On 12.12.2018 21:12, Branko Čibej wrote:
On 12.12.2018 19:07, Stefan Kueng wrote:
On 12.12.2018 13:55, TortoiseSVN-dev on behalf of Julian Foad wrote:
Subversion encountered a serious problem.
Please take the time to report this on the Subversion mailing list
[…]
https://subversion.apache.org/mailing-lists.html
It is likely that this is a problem specific to TortoiseSVN, and not
to core SVN. TortoiseSVN has its own mailinglists, so you should
report your problem there:
(Cross-posting.)
Since this happens in the project monitor, my best guess is that the
path/url the user entered to be monitored is not correct.
It makes me sad every time I see this pattern. Software is often
frustrating to use, but should at least aim to be polite to its
users. Telling the user "Please do X" and then when the user does X
saying "No, it's no good doing X; do Y" is not polite, and I would
not expect anyone but the most calm, patient and helpful of users to
gracefully comply with such a request.
I'm not meaning to criticise Johan but rather our whole system.
Can we please fix this problem. Both:
1) Tsvn please change the message.
Sorry, won't do that. Because I've argued multiple times over the
years here that calling exit() or even abort() in a library is the
worst idea ever. Especially if this can happen by having the user
enter a wrong path/url.
It's not the user entering the wrong path or URL. It's the code that
uses the Subversion libraries — in this case TSVN — not validating and
de-tainting its input. Yes, this has been going on for years due to your
And as I repeatedly said: TSVN does validate the input as good as it
can. But if svn does neither describe the *exact* specs in the docs nor
provide any APIs that do that, then TSVN has to guess.
And no: specifying that paths/uris have to be "canonicalized" is not
enough because I do that, using the svn APIs.
So apparently that's not enough.
obstinately refusing to conform to our API specs. In the meantime,
*your* users are left hanging.
I do conform to the specs.
The rules are clear and consistent: pointers may not be NULL unless
specifically allowed, paths must be absolute and canonical, URLs must be
canonical, all strings must be encoded in UTF-8. We provide a wide range
of helper functions that make it easy for API consumers to encode the
parameters.
That's what I do.
Sorry if this message seems rude - but I'm tired of arguing the same
over and over again.
You don't say.
I'll leave your sarcasm and won't respond to this thread anymore.
Stefan
