @@ class SvnRev:
         fsroot = self._get_root_for_rev(rev)
         
         # find changes in the revision
-        editor = svn.repos.RevisionChangeCollector(repo.fs, rev)
+        editor = svn.repos.ChangeCollector(repo.fs, fsroot)
         e_ptr, e_baton = svn.delta.make_editor(editor)
         svn.repos.svn_repos_replay(fsroot, e_ptr, e_baton)
 
@@ -164,21 +164,33 @@ class SvnRev:
                 continue
 
             # deal with the change types we handle
+            action = None
             base_root = None
+            base_path = change.base_path
             if change.base_path:
                 base_root = self._get_root_for_rev(change.base_rev)
-                
-            if not change.path:
+
+            # figure out what kind of change this is, and get a diff
+            # object for it.  note that prior to 1.4 Subversion's
+            # bindings didn't give us change.action, but that's okay
+            # because back then deleted paths always had a change.path
+            # of None.
+            if hasattr(change, 'action') \
+               and change.action == svn.repos.CHANGE_ACTION_DELETE:
+                action = 'remove'
+            elif not change.path:
                 action = 'remove'
             elif change.added:
                 action = 'add'
             else:
                 action = 'change'
 
-            diffobj = svn.fs.FileDiff(base_root and base_root or None,
-                                      base_root and change.base_path or None,
-                                      change.path and fsroot or None,
-                                      change.path and change.path or None)
+            if action == 'remove':
+                diffobj = svn.fs.FileDiff(base_root, base_path, None, None)
+            else:
+                diffobj = svn.fs.FileDiff(base_root, base_path,
+                                          fsroot, change.path)
+
             diff_fp = diffobj.get_pipe()
             plus, minus = _get_diff_counts(diff_fp)
             self.changes.append((path, action, plus, minus))
@@ -288,7 +300,7 @@ def usage():
 located at REPOS-PATH.
 
 Usage: 1. %s [-v] rebuild REPOS-PATH
-       2. %s [-v] update REPOS-PATH [REV:[REV2]] [--force]
+       2. %s [-v] update REPOS-PATH [REV[:REV2]] [--force]
        3. %s [-v] purge REPOS-PATH
 
 1.  Rebuild the commit database information for the repository located

bin/wsgi/query.fcgi

@@ -1,7 +1,7 @@
 #!/usr/bin/python
 # -*-python-*-
 #
-# Copyright (C) 1999-2010 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

bin/wsgi/query.wsgi

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2010 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

bin/wsgi/viewvc.fcgi

@@ -1,7 +1,7 @@
 #!/usr/bin/python
 # -*-python-*-
 #
-# Copyright (C) 1999-2010 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

bin/wsgi/viewvc.wsgi

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2009 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

conf/viewvc.conf.dist

@@ -86,8 +86,8 @@
 
 ## cvs_roots: Specifies each of the CVS roots on your system and
 ## assigns names to them. Each root should be given by a "name: path"
-## value. Multiple roots should be separated by commas and can be
-## placed on separate lines.
+## value (where the path is an absolute filesystem path). Multiple roots
+## should be separated by commas and can be placed on separate lines.
 ##
 ## Example:
 ## cvs_roots = cvsroot: /opt/cvs/repos1,
@@ -97,8 +97,13 @@
 
 ## svn_roots: Specifies each of the Subversion roots (repositories) on
 ## your system and assigns names to them. Each root should be given by
-## a "name: path" value. Multiple roots should be separated by commas
-## and can be placed on separate lines.
+## a "name: path" value (where the path is an absolute filesystem path).
+## Multiple roots should be separated by commas and can be placed on
+## separate lines.
+##
+## NOTE: ViewVC offers *experimental* support for displaying remote
+## Subversion repositories.  Simply use the repository's URL instead
+## of a local filesystem path when defining the root.
 ##
 ## Example:
 ## svn_roots = svnrepos: /opt/svn/,
@@ -109,7 +114,8 @@
 ## root_parents: Specifies a list of directories under which any
 ## number of repositories may reside.  You can specify multiple root
 ## parents separated by commas or new lines, each of which is of the
-## form "path: type" (where type is either "cvs" or "svn").
+## form "path: type" (where the type is either "cvs" or "svn", and
+## the path is an absolute filesystem path).
 ##
 ## Rather than force you to add a new entry to 'cvs_roots' or
 ## 'svn_roots' each time you create a new repository, ViewVC rewards
@@ -345,10 +351,64 @@
 ## allowed_views: List the ViewVC views which are enabled.  Views not
 ## in this comma-delited list will not be served (or, will return an
 ## error on attempted access).
-## Possible values: "annotate", "co", "diff", "markup", "roots", "tar"
+##
+## Valid items for this list include: "annotate", "co", "diff", "markup",
+## "roots", "tar".
+##
+## ----------+---------------------------------------------------------
+##    VIEW   |                       DESCRIPTION
+## ----------+---------------------------------------------------------
+##  annotate | The 'annotate' view shows the contents of a single
+##           | revision of a versioned file in exactly the same way as
+##           | the markup view, but with additional line-by-line
+##           | change attribution (the revision number, author, etc.
+##           | the most recent edit to that line of text as of the
+##           | displayed version).
+## ----------+---------------------------------------------------------
+##  co       | The 'co' (aka "checkout" or "download") view isn't
+##           | really a branded view at all, but allows for direct
+##           | downloading of the contents of a single revision of a 
+##           | versioned file.
+## ----------+---------------------------------------------------------
+##  diff     | The 'diff' view displays line-based differences between
+##           | two revisions of a versioned file in a variety of
+##           | different user-selectable formats.
+## ----------+---------------------------------------------------------
+##  markup   | The 'markup' view shows the contents of a single
+##           | revision of a versioned file, with syntax highlighting
+##           | where possible and enabled.  It can also optionally
+##           | show change log information for that revision of the
+##           | file.
+## ----------+---------------------------------------------------------
+##  roots    | The 'roots' view is a simple listing of the various
+##           | repositories which ViewVC has been configured to serve
+##           | to users.
+## ----------+---------------------------------------------------------
+##  tar      | The 'tar' view isn't a branded view, but generates
+##           | a GNU Tar archive file containing a single versioned
+##           | directory and its contents (recursively).
+## ----------+---------------------------------------------------------
 ##
 #allowed_views = annotate, diff, markup, roots
 
+## Comma-delimited list of MIME content types (with support for fnmatch-
+## style glob characters) which are considered not-human-readable and for
+## which ViewVC will neither generate links to, nor support the direct
+## display of, non-checkout views which carry the file's content (the
+## 'markup', 'annotate', 'diff', and 'patch' views).
+##
+## NOTE: Handling of this option is given priority over ViewVC's
+## longstanding support for showing web-friendly file formats -- even
+## binary ones such as "image/jpeg" and "image/gif" -- in the 'markup'
+## view.  Thus, if you add "image/*" to this list, 'markup'-view
+## display of JPEG, GIF, and PNG images will be disabled.
+##
+## Example:
+## binary_mime_types = application/octet-stream, image/*, application/pdf, 
+##                     application/vnd*, application/msword, audio/*
+#
+#binary_mime_types =
+
 ## authorizer: The name of the ViewVC authorizer plugin to use when
 ## authorizing access to repository contents.  This value must be the
 ## name of a Python module addressable as vcauth.MODULENAME (most
@@ -391,6 +451,26 @@
 ##
 #mangle_email_addresses = 0
 
+## custom_log_formatting: Specifies mappings of regular expressions to
+## substitution format strings used to URL-ize strings found in
+## revision log messages.  Multiple mappings (specified as
+## REGEXP:FORMATSTRING) may be defined, separated by commas.
+##
+## NOTE: Due to a limitation of the configuration format, commas may
+## not be used in the regular expression portion of each mapping.
+## Commas "in the raw" may not be used in the format string portion,
+## either, but you can probably use the URI-encoded form of the comma
+## ("%2C") instead with no ill side-effects.  If you must specify a
+## colon character in either the regular expression or the format
+## string, escape it with a preceding backslash ("\:").
+##
+## Example:
+## custom_log_formatting =
+##     artf[0-9]+ : http://example.com/tracker?id=\0,
+##     issue ([0-9]+) : http://example.com/bug?id=\1&opts=full%2csortby=id
+##
+#custom_log_formatting =
+
 ## default_file_view: "log", "co", or "markup"
 ## Controls whether the default view for file URLs is a checkout view or
 ## a log view. "log" is the default for backwards compatibility with old
@@ -499,7 +579,7 @@
 ## (Only works well for C source files, otherwise diff's heuristic falls short.)
 ## ('-p' option to diff)
 ##
-#hr_funout = 0
+#hr_funout = 1
 
 ## hr_ignore_white: Ignore whitespace (indendation and stuff) for human
 ## readable diffs.
@@ -572,6 +652,14 @@
 ##
 #show_subdir_lastmod = 0
 
+## show_roots_lastmod: In the root listing view, show the most recent
+## modifications made to the root.  (Subversion roots only.)
+##
+## NOTE: Enabling this feature will significantly reduce the
+## performance of the root listing view.
+##
+#show_roots_lastmod = 0
+
 ## show_logs: Show the most recent log entry in directory listings.
 ##
 #show_logs = 1
@@ -595,7 +683,13 @@
 #short_log_len = 80
 
 ## enable_syntax_coloration: Should we colorize known file content
-## syntaxes?  [Requires Pygments Python module]
+## syntaxes?
+##
+## NOTE: This feature requires the Pygments Python module
+## (http://pygments.org) and works only when ViewVC can determine the
+## MIME content type of the file whose contents it wishes to colorize.
+## Use the 'mime_types_files' configuration option to specify MIME
+## type mapping files useful for making that determination.
 ##
 #enable_syntax_coloration = 1
 
@@ -649,6 +743,26 @@
 ##
 #log_pagesize = 0
 
+## log_pagesextra: Maximum number of extra pages (based on
+## log_pagesize) of revision log data to fetch and present to the user
+## as additional options for display.  Revision log information
+## "beyond" this window is still accessible, but must be navigated to
+## in multiple steps.
+##
+## Example:
+## log_pagesize = 100
+## log_pagesextra = 3
+##
+## For a versioned file with 1000 revisions, the above settings would
+## present to the user the first 100 of those 1000 revisions, with
+## links to three additional pages (the 200-299th revisions, 300-399th
+## revisions, and 400-499th revisions) plus a link to the 500th
+## revision.  Following these links slides the display "window",
+## showing the requested set of revisions plus links to three
+## additional pages beyond those, and so on.
+##
+#log_pagesextra = 3
+
 ## limit_changes: Maximum number of changed paths shown per commit in
 ## the Subversion revision view and in query results. This is not a
 ## hard limit (the UI provides options to show all changed paths), but
@@ -769,6 +883,14 @@
 ## row_limit: Maximum number of rows returned by a given normal query
 ## to the database.
 ##
+## NOTE: This limits the amount of data provided to ViewVC by the
+## database.  It is from this already-reduced data set that ViewVC
+## builds the query response it presents to the user, which may or may
+## not include still more limiting via the query form's 'limit'
+## parameter.  In other words, there is no value which the user can use
+## in the query form's 'limit' parameter which will cause more data to
+## be returned by the database for ViewVC to process.
+##
 #row_limit = 1000
 
 ## rss_row_limit: Maximum number of rows returned by a given query to
@@ -776,6 +898,9 @@
 ## that RSS readers tend to poll regularly for new data, you might want
 ## to keep this set to a conservative number.)
 ##
+## See also the `NOTE' for the 'row_limit' option, which applies here
+## as well.
+##
 #rss_row_limit = 100
 
 ## check_database_for_root: Check if the repository is found in the

docs/template-authoring-guide.html

@@ -1,6 +1,6 @@
 <html>
 <head>
-<title>ViewVC 1.0 Template Authoring Guide</title>
+<title>ViewVC 1.1 Template Authoring Guide</title>
 <style>
 body {
   background-color: rgb(180,193,205);
@@ -38,13 +38,13 @@ td {
 </head>
 <body>
 
-<h1>ViewVC 1.0 Template Authoring Guide</h1>
+<h1>ViewVC 1.1 Template Authoring Guide</h1>
 
 <div class="h2">
 <h2 id="introduction">Introduction</h2>
 
 <p>This document represents an (unfinished) attempt at providing
-   documentation for how to customize ViewVC 1.0-dev's HTML output via
+   instructions for how to customize ViewVC's HTML output via
    modification of its templates.</p>
 
 </div>
@@ -802,6 +802,11 @@ td {
   <td>String</td>
   <td>This is a URL for the markup view of the left file.</td>
 </tr>
+<tr class="varlevel1">
+  <td class="varname">patch_href</td>
+  <td>String</td>
+  <td>URL of the patch view for the file.</td>
+</tr>
 <tr class="varlevel1">
   <td class="varname">raw_diff</td>
   <td>String</td>
@@ -1821,6 +1826,14 @@ td {
   <td>Indicates how query results are being sorted. Possible values: 
       <tt>date</tt>, <tt>author</tt>, and <tt>file</tt>.</td>
 </tr>
+<tr class="varlevel1">
+  <td class="varname">row_limit_reached</td>
+  <td>Boolean</td>
+  <td>Indicates whether the internal database row limit threshold (set
+      via the <code>cvsdb.row_limit</code>
+      and <code>cvsdb.rss_row_limit</code> configuration options) was
+      reached by the query.</td>
+</tr>
 <tr class="varlevel1">
   <td class="varname">show_branch</td>
   <td>Boolean</td>
@@ -2144,6 +2157,38 @@ td {
   <td>List</td>
   <td>Set of configured viewable repositories.</td>
 </tr>
+<tr class="varlevel2">
+  <td class="varname">roots.ago</td>
+  <td>String</td>
+  <td>Textual description of the time since <var>roots.date</var>.</td>
+</tr>
+<tr class="varlevel2">
+  <td class="varname">roots.author</td>
+  <td>String</td>
+  <td>Username of the last modifier of the root.</td>
+</tr>
+<tr class="varlevel2">
+  <td class="varname">root.date</td>
+  <td>String</td>
+  <td>Date (in UTC if not otherwise configured) of the last
+      modification of the root.</td>
+</tr>
+<tr class="varlevel2">
+  <td class="varname">roots.href</td>
+  <td>String</td>
+  <td>URL of root directory view for a configured repository.</td>
+</tr>
+<tr class="varlevel2">
+  <td class="varname">roots.log</td>
+  <td>String</td>
+  <td>Log message of last modification to the root.</td>
+</tr>
+<tr class="varlevel2">
+  <td class="varname">roots.log_href</td>
+  <td>String</td>
+  <td>URL of log revision view for the top-most (root) directory of
+    the root (repository).</td>
+</tr>
 <tr class="varlevel2">
   <td class="varname">roots.name</td>
   <td>String</td>
@@ -2157,17 +2202,24 @@ td {
       configuration can have negative security implications.  Use this
       token at your own risk.</td>
 </tr>
+<tr class="varlevel2">
+  <td class="varname">roots.rev</td>
+  <td>String</td>
+  <td>Youngest revision of the root.</td>
+</tr>
+<tr class="varlevel2">
+  <td class="varname">roots.short_log</td>
+  <td>String</td>
+  <td>Log message of last modification to the root, truncated to
+      contain no more than the number of characters specified by
+      the <code>short_log_len</code> configuration option.</td>
+</tr>
 <tr class="varlevel2">
   <td class="varname">roots.type</td>
   <td>String</td>
   <td>Version control type of a configured repository.  Valid
       values: <tt>cvs</tt>, <tt>svn</tt>.</td>
 </tr>
-<tr class="varlevel2">
-  <td class="varname">roots.href</td>
-  <td>String</td>
-  <td>URL of root directory view for a configured repository.</td>
-</tr>
 </tbody>
 </table>
 

docs/url-reference.html

@@ -1192,13 +1192,6 @@ th.caption {
         commands to back out changes instead showing a normal query result
         page</td>
   </tr>
-  <tr>
-    <td><code>limit=<var>LIMIT</var></code></td>
-    <td>optional</td>
-    <td>maximum number of file-revisions to process during a
-        query. Default is value of <code>row_limit</code> configuration
-        option</td>
-  </tr>
   <tr>
     <td><code>limit_changes=<var>LIMIT_CHANGES</var></code></td>
     <td>optional</td>

lib/accept.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2009 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

lib/blame.py

@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*-python-*-
 #
-# Copyright (C) 1999-2010 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 # Copyright (C) 2000 Curt Hagenlocher <curt@hagenlocher.org>
 #
 # By using this file, you agree to the terms and conditions set forth in
@@ -74,7 +74,8 @@ class HTMLBlameSource:
     self.path_parts = path_parts
     self.diff_url = diff_url
     self.include_url = include_url
-    self.annotation, self.revision = self.repos.annotate(path_parts, opt_rev)
+    self.annotation, self.revision = self.repos.annotate(path_parts, opt_rev,
+                                                         True)
 
   def __getitem__(self, idx):
     item = self.annotation.__getitem__(idx)

lib/compat.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2007 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

lib/config.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2010 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -112,6 +112,8 @@ class Config:
   _force_multi_value = (
     # Configuration values with multiple, comma-separated values.
     'allowed_views',
+    'binary_mime_types',
+    'custom_log_formatting',
     'cvs_roots',
     'kv_files',
     'languages',
@@ -398,7 +400,9 @@ class Config:
     self.options.allowed_views = ['annotate', 'diff', 'markup', 'roots']
     self.options.authorizer = None
     self.options.mangle_email_addresses = 0
+    self.options.custom_log_formatting = []
     self.options.default_file_view = "log"
+    self.options.binary_mime_types = []
     self.options.http_expiration_time = 600
     self.options.generate_etags = 1
     self.options.svn_ignore_mimetype = 0
@@ -420,6 +424,7 @@ class Config:
     self.options.template_dir = "templates"
     self.options.docroot = None
     self.options.show_subdir_lastmod = 0
+    self.options.show_roots_lastmod = 0
     self.options.show_logs = 1
     self.options.show_log_in_markup = 1
     self.options.cross_copies = 1
@@ -433,6 +438,7 @@ class Config:
     self.options.use_re_search = 0
     self.options.dir_pagesize = 0
     self.options.log_pagesize = 0
+    self.options.log_pagesextra = 3
     self.options.limit_changes = 100
 
     self.templates.diff = None

lib/cvsdb.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2009 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -38,13 +38,12 @@ error = "cvsdb error"
 ## complient database interface
 
 class CheckinDatabase:
-    def __init__(self, host, port, user, passwd, database, row_limit):
+    def __init__(self, host, port, user, passwd, database):
         self._host = host
         self._port = port
         self._user = user
         self._passwd = passwd
         self._database = database
-        self._row_limit = row_limit
         self._version = None
 
         ## database lookup caches
@@ -169,6 +168,9 @@ class CheckinDatabase:
 
         return list
 
+    def GetCommitsTable(self):
+        return self._version >= 1 and 'commits' or 'checkins'
+        
     def GetTableList(self):
         sql = "SHOW TABLES"
         cursor = self.db.cursor()
@@ -309,8 +311,7 @@ class CheckinDatabase:
         minus_count = commit.GetMinusCount() or '0'
         description_id = self.GetDescriptionID(commit.GetDescription())
 
-        commits_table = self._version >= 1 and 'commits' or 'checkins'
-        sql = "REPLACE INTO %s" % (commits_table)
+        sql = "REPLACE INTO %s" % (self.GetCommitsTable())
         sql = sql + \
               "  (type,ci_when,whoid,repositoryid,dirid,fileid,revision,"\
               "   stickytag,branchid,addedlines,removedlines,descid)"\
@@ -351,9 +352,17 @@ class CheckinDatabase:
                 match = " LIKE "
             elif query_entry.match == "glob":
                 match = " REGEXP "
-                # use fnmatch to translate the glob into a regexp
+                # Use fnmatch to translate the glob into a regular
+                # expression.  Sadly, we have to account for the fact
+                # that in Python 2.6, fnmatch.translate() started
+                # sticking '\Z(?ms)' at the end of the regular
+                # expression instead of just '$', and doesn't prepend
+                # the '^'.
                 data = fnmatch.translate(data)
-                if data[0] != '^': data = '^' + data
+                if data[0] != '^':
+                    data = '^' + data
+                if data[-7:] == '\Z(?ms)':
+                    data = data[:-7] + '$'
             elif query_entry.match == "regex":
                 match = " REGEXP "
             elif query_entry.match == "notregex":
@@ -363,8 +372,8 @@ class CheckinDatabase:
 
         return "(%s)" % (string.join(sqlList, " OR "))
 
-    def CreateSQLQueryString(self, query):
-        commits_table = self._version >= 1 and 'commits' or 'checkins'
+    def CreateSQLQueryString(self, query, detect_leftover=0):
+        commits_table = self.GetCommitsTable()
         tableList = [(commits_table, None)]
         condList = []
 
@@ -444,13 +453,14 @@ class CheckinDatabase:
         conditions = string.join(joinConds + condList, " AND ")
         conditions = conditions and "WHERE %s" % conditions
 
-        ## limit the number of rows requested or we could really slam
-        ## a server with a large database
+        ## apply the query's row limit, if any (so we avoid really
+        ## slamming a server with a large database)
         limit = ""
         if query.limit:
-            limit = "LIMIT %s" % (str(query.limit))
-        elif self._row_limit:
-            limit = "LIMIT %s" % (str(self._row_limit))
+            if detect_leftover:
+                limit = "LIMIT %s" % (str(query.limit + 1))
+            else:
+                limit = "LIMIT %s" % (str(query.limit))
 
         sql = "SELECT %s.* FROM %s %s %s %s" \
               % (commits_table, tables, conditions, order_by, limit)
@@ -458,14 +468,20 @@ class CheckinDatabase:
         return sql
     
     def RunQuery(self, query):
-        sql = self.CreateSQLQueryString(query)
+        sql = self.CreateSQLQueryString(query, 1)
         cursor = self.db.cursor()
         cursor.execute(sql)
+        query.SetExecuted()
+        row_count = 0
         
         while 1:
             row = cursor.fetchone()
             if not row:
                 break
+            row_count = row_count + 1
+            if query.limit and (row_count > query.limit):
+                query.SetLimitReached()
+                break
             
             (dbType, dbCI_When, dbAuthorID, dbRepositoryID, dbDirID,
              dbFileID, dbRevision, dbStickyTag, dbBranchID, dbAddedLines,
@@ -504,13 +520,15 @@ class CheckinDatabase:
         if file_id == None:
             return None
 
-        commits_table = self._version >= 1 and 'commits' or 'checkins'
-        sql = "SELECT * FROM %s WHERE "\
+        sql = "SELECT type, ci_when, whoid, repositoryid, dirid, fileid, " \
+              "revision, stickytag, branchid, addedlines, removedlines, " \
+              "descid "\
+              "  FROM %s WHERE "\
               "  repositoryid=%%s "\
               "  AND dirid=%%s"\
               "  AND fileid=%%s"\
               "  AND revision=%%s"\
-              % (commits_table)
+              % (self.GetCommitsTable())
         sql_args = (repository_id, dir_id, file_id, commit.GetRevision())
 
         cursor = self.db.cursor()
@@ -527,10 +545,9 @@ class CheckinDatabase:
     def sql_delete(self, table, key, value, keep_fkey = None):
         sql = "DELETE FROM %s WHERE %s=%%s" % (table, key)
         sql_args = (value, )
-        commits_table = self._version >= 1 and 'commits' or 'checkins'
         if keep_fkey:
             sql += " AND %s NOT IN (SELECT %s FROM %s WHERE %s = %%s)" \
-                   % (key, keep_fkey, commits_table, keep_fkey)
+                   % (key, keep_fkey, self.GetCommitsTable(), keep_fkey)
             sql_args = (value, value)
         cursor = self.db.cursor()
         cursor.execute(sql, sql_args)
@@ -556,7 +573,10 @@ class CheckinDatabase:
             self.sql_purge('descs', 'id', 'descid', 'commits')
             self.sql_purge('people', 'id', 'whoid', 'commits')
         else:
-            sql = "SELECT * FROM checkins WHERE repositoryid=%s"
+            sql = "SELECT type, ci_when, whoid, repositoryid, dirid, " \
+                  "fileid, revision, stickytag, branchid, addedlines, " \
+                  "removedlines, descid "\
+                  "  FROM checkins WHERE repositoryid=%s"
             sql_args = (rep_id, )
             cursor = self.db.cursor()
             cursor.execute(sql, sql_args)
@@ -769,8 +789,9 @@ class QueryEntry:
         self.data = data
         self.match = match
 
-## CheckinDatabaseQueryData is a object which contains the search parameters
-## for a query to the CheckinDatabase
+## CheckinDatabaseQuery is an object which contains the search
+## parameters for a query to the Checkin Database and -- after the
+## query is executed -- the data returned by the query.
 class CheckinDatabaseQuery:
     def __init__(self):
         ## sorting
@@ -790,7 +811,8 @@ class CheckinDatabaseQuery:
 
         ## limit on number of rows to return
         self.limit = None
-
+        self.limit_reached = 0
+        
         ## list of commits -- filled in by CVS query
         self.commit_list = []
 
@@ -798,6 +820,9 @@ class CheckinDatabaseQuery:
         ## are added
         self.commit_cb = None
 
+        ## has this query been run?
+        self.executed = 0
+
     def SetRepository(self, repository, match = "exact"):
         self.repository_list.append(QueryEntry(repository, match))
 
@@ -843,6 +868,20 @@ class CheckinDatabaseQuery:
     def AddCommit(self, commit):
         self.commit_list.append(commit)
 
+    def SetExecuted(self):
+        self.executed = 1
+
+    def SetLimitReached(self):
+        self.limit_reached = 1
+
+    def GetLimitReached(self):
+        assert self.executed
+        return self.limit_reached
+
+    def GetCommitList(self):
+        assert self.executed
+        return self.commit_list
+        
 
 ##
 ## entrypoints
@@ -861,7 +900,7 @@ def ConnectDatabase(cfg, readonly=0):
         user = cfg.cvsdb.user
         passwd = cfg.cvsdb.passwd
     db = CheckinDatabase(cfg.cvsdb.host, cfg.cvsdb.port, user, passwd,
-                         cfg.cvsdb.database_name, cfg.cvsdb.row_limit)
+                         cfg.cvsdb.database_name)
     db.Connect()
     return db
 

lib/dbi.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

lib/debug.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

lib/idiff.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2010 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

lib/popen.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2009 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

lib/query.py

@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*-python-*-
 #
-# Copyright (C) 1999-2010 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -217,8 +217,9 @@ def decode_command(cmd):
     else:
         return "exact"
 
-def form_to_cvsdb_query(form_data):
+def form_to_cvsdb_query(cfg, form_data):
     query = cvsdb.CreateCheckinQuery()
+    query.SetLimit(cfg.cvsdb.row_limit)
 
     if form_data.repository:
         for cmd, str in listparse_string(form_data.repository):
@@ -377,12 +378,15 @@ def build_commit(server, cfg, desc, files, cvsroots, viewvc_link):
     return ob
 
 def run_query(server, cfg, form_data, viewvc_link):
-    query = form_to_cvsdb_query(form_data)
+    query = form_to_cvsdb_query(cfg, form_data)
     db = cvsdb.ConnectDatabaseReadOnly(cfg)
     db.RunQuery(query)
 
-    if not query.commit_list:
-        return [ ]
+    commit_list = query.GetCommitList()
+    if not commit_list:
+        return [ ], 0
+
+    row_limit_reached = query.GetLimitReached()
 
     commits = [ ]
     files = [ ]
@@ -393,8 +397,8 @@ def run_query(server, cfg, form_data, viewvc_link):
     for key, value in rootitems:
         cvsroots[cvsdb.CleanRepository(value)] = key
 
-    current_desc = query.commit_list[0].GetDescription()
-    for commit in query.commit_list:
+    current_desc = commit_list[0].GetDescription()
+    for commit in commit_list:
         desc = commit.GetDescription()
         if current_desc == desc:
             files.append(commit)
@@ -417,7 +421,7 @@ def run_query(server, cfg, form_data, viewvc_link):
         return len(commit.files) > 0
     commits = filter(_only_with_files, commits)
   
-    return commits
+    return commits, row_limit_reached
 
 def main(server, cfg, viewvc_link):
   try:
@@ -426,10 +430,12 @@ def main(server, cfg, viewvc_link):
     form_data = FormData(form)
 
     if form_data.valid:
-        commits = run_query(server, cfg, form_data, viewvc_link)
+        commits, row_limit_reached = run_query(server, cfg,
+                                               form_data, viewvc_link)
         query = None
     else:
         commits = [ ]
+        row_limit_reached = 0
         query = 'skipped'
 
     docroot = cfg.options.docroot
@@ -449,6 +455,7 @@ def main(server, cfg, viewvc_link):
       'sortby' : form_data.sortby,
       'date' : form_data.date,
       'query' : query,
+      'row_limit_reached' : ezt.boolean(row_limit_reached),
       'commits' : commits,
       'num_commits' : len(commits),
       'rss_href' : None,

lib/sapi.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2010 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -233,9 +233,6 @@ class WsgiServer(Server):
     self.header(status='301 Moved')
     self._wsgi_write('This document is located <a href="%s">here</a>.' % url)
 
-  def escape(self, s, quote = None):
-    return cgi.escape(s, quote)
-
   def getenv(self, name, value=None):
     return self._environ.get(name, value)
 

lib/vcauth/__init__.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 2006-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 2006-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -29,7 +29,15 @@ class GenericViewVCAuthorizer:
   def check_root_access(self, rootname):
     """Return 1 iff the associated username is permitted to read ROOTNAME."""
     pass
-  
+
+  def check_universal_access(self, rootname):
+    """Return 1 if the associated username is permitted to read every
+    path in the repository at every revision, 0 if the associated
+    username is prohibited from reading any path in the repository, or
+    None if no such determination can be made (perhaps because the
+    cost of making it is too great)."""
+    pass
+    
   def check_path_access(self, rootname, path_parts, pathtype, rev=None):
     """Return 1 iff the associated username is permitted to read
     revision REV of the path PATH_PARTS (of type PATHTYPE) in
@@ -44,6 +52,9 @@ class ViewVCAuthorizer(GenericViewVCAuthorizer):
   """The uber-permissive authorizer."""
   def check_root_access(self, rootname):
     return 1
+
+  def check_universal_access(self, rootname):
+    return 1
     
   def check_path_access(self, rootname, path_parts, pathtype, rev=None):
     return 1

lib/vcauth/forbidden/__init__.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 2006-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 2006-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -23,7 +23,14 @@ class ViewVCAuthorizer(vcauth.GenericViewVCAuthorizer):
 
   def check_root_access(self, rootname):
     return 1
-  
+
+  def check_universal_access(self, rootname):
+    # If there aren't any forbidden paths, we can grant universal read
+    # access.  Otherwise, we make no claim.
+    if not self.forbidden:
+      return 1
+    return None
+    
   def check_path_access(self, rootname, path_parts, pathtype, rev=None):
     # No path?  No problem.
     if not path_parts:

lib/vcauth/forbiddenre/__init__.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 2008-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -46,6 +46,13 @@ class ViewVCAuthorizer(vcauth.GenericViewVCAuthorizer):
   def check_root_access(self, rootname):
     return self._check_root_path_access(rootname)
   
+  def check_universal_access(self, rootname):
+    # If there aren't any forbidden regexps, we can grant universal
+    # read access.  Otherwise, we make no claim.
+    if not self.forbidden:
+      return 1
+    return None
+    
   def check_path_access(self, rootname, path_parts, pathtype, rev=None):
     root_path = rootname
     if path_parts:

lib/vcauth/svnauthz/__init__.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 2006-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 2006-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -34,9 +34,9 @@ class ViewVCAuthorizer(vcauth.GenericViewVCAuthorizer):
     # See if the admin wants us to do case normalization of usernames.
     self.force_username_case = params.get('force_username_case')
     if self.force_username_case == "upper":
-      self.username = username.upper()
+      self.username = username and string.upper(username) or username
     elif self.force_username_case == "lower":
-      self.username = username.lower()
+      self.username = username and string.lower(username) or username
     elif not self.force_username_case:
       self.username = username
     else:
@@ -54,7 +54,10 @@ class ViewVCAuthorizer(vcauth.GenericViewVCAuthorizer):
     # option names.
     cp = ConfigParser()
     cp.optionxform = lambda x: x
-    cp.read(self.authz_file)
+    try:
+      cp.read(self.authz_file)
+    except:
+      raise debug.ViewVCException("Unable to parse configured authzfile file")
 
     # Figure out if there are any aliases for the current username
     aliases = []
@@ -221,6 +224,36 @@ class ViewVCAuthorizer(vcauth.GenericViewVCAuthorizer):
     paths = self._get_paths_for_root(rootname)
     return (paths is not None) and 1 or 0
   
+  def check_universal_access(self, rootname):
+    paths = self._get_paths_for_root(rootname)
+    if not paths: # None or empty.
+      return 0
+
+    # Search the access determinations.  If there's a mix, we can't
+    # claim a universal access determination.
+    found_allow = 0
+    found_deny = 0
+    for access in paths.values():
+      if access:
+        found_allow = 1
+      else:
+        found_deny = 1
+      if found_allow and found_deny:
+        return None
+
+    # We didn't find both allowances and denials, so we must have
+    # found one or the other.  Denials only is a universal denial.
+    if found_deny:
+      return 0
+
+    # ... but allowances only is only a universal allowance if read
+    # access is granted to the root directory.
+    if found_allow and paths.has_key('/'):
+      return 1
+
+    # Anything else is indeterminable.
+    return None
+    
   def check_path_access(self, rootname, path_parts, pathtype, rev=None):
     # Crawl upward from the path represented by PATH_PARTS toward to
     # the root of the repository, looking for an explicitly grant or

lib/vclib/__init__.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -76,7 +76,7 @@ class Repository:
     """
     pass
 
-  def openfile(self, path_parts, rev):
+  def openfile(self, path_parts, rev, options):
     """Open a file object to read file contents at a given path and revision.
 
     The return value is a 2-tuple of containg the file object and revision
@@ -86,6 +86,8 @@ class Repository:
     of the repository. e.g. ["subdir1", "subdir2", "filename"]
 
     rev is the revision of the file to check out
+
+    options is a dictionary of implementation specific options
     """
 
   def listdir(self, path_parts, rev, options):
@@ -168,12 +170,19 @@ class Repository:
     Return value is a python file object
     """
 
-  def annotate(self, path_parts, rev):
-    """Return a list of annotate file content lines and a revision.
+  def annotate(self, path_parts, rev, include_text=False):
+    """Return a list of Annotation object, sorted by their
+    "line_number" components, which describe the lines of given
+    version of a file.
 
-    The result is a list of Annotation objects, sorted by their
-    line_number components.
-    """
+    The file path is specified as a list of components, relative to
+    the root of the repository. e.g. ["subdir1", "subdir2", "filename"]
+
+    rev is the revision of the item to return information about.
+    
+    If include_text is true, populate the Annotation objects' "text"
+    members with the corresponding line of file content; otherwise,
+    leave that member set to None."""
 
   def revinfo(self, rev):
     """Return information about a global revision

lib/vclib/ccvs/__init__.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -14,6 +14,7 @@ import os.path
 
 
 def canonicalize_rootpath(rootpath):
+  assert os.path.isabs(rootpath)
   return os.path.normpath(rootpath)
 
 
@@ -22,6 +23,7 @@ def expand_root_parent(parent_path):
   # "CVSROOT/config" is added the set of returned roots.  Or, if the
   # PARENT_PATH itself contains a child "CVSROOT/config", then all its
   # subdirectories are returned as roots.
+  assert os.path.isabs(parent_path)
   roots = {}
   subpaths = os.listdir(parent_path)
   cvsroot = os.path.exists(os.path.join(parent_path, "CVSROOT", "config"))

lib/vclib/ccvs/bincvs.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -40,6 +40,11 @@ class BaseCVSRepository(vclib.Repository):
     if not vclib.check_root_access(self):
       raise vclib.ReposNotFound(name)
 
+  def open(self):
+    # See if a universal read access determination can be made.
+    if self.auth and self.auth.check_universal_access(self.name) == 1:
+      self.auth = None
+
   def rootname(self):
     return self.name
 
@@ -162,7 +167,14 @@ class BinCVSRepository(BaseCVSRepository):
       return revs[-1]
     return None
 
-  def openfile(self, path_parts, rev):
+  def openfile(self, path_parts, rev, options):
+    """see vclib.Repository.openfile docstring
+
+    Option values recognized by this implementation:
+
+      cvs_oldkeywords
+        boolean. true to use the original keyword substitution values.
+    """
     if self.itemtype(path_parts, rev) != vclib.FILE:  # does auth-check
       raise vclib.Error("Path '%s' is not a file."
                         % (string.join(path_parts, "/")))
@@ -170,12 +182,14 @@ class BinCVSRepository(BaseCVSRepository):
       rev_flag = '-p'
     else:
       rev_flag = '-p' + rev
+    if options.get('cvs_oldkeywords', 0):
+      kv_flag = '-ko'
+    else:
+      kv_flag = '-kkv'
     full_name = self.rcsfile(path_parts, root=1, v=0)
-
     used_rlog = 0
     tip_rev = None  # used only if we have to fallback to using rlog
-
-    fp = self.rcs_popen('co', (rev_flag, full_name), 'rb') 
+    fp = self.rcs_popen('co', (kv_flag, rev_flag, full_name), 'rb') 
     try:
       filename, revision = _parse_co_header(fp)
     except COMissingRevision:
@@ -318,13 +332,13 @@ class BinCVSRepository(BaseCVSRepository):
       args = rcs_args
     return popen.popen(cmd, args, mode, capture_err)
 
-  def annotate(self, path_parts, rev=None):
+  def annotate(self, path_parts, rev=None, include_text=False):
     if self.itemtype(path_parts, rev) != vclib.FILE:  # does auth-check
       raise vclib.Error("Path '%s' is not a file."
                         % (string.join(path_parts, "/")))
                         
     from vclib.ccvs import blame
-    source = blame.BlameSource(self.rcsfile(path_parts, 1), rev)
+    source = blame.BlameSource(self.rcsfile(path_parts, 1), rev, include_text)
     return source, source.revision
 
   def revinfo(self, rev):
@@ -1022,16 +1036,16 @@ def _get_logs(repos, dir_path_parts, entries, view_tag, get_dirs):
         file.errors.append("rlog error: %s" % msg)
         continue
 
+      tag = None
       if view_tag == 'MAIN' or view_tag == 'HEAD':
         tag = Tag(None, default_branch)
       elif taginfo.has_key(view_tag):
         tag = Tag(None, taginfo[view_tag])
-      elif view_tag:
-        # the tag wasn't found, so skip this file
+      elif view_tag and (eof != _EOF_FILE):
+        # the tag wasn't found, so skip this file (unless we already
+        # know there's nothing left of it to read)
         _skip_file(rlog)
-        eof = 1
-      else:
-        tag = None
+        eof = _EOF_FILE
 
       # we don't care about the specific values -- just the keys and whether
       # the values point to branches or revisions. this the fastest way to 

lib/vclib/ccvs/blame.py

@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 # Copyright (C) 2000 Curt Hagenlocher <curt@hagenlocher.org>
 #
 # By using this file, you agree to the terms and conditions set forth in
@@ -414,7 +414,7 @@ class CVSParser(rcsparse.Sink):
 
 
 class BlameSource:
-  def __init__(self, rcs_file, opt_rev=None):
+  def __init__(self, rcs_file, opt_rev=None, include_text=False):
     # Parse the CVS file
     parser = CVSParser()
     revision = parser.parse_cvs_file(rcs_file, opt_rev)
@@ -428,6 +428,7 @@ class BlameSource:
     self.lines = lines
     self.num_lines = count
     self.parser = parser
+    self.include_text = include_text
 
     # keep track of where we are during an iteration
     self.idx = -1
@@ -447,6 +448,8 @@ class BlameSource:
     line_number = idx + 1
     author = self.parser.revision_author[rev]
     thisline = self.lines[idx]
+    if not self.include_text:
+      thisline = None
     ### TODO:  Put a real date in here.
     item = vclib.Annotation(thisline, line_number, rev, prev_rev, author, None)
     self.last = item

lib/vclib/ccvs/ccvs.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -127,9 +127,9 @@ class CCVSRepository(BaseCVSRepository):
                         % (string.join(path_parts2, "/")))
     
     temp1 = tempfile.mktemp()
-    open(temp1, 'wb').write(self.openfile(path_parts1, rev1)[0].getvalue())
+    open(temp1, 'wb').write(self.openfile(path_parts1, rev1, {})[0].getvalue())
     temp2 = tempfile.mktemp()
-    open(temp2, 'wb').write(self.openfile(path_parts2, rev2)[0].getvalue())
+    open(temp2, 'wb').write(self.openfile(path_parts2, rev2, {})[0].getvalue())
 
     r1 = self.itemlog(path_parts1, rev1, vclib.SORTBY_DEFAULT, 0, 0, {})[-1]
     r2 = self.itemlog(path_parts2, rev2, vclib.SORTBY_DEFAULT, 0, 0, {})[-1]
@@ -142,17 +142,17 @@ class CCVSRepository(BaseCVSRepository):
     return vclib._diff_fp(temp1, temp2, info1, info2,
                           self.utilities.diff or 'diff', diff_args)
 
-  def annotate(self, path_parts, rev=None):
+  def annotate(self, path_parts, rev=None, include_text=False):
     if self.itemtype(path_parts, rev) != vclib.FILE:  # does auth-check
       raise vclib.Error("Path '%s' is not a file."
                         % (string.join(path_parts, "/")))
-    source = blame.BlameSource(self.rcsfile(path_parts, 1), rev)
+    source = blame.BlameSource(self.rcsfile(path_parts, 1), rev, include_text)
     return source, source.revision
 
   def revinfo(self, rev):
     raise vclib.UnsupportedFeature
 
-  def openfile(self, path_parts, rev=None):
+  def openfile(self, path_parts, rev, options):
     if self.itemtype(path_parts, rev) != vclib.FILE:  # does auth-check
       raise vclib.Error("Path '%s' is not a file."
                         % (string.join(path_parts, "/")))
@@ -200,6 +200,7 @@ class InfoSink(MatchingSink):
     self.matching_rev = None
     self.perfect_match = 0
     self.lockinfo = { }
+    self.saw_revision = False
 
   def define_tag(self, name, revision):
     MatchingSink.define_tag(self, name, revision)
@@ -213,10 +214,17 @@ class InfoSink(MatchingSink):
         self.entry.absent = 1
       raise rcsparse.RCSStopParser
 
+  def parse_completed(self):
+    if not self.saw_revision:
+      #self.entry.errors.append("No revisions exist on %s" % (view_tag or "MAIN"))
+      self.entry.absent = 1
+    
   def set_locker(self, rev, locker):
     self.lockinfo[rev] = locker
     
   def define_revision(self, revision, date, author, state, branches, next):
+    self.saw_revision = True
+    
     if self.perfect_match:
       return
 
@@ -224,14 +232,18 @@ class InfoSink(MatchingSink):
     rev = Revision(revision, date, author, state == "dead")
     rev.lockinfo = self.lockinfo.get(revision)
     
-    # perfect match if revision number matches tag number or if revision is on
-    # trunk and tag points to trunk. imperfect match if tag refers to a branch
-    # and this revision is the highest revision so far found on that branch
+    # perfect match if revision number matches tag number or if
+    # revision is on trunk and tag points to trunk.  imperfect match
+    # if tag refers to a branch and either a) this revision is the
+    # highest revision so far found on that branch, or b) this
+    # revision is the branchpoint.
     perfect = ((rev.number == tag.number) or
                (not tag.number and len(rev.number) == 2))
-    if perfect or (tag.is_branch and tag.number == rev.number[:-1] and
-                   (not self.matching_rev or
-                    rev.number > self.matching_rev.number)):
+    if perfect or (tag.is_branch and \
+                   ((tag.number == rev.number[:-1] and
+                     (not self.matching_rev or
+                      rev.number > self.matching_rev.number)) or
+                    (rev.number == tag.number[:-1]))):
       self.matching_rev = rev
       self.perfect_match = perfect
 

lib/vclib/ccvs/rcsparse/__init__.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

lib/vclib/ccvs/rcsparse/common.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -194,7 +194,8 @@ class _Parser:
         else:
           # Chew up "newphrase"
           # warn("Unexpected RCS token: $token\n")
-          pass
+          while self.ts.get() != ';':
+            pass
       else:
         if f is None:
           self.ts.unget(token)

lib/vclib/ccvs/rcsparse/debug.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

lib/vclib/ccvs/rcsparse/default.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

lib/vclib/ccvs/rcsparse/texttools.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

lib/vclib/svn/__init__.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2008 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -15,17 +15,50 @@
 import os
 import os.path
 import re
+import urllib
 
 _re_url = re.compile('^(http|https|file|svn|svn\+[^:]+)://')
 
-def canonicalize_rootpath(rootpath):
+def _canonicalize_path(path):
+  import svn.core
   try:
-    import svn.core
-    return svn.core.svn_path_canonicalize(rootpath)
-  except:
-    if re.search(_re_url, rootpath):
-      return rootpath[-1] == '/' and rootpath[:-1] or rootpath
-    return os.path.normpath(rootpath)
+    return svn.core.svn_path_canonicalize(path)
+  except AttributeError: # svn_path_canonicalize() appeared in 1.4.0 bindings
+    # There's so much more that we *could* do here, but if we're
+    # here at all its because there's a really old Subversion in
+    # place, and those older Subversion versions cared quite a bit
+    # less about the specifics of path canonicalization.
+    if re.search(_re_url, path):
+      return path.rstrip('/')
+    else:
+      return os.path.normpath(path)
+
+
+def canonicalize_rootpath(rootpath):
+  # Try to canonicalize the rootpath using Subversion semantics.
+  rootpath = _canonicalize_path(rootpath)
+  
+  # ViewVC's support for local repositories is more complete and more
+  # performant than its support for remote ones, so if we're on a
+  # Unix-y system and we have a file:/// URL, convert it to a local
+  # path instead.
+  if os.name == 'posix':
+    rootpath_lower = rootpath.lower()
+    if rootpath_lower in ['file://localhost',
+                          'file://localhost/',
+                          'file://',
+                          'file:///'
+                          ]:
+      return '/'
+    if rootpath_lower.startswith('file://localhost/'):
+      rootpath = os.path.normpath(urllib.unquote(rootpath[16:]))
+    elif rootpath_lower.startswith('file:///'):
+      rootpath = os.path.normpath(urllib.unquote(rootpath[7:]))
+
+  # Ensure that we have an absolute path (or URL), and return.
+  if not re.search(_re_url, rootpath):
+    assert os.path.isabs(rootpath)
+  return rootpath
 
 
 def expand_root_parent(parent_path):
@@ -35,6 +68,7 @@ def expand_root_parent(parent_path):
   else:
     # Any subdirectories of PARENT_PATH which themselves have a child
     # "format" are returned as roots.
+    assert os.path.isabs(parent_path)
     subpaths = os.listdir(parent_path)
     for rootname in subpaths:
       rootpath = os.path.join(parent_path, rootname)

lib/vclib/svn/svn_ra.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2009 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -20,7 +20,10 @@ import re
 import tempfile
 import time
 import urllib
-from svn_repos import Revision, SVNChangedPath, _datestr_to_date, _compare_paths, _path_parts, _cleanup_path, _rev2optrev, _fix_subversion_exception, _split_revprops
+from svn_repos import Revision, SVNChangedPath, _datestr_to_date, \
+                      _compare_paths, _path_parts, _cleanup_path, \
+                      _rev2optrev, _fix_subversion_exception, \
+                      _split_revprops, _canonicalize_path
 from svn import core, delta, client, wc, ra
 
 
@@ -51,13 +54,15 @@ def get_directory_props(ra_session, path, rev):
     props = ra.svn_ra_get_dir(ra_session, path, rev)
   return props
 
-def client_log(url, start_rev, end_rev, log_limit, cross_copies,
-               cb_func, ctx):
+def client_log(url, start_rev, end_rev, log_limit, include_changes,
+               cross_copies, cb_func, ctx):
+  include_changes = include_changes and 1 or 0
+  cross_copies = cross_copies and 1 or 0
   try:
     client.svn_client_log4([url], start_rev, start_rev, end_rev,
-                           log_limit, 1, not cross_copies, 0, None,
-                           cb_func, ctx)
-  except NameError:
+                           log_limit, include_changes, not cross_copies,
+                           0, None, cb_func, ctx)
+  except AttributeError:
     # Wrap old svn_log_message_receiver_t interface with a
     # svn_log_entry_t one.
     def cb_convert(paths, revision, author, date, message, pool):
@@ -72,15 +77,14 @@ def client_log(url, start_rev, end_rev, log_limit, cross_copies,
                              }
       cb_func(log_entry, pool)
     client.svn_client_log2([url], start_rev, end_rev, log_limit,
-                           1, not cross_copies, cb_convert, ctx)
+                           include_changes, not cross_copies, cb_convert, ctx)
 
 ### END COMPATABILITY CODE ###
 
 
 class LogCollector:
-  ### TODO: Make this thing authz-aware
   
-  def __init__(self, path, show_all_logs, lockinfo):
+  def __init__(self, path, show_all_logs, lockinfo, access_check_func):
     # This class uses leading slashes for paths internally
     if not path:
       self.path = '/'
@@ -89,8 +93,12 @@ class LogCollector:
     self.logs = []
     self.show_all_logs = show_all_logs
     self.lockinfo = lockinfo
+    self.access_check_func = access_check_func
+    self.done = False
     
   def add_log(self, log_entry, pool):
+    if self.done:
+      return
     paths = log_entry.changed_paths
     revision = log_entry.revision
     msg, author, date, revprops = _split_revprops(log_entry.revprops)
@@ -114,9 +122,13 @@ class LogCollector:
           if change.copyfrom_path:
             this_path = change.copyfrom_path + self.path[len(changed_path):]
     if self.show_all_logs or this_path:
-      entry = Revision(revision, date, author, msg, None, self.lockinfo,
-                       self.path[1:], None, None)
-      self.logs.append(entry)
+      if self.access_check_func is None \
+         or self.access_check_func(self.path[1:], revision):
+        entry = Revision(revision, date, author, msg, None, self.lockinfo,
+                         self.path[1:], None, None)
+        self.logs.append(entry)
+      else:
+        self.done = True
     if this_path:
       self.path = this_path
     
@@ -203,6 +215,10 @@ class RemoteSubversionRepository(vclib.Repository):
     self.youngest = ra.svn_ra_get_latest_revnum(self.ra_session)
     self._dirent_cache = { }
     self._revinfo_cache = { }
+
+    # See if a universal read access determination can be made.
+    if self.auth and self.auth.check_universal_access(self.name) == 1:
+      self.auth = None
     
   def rootname(self):
     return self.name
@@ -237,7 +253,7 @@ class RemoteSubversionRepository(vclib.Repository):
       raise vclib.ItemNotFound(path_parts)
     return pathtype
 
-  def openfile(self, path_parts, rev):
+  def openfile(self, path_parts, rev, options):
     path = self._getpath(path_parts)
     if self.itemtype(path_parts, rev) != vclib.FILE:  # does auth-check
       raise vclib.Error("Path '%s' is not a file." % path)
@@ -248,14 +264,15 @@ class RemoteSubversionRepository(vclib.Repository):
     ### rev here should be the last history revision of the URL
     client.svn_client_cat(core.Stream(stream), url, _rev2optrev(rev), self.ctx)
     core.svn_stream_close(stream)
-    return SelfCleanFP(tmp_file), self._get_last_history_rev(path_parts, rev)
+    lh_rev, c_rev = self._get_last_history_rev(path_parts, rev)
+    return SelfCleanFP(tmp_file), lh_rev
 
   def listdir(self, path_parts, rev, options):
     path = self._getpath(path_parts)
     if self.itemtype(path_parts, rev) != vclib.DIR:  # does auth-check
       raise vclib.Error("Path '%s' is not a directory." % path)
     rev = self._getrev(rev)
-    entries = [ ]
+    entries = []
     dirents, locks = self._get_dirents(path, rev)
     for name in dirents.keys():
       entry = dirents[name]
@@ -263,8 +280,9 @@ class RemoteSubversionRepository(vclib.Repository):
         kind = vclib.DIR
       elif entry.kind == core.svn_node_file:
         kind = vclib.FILE
-      if vclib.check_path_access(self, path_parts + [name], kind, rev):
-        entries.append(vclib.DirEntry(name, kind))
+      else:
+        kind = None
+      entries.append(vclib.DirEntry(name, kind))
     return entries
 
   def dirlogs(self, path_parts, rev, entries, options):
@@ -275,11 +293,13 @@ class RemoteSubversionRepository(vclib.Repository):
     dirents, locks = self._get_dirents(path, rev)
     for entry in entries:
       entry_path_parts = path_parts + [entry.name]
-      if not vclib.check_path_access(self, entry_path_parts, entry.kind, rev):
+      dirent = dirents.get(entry.name, None)
+      # dirents is authz-sanitized, so ensure the entry is found therein.
+      if dirent is None:
         continue
-      dirent = dirents[entry.name]
+      # Get authz-sanitized revision metadata.
       entry.date, entry.author, entry.log, revprops, changes = \
-                  self.revinfo(dirent.created_rev)
+                  self._revinfo(dirent.created_rev)
       entry.rev = str(dirent.created_rev)
       entry.size = dirent.size
       entry.lockinfo = None
@@ -293,28 +313,51 @@ class RemoteSubversionRepository(vclib.Repository):
     rev = self._getrev(rev)
     url = self._geturl(path)
 
-    # Use ls3 to fetch the lock status for this item.
-    lockinfo = None
-    basename = path_parts and path_parts[-1] or ""
-    dirents, locks = list_directory(url, _rev2optrev(rev),
-                                    _rev2optrev(rev), 0, self.ctx)
-    if locks.has_key(basename):
-      lockinfo = locks[basename].owner
+    # If this is a file, fetch the lock status and size (as of REV)
+    # for this item.
+    lockinfo = size_in_rev = None
+    if path_type == vclib.FILE:
+      basename = path_parts[-1]
+      list_url = self._geturl(self._getpath(path_parts[:-1]))
+      dirents, locks = list_directory(list_url, _rev2optrev(rev),
+                                      _rev2optrev(rev), 0, self.ctx)
+      if locks.has_key(basename):
+        lockinfo = locks[basename].owner
+      if dirents.has_key(basename):
+        size_in_rev = dirents[basename].size
+    
+    # Special handling for the 'svn_latest_log' scenario.
+    ### FIXME: Don't like this hack.  We should just introduce
+    ### something more direct in the vclib API.
+    if options.get('svn_latest_log', 0):
+      dir_lh_rev, dir_c_rev = self._get_last_history_rev(path_parts, rev)
+      date, author, log, revprops, changes = self._revinfo(dir_lh_rev)
+      return [vclib.Revision(dir_lh_rev, str(dir_lh_rev), date, author,
+                             None, log, size_in_rev, lockinfo)]
 
+    def _access_checker(check_path, check_rev):
+      return vclib.check_path_access(self, _path_parts(check_path),
+                                     path_type, check_rev)
+      
     # It's okay if we're told to not show all logs on a file -- all
     # the revisions should match correctly anyway.
-    lc = LogCollector(path, options.get('svn_show_all_dir_logs', 0), lockinfo)
+    lc = LogCollector(path, options.get('svn_show_all_dir_logs', 0),
+                      lockinfo, _access_checker)
 
     cross_copies = options.get('svn_cross_copies', 0)
     log_limit = 0
     if limit:
       log_limit = first + limit
-    client_log(url, _rev2optrev(rev), _rev2optrev(1), log_limit,
+    client_log(url, _rev2optrev(rev), _rev2optrev(1), log_limit, 1,
                cross_copies, lc.add_log, self.ctx)
     revs = lc.logs
     revs.sort()
     prev = None
     for rev in revs:
+      # Swap out revision info with stuff from the cache (which is
+      # authz-sanitized).
+      rev.date, rev.author, rev.log, revprops, changes \
+                = self._revinfo(rev.number)
       rev.prev = prev
       prev = rev
     revs.reverse()
@@ -334,13 +377,25 @@ class RemoteSubversionRepository(vclib.Repository):
                                         _rev2optrev(rev), 0, self.ctx)
     return pairs and pairs[0][1] or {}
   
-  def annotate(self, path_parts, rev):
+  def annotate(self, path_parts, rev, include_text=False):
     path = self._getpath(path_parts)
     if self.itemtype(path_parts, rev) != vclib.FILE:  # does auth-check
       raise vclib.Error("Path '%s' is not a file." % path)
     rev = self._getrev(rev)
     url = self._geturl(path)
 
+    # Examine logs for the file to determine the oldest revision we are
+    # permitted to see.
+    log_options = {
+      'svn_cross_copies' : 1,
+      'svn_show_all_dir_logs' : 1,
+      }
+    revs = self.itemlog(path_parts, rev, vclib.SORTBY_REV, 0, 0, log_options)
+    oldest_rev = revs[-1].number
+
+    # Now calculate the annotation data.  Note that we'll not
+    # inherently trust the provided author and date, because authz
+    # rules might necessitate that we strip that information out.
     blame_data = []
 
     def _blame_cb(line_no, revision, author, date,
@@ -348,21 +403,27 @@ class RemoteSubversionRepository(vclib.Repository):
       prev_rev = None
       if revision > 1:
         prev_rev = revision - 1
-      blame_data.append(vclib.Annotation(line, line_no+1, revision, prev_rev,
-                                         author, None))
-      
-    client.svn_client_blame(url, _rev2optrev(1), _rev2optrev(rev),
-                            _blame_cb, self.ctx)
 
+      # If we have an invalid revision, clear the date and author
+      # values.  Otherwise, if we have authz filtering to do, use the
+      # revinfo cache to do so.
+      if revision < 0:
+        date = author = None
+      elif self.auth:
+        date, author, msg, revprops, changes = self._revinfo(revision)
+
+      # Strip text if the caller doesn't want it.
+      if not include_text:
+        line = None
+      blame_data.append(vclib.Annotation(line, line_no + 1, revision, prev_rev,
+                                         author, date))
+      
+    client.blame2(url, _rev2optrev(rev), _rev2optrev(oldest_rev),
+                  _rev2optrev(rev), _blame_cb, self.ctx)
     return blame_data, rev
 
   def revinfo(self, rev):
-    rev = self._getrev(rev)
-    cached_info = self._revinfo_cache.get(rev)
-    if not cached_info:
-      cached_info = self._revinfo_raw(rev)
-      self._revinfo_cache[rev] = cached_info
-    return tuple(cached_info)
+    return self._revinfo(rev, 1)
     
   def rawdiff(self, path_parts1, rev1, path_parts2, rev2, type, options={}):
     p1 = self._getpath(path_parts1)
@@ -377,7 +438,7 @@ class RemoteSubversionRepository(vclib.Repository):
     args = vclib._diff_args(type, options)
 
     def _date_from_rev(rev):
-      date, author, msg, revprops, changes = self.revinfo(rev)
+      date, author, msg, revprops, changes = self._revinfo(rev)
       return date
     
     try:
@@ -403,8 +464,11 @@ class RemoteSubversionRepository(vclib.Repository):
     if rev is None or rev == 'HEAD':
       return self.youngest
     try:
+      if type(rev) == type(''):
+        while rev[0] == 'r':
+          rev = rev[1:]
       rev = int(rev)
-    except ValueError:
+    except:
       raise vclib.InvalidRevision(rev)
     if (rev < 0) or (rev > self.youngest):
       raise vclib.InvalidRevision(rev)
@@ -413,49 +477,84 @@ class RemoteSubversionRepository(vclib.Repository):
   def _geturl(self, path=None):
     if not path:
       return self.rootpath
-    return self.rootpath + '/' + urllib.quote(path, "/*~")
+    path = self.rootpath + '/' + urllib.quote(path)
+    return _canonicalize_path(path)
 
   def _get_dirents(self, path, rev):
     """Return a 2-type of dirents and locks, possibly reading/writing
-    from a local cache of that information."""
+    from a local cache of that information.  This functions performs
+    authz checks, stripping out unreadable dirents."""
 
     dir_url = self._geturl(path)
+    path_parts = _path_parts(path)    
     if path:
       key = str(rev) + '/' + path
     else:
       key = str(rev)
+
+    # Ensure that the cache gets filled...
     dirents_locks = self._dirent_cache.get(key)
     if not dirents_locks:
-      dirents, locks = list_directory(dir_url, _rev2optrev(rev),
-                                      _rev2optrev(rev), 0, self.ctx)
+      tmp_dirents, locks = list_directory(dir_url, _rev2optrev(rev),
+                                          _rev2optrev(rev), 0, self.ctx)
+      dirents = {}
+      for name, dirent in tmp_dirents.items():
+        dirent_parts = path_parts + [name]
+        kind = dirent.kind 
+        if (kind == core.svn_node_dir or kind == core.svn_node_file) \
+           and vclib.check_path_access(self, dirent_parts,
+                                       kind == core.svn_node_dir \
+                                         and vclib.DIR or vclib.FILE, rev):
+          lh_rev, c_rev = self._get_last_history_rev(dirent_parts, rev)
+          dirent.created_rev = lh_rev
+          dirents[name] = dirent
       dirents_locks = [dirents, locks]
       self._dirent_cache[key] = dirents_locks
+
+    # ...then return the goodies from the cache.
     return dirents_locks[0], dirents_locks[1]
 
   def _get_last_history_rev(self, path_parts, rev):
+    """Return the a 2-tuple which contains:
+         - the last interesting revision equal to or older than REV in
+           the history of PATH_PARTS.
+         - the created_rev of of PATH_PARTS as of REV."""
+    
+    path = self._getpath(path_parts)
     url = self._geturl(self._getpath(path_parts))
     optrev = _rev2optrev(rev)
+
+    # Get the last-changed-rev.
     revisions = []
     def _info_cb(path, info, pool, retval=revisions):
       revisions.append(info.last_changed_rev)
     client.svn_client_info(url, optrev, optrev, _info_cb, 0, self.ctx)
-    return revisions[0]
-    
-  def _revinfo_raw(self, rev):
-    # return 5-tuple (date, author, msg, revprops, changes)
-    optrev = _rev2optrev(rev)
-    revs = []
+    last_changed_rev = revisions[0]
 
+    # Now, this object might not have been directly edited since the
+    # last-changed-rev, but it might have been the child of a copy.
+    # To determine this, we'll run a potentially no-op log between
+    # LAST_CHANGED_REV and REV.
+    lc = LogCollector(path, 1, None, None)
+    client_log(url, optrev, _rev2optrev(last_changed_rev), 1, 1, 0,
+               lc.add_log, self.ctx)
+    revs = lc.logs
+    if revs:
+      revs.sort()
+      return revs[0].number, last_changed_rev
+    else:
+      return last_changed_rev, last_changed_rev
+    
+  def _revinfo_fetch(self, rev, include_changed_paths=0):
+    need_changes = include_changed_paths or self.auth
+    revs = []
+    
     def _log_cb(log_entry, pool, retval=revs):
-      ### Subversion 1.5 and earlier didn't offer the 'changed_paths2'
-      ### hash, and in Subversion 1.6, it's offered but broken.
-      try: 
-        changed_paths = log_entry.changed_paths2
-        paths = (changed_paths or {}).keys()
-      except:
-        changed_paths = log_entry.changed_paths
-        paths = (changed_paths or {}).keys()
-      paths.sort(lambda a, b: _compare_paths(a, b))
+      # If Subversion happens to call us more than once, we choose not
+      # to care.
+      if retval:
+        return
+      
       revision = log_entry.revision
       msg, author, date, revprops = _split_revprops(log_entry.revprops)
       action_map = { 'D' : vclib.DELETED,
@@ -463,22 +562,42 @@ class RemoteSubversionRepository(vclib.Repository):
                      'R' : vclib.REPLACED,
                      'M' : vclib.MODIFIED,
                      }
+
+      # Easy out: if we won't use the changed-path info, just return a
+      # changes-less tuple.
+      if not need_changes:
+        return revs.append([date, author, msg, revprops, None])
+
+      # Subversion 1.5 and earlier didn't offer the 'changed_paths2'
+      # hash, and in Subversion 1.6, it's offered but broken.
+      try: 
+        changed_paths = log_entry.changed_paths2
+        paths = (changed_paths or {}).keys()
+      except:
+        changed_paths = log_entry.changed_paths
+        paths = (changed_paths or {}).keys()
+      paths.sort(lambda a, b: _compare_paths(a, b))
+
+      # If we get this far, our caller needs changed-paths, or we need
+      # them for authz-related sanitization.
       changes = []
       found_readable = found_unreadable = 0
       for path in paths:
         change = changed_paths[path]
-        ### svn_log_changed_path_t (which we might get instead of the
-        ### svn_log_changed_path2_t we'd prefer) doesn't have the
-        ### 'node_kind' member.        
+
+        # svn_log_changed_path_t (which we might get instead of the
+        # svn_log_changed_path2_t we'd prefer) doesn't have the
+        # 'node_kind' member.        
         pathtype = None
         if hasattr(change, 'node_kind'):
           if change.node_kind == core.svn_node_dir:
             pathtype = vclib.DIR
           elif change.node_kind == core.svn_node_file:
             pathtype = vclib.FILE
-        ### svn_log_changed_path2_t only has the 'text_modified' and
-        ### 'props_modified' bits in Subversion 1.7 and beyond.  And
-        ### svn_log_changed_path_t is without.
+            
+        # svn_log_changed_path2_t only has the 'text_modified' and
+        # 'props_modified' bits in Subversion 1.7 and beyond.  And
+        # svn_log_changed_path_t is without.
         text_modified = props_modified = 0
         if hasattr(change, 'text_modified'):
           if change.text_modified == core.svn_tristate_true:
@@ -486,9 +605,10 @@ class RemoteSubversionRepository(vclib.Repository):
         if hasattr(change, 'props_modified'):
           if change.props_modified == core.svn_tristate_true:
             props_modified = 1
-        ### Wrong, diddily wrong wrong wrong.  Can you say,
-        ### "Manufacturing data left and right because it hurts to
-        ### figure out the right stuff?"
+            
+        # Wrong, diddily wrong wrong wrong.  Can you say,
+        # "Manufacturing data left and right because it hurts to
+        # figure out the right stuff?"
         action = action_map.get(change.action, vclib.MODIFIED)
         if change.copyfrom_path and change.copyfrom_rev:
           is_copy = 1
@@ -502,15 +622,16 @@ class RemoteSubversionRepository(vclib.Repository):
           base_path = path
           base_rev = revision - 1
 
-        ### Check authz rules (we lie about the path type)
+        # Check authz rules (sadly, we have to lie about the path type)
         parts = _path_parts(path)
         if vclib.check_path_access(self, parts, vclib.FILE, revision):
           if is_copy and base_path and (base_path != path):
             parts = _path_parts(base_path)
-            if vclib.check_path_access(self, parts, vclib.FILE, base_rev):
+            if not vclib.check_path_access(self, parts, vclib.FILE, base_rev):
               is_copy = 0
               base_path = None
               base_rev = None
+              found_unreadable = 1
           changes.append(SVNChangedPath(path, revision, pathtype, base_path,
                                         base_rev, action, is_copy,
                                         text_modified, props_modified))
@@ -518,16 +639,45 @@ class RemoteSubversionRepository(vclib.Repository):
         else:
           found_unreadable = 1
 
+        # If our caller doesn't want changed-path stuff, and we have
+        # the info we need to make an authz determination already,
+        # quit this loop and get on with it.
+        if (not include_changed_paths) and found_unreadable and found_readable:
+          break
+
+      # Filter unreadable information.
       if found_unreadable:
         msg = None
         if not found_readable:
           author = None
           date = None
-      revs.append([date, author, msg, revprops, changes])
 
-    client_log(self.rootpath, optrev, optrev, 1, 0, _log_cb, self.ctx)
+      # Drop unrequested changes.
+      if not include_changed_paths:
+        changes = None
+
+      # Add this revision information to the "return" array.
+      retval.append([date, author, msg, revprops, changes])
+
+    optrev = _rev2optrev(rev)
+    client_log(self.rootpath, optrev, optrev, 1, need_changes, 0,
+               _log_cb, self.ctx)
     return tuple(revs[0])
 
+  def _revinfo(self, rev, include_changed_paths=0):
+    """Internal-use, cache-friendly revision information harvester."""
+
+    # Consult the revinfo cache first.  If we don't have cached info,
+    # or our caller wants changed paths and we don't have those for
+    # this revision, go do the real work.
+    rev = self._getrev(rev)
+    cached_info = self._revinfo_cache.get(rev)
+    if not cached_info \
+       or (include_changed_paths and cached_info[4] is None):
+      cached_info = self._revinfo_fetch(rev, include_changed_paths)
+      self._revinfo_cache[rev] = cached_info
+    return cached_info
+
   ##--- custom --##
 
   def get_youngest_revision(self):
@@ -545,23 +695,16 @@ class RemoteSubversionRepository(vclib.Repository):
       old_path = results[old_rev]
     except KeyError:
       raise vclib.ItemNotFound(path)
-  
-    return _cleanup_path(old_path)
+    old_path = _cleanup_path(old_path)
+    old_path_parts = _path_parts(old_path)
+    # Check access (lying about path types)
+    if not vclib.check_path_access(self, old_path_parts, vclib.FILE, old_rev):
+      raise vclib.ItemNotFound(path)
+    return old_path
   
   def created_rev(self, path, rev):
-    # NOTE: We can't use svn_client_propget here because the
-    # interfaces in that layer strip out the properties not meant for
-    # human consumption (such as svn:entry:committed-rev, which we are
-    # using here to get the created revision of PATH@REV).
-    kind = ra.svn_ra_check_path(self.ra_session, path, rev)
-    if kind == core.svn_node_none:
-      raise vclib.ItemNotFound(_path_parts(path))
-    elif kind == core.svn_node_dir:
-      props = get_directory_props(self.ra_session, path, rev)
-    elif kind == core.svn_node_file:
-      fetched_rev, props = ra.svn_ra_get_file(self.ra_session, path, rev, None)
-    return int(props.get(core.SVN_PROP_ENTRY_COMMITTED_REV,
-                         SVN_INVALID_REVNUM))
+    lh_rev, c_rev = self._get_last_history_rev(_path_parts(path), rev)
+    return lh_rev
 
   def last_rev(self, path, peg_revision, limit_revision=None):
     """Given PATH, known to exist in PEG_REVISION, find the youngest

lib/vclib/svn/svn_repos.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2010 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -22,6 +22,7 @@ import time
 import tempfile
 import popen
 import re
+import urllib
 from svn import fs, repos, core, client, delta
 
 
@@ -42,7 +43,14 @@ def _fix_subversion_exception(e):
     e.apr_err = e[1]
   if not hasattr(e, 'message'):
     e.message = e[0]
-  
+
+### Pre-1.4 Subversion doesn't have svn_path_canonicalize()
+def _canonicalize_path(path):
+  try:
+    return core.svn_path_canonicalize(path)
+  except AttributeError:
+    return path
+
 def _allow_all(root, path, pool):
   """Generic authz_read_func that permits access to all paths"""
   return 1
@@ -108,11 +116,16 @@ def _rev2optrev(rev):
 
 def _rootpath2url(rootpath, path):
   rootpath = os.path.abspath(rootpath)
-  if rootpath and rootpath[0] != '/':
-    rootpath = '/' + rootpath
+  drive, rootpath = os.path.splitdrive(rootpath)
   if os.sep != '/':
     rootpath = string.replace(rootpath, os.sep, '/')
-  return 'file://' + string.join([rootpath, path], "/")
+  rootpath = urllib.quote(rootpath)
+  path = urllib.quote(path)
+  if drive:
+    url = 'file:///' + drive + rootpath + '/' + path
+  else:
+    url = 'file://' + rootpath + '/' + path
+  return _canonicalize_path(url)
 
 
 # Given a dictionary REVPROPS of revision properties, pull special
@@ -204,59 +217,6 @@ class NodeHistory:
   def __getitem__(self, idx):
     return self.histories[idx]
 
-
-def _get_history(svnrepos, path, rev, path_type, limit=0, options={}):
-  if svnrepos.youngest == 0:
-    return []
-
-  rev_paths = []
-  fsroot = svnrepos._getroot(rev)
-  show_all_logs = options.get('svn_show_all_dir_logs', 0)
-  if not show_all_logs:
-    # See if the path is a file or directory.
-    kind = fs.check_path(fsroot, path)
-    if kind is core.svn_node_file:
-      show_all_logs = 1
-      
-  # Instantiate a NodeHistory collector object, and use it to collect
-  # history items for PATH@REV.
-  history = NodeHistory(svnrepos.fs_ptr, show_all_logs, limit)
-  try:
-    repos.svn_repos_history(svnrepos.fs_ptr, path, history.add_history,
-                            1, rev, options.get('svn_cross_copies', 0))
-  except core.SubversionException, e:
-    _fix_subversion_exception(e)
-    if e.apr_err != _SVN_ERR_CEASE_INVOCATION:
-      raise
-
-  # Now, iterate over those history items, checking for changes of
-  # location, pruning as necessitated by authz rules.
-  for hist_rev, hist_path in history:
-    path_parts = _path_parts(hist_path)
-    if not vclib.check_path_access(svnrepos, path_parts, path_type, hist_rev):
-      break
-    rev_paths.append([hist_rev, hist_path])
-  return rev_paths
-
-
-def _log_helper(svnrepos, path, rev, lockinfo):
-  rev_root = fs.revision_root(svnrepos.fs_ptr, rev)
-
-  # Was this path@rev the target of a copy?
-  copyfrom_rev, copyfrom_path = fs.copied_from(rev_root, path)
-
-  # Assemble our LogEntry
-  date, author, msg, revprops, changes = svnrepos._revinfo(rev)
-  if fs.is_file(rev_root, path):
-    size = fs.file_length(rev_root, path)
-  else:
-    size = None
-  entry = Revision(rev, date, author, msg, size, lockinfo, path,
-                   copyfrom_path and _cleanup_path(copyfrom_path),
-                   copyfrom_rev)
-  return entry
-  
-
 def _get_last_history_rev(fsroot, path):
   history = fs.node_history(fsroot, path)
   history = fs.history_prev(history, 0)
@@ -335,10 +295,11 @@ class FileContentsPipe:
 
 
 class BlameSource:
-  def __init__(self, local_url, rev, first_rev, config_dir):
+  def __init__(self, local_url, rev, first_rev, include_text, config_dir):
     self.idx = -1
     self.first_rev = first_rev
     self.blame_data = []
+    self.include_text = include_text
 
     ctx = client.svn_client_create_context()
     core.svn_config_ensure(config_dir)
@@ -359,6 +320,8 @@ class BlameSource:
     prev_rev = None
     if rev > self.first_rev:
       prev_rev = rev - 1
+    if not self.include_text:
+      text = None
     self.blame_data.append(vclib.Annotation(text, line_no + 1, rev,
                                             prev_rev, author, None))
 
@@ -427,6 +390,10 @@ class LocalSubversionRepository(vclib.Repository):
     self._fsroots = {}
     self._revinfo_cache = {}
 
+    # See if a universal read access determination can be made.
+    if self.auth and self.auth.check_universal_access(self.name) == 1:
+      self.auth = None
+
   def rootname(self):
     return self.name
 
@@ -442,19 +409,14 @@ class LocalSubversionRepository(vclib.Repository):
   def itemtype(self, path_parts, rev):
     rev = self._getrev(rev)
     basepath = self._getpath(path_parts)
-    kind = fs.check_path(self._getroot(rev), basepath)
-    pathtype = None
-    if kind == core.svn_node_dir:
-      pathtype = vclib.DIR
-    elif kind == core.svn_node_file:
-      pathtype = vclib.FILE
-    else:
+    pathtype = self._gettype(basepath, rev)
+    if pathtype is None:
       raise vclib.ItemNotFound(path_parts)
     if not vclib.check_path_access(self, path_parts, pathtype, rev):
       raise vclib.ItemNotFound(path_parts)
     return pathtype
 
-  def openfile(self, path_parts, rev):
+  def openfile(self, path_parts, rev, options):
     path = self._getpath(path_parts)
     if self.itemtype(path_parts, rev) != vclib.FILE:  # does auth-check
       raise vclib.Error("Path '%s' is not a file." % path)
@@ -542,20 +504,19 @@ class LocalSubversionRepository(vclib.Repository):
     # 'limit' parameter here as numeric cut-off for the depth of our
     # history search.
     if options.get('svn_latest_log', 0):
-      revision = _log_helper(self, path, rev, lockinfo)
+      revision = self._log_helper(path, rev, lockinfo)
       if revision:
         revision.prev = None
         revs.append(revision)
     else:
-      history = _get_history(self, path, rev, path_type,
-                             first + limit, options)
+      history = self._get_history(path, rev, path_type, first + limit, options)
       if len(history) < first:
         history = []
       if limit:
         history = history[first:first+limit]
 
       for hist_rev, hist_path in history:
-        revision = _log_helper(self, hist_path, hist_rev, lockinfo)
+        revision = self._log_helper(hist_path, hist_rev, lockinfo)
         if revision:
           # If we have unreadable copyfrom data, obscure it.
           if revision.copy_path is not None:
@@ -576,40 +537,63 @@ class LocalSubversionRepository(vclib.Repository):
     fsroot = self._getroot(rev)
     return fs.node_proplist(fsroot, path)
   
-  def annotate(self, path_parts, rev):
+  def annotate(self, path_parts, rev, include_text=False):
     path = self._getpath(path_parts)
     path_type = self.itemtype(path_parts, rev)  # does auth-check
     if path_type != vclib.FILE:
       raise vclib.Error("Path '%s' is not a file." % path)
     rev = self._getrev(rev)
     fsroot = self._getroot(rev)
-    history = _get_history(self, path, rev, path_type, 0,
-                           {'svn_cross_copies': 1})
+    history = self._get_history(path, rev, path_type, 0,
+                                {'svn_cross_copies': 1})
     youngest_rev, youngest_path = history[0]
     oldest_rev, oldest_path = history[-1]
-    source = BlameSource(_rootpath2url(self.rootpath, path),
-                         youngest_rev, oldest_rev, self.config_dir)
+    source = BlameSource(_rootpath2url(self.rootpath, path), youngest_rev,
+                         oldest_rev, include_text, self.config_dir)
     return source, youngest_rev
 
+  def revinfo(self, rev):
+    return self._revinfo(rev, 1) 
+  
+  def rawdiff(self, path_parts1, rev1, path_parts2, rev2, type, options={}):
+    p1 = self._getpath(path_parts1)
+    p2 = self._getpath(path_parts2)
+    r1 = self._getrev(rev1)
+    r2 = self._getrev(rev2)
+    if not vclib.check_path_access(self, path_parts1, vclib.FILE, rev1):
+      raise vclib.ItemNotFound(path_parts1)
+    if not vclib.check_path_access(self, path_parts2, vclib.FILE, rev2):
+      raise vclib.ItemNotFound(path_parts2)
+    
+    args = vclib._diff_args(type, options)
+
+    def _date_from_rev(rev):
+      date, author, msg, revprops, changes = self._revinfo(rev)
+      return date
+
+    try:
+      temp1 = temp_checkout(self, p1, r1)
+      temp2 = temp_checkout(self, p2, r2)
+      info1 = p1, _date_from_rev(r1), r1
+      info2 = p2, _date_from_rev(r2), r2
+      return vclib._diff_fp(temp1, temp2, info1, info2, self.diff_cmd, args)
+    except core.SubversionException, e:
+      _fix_subversion_exception(e)
+      if e.apr_err == core.SVN_ERR_FS_NOT_FOUND:
+        raise vclib.InvalidRevision
+      raise
+
+  def isexecutable(self, path_parts, rev):
+    props = self.itemprops(path_parts, rev) # does authz-check
+    return props.has_key(core.SVN_PROP_EXECUTABLE)
+
+  ##--- helpers ---##
+
   def _revinfo(self, rev, include_changed_paths=0):
     """Internal-use, cache-friendly revision information harvester."""
-    
-    def _revinfo_helper(rev, include_changed_paths):
-      # Get the revision property info.  (Would use
-      # editor.get_root_props(), but something is broken there...)
-      revprops = fs.revision_proplist(self.fs_ptr, rev)
-      msg, author, date, revprops = _split_revprops(revprops)
-  
-      # Optimization: If our caller doesn't care about the changed
-      # paths, and we don't need them to do authz determinations, let's
-      # get outta here.
-      if self.auth is None and not include_changed_paths:
-        return date, author, msg, revprops, None
-  
-      # If we get here, then we either need the changed paths because we
-      # were asked for them, or we need them to do authorization checks.
-      # Either way, we need 'em, so let's get 'em.
-      fsroot = self._getroot(rev)
+
+    def _get_changed_paths(fsroot):
+      """Return a 3-tuple: found_readable, found_unreadable, changed_paths."""
       editor = repos.ChangeCollector(self.fs_ptr, fsroot)
       e_ptr, e_baton = delta.make_editor(editor)
       repos.svn_repos_replay(fsroot, e_ptr, e_baton)
@@ -662,10 +646,12 @@ class LocalSubversionRepository(vclib.Repository):
         if vclib.check_path_access(self, parts, pathtype, rev):
           if is_copy and change.base_path and (change.base_path != path):
             parts = _path_parts(change.base_path)
-            if not vclib.check_path_access(self, parts, pathtype, change.base_rev):
+            if not vclib.check_path_access(self, parts, pathtype,
+                                           change.base_rev):
               is_copy = 0
               change.base_path = None
               change.base_rev = None
+              found_unreadable = 1
           changedpaths[path] = SVNChangedPath(path, rev, pathtype,
                                               change.base_path,
                                               change.base_rev, action,
@@ -674,24 +660,116 @@ class LocalSubversionRepository(vclib.Repository):
           found_readable = 1
         else:
           found_unreadable = 1
+      return found_readable, found_unreadable, changedpaths.values()
+
+    def _get_change_copyinfo(fsroot, path, change):
+      # If we know the copyfrom info, return it...
+      if hasattr(change, 'copyfrom_known') and change.copyfrom_known:
+        copyfrom_path = change.copyfrom_path
+        copyfrom_rev = change.copyfrom_rev
+      # ...otherwise, if this change could be a copy (that is, it
+      # contains an add action), query the copyfrom info ...
+      elif (change.change_kind == fs.path_change_add or
+            change.change_kind == fs.path_change_replace):
+        copyfrom_rev, copyfrom_path = fs.copied_from(fsroot, path)
+      # ...else, there's no copyfrom info.
+      else:
+        copyfrom_rev = core.SVN_INVALID_REVNUM
+        copyfrom_path = None
+      return copyfrom_path, copyfrom_rev
+      
+    def _simple_auth_check(fsroot):
+      """Return a 2-tuple: found_readable, found_unreadable."""
+      found_unreadable = found_readable = 0
+      if hasattr(fs, 'paths_changed2'):
+        changes = fs.paths_changed2(fsroot)
+      else:
+        changes = fs.paths_changed(fsroot)
+      paths = changes.keys()
+      for path in paths:
+        change = changes[path]
+        pathtype = None
+        if hasattr(change, 'node_kind'):
+          if change.node_kind == core.svn_node_file:
+            pathtype = vclib.FILE
+          elif change.node_kind == core.svn_node_dir:
+            pathtype = vclib.DIR
+        parts = _path_parts(path)
+        if pathtype is None:
+          # Figure out the pathtype so we can query the authz subsystem.
+          if change.change_kind == fs.path_change_delete:
+            # Deletions are annoying, because they might be underneath
+            # copies (make their previous location non-trivial).
+            prev_parts = parts
+            prev_rev = rev - 1
+            parent_parts = parts[:-1]
+            while parent_parts:
+              parent_path = '/' + self._getpath(parent_parts)
+              parent_change = changes.get(parent_path)
+              if not (parent_change and \
+                      (parent_change.change_kind == fs.path_change_add or
+                       parent_change.change_kind == fs.path_change_replace)):
+                del(parent_parts[-1])
+                continue
+              copyfrom_path, copyfrom_rev = \
+                _get_change_copyinfo(fsroot, parent_path, parent_change)
+              if copyfrom_path:
+                prev_rev = copyfrom_rev
+                prev_parts = _path_parts(copyfrom_path) + \
+                             parts[len(parent_parts):]
+                break
+              del(parent_parts[-1])
+            pathtype = self._gettype(self._getpath(prev_parts), prev_rev)
+          else:
+            pathtype = self._gettype(self._getpath(parts), rev)
+        if vclib.check_path_access(self, parts, pathtype, rev):
+          found_readable = 1
+          copyfrom_path, copyfrom_rev = \
+            _get_change_copyinfo(fsroot, path, change)
+          if copyfrom_path and copyfrom_path != path:
+            parts = _path_parts(copyfrom_path)
+            if not vclib.check_path_access(self, parts, pathtype,
+                                           copyfrom_rev):
+              found_unreadable = 1
+        else:
+          found_unreadable = 1
+        if found_readable and found_unreadable:
+          break
+      return found_readable, found_unreadable
+      
+    def _revinfo_helper(rev, include_changed_paths):
+      # Get the revision property info.  (Would use
+      # editor.get_root_props(), but something is broken there...)
+      revprops = fs.revision_proplist(self.fs_ptr, rev)
+      msg, author, date, revprops = _split_revprops(revprops)
   
-        # If our caller doesn't care about changed paths, we must be
-        # here for authz reasons only.  That means the minute we've
-        # found both a readable and an unreadable path, we can bail out.
-        if (not include_changed_paths) and found_readable and found_unreadable:
-          return date, author, None, None, None
+      # Optimization: If our caller doesn't care about the changed
+      # paths, and we don't need them to do authz determinations, let's
+      # get outta here.
+      if self.auth is None and not include_changed_paths:
+        return date, author, msg, revprops, None
+  
+      # If we get here, then we either need the changed paths because we
+      # were asked for them, or we need them to do authorization checks.
+      #
+      # If we only need them for authorization checks, though, we
+      # won't bother generating fully populated ChangedPath items (the
+      # cost is too great).
+      fsroot = self._getroot(rev)
+      if include_changed_paths:
+        found_readable, found_unreadable, changedpaths = \
+          _get_changed_paths(fsroot)
+      else:
+        changedpaths = None
+        found_readable, found_unreadable = _simple_auth_check(fsroot)
         
-      # Okay, we've process all our paths.  Let's filter our metadata,
-      # and return the requested data.
+      # Filter our metadata where necessary, and return the requested data.
       if found_unreadable:
         msg = None
         if not found_readable:
           author = None
           date = None
-      if include_changed_paths:
-        return date, author, msg, revprops, changedpaths.values()
-      else:
-        return date, author, msg, revprops, None
+      return date, author, msg, revprops, changedpaths
 
     # Consult the revinfo cache first.  If we don't have cached info,
     # or our caller wants changed paths and we don't have those for
@@ -704,40 +782,50 @@ class LocalSubversionRepository(vclib.Repository):
       self._revinfo_cache[rev] = cached_info
     return tuple(cached_info)
   
-  def revinfo(self, rev):
-    return self._revinfo(rev, 1) 
-  
-  def rawdiff(self, path_parts1, rev1, path_parts2, rev2, type, options={}):
-    p1 = self._getpath(path_parts1)
-    p2 = self._getpath(path_parts2)
-    r1 = self._getrev(rev1)
-    r2 = self._getrev(rev2)
-    if not vclib.check_path_access(self, path_parts1, vclib.FILE, rev1):
-      raise vclib.ItemNotFound(path_parts1)
-    if not vclib.check_path_access(self, path_parts2, vclib.FILE, rev2):
-      raise vclib.ItemNotFound(path_parts2)
-    
-    args = vclib._diff_args(type, options)
+  def _log_helper(self, path, rev, lockinfo):
+    rev_root = fs.revision_root(self.fs_ptr, rev)
+    copyfrom_rev, copyfrom_path = fs.copied_from(rev_root, path)
+    date, author, msg, revprops, changes = self._revinfo(rev)
+    if fs.is_file(rev_root, path):
+      size = fs.file_length(rev_root, path)
+    else:
+      size = None
+    return Revision(rev, date, author, msg, size, lockinfo, path,
+                    copyfrom_path and _cleanup_path(copyfrom_path),
+                    copyfrom_rev)
 
-    def _date_from_rev(rev):
-      date, author, msg, revprops, changes = self._revinfo(rev)
-      return date
+  def _get_history(self, path, rev, path_type, limit=0, options={}):
+    if self.youngest == 0:
+      return []
 
+    rev_paths = []
+    fsroot = self._getroot(rev)
+    show_all_logs = options.get('svn_show_all_dir_logs', 0)
+    if not show_all_logs:
+      # See if the path is a file or directory.
+      kind = fs.check_path(fsroot, path)
+      if kind is core.svn_node_file:
+        show_all_logs = 1
+      
+    # Instantiate a NodeHistory collector object, and use it to collect
+    # history items for PATH@REV.
+    history = NodeHistory(self.fs_ptr, show_all_logs, limit)
     try:
-      temp1 = temp_checkout(self, p1, r1)
-      temp2 = temp_checkout(self, p2, r2)
-      info1 = p1, _date_from_rev(r1), r1
-      info2 = p2, _date_from_rev(r2), r2
-      return vclib._diff_fp(temp1, temp2, info1, info2, self.diff_cmd, args)
+      repos.svn_repos_history(self.fs_ptr, path, history.add_history,
+                              1, rev, options.get('svn_cross_copies', 0))
     except core.SubversionException, e:
       _fix_subversion_exception(e)
-      if e.apr_err == core.SVN_ERR_FS_NOT_FOUND:
-        raise vclib.InvalidRevision
-      raise
+      if e.apr_err != _SVN_ERR_CEASE_INVOCATION:
+        raise
 
-  def isexecutable(self, path_parts, rev):
-    props = self.itemprops(path_parts, rev) # does authz-check
-    return props.has_key(core.SVN_PROP_EXECUTABLE)
+    # Now, iterate over those history items, checking for changes of
+    # location, pruning as necessitated by authz rules.
+    for hist_rev, hist_path in history:
+      path_parts = _path_parts(hist_path)
+      if not vclib.check_path_access(self, path_parts, path_type, hist_rev):
+        break
+      rev_paths.append([hist_rev, hist_path])
+    return rev_paths
   
   def _getpath(self, path_parts):
     return string.join(path_parts, '/')
@@ -746,8 +834,11 @@ class LocalSubversionRepository(vclib.Repository):
     if rev is None or rev == 'HEAD':
       return self.youngest
     try:
+      if type(rev) == type(''):
+        while rev[0] == 'r':
+          rev = rev[1:]
       rev = int(rev)
-    except ValueError:
+    except:
       raise vclib.InvalidRevision(rev)
     if (rev < 0) or (rev > self.youngest):
       raise vclib.InvalidRevision(rev)
@@ -760,7 +851,20 @@ class LocalSubversionRepository(vclib.Repository):
       r = self._fsroots[rev] = fs.revision_root(self.fs_ptr, rev)
       return r
 
-  ##--- custom --##
+  def _gettype(self, path, rev):
+    # Similar to itemtype(), but without the authz check.  Returns
+    # None for missing paths.
+    try:
+      kind = fs.check_path(self._getroot(rev), path)
+    except:
+      return None
+    if kind == core.svn_node_dir:
+      return vclib.DIR
+    if kind == core.svn_node_file:
+      return vclib.FILE
+    return None
+  
+  ##--- custom ---##
 
   def get_youngest_revision(self):
     return self.youngest

lib/win32popen.py

@@ -1,6 +1,6 @@
 # -*-python-*-
 #
-# Copyright (C) 1999-2007 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

notes/releases.txt

@@ -85,17 +85,22 @@ numbers, and not literal):
 
 14. Upload the created archive files (tar.gz and zip) into the Files
     and Documents section of the Tigris.org project, and modify the
-    CHECKSUMS document there accordingly.  Also, drop a copy of the
-    archive files into the root directory of the viewvc.org website
-    (unversioned).
+    CHECKSUMS document there accordingly:
 
-15. On trunk, update the websites (both the viewvc.org/ and www/ ones)
-    to refer to the new release files, and copy the CHANGES for the
-    new release into trunk's CHANGES file.
+       http://viewvc.tigris.org/servlets/ProjectDocumentList?folderID=6004
 
-16. Edit the file 'lib/viewvc.py' again, incrementing the patch number
-    assigned to the __version__ variable.  Add a new empty block in
-    the branch's CHANGES file.  Commit your changes:
+    Also, drop a copy of the archive files into the root directory of
+    the viewvc.org website (unversioned).
+
+15. Update the Tigris.org website (^/trunk/www/index.html) to refer to
+    the new release files and commit.
+
+       svn ci -m "Bump latest advertised release."
+
+16. Back on the release branch, edit the file 'lib/viewvc.py' again,
+    incrementing the patch number assigned to the __version__
+    variable.  Add a new empty block in the branch's CHANGES file.
+    Commit your changes:
 
        svn ci -m "Begin a new release cycle."
 
@@ -104,6 +109,17 @@ numbers, and not literal):
     (and possibly, minor or major) release.  (For the Milestone sort
     key, use a packed integer XXYYZZ:  1.0.3 == 10003, 2.11.4 == 21104.)
 
+       http://viewvc.tigris.org/issues/editversions.cgi?component=viewvc&action=add
+       http://viewvc.tigris.org/issues/editmilestones.cgi?component=viewvc&action=add
+
 18. Send to the announce@ list a message explaining all the cool new
-    features, and post similar announcements to other places interested
-    in this sort of stuff, such as Freshmeat (http://www.freshmeat.net).
+    features.
+
+       http://viewvc.tigris.org/ds/viewForumSummary.do?dsForumId=4253
+
+19. Post a new release notification at Freecode.
+
+       https://freecode.com/projects/viewvc/releases/new
+
+20. Merge CHANGES for this release into the CHANGES file for newer
+    release lines and commit.

templates/docroot/styles.css

@@ -269,3 +269,14 @@ table.vc_idiff tbody th {
 .vc_query_form {
   background-color: #e6e6e6;
 }
+
+
+/*** Warning! ***/
+.vc_warning {
+  border-width: 1px 2px 2px 2px;
+  border-color: black;
+  border-style: solid;
+  background-color: red;
+  color: white;
+  padding: 0.5em;
+}

templates/file.ezt

@@ -9,7 +9,11 @@
 [# ------------------------------------------------------------------------- ]
 
 [# setup page definitions]
-  [define page_title]Contents of /[where][end]
+  [is annotation "annotated"]
+    [define page_title]Annotation of /[where][end]
+  [else]
+    [define page_title]Contents of /[where][end]
+  [end]
   [define help_href][docroot]/help_rootview.html[end]
 [# end]
 

templates/query.ezt

@@ -158,7 +158,15 @@
 [is query "skipped"]
 [else]
 <p><strong>[num_commits]</strong> matches found.</p>
-
+[if-any row_limit_reached]
+<p class="vc_warning">WARNING:  These query results have been
+   artificially limited by an administrative threshold value and do
+   <em>not</em> represent the entirety of the data set which matches
+   the query.  Consider modifying your query to be more specific</a>,
+   using your version control tool's query capabilities, or asking
+   your administrator to raise the database response size
+   threshold.</p>
+[end]
 [if-any commits]
 <table cellspacing="0" cellpadding="2">
  <thead>

templates/query_results.ezt

@@ -7,6 +7,15 @@
 
 <p><strong>[english_query]</strong></p>
 [# <!-- {sql} --> ]
+[if-any row_limit_reached]
+<p class="vc_warning">WARNING:  These query results have been
+   artificially limited by an administrative threshold value and do
+   <em>not</em> represent the entirety of the data set which matches
+   the query.  Consider <a href="[queryform_href]">modifying your
+   query to be more specific</a>, using your version control tool's
+   query capabilities, or asking your administrator to raise the
+   database response size threshold.</p>
+[end]
 <p><a href="[queryform_href]">Modify query</a></p>
 <p><a href="[backout_href]">Show commands which could be used to back out these changes</a></p>
 

templates/roots.ezt

@@ -9,6 +9,12 @@
 <thead>
 <tr>
   <th class="vc_header_sort">Name</th>
+[is cfg.options.show_roots_lastmod "1"]
+  <th class="vc_header">Revision</th>
+  <th class="vc_header">Age</th>
+  <th class="vc_header">Author</th>
+  <th class="vc_header">Log</th>
+[end]
 </tr>
 </thead>
 
@@ -20,6 +26,12 @@
       <img src="[docroot]/images/dir.png" alt="" class="vc_icon" />
       [roots.name]</a>
     </td>
+[is cfg.options.show_roots_lastmod "1"]
+    <td style="width:20">&nbsp;[if-any roots.log_href]<a href="[roots.log_href]">[roots.rev]</a>[else][roots.rev][end]</td>
+    <td style="width:20">&nbsp;[roots.ago]</td>
+    <td style="width:20">&nbsp;[roots.author]</td>
+    <td style="width:20">&nbsp;[roots.short_log]</td>
+[end]
   </tr>
 [end]
 </tbody>

tools/make-release

@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Copyright (C) 1999-2007 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

tparse/tparse.cpp

@@ -1,5 +1,5 @@
 /*
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

tparse/tparse.h

@@ -1,5 +1,5 @@
 /*
-# Copyright (C) 1999-2007 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

tparse/tparsemodule.cpp

@@ -1,5 +1,5 @@
 /*
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

tparse/tparsemodule.h

@@ -1,5 +1,5 @@
 /*
-# Copyright (C) 1999-2006 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC

viewvc-install

@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*- Mode: python -*-
 #
-# Copyright (C) 1999-2009 The ViewCVS Group. All Rights Reserved.
+# Copyright (C) 1999-2013 The ViewCVS Group. All Rights Reserved.
 #
 # By using this file, you agree to the terms and conditions set forth in
 # the LICENSE.html file which can be found at the top level of the ViewVC
@@ -209,6 +209,8 @@ def install_file(src_path, dst_path, mode, subst_path_vars,
                         temp = raw_input("Do you want to [O]verwrite, [D]o "
                                          "not overwrite, or [V]iew "
                                          "differences? ")
+                    if len(temp) == 0:
+                        continue
                     temp = string.lower(temp[0])
                     if temp == "v" and ext not in BINARY_FILE_EXTS:
                         print """