RocketGit

catalinux / rocketgit (public) (License: Affero GPLv3) (since 2015-03-19) (hash sha1)

Main RocketGit repo

Clone URLs: https://rocketgit.com/user/catalinux/rocketgit ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit git://git.rocketgit.com/user/catalinux/rocketgit

List of commits:

Subject	Hash	Author	Date (UTC)
TODO changes	25a5232ed436fe23e7f21c8caa6934d3bfcbd6d7	Catalin(ux) M. BOIE	2019-09-17 19:25:33
Did some debug changes for git	25fbc904e16076cc6117a1bb900326344dba9d37	Catalin(ux) M. BOIE	2019-09-17 19:24:23
Add rg_log_sid value to all push methods, to be able to identify the log from the user reports	4111a8a6ba1e100b3e01d277b2bc7968df9639b1	Catalin(ux) M. BOIE	2019-09-17 19:06:32
AUTHORS file update	69efc5c7617404728506b380a57cf8336a45c2fc	Catalin(ux) M. BOIE	2019-09-17 19:03:59
Added TLS1.3 to the list of protocols for nginx	c9fe2cc833c1a9636eab4baa2c388b2ea073ecbb	Catalin(ux) M. BOIE	2019-09-17 19:03:23
History updates	3de26500d13dc1eafa00fa4721704c5cfe372fd7	Catalin(ux) M. BOIE	2019-09-17 19:01:08
Destroy confirmation link after use	6794a957bf695525b1a171eb6b602d228fd0f725	Catalin(ux) M. BOIE	2019-04-01 17:41:47
Show rg_log_sid into the user output to help identifying the logs	f272e87bcb5fef0e34459c5025b3d4bc796dab6d	Catalin(ux) M. BOIE	2018-08-29 21:40:36
SELinux updates	04b76e731f34762838434e8412e283be7360d188	Catalin(ux) M. BOIE	2018-08-29 21:36:29
Corrected wrong help for ssh 2fa	04f8223c0c8fc585d3c7882c17ba4ecb7c22d0b5	Catalin(ux) M. BOIE	2018-08-29 21:36:16
ldap changes	89e6848701e4c27d0f089393c7591302c45c57d4	Catalin(ux) M. BOIE	2018-08-29 21:35:56
Allow login token to be appended to the password	8a5b003845f54d2771beaec7b14b96b2029ee9db	Catalin(ux) M. BOIE	2018-08-29 21:35:16
Cosmetic changes for the theme	e8ed0db5fd9b41c5a63e1e171adb615a33817da8	Catalin(ux) M. BOIE	2018-08-29 21:32:36
samples updated	b42d3dd5947ae9bcf3994854219e759d93abcafa	Catalin(ux) M. BOIE	2018-08-29 21:32:03
docker updates	f26097f046666d3ab5ca96e69f6fc458188a33ed	Catalin(ux) M. BOIE	2018-08-29 21:31:16
Cosmetic changes	d5069178bed9736db02c3233e95564ad7b429e17	Catalin(ux) M. BOIE	2018-08-29 21:30:42
tests: added helper for totp enrollment	bad21ca093b427b200b3fbdcf2a2e1dd1820f93a	Catalin(ux) M. BOIE	2018-08-29 20:59:17
Store the timestamp of the deletion for a repo, not 1	e761b36efaa37fc3c453e8382127e340bc736bc7	Catalin(ux) M. BOIE	2018-06-04 18:00:35
totp: urlencode must be used when building the url for 2fa	f85ea05bf4b456cc0430e78f2705347dc79343ae	Catalin(ux) M. BOIE	2018-05-29 17:39:06
totp: remove expired entries	06cd360eff667740bcf8a580447cb86f3c2e6850	Catalin(ux) M. BOIE	2018-05-29 17:38:16

Commit 25a5232ed436fe23e7f21c8caa6934d3bfcbd6d7 - TODO changes
Author: Catalin(ux) M. BOIE
Author date (UTC): 2019-09-17 19:25
Committer name: Catalin(ux) M. BOIE
Committer date (UTC): 2019-09-17 19:25
Parent(s): 25fbc904e16076cc6117a1bb900326344dba9d37
Signer:
Signing key:
Signing status: N
Tree: b6d6a87b2bd782741aafbe59e9f857ff53f84dad

File	Lines added	Lines deleted
README	0	3
TODO	36	2

File README changed (mode: 100644) (index 4a18249..0be60bc)
157	157	. As admin user, go to Admin -> Settings and check if any setting should be	. As admin user, go to Admin -> Settings and check if any setting should be
158	158	tweaked. It is very important to set the 'Host name' value.	tweaked. It is very important to set the 'Host name' value.
159	159
160		. You may want to install 'qrencode' package to be able to be able to see the
161		two-factor authentication keys as QR images.
162
163	160
164	161	== Thanks ==	== Thanks ==
165	162	. Special thanks to my family that supports me in this project.	. Special thanks to my family that supports me in this project.

File TODO changed (mode: 100644) (index 09a528c..aabb582)
1	1	== Where I stopped last time ==	== Where I stopped last time ==
	2		[ ] ssh key checked is install 0700 and owner root. It must be allowed to
	3		be run by rocketgit user! Spec? Makefile?
	4		[ ] totp: when trying to validate a token, if the token is wrong, the message
	5		is wrong ("you are not enrolled"). Is is a mess in totp_sc_verify
	6		because the error is set globally. We should pass it in return,
	7		not globally, everywhere is possible.
	8		[ ] We should check if the request was a POST and not a GET! Else, CSRF!
	9		[ ] PagerDuty, Splunk integration.
	10		[ ] Add "Only AGPL and no CLA!" where needed.
	11		[ ] comparison: "2fa for ssh".
	12		[ ] When generating html diff, use a sha1(file_name) to not inject XSS and
	13		for html to look nice.
	14		[ ] git_log_simple returns an array of commits, with a 'vars' section and
	15		a 'files' section. When calling git_log, we also need to pass also the
	16		from/to extracted from 'simple' output. Think about someone pushing changes
	17		betwen 'simple' and 'full'!
	18		[ ] We have some invalid numstat in the logs!
	19		[ ] We have lines_add/del. Why we need also 'changes' field (git.inc.php)?!
	20		[ ] 'git log --patch' for submodules probably is not working right.
	21		[ ] Allow users to change the value of 'diff.context'.
	22		[ ] rg_git_diff2array is called with already mangled file names (\xxx\xxx...)
	23		Check why they are not "correct".
	24		[ ] Document 2fa for http, now that is working.
2	25	[ ] Replace all 'who_nice' open coded stuff with rg_user_nice.	[ ] Replace all 'who_nice' open coded stuff with rg_user_nice.
3	26	[ ] ldap: What should happen when we update plan_id.	[ ] ldap: What should happen when we update plan_id.
4	27	What about other fields?	What about other fields?

13	36	[ ] 2fa: test pushing by http(by_http.php)/ssh(?).	[ ] 2fa: test pushing by http(by_http.php)/ssh(?).
14	37	[ ] Compare: mouse over is not working on touch-screens!	[ ] Compare: mouse over is not working on touch-screens!
15	38	[ ] Aug 18 15:10:04 rg2 audit[29395]: AVC avc: denied { map } for pid=29395 comm="git" path="/var/lib/rocketgit/repos/by_id/00/00/00/7B/0000007B/repos/by_id/125.git/objects/pack/pack-dbb7e352e05eec6b15b74679d813897b29fa0b62.idx" dev="dm-0" ino=133117 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:rocketgit_var_t:s0 tclass=file permissive=1	[ ] Aug 18 15:10:04 rg2 audit[29395]: AVC avc: denied { map } for pid=29395 comm="git" path="/var/lib/rocketgit/repos/by_id/00/00/00/7B/0000007B/repos/by_id/125.git/objects/pack/pack-dbb7e352e05eec6b15b74679d813897b29fa0b62.idx" dev="dm-0" ino=133117 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:rocketgit_var_t:s0 tclass=file permissive=1
16		[ ] When pushing/fetching, log also the debug id.
17	39	[ ] Truncate big descriptions.	[ ] Truncate big descriptions.
18	40	[ ] report how many repos/users/etc. were removed.	[ ] report how many repos/users/etc. were removed.
19	41	[ ] Investigate WWW-Authenticate HTTP header.	[ ] Investigate WWW-Authenticate HTTP header.

98	120	[ ]	[ ]
99	121
100	122	== BEFORE NEXT RELEASE ==	== BEFORE NEXT RELEASE ==
	123		[ ] When trying to clone by http, and I am enrolled in 2fa, I get an error:
	124		Error: non existing repo or you are not allowed to push!
	125		Which should not say anything about "push"!
	126		Fix is in developemnt. Just need to deploy. And notify nljelfs.
	127		[ ] After enrolling in 2fa, we need to clear the fields!
	128		[ ] Personalize welcome e-mail.
	129		[ ] Allow (regex) only some domains/IPs to join the system.
	130		[ ] Warn web users if they use TLS < 1.2.
101	131	[ ] Sec: must read https://www.usenix.org/system/files/conference/usenixsecurity15/sec15-paper-zheng-updated.pdf	[ ] Sec: must read https://www.usenix.org/system/files/conference/usenixsecurity15/sec15-paper-zheng-updated.pdf
102	132	[ ] Allow authentication by certificate.	[ ] Allow authentication by certificate.
103	133	[ ] passwords: we need multiple round of hashing.	[ ] passwords: we need multiple round of hashing.

...	...	But, we have a problem with the expiration time!
1874	1904	[ ] Secure transport X in configuratia de apache. Sau in index.php?	[ ] Secure transport X in configuratia de apache. Sau in index.php?
1875	1905
1876	1906	== BEFORE NEXT-NEXT RELEASE ==	== BEFORE NEXT-NEXT RELEASE ==
1877		[ ] mcr@sandelman.ca: It would be nice if github could be told to reject
	1907		[ ] Matrix.org support:
	1908		https://gist.github.com/RickCogley/69f430d4418ae5498e8febab44d241c9
	1909		[ ] mcr at sandelman dot ca: It would be nice if github could be told to reject
1878	1910	and/or mark files that have whitespace errors.	and/or mark files that have whitespace errors.
1879	1911	[ ] Transform user/bug/* into high level functions.	[ ] Transform user/bug/* into high level functions.
1880	1912	[ ] Maybe, when user is not logged in, on the "Repositories" main menu	[ ] Maybe, when user is not logged in, on the "Repositories" main menu

...	...	them after processing is done.
2399	2431	[ ] If a user has no push access and creates merge request, but the owner pushed	[ ] If a user has no push access and creates merge request, but the owner pushed
2400	2432	nothing, ssh cloning gives errors about HEAD not found.	nothing, ssh cloning gives errors about HEAD not found.
2401	2433	[ ] Add a "Report a bug on this page" - we already have the log_id!	[ ] Add a "Report a bug on this page" - we already have the log_id!
	2434		[ ] Allow a way to authenticate (only) with certificates. We need to specify
	2435		a CA to be able to validate them.
2402	2436
2403	2437
2404	2438	== Graphics ==	== Graphics ==

Hints:
Before first commit, do not forget to setup your git environment:

git config --global user.name "your_name_here"
git config --global user.email "your@email_here"

Clone this repository using HTTP(S):

git clone https://rocketgit.com/user/catalinux/rocketgit

Clone this repository using ssh (do not forget to upload a key first):

git clone ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit

Clone this repository using git:

git clone git://git.rocketgit.com/user/catalinux/rocketgit

You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a merge request:

... clone the repository ...
... make some changes and some commits ...
git push origin main