Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

200 check-ins occurring around 2022-09-27 14:39:07.

Make sure the reportfmt table contains the jx column before trying to use that column. ... (Leaf check-in: d4332725 user: drh tags: json-meta-data)
Use the "name" query parameter to select a report number. The legacy "rn" query parameter still works, but generated hyperlinks now use the new format. ... (check-in: 3048c04b user: drh tags: json-meta-data)
Provide the ability to add custom header text on all ticket reports. The header and its mimetype are stored in the REPORTFMT.JX column. ... (check-in: c06a9980 user: drh tags: json-meta-data)
Give the JX column of USER and REPORTFMT a default value which is valid JSON. ... (check-in: 2433964d user: drh tags: json-meta-data)
Factor out the ALTER TABLE statements that add the JX column to the USER and REPORTFMT tables into separate subroutines. ... (check-in: 8f6d7dac user: drh tags: json-meta-data)
Add the "jx" column to the "user" and "reportfmt" tables, with the intent of using the column for JSON metadata. Currently unused. Make arrangements to sync the "jx" column (using the "fossil config" command) in a way that is backwards compatible with older versions that do not have the "jx" column. ... (check-in: b7ac178c user: drh tags: json-meta-data)
Increase the version number to 2.21 to start the next development cycle. ... (check-in: 8dcee008 user: danield tags: trunk)
Merge in setupuser-retain-pw branch (HTML change only, no code). ... (check-in: 88f9da98 user: stephan tags: trunk)
Prefixing each shell script section in the Dockerfile with "set -x" broke the checks to prevent running UPX on ARM builds. You can still get release container builds on ARM by copying this fixed Dockerfile to your release checkout. ... (check-in: b4c3d9a1 user: wyoung tags: trunk)
Fix harmless typos reported by forum post 15f7327318. ... (check-in: f3adbd88 user: drh tags: trunk)
Remove the "ada" subdirectory from the compat/zlib/contrib because it is not used, but it does (apparently) cause warnings for lintian. Perhaps this will be a partial fix for the warnings reported by forum post 15f7327318. ... (check-in: 511ad59a user: drh tags: trunk)
Update website for the 2.20 release. ... (check-in: e14628bc user: drh tags: trunk)
Version 2.20 ... (check-in: 210e89a0 user: drh tags: trunk, release, version-2.20)
Merge trunk into wcag-2.1 branch for deployment on test server. ... (Leaf check-in: 56d8000a user: stephan tags: wcag-2.1)
Update the built-in SQLite to the 3.40.0 release. ... (check-in: d0ee8100 user: drh tags: trunk)
Update the built-in SQLite to the 3.40.0 rc1 for testing. ... (check-in: 2ece5d0f user: drh tags: trunk)
Removed the title property from the nav element for the submenu in style.c. It caused a redundant tooltip, and was not necessary. ... (check-in: ba3fa28d user: ericwikman tags: wcag-2.1)
Update /chat and /pikchrshow UIs to work with skins conforming to the WCAG rework as well as pre-WCAG skins (except for the bootstrap skin, which restructures the DOM in an incompatible way). ... (check-in: d208efdd user: stephan tags: wcag-2.1)
Merge trunk into wcag-2.1 for cleaner diff comparison. ... (check-in: e1a9fdd7 user: stephan tags: wcag-2.1)
Apply fixes to all web views to pass WCAG 2.1 tests performed by "axe DevTools" browser extension. Most fixes related to screen reader compatibility, like making sure that form elements have labels. Some color changes to improve contrast on Default skin. Made more HTML5 compliant. Minor improvement to select combo boxes for UX. Improved Search form UX. Two minor bug fixes for malformed HTML. Fixed help pages to resolve issues with non-compliant HTML being generated. Mostly documented at ... (check-in: 1f231db3 user: ericwikman tags: wcag-2.1)
Only issue notififications for ticket changes that do not previously appear in the EVENT table. Fix for ticket [ad9aa572e7972f57]. ... (check-in: fb040bb0 user: drh tags: trunk)
Fix the TH_ListAppend() function in TH1 so that it correctly escapes strings that have a '}' character that has no matching '{' to its left. Fix for ticket [4d73b4a2258a78e2]. ... (check-in: 4ec65ebb user: drh tags: trunk)
A proposed fix for ticket [ad9aa572e7972f57]. Use an UPDATE rather than a REPLACE where possible when redoing EVENT table entries for tickets that are being rebuild, in order to avoid unnecessary notification events. ... (Closed-Leaf check-in: 1f0f6226 user: drh tags: ticket-notification-fix)
Yet another shell.c import from SQLite to deal with more typedef issues. ... (check-in: f0e625b1 user: drh tags: trunk)
Update to a newer version of 3.40.0 that includes a fix to shell.c that allows it to be compiled with older C compilers. ... (check-in: 25799e89 user: drh tags: trunk)
Respect `"timeline-utc"` setting when a ticket change artifact is displayed on the /info page. This makes it consistent with other places and fixes a hyperlink to the corresponding item of the /timeline. ... (check-in: 0028a3ca user: george tags: trunk)
Update the built-in SQLite to the latest 3.40.0 beta, for testing. ... (check-in: 10d71748 user: drh tags: trunk)
Add a note to /setup_uedit that leaving the ostensibly populated password field unchanged will retain the current password, per discussion in forum post 0463cc2e87a3c676. (Branched for later addition to v2.21.) ... (Closed-Leaf check-in: fe373994 user: stephan tags: setupuser-retain-pw)
Omit "Show associated wikis" from the submenu of a /wcontent page if there are no associated wikis in a repository. This amends [29a24941ed9b]. ... (Closed-Leaf check-in: 6e28f280 user: george tags: pre-2.21)
Fix a bug when handling timeline data blocks not containing any check-ins. ... (Leaf check-in: d3f9b8ab user: florian tags: timeline-keyboard-navigation)
Also documented the new "clone -u -v" feature. ... (check-in: 0d61fd23 user: wyoung tags: trunk)
Since it seems my clone -u fixes are going to stick, documented them in the changelog. ... (check-in: 02631e35 user: wyoung tags: trunk)
Improve correctness, usability and efficiency for the case when values in a TICKET's column tend to be long and volatile.

Owner of a repository may specify one or several TICKET's columns so that delta-compression is tried for the corresponding ticket change artifacts and the corresponding changes on the /tkthistory page are rendered via unified diffs.

See details in the associated wiki. ... (check-in: 872a3b23 user: george tags: trunk)

Add comments for auxiliary local variables inside ticket_output_change_artifact(). ... (Closed-Leaf check-in: 53b66cf6 user: george tags: deltify-tkt-blobs)
Typo fix in ... (check-in: 141793c4 user: stephan tags: deltify-tkt-blobs)
Merge trunk into deltify-tkt-blobs branch. ... (check-in: 86916df5 user: stephan tags: deltify-tkt-blobs)
Fix a typo in a comment. ... (check-in: a2ed1119 user: george tags: deltify-tkt-blobs)
Add more comments and a changelog item. No code changes. ... (check-in: e690df08 user: george tags: deltify-tkt-blobs)
The check for whether to continue during sync due to outstanding "uvgimme" requests was being skipped in clone -u mode due to misordered tests at the end of the client side of the sync protocol. ... (check-in: 52648d03 user: wyoung tags: trunk)
Since "fossil uv sync -v" turns on UV trace mode, made "fossil clone -u -v" enable that mode as well, since otherwise there's no way to get into UV trace mode during clone. (e.g. There is no global "--uvtrace" option.) ... (check-in: cdd58b1f user: wyoung tags: trunk)
Consolidated two related tests in the sync protocol to avoid re-testing a flag twice and to bring related code closer together. ... (check-in: 6293b282 user: wyoung tags: trunk)
Corrected a difference in the case of a SQLite table name. The DBMS doesn't care, but it risks missing relevant references to this table when searching with a case-sensitive text editor. ... (check-in: 1b1887cb user: wyoung tags: trunk)
Mention the new `fossil branch lsh' subcommand in the change log. ... (check-in: 67c9d929 user: florian tags: trunk)
Typo fix in the 2.20 changelog ... (check-in: c3012508 user: wyoung tags: trunk)
Update the built-in Pikchr source code and WASM/JS builds. ... (check-in: 8f4a32cc user: drh tags: trunk)
Update the built-in SQLite to the latest 3.40.0 alpha version that includes all performance enhancements and bug fixes. ... (check-in: 4aa78375 user: drh tags: trunk)
Update to a still newer version of SQLite 3.40.0 alpha that compiles without warnings on Mac ARM64. ... (Closed-Leaf check-in: 6ff6d495 user: drh tags: busted-build)
Remove the -D_HAVE_SQLITE_CONFIG_H option from the build of SQLite. We haven't had the config.h file for SQLite, so this should be a harmless change. ... (check-in: 2522366f user: drh tags: busted-build)
Update the built-in SQLite to the latest 3.40.0 alpha version that includes all bug fixes and performance enhancements. ... (check-in: c7dc1884 user: drh tags: busted-build)
Fix a comment typo. ... (check-in: db8b14c5 user: drh tags: trunk)
Code maintenance for the `copybtn.js' script: Remove global data, reference DOM elements by function-binding instead of by id (that is possibly reused for the short-lived tooltip), and normalize variable names and string quoting style. ... (check-in: d5f66215 user: florian tags: trunk)
Fix the handling of manifest files for the "tag" and "amend" commands. ... (Leaf check-in: a2335604 user: drh tags: branch-1.37)
Minor comment reformatting. ... (check-in: 0df4abc7 user: stephan tags: trunk)
Cache get_comment_format() result to avoid that the global config db is queried once per timeline row, which brings fossil to a standstill when ~/ is NFS-mounted. Discussion in 9aaefe4e536e01bf. ... (check-in: 6e62c851 user: stephan tags: trunk)
Add a by-hour-of-day report to the /reports page, prompted by a /chat discussion. (Edit: initial user mis-attribution was caused by a config-pull which changed my local default user.) ... (check-in: bb6f2331 user: stephan tags: trunk)
For the BUILTIN virtual table, map one-based rowids to zero-based array indices, to fix access to the first entry. ... (check-in: cf563c72 user: florian tags: trunk)
Document more consequences of the merge parent-merge child relationship not recorded for private branches. ... (check-in: 3b719a96 user: florian tags: trunk)
Cherry-pick [767b175d90]: Avoid references to private check-ins in Q-cards of public check-in manifests. This ensures consistent behavior regarding leakage of private check-in hashes, possibly generating phantoms on peer repositories, for P- and Q-cards. ... (check-in: 52a66829 user: florian tags: trunk)
Experimental refinements to the fix on this branch to make it slightly more efficient. ... (Leaf check-in: 2172c513 user: mistachkin tags: nonHashFix)
Merge updates from trunk. ... (check-in: 7489c8b9 user: mistachkin tags: nonHashFix)
Merge updates from trunk. ... (Leaf check-in: 6f3640a7 user: mistachkin tags: th1Hash)
Highlight a ticket's change that corresponds to the URL's fragment of the /tkthistory page. ... (check-in: 7afd4db3 user: george tags: deltify-tkt-blobs)
Carry forward [368d97869b] to the zlib 1.2.13 update. ... (check-in: dc13e1e5 user: florian tags: zlib-update)
Carry forward [cc3765eb12] to the zlib 1.2.13 update. ... (check-in: 1a1295a5 user: florian tags: zlib-update)
Update the built-in zlib to version 1.2.13, released on October 13, 2022. In accordance with check-in [eea86cee3a], all files from the doc/ subdirectory are excluded. ... (check-in: e9e679c5 user: florian tags: zlib-update)
Rework the previous check-in to fix incorrect backlinks' sources for the case when values are appended to a field (i.e. a value of J-card starts with '+'). Consider a reference to 77ab05a0e9 from [caeb7d672df20] for an example which was handled incorrectly by [668e45baff99]. ... (check-in: 4d5ded5e user: george tags: deltify-tkt-blobs)
Grammar fix ... (check-in: 658547aa user: wyoung tags: trunk)
Assorted fixes and improvements to the doc ... (check-in: 27458ef7 user: wyoung tags: trunk)
Updated the debian/ doc for Ubuntu 22.04. The biggie is simplifying the TLS configuration, since the manual method we used to have no longer seems to be required with current versions of Certbot. ... (check-in: 716ae7c0 user: wyoung tags: trunk)
Fixed a few references to the obsolete doc. (It became part of the overall server doc long ago.) ... (check-in: 780b58bc user: wyoung tags: trunk)
Assorted updates surrounding my fslsrv wrapper:
  • Reflected improvements from the version into this simpler alternative. Although we don't generally recommend use of this script any more, preferring systemd to get autostart on boot and autorestart on crash, www/server/any/ still refers to this script, and it feels like a regression to remove it. If someone is interested in simple-as-possible SCGI service, fslsrv is a fit companion.
  • Removed direct reference to fslsrv from www/server/debian/ since the indirect reference via the SCGI doc suffices.
  • The full-strength nginx doc now refers to both of these fslsrv variants in a handwavy way, since it's outside the scope of that doc to care how you get your background SCGI servers running.
... (check-in: 1cbcb38c user: wyoung tags: trunk)
Added hyperlinks to the new changelog entries referencing the files in question. ... (check-in: 2c127ba7 user: wyoung tags: trunk)
Fix the htmlizer so that it converts 0x0d (carriage return) into 0x20 (ordinary space). Fix for the diff problem reported by forum post 2a63b483f5f048c2 ... (check-in: 050ba629 user: drh tags: trunk)
Closing off the containers project: added the doc to the permuted index, noted the changes in the changelog, and removed all the hedging about WAL mode in the doc, having failed to make WAL fail in this scenario. ... (check-in: 92982dc4 user: wyoung tags: trunk)
Fix some broken hyperlinks in documentation files. ... (check-in: a59af25f user: danield tags: trunk)
Check the meta key modifier (⊞|⌘|◆) when processing keyboard events. ... (check-in: 11bb41e0 user: florian tags: timeline-keyboard-navigation)
Check the meta key modifier (⊞|⌘|◆) when processing keyboard events. ... (Leaf check-in: 4811d5b2 user: florian tags: diff-keyboard-navigation)
Cross reference the new CSS classes, as they appear fragmented in the JS part, and therefore can't be found by code search. ... (check-in: ec955233 user: florian tags: diff-keyboard-navigation)
Fix redundant back-references originating from outdated/superseded values within TICKET table. See forum thread a6ba08e926. ... (check-in: 668e45ba user: george tags: deltify-tkt-blobs)
Fix naming of columns on the /test-backlinks page. ... (check-in: 6a5604f4 user: george tags: deltify-tkt-blobs)
Shortcuts G and SHIFT+G to load the default timeline, or the timeline around the current check-out. ... (check-in: 2ed74216 user: florian tags: timeline-keyboard-navigation)
Shortcuts U and SHIFT+U to reload the current page in Unified Diff or Side-By-Side Diff mode. ... (check-in: 35cf6f30 user: florian tags: diff-keyboard-navigation)
Typo fixes in the /dir browser header: All File ==> All Files. ... (check-in: 7727f9a6 user: stephan tags: trunk)
Fix a bug for empty change views (for example check-ins created by `fossil branch new', or no-op /vdiff and /fdiff views). ... (check-in: 4c336f37 user: florian tags: diff-keyboard-navigation)
Sync with trunk. ... (check-in: 901ae725 user: florian tags: diff-keyboard-navigation)
Sync with trunk. ... (check-in: e5c5e6f0 user: florian tags: timeline-keyboard-navigation)
Simplification to the JS used as part of anti-robot defenses. ... (check-in: 08535b22 user: drh tags: trunk)
Minor code cleanups and comment updates. ... (check-in: d17b5976 user: florian tags: diff-keyboard-navigation)
Add documentation, thanks @ams for help with wording. An alternative (but not less redundant) approach may be to create a new documentation-only web page to list available keyboard shortcuts for all pages (there's also the global ESC shortcut to close the Hamburger Menu) linked to from the individual command help screens. ... (check-in: 8773bb88 user: florian tags: diff-keyboard-navigation)
Correct skintxt2config.c to be able to handle 0-byte input files. ... (check-in: c7c1c4e8 user: stephan tags: trunk)
Comment updates. ... (check-in: d1d5e99c user: florian tags: diff-keyboard-navigation)
Since dynamically added CSS classes to hide elements are discarded on back/forward navigation, reset all diff toggle checkboxes to checked to match what is actually visible. An alternative approach is to find the unchecked diff toggles and reapply the CSS classes to hide the corresponding diff blocks. ... (check-in: 4368a1c9 user: florian tags: diff-keyboard-navigation)
'skin:' CGI config directive now accepts an empty value for consistency with the --skin CLI flag. ... (check-in: 6362a98f user: stephan tags: trunk)
--skin "" now forces use of the current edited skin and the warning on the /skins page about a forced skin now distinguishes between /draft and --skin ... usage. ... (check-in: 816f6c04 user: stephan tags: trunk)
Import the latest 3.40.0 alpha version of SQLite into the tree. ... (check-in: fbad2772 user: drh tags: trunk)
add new "Related Work" page linked from the User Links page

Suggested by drh@ with lots of tweaks from wyoung@ ... (check-in: 8ab498bd user: mark tags: trunk)

Fix scrolling if there's only one diff block. ... (check-in: e41214d2 user: florian tags: diff-keyboard-navigation)
Implement Javascript-based keyboard navigation for web UI diffs. Shortcuts SHIFT+I or I show or hide all diffs, and P or O show the next or previous diff. See Forum Post a78f44576c for more information. ... (check-in: b7e089e0 user: florian tags: diff-keyboard-navigation)
improve login-group command documentation and output

Prompted by 58f01f6d92, a7d15cc071, and 1c639bcdea. Clarify semantics of -R|--repository in 'fossil login-group join' and make user output more helpful. While here, trim some trailing whitespace. ... (check-in: 83bc81e8 user: mark tags: trunk)

make chatbot message box transparent to avoid collisions

Suggested by mgagnon in /chat. Hint from stephan. ... (check-in: c8b3ec1e user: mark tags: trunk)

Fix a bug in the chat-robot. ... (check-in: b3f87ef7 user: drh tags: trunk)
print stash metadata when popping or applying stash

Feature request from Alfred M. Szmidt in ae3ad9c69f. Minor tweak of original patch by stephan@ ... (check-in: 1392710f user: mark tags: trunk)

Replaced most of the speculation in the walmode section of the containers doc with a link to the walbanger project, where we'll be answering this question. ... (check-in: 96633067 user: wyoung tags: trunk)
The g.fJail global variable should always be set whenever a chroot jail has been entered. ... (check-in: 558cef7c user: drh tags: trunk)
Merge trunk into markdown-tagrefs branch. ... (Leaf check-in: 7321b44a user: stephan tags: markdown-tagrefs)
Cherrypick [5ade6fb863e4], inadvertently checked in on a different branch. ... (check-in: 44c5d029 user: stephan tags: trunk)
Correct an outdated path and fix a typo reported in the forum. Doc changes only, no code. ... (check-in: 5ade6fb8 user: stephan tags: markdown-tagrefs)
Update the hyperlink for purchasing a SEE license. ... (check-in: c3ce8a42 user: danield tags: trunk)
fix specified file path case in locate_unmanaged_files()

Only insert unmanaged files into the temp sfile table. This now makes the routine behave consistently whether file, directory, or no paths are passed on the command line, and fixes the `fossil changes --extra` bug report in 452ec8fac167. ... (check-in: 39eb451a user: mark tags: trunk)

tweak `fossil remote` cmd to update the "default" name

Don't delete the current default remote-url when the user invokes the invalid `fossil remote add default` command; instead, output correct usage to update the special "default" symbolic name. Tweak help text to make this more obvious. Prompted by 5748fcb117a99b43. ... (check-in: 2a3e851e user: mark tags: trunk)

Link keyboard and mouse navigation and enable changing keyboard focus with Ctrl+Click. ... (check-in: 29824137 user: florian tags: timeline-keyboard-navigation)
Sync with trunk. ... (check-in: 3c929719 user: florian tags: timeline-keyboard-navigation)
Minor changes to option handling for the `ui' command: (A) Abort early with an error message if the specified port number is invalid (instead of later with an assertion failure); (B) Add short form -p for --page; (C) Add short form -B for --nobrowser. ... (check-in: 1431ebae user: florian tags: trunk)
Prevent the web UI side-by-side diffs and their scrollbars from getting truncated on the right. Forum Post f9becc251c. ... (check-in: 1a668d35 user: florian tags: trunk)
Enhancements to the "fossil finfo -i" command such that it only shows the first check-in for the file (unless -v is also used) and so that it shows the modification time as a separate line for easy parsing by scripts. ... (check-in: ac6edb35 user: drh tags: trunk)
Fix the help text for the previous check-in. ... (check-in: c0162a4f user: drh tags: trunk)
Fix the "finfo" command so that -r is not required with -i. If the -r is omitted, then "current" is used in its place. ... (check-in: 35c6d15a user: drh tags: trunk)
Remove an extra newline character from the output of the new "fossil remote hyperlink" command. ... (check-in: 76bc66a9 user: drh tags: trunk)
Add the "fossil remote hyperlink" and "fossil remote ui" subcommands. ... (check-in: b2e2fc03 user: drh tags: trunk)
Backup any unmamaged files that are about to be overwritten by an update or merge. Potentially avoid the loss of a local file if the overwrite warning goes unnoticed, in which case undo is useless. ... (check-in: e99e58c5 user: mgagnon tags: trunk)
Fix a typo in comment (no code change) ... (check-in: 13561519 user: mgagnon tags: trunk)
On the /tkthistory page supply each ticket change item with a corresponding id attribute and make the 'History' button within a submenu of a /tinfo page to link back to that particular element on the /tkthistory page. ... (check-in: 4bb91f38 user: george tags: deltify-tkt-blobs)
Minor optimization and refactoring. ... (check-in: b2049d64 user: george tags: deltify-tkt-blobs)
Add a comment to the tree-view to explain that file ages are relative to the check-in time. ... (check-in: 0fb353c1 user: drh tags: trunk)
Merge trunk into markdown-tagrefs branch. ... (check-in: 8ef0347f user: stephan tags: markdown-tagrefs)
Add documentation for chat-timeline-user. ... (check-in: 24c71dfb user: drh tags: trunk)
Add the chat-timeline-user setting to the 2.20 change log. ... (check-in: 0efd583a user: stephan tags: trunk)
Added lmtime value to chat-timeline-user's chat messages, using the server's local time, to fix time display in the /chat message popup. ... (check-in: e1ad4992 user: stephan tags: trunk)
Improved comments on the new chat-timeline-user feature. ... (check-in: c3ed2430 user: drh tags: trunk)
Improved chat messages for the chat-timeline-robot. ... (check-in: 974cf366 user: drh tags: trunk)
Improve /tkthistory page: render selected ticket fields as unified diffs. ... (check-in: b75a9d0f user: george tags: deltify-tkt-blobs)
Do not require that the chat-timeline robot username be an actual user in the USER table. If the chat-timeline-user config variable exists, then timeline events are announced in chat, regardless. ... (check-in: 1f5474ec user: drh tags: trunk)
Remove redundant PRE tags on the /wdiff pages. ... (check-in: 0dd5451d user: george tags: deltify-tkt-blobs)
Add the ability to designate a timeline robot user. If such a user exists, and if chat is enabled, then notifications of all timeline events appear in chat, from the robot user. ... (check-in: e9d7cf3e user: drh tags: trunk)
Minor improvement to SEE integration. ... (check-in: 660c2b15 user: mistachkin tags: trunk)
Sync up custom makefile for MinGW. ... (check-in: a3ed29ea user: mistachkin tags: trunk)
Mentioned containerd+nerdctl in place of runc in the containers doc. A tightened-up version of the prior runc and crun sections are now collected below the Podman section. This gives a better flow: each successive option is smaller than the last, excepting only nspawn, which is a bit bigger than crun. (We leave nspawn last because we can't get it to work!) ... (check-in: 457c14a4 user: wyoung tags: trunk)
Updated the "nojail" patch for our Dockerfile to track the recent changes: rename back from and the layer refactoring. It does essentially the same thing as before. ... (check-in: 19abf0ac user: wyoung tags: trunk)
Merge trunk into remote-add-fix branch. ... (Leaf check-in: baf635cb user: stephan tags: remote-add-fix)
Update the built-in SQLite to the latest 3.40.0 alpha. ... (check-in: 9d12e964 user: drh tags: trunk)
Broke the Dockerfile up into more layers to allow better local caching at build time. Further optimized build time by producing the Fossil source tarball from the local repo instead of hitting the home site if you use the container-image target, since we can be reasonably certain you're working from a repo checkout and thus have all the info available here locally already. ... (check-in: 1da464ee user: wyoung tags: trunk)
Expanded the paragraph on WAL mode interactions in the container doc into a full section, placed higher up, immediately after the first use of Docker's "--volume" flag, to explain why we don't map just the repo DB file, but the whole directory it sits in. Even if we later convince ourselves WAL is safe under this scenario, it'll be conditional at best, so some remnant of this section must remain, no matter which way the experiments go. ... (check-in: 698587d4 user: wyoung tags: trunk)
Renamed back to Dockerfile so it can be used as-is on non-autosetup systems. Realized that we can pass the Fossil checkin hash prefix in as a build arg instead of regenerating the file on disk from auto.def. If you use the Dockerfile as-shipped, you get a "trunk" build, which risks a stale cache — it thinks it already has a tarball by that name and helpfully refuses to pull it again — but at least Windows users get *something* without hand-hacking the file. ... (check-in: b0c9c26a user: wyoung tags: trunk)
Added a /jail/log directory to the container so someone can pass --errorlog and such to the Fossil instance and have a place to put it. It also acts as a mountpoint for appending to a log out on the host. ... (check-in: ed50ceee user: wyoung tags: trunk)
/dev permissions were too tight in the container. They're still tighter than on a stock Ubuntu box, but they should suffice for Fossil's needs. ... (check-in: 8eeb95e1 user: wyoung tags: trunk)
Restricted the container listeners to localhost in section 6 of the containers doc, and mentioned a few other items related to reverse proxying with nginx. ... (check-in: c9ab736f user: wyoung tags: trunk)
Folded info from an exchange with the Podman devs into the container doc. ... (check-in: 80f4a1dd user: wyoung tags: trunk)
Added section numbers to the containers doc (it was getting confusing) and added a few internal fragment IDs. ... (check-in: 4d51d524 user: wyoung tags: trunk)
Finished all the new topics planned for the new containers doc, adding sections on rootful Podman containers and on building via Docker but running via Podman, using Docker Hub as an intermediary to avoid building on the remote host. ... (check-in: 9c96e499 user: wyoung tags: trunk)
Sanitized a local port number out of previous ... (check-in: 3dfa4581 user: wyoung tags: trunk)
Added my sad tale of failure and woe with systemd-nspawn to the container docs, both as a warning to those who follow, and as a cry for help to someone who can make this work. I can't be bothered to spend more time on it, but there's no point throwing the work away. ... (check-in: 1e8c6655 user: wyoung tags: trunk)
Documented another cause to modify the "m" variable in the runc examples in the container docs. ... (check-in: bf503088 user: wyoung tags: trunk)
Added more jq filters to the runc examples to remove further problematic things left in the automatic conversion from the Docker container configuration file to the one we provide to runc. ... (check-in: 4e8c7479 user: wyoung tags: trunk)
Worked through some difficulties here in applying the runc method on remote systems, then documented what I learned in the containers doc. ... (check-in: 56f4e2ce user: wyoung tags: trunk)
Small fix to previous ... (check-in: d5695c8e user: wyoung tags: trunk)
Expanded the runc section of the container doc to cover "bundle" terminology and to show a method for rsyncing the bundle across to a remote host. Also explained why this is a bad idea unless you've got a rather constrained use case, lest people avoid using podman/docker in places where they could provide real value. ... (check-in: f9f13ce7 user: wyoung tags: trunk)
Documented the runc and crun options for running a container, including the cryptic method for exporting an OCI bundle from Docker, allowing you to use both together: Docker Desktop on your big dev box in the office, then one of the two lightweight runtimes out in the cloud. ... (check-in: c9431ef4 user: wyoung tags: trunk)
Added explicit instructions for patching the Dockerfile for the nojail/podman method and for mapping a single Fossil repo into the container rather than a directory. Also included my best current advice on using WAL mode in these contexts. ... (check-in: 87a23d2a user: wyoung tags: trunk)
Removed a TODO-based section of the new containers doc that wasn't meant to be checked in yet. Made a few improvements to the new Podman material as well. ... (check-in: 5adf6c40 user: wyoung tags: trunk)
Added the "Lightweight Alternatives to Docker" section to the new containers doc, currently limited to a tutorial on converting the stock Dockerfile to work under Podman in its default mode, creating a rootless container. This brings in the second container-related file at the root of the repo, the patch file for this, so we don't have to maintain two nearly-parallel Dockerfiles. As a bonus, it allows us to point to the patch from the prose, making explicit what we had to change. ... (check-in: f0399ea9 user: wyoung tags: trunk)
Moved the busybox-config file from tools/ into a new containers/ subdirectory. We were using that as a junk-drawer directory, for lack of a better place to put it. Now that we're about to have a second container-related file in the repo, that weak excuse is wearing thin. ... (check-in: b08e2bb7 user: wyoung tags: trunk)
Referencing the new file from so we can remove a big redundant block comment from it. While in there, made a few style tweaks that will help the ongoing container document expansion. ... (check-in: be8f721d user: wyoung tags: trunk)
Extracted the Docker containers material from www/ and moved it into a new document dedicated to the topic, It was already pushing the bounds of how much info we want to provide in a single section of that doc, and it's about to get bigger.

As part of the conversion from wiki format to Markdown, did another edit pass on the doc, improving a few things along the way.

Dropped the "docker-" prefix from all internal IDs, as we no longer need them to disambiguate references to other parts of the build doc. ... (check-in: 7129dc98 user: wyoung tags: trunk)

Address builtin_deliver_multiple_js_files() endless loop reported in forum post a9a60fab07. ... (check-in: 76c9bbb3 user: stephan tags: trunk)
Add aliases as a new command type and display these next to the corresponding main command in /help. Make sure that for the 'test-all-help' command and webpage each help string is output at most once. ... (check-in: db708494 user: danield tags: trunk)
Merge in trunk. Resolve a shadowed var in dispatch.c which led to an assigned-but-not-used warning. ... (Closed-Leaf check-in: a257fbd9 user: stephan tags: help-aliases-unique)
Embroidered the "make container-run" target to make it more convenient. ... (check-in: bc09e28a user: wyoung tags: trunk)
The container doc bit on raw sockets now covers the other three Busybox utilities we left out previously. Today's removal of ping and traceroute merely completes the set; it wasn't complete in itself. ... (check-in: b429bd71 user: wyoung tags: trunk)
Clarified the points in §5.2.1 of the Docker container build doc regarding the reason why the server parent process runs as root. ... (check-in: c2eaa60d user: wyoung tags: trunk)
Researched, tested, and documented the set of "docker create --cap-drop" options we can add to strip away unnecessary root privileges inside the container without harming normal operation. Belt-and-suspenders: if any bad actor ever got into the container with root privileges, this would help prevent them from affecting anything outside the container. Added that set to the "make container-run" target so they get applied by default in the easy case. ... (check-in: f715add9 user: wyoung tags: trunk)
Removed ping and traceroute commands from the Docker container. They require raw sockets support, which means if anyone broke into the container and managed a root privilege escalation, they could do a wide array of bad things on any network the container is bound to. ... (check-in: f00a88f8 user: wyoung tags: trunk)
Polishing pass on §5.2 of the container build doc, "Why Chroot?" ... (check-in: e9860314 user: wyoung tags: trunk)
Add a missing closing LI tag for the /tkthistory page. ... (check-in: 2d0b2bda user: george tags: deltify-tkt-blobs)
Minor optimization within getAllTicketFields() function. ... (check-in: c3e7ed30 user: george tags: deltify-tkt-blobs)
Clarified the parent process user ID vs the child process in the explanation of how the chroot feature interacts with the custom user feature of the Docker container. ... (check-in: f9ddd38e user: wyoung tags: trunk)
Made a better distinction between bind mounts and Docker volumes in the new Docker section of the build doc. ... (check-in: 958a6af9 user: wyoung tags: trunk)
Add a slight drop shadow to the /chat message widgets. Edit: we already had a drop shadow, just placed on a different sub-element. ... (Closed-Leaf check-in: b04740bd user: stephan tags: mistake)
Correct a NULL being passed to strcmp() which caused any submit of JS script code in the skin editor to segfault. Reported in forum post 9d9f0580fd. ... (check-in: a8847839 user: stephan tags: trunk)
Make it possible to store similar ticket change artifacts as deltas. This might be useful when a certain column of the TICKET table holds a lengthy text that may undergo frequent modifications.

This is an opt-in feature. It is activated only when TICKET table contains a phony INTEGER column "baseline for $name" where $name stands for the name of the actual column provisioned for the aforementioned frequently changing text. ... (check-in: 0f4a0fe8 user: george tags: deltify-tkt-blobs)

Fix the logic to cancel default actions and further event bubbling to take effect for all handled keys. ... (check-in: 9cfd4e2b user: florian tags: timeline-keyboard-navigation)
Add the "Timeline" submenu link on the setup_edit page, for ordinary users. Change the "Access Log" link on that same page so that it is only present for ordinary users - not special users like "reader" or "developer". ... (check-in: 6f70a236 user: drh tags: trunk)
Removed a digression in the gitusers doc about Fossil's new clone-and-open mechanisms. That got moved to the ckout-workflows doc quite some time back, and we already point to it from that same section. There's no reason for the redundancy. Also cleaned up some grammar and typos while in there. ... (check-in: f43eaf01 user: wyoung tags: trunk)
Changed the "fossil server --user" flag's argument back to "admin" from "fossil" for the container: I was confusing the Unix user name with the default Fossil repo user name. The new "adduser fossil" stuff doesn't help here; we still want it to be called "admin". ... (check-in: 72d820f3 user: wyoung tags: trunk)
ARM build fixes for the container:
  • QEMU couldn't cope with "make -j" on the BusyBox step (too many processes) so I changed it to -j11
  • Made the new executable compression step conditional, since there is no upx package in Alpine for either ARM flavor. There's a long bug thread for it on GitHub, which doesn't look to be getting resolved any time soon.
... (check-in: 8849abb7 user: wyoung tags: trunk)
Minor fixes to the Docker container build process ... (check-in: 454397b0 user: wyoung tags: trunk)
URL fix necessitated from the rename ... (check-in: 2f67bf94 user: wyoung tags: trunk)
Carved the Docker container image size down still further by stripping out all but two of the stock skins (d* so we get default and darkmode) and packing Fossil and BusyBox with UPX. ... (check-in: e20d044c user: wyoung tags: trunk)
Fixed an Obi Wan error in the new Fossil version prefix stuff in auto.def: it was extracting the first 13 characters of the hash, not the first 12. ... (check-in: 7ecd23e0 user: wyoung tags: trunk)
Added the container-image and container-run top-level build targets to manage dependencies better and to auto-version the build products. ... (check-in: 67386c75 user: wyoung tags: trunk)
Put the "--user fossil" bit back into the fossil server command for the container. Just ran into a situations where it's still needed. ... (check-in: 4c8cc804 user: wyoung tags: trunk)
Polishing pass on the container repo storage section of the build docs. ... (check-in: 3e332637 user: wyoung tags: trunk)
Changed several of the Docker environment variables to build arguments so the user an override them at build time rather than container creation time, and documented them in Using this new mechanism to pull the Fossil source tarball in such a way that we can use the Docker artifact cache without getting stale builds. You can now pass one of the new build args to force the old behavior if you want it. This required generating Dockerfile from at configure time, to inject the current Fossil checkin ID. (This busts the Docker cache when the source tree changes.) ... (check-in: f9384383 user: wyoung tags: trunk)
Adding the BusyBox tarball to the container image with an ADD command rather than wget to avoid triggering GitHub throttling. Unlike the Fossil repo URL, it has a version number baked into it, so it's safe to give it over to Docker's caching behavior. ... (check-in: d06d7c46 user: wyoung tags: trunk)
Noted the container size shrinkage in the fossil-v-git doc ... (check-in: f21de33e user: wyoung tags: trunk)
The container now builds Busybox from source so we can remove utilities that are unhelpful inside the container. We leave a lot behind for expansion (e.g. the runit init system, crond, inetd…) but we remove things that have no possible justification, such as modprobe. We remove everything from /bin that's a shell builtin (echo, printf, test…) and we replace a few BusyBox commands (sha[13]sum) with wrapper shell scripts that call Fossil builtins. We cap that off by adding a "sqlite3" wrapper that calls "fossil sqlite3 --no-repository", just for fun. All together, this trims about a meg of fat. ... (check-in: 953f367e user: wyoung tags: trunk)
Add #ifdef's to fix the Windows build. ... (check-in: f572f752 user: florian tags: trunk)
Simplification and harmonisation of the help text. ... (check-in: 6d108417 user: florian tags: timeline-keyboard-navigation)
Also disable shortcut handling if the View Style drop-down list has keyboard focus. ... (check-in: f419c7eb user: florian tags: timeline-keyboard-navigation)
The chown -R bit added to the Dockerfile touches /jail/bin/fossil, which causes "docker build" to promote it back into a new layer, nearly doubling the container size. Doing a chown now only on two directories, restoring it to its sub-9M size. ... (check-in: 00cc9c3e user: wyoung tags: trunk)
Fossil's chroot feature drops root permissions based on file ownership, but since the container was built with everything-root, its HTTP hit handling children would run as whatever host-side UID/GID pair you used for file ownership. What happened next was complex.

If you let the container create the repo internally, it would be owned as root, so it would drop root permissions for…root! This isn't super-bad, since Fossil is presumed secure and is double-jailed besides. The risk is, if anyone works out an RCE for Fossil, they might be able to get it to create raw sockets or do various other types of escapes despite the double-jail dance.

Attaching a Docker volume brings external permisssions into the container. We were recommending a "chown 0" command on the shared volume to make it similar to the in-container case, but that opens you to the same risks above. If you ignored this and used host-side UID/GID pairs, Fossil would then be left running under IDs that didn't exist internally, which could cause assorted weirdness.

We're now creating an explicit "fossil" user/group pair inside the container and recommending that Docker volumes use these IDs for copied-in files to batten down something that shouldn't've been left flapping.

Updated to cover all this. ... (check-in: ba21bc0b user: wyoung tags: trunk)