Upgrades svnkit to the latest patch version 1.10.3-scm2
developed in scm-manager/svnkit-patches#2.
This should fix errors regarding spaces in filenames
in svn with external tools like Fisheye or the svnkit
command line client (#2002).
To make SCM-Manager more accessible and to make it easier using scripts against the server, we created a command line interface. This command line interface can be used to perform the default actions like create, modify and delete repositories. It is also very flexible and can be extended by plugins.
The CLI already supports internationalization, help texts, input validation, loose and table-like templates and nested subcommands. Check the cli guidelines to learn how add new cli commands.
Co-authored-by: Sebastian Sdorra <sebastian.sdorra@cloudogu.com>
* Update lock files
* Replace usage of org.apache.commons.lang3 with guava
* Update vulnerable version of cron-utils
Update cron-util from version 9.1.3 to 9.1.6.
Version 9.1.6 fixes an arbitrary code execution
vulnerability (CVE-2021-41269).
SCM-Manager is not affected by this issue,
because it is related to the el parsing
of an annotation which we don't use.
Enable gradle dependency locking for all subprojects. This change allows us to use dependency ranges, without loosing reproducible builds.
It also makes it easier for third party services such as snyk to detect dependencies and their versions.
Sets the HEAD for new Git repositories to the default branch (this is 'main' for the default configuration).
This change led to errors in unit tests, that depended on the 'master' branch.
Co-authored-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
When SCM-Manager is used behind a reverse proxy like
Nginx it may be the case, that lfs PUT requests are
buffered by the reverse proxy and will be sent to the
SCM-Manager after the whole file has been received. Due
to the expiration time of 5 minutes for the authentivation
token that had been requested by Git before the upload
has been started, this request from the proxy to
SCM-Manager fails if the upload from the client to the
reverse proxy took longer than these 5 minutes.
To solve this, we make this expiration time configurable,
so that whenever you have very large files or small
bandwidth the expiration timeout can be increased.
With the migration to gradle we lost the JUnit 5 integration tests. This is fixed here. In addition we have to adapt the AnonymousAccessITCase to the change, that the anonymous access is disabled when creating the default test data.
Migrates the existing e2e tests towards a cucumber bdd-style and utilizes the integration-test-runner package.
Co-authored-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com>
Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
