ok op@

ok tracey@

ok tracey@

Although Git itself did not care, the superfluous NUL at the end of the tag object was breaking GitHub's SSH signature detection. ok stsp@

ok tracey@

reported by and ok tracey@

this fixes only the HTML escaping of strings, the urlencode is still missig. while here also plug a memory leak in gotweb_render_branches and drop some needless ternary operators. ok tracey@

spotted by validator.w3.org: - use target="_blank" instead of `_sotd' - drop `alt' attributes in `a' tags This fixes all the errors reported; only a warning suggesting to add a `lang' attribute on the <html> tag remains.

ok tracey

With the previous patch the listen port was correct, but the debug log output was still displaying the swapped port number. Now both listen behaviour and debug log output agree.

ok tracey

ok tracey

ok tracey

instead of fcgi_gen_response which outputs only a fixed strings provide a printf-like fcgi_printf: it greatly simplifies the generation of the HTML pages. While here also (probably) fix some HTML errors: the output was verified with the W3C validator and it's correct (in the sense that the tags are properly closed, there are still some other things the validator complains about.) ok/encouragement baseprime@, ok jamsek Thanks for reading such a boring diff!

spotted by noticing gotwebd crashing on some blame requests. Diff from stsp@ with a fix from tracey@, I'm committing it only because he is short on time. ok stsp@

ok tracey

ok tracey

ok millert@

ok millert@

follow the "proper secure idiom" described in the CAVEATS section of printf(3). reminded by tb@ and millert@

"looks good to me" millert@

Cm sign matches the markup used in the ssh-keygen(1) man page. Patch by Josiah Frentsos

patch by Josiah Frentsos