On 2017-11-04 07:57, Yuya Nishihara wrote: > On Fri, 03 Nov 2017 17:28:27 -0700, Gregory Szorc wrote: >> # HG changeset patch >> # User Gregory Szorc <gregory.sz...@gmail.com> >> # Date 1509755155 25200 >> # Fri Nov 03 17:25:55 2017 -0700 >> # Branch stable >> # Node ID f2390c369bfebf32f26f5a2e4aa5620224a7c8ea >> # Parent f445b10dc7fb3495d24d1c22b0996148864c77f7 >> subrepo: config option to disable subrepositories > >> +``enablesubrepos`` >> + Whether the subrepositories feature is enabled. If disabled, >> + subrepositories are effectively ignored by the Mercurial client. >> + (default: True) > > We might want to select subrepo types to be enabled since hg subrepo is > more widely used and considered less broken. >
After looking at subrepo.gitsubrepo._checkversion in the mercurial sources: Assuming the problem is limited to specific vulnerable versions of external scm tools: Perhaps, this might be narrowed to requiring specific versions of git and svn using a config knob (which defaults to the hard-coded values). _______________________________________________ Mercurial-devel mailing list Mercurial-devel@mercurial-scm.org https://www.mercurial-scm.org/mailman/listinfo/mercurial-devel