Instead of duplicating the permissions on the temp file, the permissions
are duplicated on the output file directly. If the output file exists as
read-only, it is made writeable first.
There are some environments which don't allow the mv to work if the file
itself is read-only.
Instead of doing work to find the default branch just to be able to
set up the repository before doing a fetch, do a "git clone" and let
git handle it.
Use -c core.sharedrepository=0600 to get the same result as
--shared=0600 passed to init.
Use --separate-git-dir to get the git directory in $YADM_REPO. Use a
temporary dir as work tree and remove it right after the clone is
done.
When the clone is done, iterate over all missing files in $YADM_WORK
and perform a checkout. If local files exists that differ compared
with the cloned ones the local files are left intact and the user is
instructed to deal with the conflicts.
This makes it possible to run e.g. "yadm -Y foo introspect repo
2>/dev/null" and get an empty output instead of getting the error
message about foo not being fully qualified.
Start with doing "submodule absorbgitdirs" as otherwise "submodule
deinit" will fail if a module has been cloned first and later added as
a submodule (as it will then contain the .git dir instead of it being
under the superprojects .git dir).
Then try to deinit the submodules before moving the repo and abort the
upgrade if it fails for any submodule. Then do the move and finally
initialize the submodules that were initialized before the upgrade.
See #285
to make it easier to use yadm in the container. Set it in the system
config (i.e. /etc/gitconfig) to avoid getting a clash if one wants to
clone an existing yadm repo that contains a .gitconfig.
* Create a YADM_DATA base (that is the source for repo & archive)
* Add --yadm-data to override
* Default YADM_DATA will be determined by XDG_DATA_HOME
This special condition doesn't affect the selection process and is only
supported to support syntax highlighting and language detection for alt files
as reported in #239.
The syntax is '{% include "file" %}' where file is either an absolute path or a
path relative to the current template file's directory.
Variables in the included file will be replaced as for the main template. But
the included file can't include files itself.
The newer versions (OpenSSL 1.1.1 or LibreSSL 2.9.1) support the pbkdf2
key derivation function, while older versions do not. In addition the
new versions have changed the default digest to SHA256 instead of MD5.
Files encrypted with older versions would throw warnings about
deprecated key derivation used files encrypted with newer versions +
pbkdf2 would not be decryptable using older versions These problems
matter, when many users maintain their dotfiles across different systems
with different levels of OpenSSL support.
A new boolean config option has been added, yadm.openssl-old
* If false, use options -pbkdf2 -iter 100000 -md sha512
* If true, use options -md md5 (and if decrypting with newer versions
warnings will be printed)
FixesTheLocehiliosan/yadm#226
When a config file path is passed to yadm whose parent directory does
not exist, git (and hence yadm) fails without writing the file.
Yadm should, however, make sure that the directory exists s.t. git can
just write to the file.
