By not quoting the argument, an attacker with the ability to add files
to the repository could pass arbitrary arguments to the highlight
command, in particular, the --plug-in argument which can lead to
arbitrary command execution.

This patch adds simple argument quoting.

There are 2 situations:
1- empty extension: assuming text is better than highlight
   producing no output because of a missing argument.
2- no extension at all: assuming text is better than setting
   the extension to the filename, which is what now happens.

Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl>

This reverts commit f50be7fda0a7ab57009169dd5905fcbab8eb5166.

An update with the latest highlight landed in EPEL. This new version
doesn't have the --force bug, so the workaround can now be removed.

Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl>

The default length for sha1 abbreviations in git is 7.

A '#num' at the beginning of the commit message is now
recognised, a ':#num' as well, etc.: a '#num' anywhere
is now converted to a link.

Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>

Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>

This allows for putting descriptions closer to their expressions.  It
should also make it clearer how to apply an expression conditionally.

The highlight tool can be given any of the supported file extensions
as its -S parameter. This patch replaces the case-switch by extracting
the extension from the supplied file name and passing it to highlight.
However, this requires a shell supporting the ${var##pattern} syntax,
like dash or bash.

Unknown extensions cause a fall-back to plain text using the --force
switch. Error messages are redirected to /dev/null.

A special case maps Makefile and Makefile.* to the "mk" extension.

The total overhead is reduced by calling "exec highlight". No forks are
needed during script execution.

Signed-off-by: Georg Lukas <georg@op-co.de>