got-notify-http: rename auth_user -> authenticated_user ok stsp@

add default case to the switch statement in choose_patch() Just in case the code futher up gets tweaked again such that the validity check using strchr() will be skipped in some edge case. Lucas agrees

make got stage -p behave the same way in interactive and -F modes for 'q' Lucas agrees

make gotd notifications work when 'git push' is used instead of 'got send' Git clients disconnect earlier, which resulted in session_write exiting before notifications were sent. Do not treat early EOF as a fatal error if we are sending notifications. Add regression test coverage for 'git push'. Problem found by Thomas Adam.

got: refactor choose_patch Unify the handling of a response file and interactive use, handle EOF, fix a memleak and make it easier to extend in the future. In particular, interactive mode now doesn't loop forever on EOF. Patch by Lucas Gabriel Vuotto. Joint work with op.

in gotd.conf(5) use .Sq instead of .Dv when referring to JSON field names Reads better because .Dv has no discernable effect in terminal or HTML. discussed with op@

move GOTD_ACCESS_DENIED more bits away from GOTD_ACCESS_GRANTED A similar change was made to doas(1) recently in response to rowhammer.

document common JSON notification object properties separately Document properties which are always set just once and upfront, and list the object types and type-specific properties afterwards.

in gotd.conf, fix markup of the branch-deleted notification field list This list was using -compact which was inconsistent with the lists for other notification types.

require -u option when invoking got-notify-http The authenticated username is always available so it makes little sense to treat it as an optional parameter. Suggested by op@

expose authenticated gotd user account in HTTP notifications ok op@

regress: use standard shell idiom for default values

gotwebd: add the magic ".git" handling like gotd, assume an implicit ".git" if the repo doesn't exist. Merge gotweb_init_repo_dir() and gotweb_load_got_path() since the former only sets repo_dir->name, and we don't realistically know the name until we've opened the directory. While here, unbreak the git worktree handling too. Realistically, moving forward, we should issue a redirect to the canonical URL or at least set the correct metadata in the document to avoid having multiple URLs for the same content. ok stsp; tiny change to repo_dir->name handling done after the ok.

regress: allow to customize GOT_TEST_HTTP_PORT

redo "got-fetch-http: fix GET request URL", without breaking tests My previous fix for ~user in SSH URLs broke ~user in HTTP URLs, as used on sourcehut. Sanitize the amount of leading and embedded slashes in URLs to make things work in all cases. The root cause of the test problem with naddy's previous diff was likely in the http-server script itself, where a request like GET //repo//info/refs?service=git-upload-pack somehow ended up as GET $testroot///info/refs. We work around this here by avoiding the double slashes.

got-fetch-http: backout GET request URL fix It broke the clone regression test.

got-fetch-http: fix GET request URL Add a leading '/' and do not produce a double "//" after the path. ok op

backout got stage -R option addition The stage command is usually used in a recursive manner, like 'got commit'. Forcing users to specify -R all the time is deemed too inconvenient in practice. discussed on IRC with Lorenz (xha), Omar, and Lucas

fix an fd leak in gotd's notify process This leak resulted in the gotd notify process spinning on CPU in an imsg_read() -> EAGAIN loop once it ran out of file descriptors.

fix previous: "ssh" accidentally named "git"

update protocol lists Document http and https protocols in got.conf(5). Copied from got(1) except reworded the part that referred to got.conf(5). Change "send directive" to "send block" in got(1), since got.conf(5) says there's "one configuration directive per line". Adjust table widths: longest protocol name is now "https".

got-notify-http: fix I/O with TLS (again) We try to handle early replies from the server, so we call tls_read() at each "tick" of the event loop. For the TLS case, however, bufio_read() will set bio->wantev, and if we rely only on it we can deadlock trying to read data from the server without having sent all the request. Found out the hard way while trying to send several notifications in one go. ok stsp

revert part of previous commit; the parent process is not ephemeral pointed out by op@

prevent gotd notification process from exiting due to EPIPE Ephermeral processes on the other end of a pipe might decide to exit which results in EPIPE when writing. This is not a fatal error but is somewhat expected during normal operation (at least until we improve the inter-process communication about notifications).

update got.conf(5) remote config example from git.g.o to got.g.o