[PATCH 0 of 5] keyword: safer copy/rename, safer search/substitution

[Christian Ebert]

Hi,

I extended my recently sent series with a 2nd security
enhancement regarding unwanted keyword (un)expansion:

1) handle copying/renaming to a destination not configured for
   keyword expansion gracefully (4th patch)
2) Stricter keyword detection by using 2 specific regular
   expressions which search either for unexpanded or expanded
   keywords only (5th patch)

The first patch is cosmetic and serves the main purpose that I
can understand my own code ;-)

The second patch favors working with contexts.

The third patch removes duplicate search or replace operations
on keyword (un)expansion.

With the 4th patch of this series copy and rename operations
become safer wrt keyword expansion.

Before files containing expanded keywords were copied/renamed
unaltered to a destination ignored by the extension. If these
files were checked in the expanded keywords became
unintentionally part of the change history. I tend to consider
this as a long-standing bug in the extension, which should now be
fixed.

I don't think the wrapper for cmdutil.copy needs to be
write-locked as cmdutil.copy is "called with the repo lock held",
but I'm fine with being taught otherwise.

The 5th patch makes keyword search and substitution more secure,
also "loosely" formatted keywords, like $Id:  $ (before
expansion) are not allowed anymore -- an issue which cropped up
at least once on the wiki.

A crew repo with patch series applied can be found here:
http://www.blacktrash.org/hg-crew-mq/

c