+ my @undo; # undo stack for cleanup in case of an error
+
+ ensure_committer();
+
+ # Examine changes from root of git repo, not from any subdir,
+ # in order to see all changes.
+ my ($subdir, $rootdir) = git_find_root();
+ return in_git_dir($rootdir, sub {
+ my @commits=git_commit_info($sha1, 1);
+
+ if (! @commits) {
+ error "unknown commit"; # just in case
+ }
+
+ # git revert will fail on merge commits. Add a nice message.
+ if (exists $commits[0]->{parents} &&
+ @{$commits[0]->{parents}} > 1) {
+ error gettext("you are not allowed to revert a merge");
+ }
+
+ # Due to the presence of rename-detection, we cannot actually
+ # see what will happen in a revert without trying it.
+ # But we can guess, which is enough to rule out most changes
+ # that we won't allow reverting.
+ git_parse_changes(1, @commits);
+
+ my $failure;
+ my @ret;
+ eval {
+ my $branch = "ikiwiki_revert_${sha1}"; # supposed to be unique
+
+ push @undo, sub {
+ run_or_cry('git', 'branch', '-D', $branch) if $failure;
+ };
+ if (run_or_non('git', 'rev-parse', '--quiet', '--verify', $branch)) {
+ run_or_non('git', 'branch', '-D', $branch);
+ }
+ run_or_die('git', 'branch', $branch, $config{gitmaster_branch});
+
+ my $working = create_temp_working_dir($rootdir, $branch);
+
+ push @undo, sub {
+ remove_tree($working);
+ };
+
+ in_git_dir($working, sub {
+ run_or_die('git', 'checkout', '--quiet', '--force', $branch);
+ run_or_die('git', 'revert', '--no-commit', $sha1);
+ run_or_die('git', 'commit', '-m', "revert $sha1", '-a');
+ });