grim/hgkeeper

Do not allow repositories in a repository

12 months ago, aklitzing
ebf8e3bd9e68
Do not allow repositories in a repository

It will be strange to support something like this
$ hg init ssh://hg.host.com/hgkeeper/keys

Reviewed at https://reviews.imfreedom.org/r/2423/
1.1.0: (2023-01-04)
* Add a warning message when a duplicate key is loaded. No behavior changes
were made so that users depending on the broken behavior can continue
working. (HGKEEPER-22)
* Removed the mercurial 6.1 pin from the container image.
* Normalize paths before passing them to the authorization checker. This bug
allowed attackers to read repositories they shouldn't have been able to by
adding a / on to the end of the path. The hgkeeper repo in the default
configuration is susceptible to this attack.
1.0.0: (2022-06-21)
* Official first release!