Jonathan Nieder [Sun, 16 Jun 2024 15:48:22 +0000 (16 15:48 +0000)]
debian: new upstream point release
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Jonathan Nieder [Sun, 16 Jun 2024 15:39:06 +0000 (16 15:39 +0000)]
Merge tag 'v2.45.2' into debian-sid
Git 2.45.2
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Junio C Hamano [Fri, 31 May 2024 00:18:43 +0000 (30 17:18 -0700)]
Git 2.45.2
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Fri, 31 May 2024 00:17:21 +0000 (30 17:17 -0700)]
Merge branch 'jc/fix-2.45.1-and-friends-for-maint' into maint-2.45
* jc/fix-2.45.1-and-friends-for-maint:
Revert "fsck: warn about symlink pointing inside a gitdir"
Revert "Add a helper function to compare file contents"
clone: drop the protections where hooks aren't run
tests: verify that `clone -c core.hooksPath=/dev/null` works again
Revert "core.hooksPath: add some protection while cloning"
init: use the correct path of the templates directory again
hook: plug a new memory leak
ci: stop installing "gcc-13" for osx-gcc
ci: avoid bare "gcc" for osx-gcc job
ci: drop mention of BREW_INSTALL_PACKAGES variable
send-email: avoid creating more than one Term::ReadLine object
send-email: drop FakeTerm hack
Junio C Hamano [Fri, 31 May 2024 00:13:43 +0000 (30 17:13 -0700)]
Git 2.44.2
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Fri, 31 May 2024 00:11:02 +0000 (30 17:11 -0700)]
Merge branch 'fixes/2.45.1/2.44' into maint-2.44
* fixes/2.45.1/2.44:
Revert "fsck: warn about symlink pointing inside a gitdir"
Revert "Add a helper function to compare file contents"
clone: drop the protections where hooks aren't run
tests: verify that `clone -c core.hooksPath=/dev/null` works again
Revert "core.hooksPath: add some protection while cloning"
init: use the correct path of the templates directory again
hook: plug a new memory leak
ci: stop installing "gcc-13" for osx-gcc
ci: avoid bare "gcc" for osx-gcc job
ci: drop mention of BREW_INSTALL_PACKAGES variable
send-email: avoid creating more than one Term::ReadLine object
send-email: drop FakeTerm hack
Junio C Hamano [Fri, 31 May 2024 00:06:24 +0000 (30 17:06 -0700)]
Git 2.43.5
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Fri, 31 May 2024 00:04:37 +0000 (30 17:04 -0700)]
Merge branch 'fixes/2.45.1/2.43' into maint-2.43
* fixes/2.45.1/2.43:
Revert "fsck: warn about symlink pointing inside a gitdir"
Revert "Add a helper function to compare file contents"
clone: drop the protections where hooks aren't run
tests: verify that `clone -c core.hooksPath=/dev/null` works again
Revert "core.hooksPath: add some protection while cloning"
init: use the correct path of the templates directory again
hook: plug a new memory leak
ci: stop installing "gcc-13" for osx-gcc
ci: avoid bare "gcc" for osx-gcc job
ci: drop mention of BREW_INSTALL_PACKAGES variable
send-email: avoid creating more than one Term::ReadLine object
send-email: drop FakeTerm hack
Junio C Hamano [Fri, 31 May 2024 00:03:31 +0000 (30 17:03 -0700)]
Git 2.42.3
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Fri, 31 May 2024 00:00:57 +0000 (30 17:00 -0700)]
Merge branch 'fixes/2.45.1/2.42' into maint-2.42
* fixes/2.45.1/2.42:
Revert "fsck: warn about symlink pointing inside a gitdir"
Revert "Add a helper function to compare file contents"
clone: drop the protections where hooks aren't run
tests: verify that `clone -c core.hooksPath=/dev/null` works again
Revert "core.hooksPath: add some protection while cloning"
init: use the correct path of the templates directory again
hook: plug a new memory leak
ci: stop installing "gcc-13" for osx-gcc
ci: avoid bare "gcc" for osx-gcc job
ci: drop mention of BREW_INSTALL_PACKAGES variable
send-email: avoid creating more than one Term::ReadLine object
send-email: drop FakeTerm hack
Junio C Hamano [Fri, 31 May 2024 00:00:29 +0000 (30 17:00 -0700)]
Git 2.41.2
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Thu, 30 May 2024 23:58:12 +0000 (30 16:58 -0700)]
Merge branch 'fixes/2.45.1/2.41' into maint-2.41
* fixes/2.45.1/2.41:
Revert "fsck: warn about symlink pointing inside a gitdir"
Revert "Add a helper function to compare file contents"
clone: drop the protections where hooks aren't run
tests: verify that `clone -c core.hooksPath=/dev/null` works again
Revert "core.hooksPath: add some protection while cloning"
init: use the correct path of the templates directory again
hook: plug a new memory leak
ci: stop installing "gcc-13" for osx-gcc
ci: avoid bare "gcc" for osx-gcc job
ci: drop mention of BREW_INSTALL_PACKAGES variable
send-email: avoid creating more than one Term::ReadLine object
send-email: drop FakeTerm hack
Junio C Hamano [Thu, 30 May 2024 23:57:31 +0000 (30 16:57 -0700)]
Git 2.40.3
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Thu, 30 May 2024 23:54:42 +0000 (30 16:54 -0700)]
Merge branch 'fixes/2.45.1/2.40' into maint-2.40
* fixes/2.45.1/2.40:
Revert "fsck: warn about symlink pointing inside a gitdir"
Revert "Add a helper function to compare file contents"
clone: drop the protections where hooks aren't run
tests: verify that `clone -c core.hooksPath=/dev/null` works again
Revert "core.hooksPath: add some protection while cloning"
init: use the correct path of the templates directory again
hook: plug a new memory leak
ci: stop installing "gcc-13" for osx-gcc
ci: avoid bare "gcc" for osx-gcc job
ci: drop mention of BREW_INSTALL_PACKAGES variable
send-email: avoid creating more than one Term::ReadLine object
send-email: drop FakeTerm hack
Junio C Hamano [Thu, 30 May 2024 23:52:52 +0000 (30 16:52 -0700)]
Git 2.39.5
Junio C Hamano [Thu, 30 May 2024 23:38:58 +0000 (30 16:38 -0700)]
Merge branch 'jc/fix-2.45.1-and-friends-for-2.39' into maint-2.39
* jc/fix-2.45.1-and-friends-for-2.39:
Revert "fsck: warn about symlink pointing inside a gitdir"
Revert "Add a helper function to compare file contents"
clone: drop the protections where hooks aren't run
tests: verify that `clone -c core.hooksPath=/dev/null` works again
Revert "core.hooksPath: add some protection while cloning"
init: use the correct path of the templates directory again
hook: plug a new memory leak
ci: stop installing "gcc-13" for osx-gcc
ci: avoid bare "gcc" for osx-gcc job
ci: drop mention of BREW_INSTALL_PACKAGES variable
send-email: avoid creating more than one Term::ReadLine object
send-email: drop FakeTerm hack
Junio C Hamano [Fri, 24 May 2024 23:59:12 +0000 (24 16:59 -0700)]
Merge branch 'fixes/2.45.1/2.44' into jc/fix-2.45.1-and-friends-for-maint
* fixes/2.45.1/2.44:
Revert "fsck: warn about symlink pointing inside a gitdir"
Revert "Add a helper function to compare file contents"
clone: drop the protections where hooks aren't run
tests: verify that `clone -c core.hooksPath=/dev/null` works again
Revert "core.hooksPath: add some protection while cloning"
init: use the correct path of the templates directory again
hook: plug a new memory leak
ci: stop installing "gcc-13" for osx-gcc
ci: avoid bare "gcc" for osx-gcc job
ci: drop mention of BREW_INSTALL_PACKAGES variable
send-email: avoid creating more than one Term::ReadLine object
send-email: drop FakeTerm hack
Junio C Hamano [Fri, 24 May 2024 23:58:35 +0000 (24 16:58 -0700)]
Merge branch 'fixes/2.45.1/2.43' into fixes/2.45.1/2.44
* fixes/2.45.1/2.43:
Revert "fsck: warn about symlink pointing inside a gitdir"
Revert "Add a helper function to compare file contents"
clone: drop the protections where hooks aren't run
tests: verify that `clone -c core.hooksPath=/dev/null` works again
Revert "core.hooksPath: add some protection while cloning"
init: use the correct path of the templates directory again
hook: plug a new memory leak
ci: stop installing "gcc-13" for osx-gcc
ci: avoid bare "gcc" for osx-gcc job
ci: drop mention of BREW_INSTALL_PACKAGES variable
send-email: avoid creating more than one Term::ReadLine object
send-email: drop FakeTerm hack
Junio C Hamano [Fri, 24 May 2024 23:58:11 +0000 (24 16:58 -0700)]
Merge branch 'fixes/2.45.1/2.42' into fixes/2.45.1/2.43
* fixes/2.45.1/2.42:
Revert "fsck: warn about symlink pointing inside a gitdir"
Revert "Add a helper function to compare file contents"
clone: drop the protections where hooks aren't run
tests: verify that `clone -c core.hooksPath=/dev/null` works again
Revert "core.hooksPath: add some protection while cloning"
init: use the correct path of the templates directory again
hook: plug a new memory leak
ci: stop installing "gcc-13" for osx-gcc
ci: avoid bare "gcc" for osx-gcc job
ci: drop mention of BREW_INSTALL_PACKAGES variable
send-email: avoid creating more than one Term::ReadLine object
send-email: drop FakeTerm hack
Junio C Hamano [Fri, 24 May 2024 23:57:43 +0000 (24 16:57 -0700)]
Merge branch 'fixes/2.45.1/2.41' into fixes/2.45.1/2.42
* fixes/2.45.1/2.41:
Revert "fsck: warn about symlink pointing inside a gitdir"
Revert "Add a helper function to compare file contents"
clone: drop the protections where hooks aren't run
tests: verify that `clone -c core.hooksPath=/dev/null` works again
Revert "core.hooksPath: add some protection while cloning"
init: use the correct path of the templates directory again
hook: plug a new memory leak
ci: stop installing "gcc-13" for osx-gcc
ci: avoid bare "gcc" for osx-gcc job
ci: drop mention of BREW_INSTALL_PACKAGES variable
send-email: avoid creating more than one Term::ReadLine object
send-email: drop FakeTerm hack
Junio C Hamano [Fri, 24 May 2024 23:57:01 +0000 (24 16:57 -0700)]
Merge branch 'fixes/2.45.1/2.40' into fixes/2.45.1/2.41
* fixes/2.45.1/2.40:
Revert "fsck: warn about symlink pointing inside a gitdir"
Revert "Add a helper function to compare file contents"
clone: drop the protections where hooks aren't run
tests: verify that `clone -c core.hooksPath=/dev/null` works again
Revert "core.hooksPath: add some protection while cloning"
init: use the correct path of the templates directory again
hook: plug a new memory leak
ci: stop installing "gcc-13" for osx-gcc
ci: avoid bare "gcc" for osx-gcc job
ci: drop mention of BREW_INSTALL_PACKAGES variable
send-email: avoid creating more than one Term::ReadLine object
send-email: drop FakeTerm hack
Junio C Hamano [Fri, 24 May 2024 19:29:35 +0000 (24 12:29 -0700)]
Merge branch 'jc/fix-2.45.1-and-friends-for-2.39' into fixes/2.45.1/2.40
Revert overly aggressive "layered defence" that went into 2.45.1
and friends, which broke "git-lfs", "git-annex", and other use
cases, so that we can rebuild necessary counterparts in the open.
* jc/fix-2.45.1-and-friends-for-2.39:
Revert "fsck: warn about symlink pointing inside a gitdir"
Revert "Add a helper function to compare file contents"
clone: drop the protections where hooks aren't run
tests: verify that `clone -c core.hooksPath=/dev/null` works again
Revert "core.hooksPath: add some protection while cloning"
init: use the correct path of the templates directory again
hook: plug a new memory leak
ci: stop installing "gcc-13" for osx-gcc
ci: avoid bare "gcc" for osx-gcc job
ci: drop mention of BREW_INSTALL_PACKAGES variable
send-email: avoid creating more than one Term::ReadLine object
send-email: drop FakeTerm hack
Junio C Hamano [Thu, 23 May 2024 04:55:31 +0000 (22 21:55 -0700)]
Revert "fsck: warn about symlink pointing inside a gitdir"
This reverts commit
a33fea08 (fsck: warn about symlink pointing
inside a gitdir, 2024-04-10), which warns against symbolic links
commonly created by git-annex.
Johannes Schindelin [Mon, 20 May 2024 20:22:05 +0000 (20 20:22 +0000)]
Revert "Add a helper function to compare file contents"
Now that during a `git clone`, the hooks' contents are no longer
compared to the templates' files', the caller for which the
`do_files_match()` function was introduced is gone, and therefore this
function can be retired, too.
This reverts commit
584de0b4c23 (Add a helper function to compare file
contents, 2024-03-30).
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Johannes Schindelin [Mon, 20 May 2024 20:22:04 +0000 (20 20:22 +0000)]
clone: drop the protections where hooks aren't run
As part of the security bug-fix releases v2.39.4, ..., v2.45.1, I
introduced logic to safeguard `git clone` from running hooks that were
installed _during_ the clone operation.
The rationale was that Git's CVE-2024-32002, CVE-2021-21300,
CVE-2019-1354, CVE-2019-1353, CVE-2019-1352, and CVE-2019-1349 should
have been low-severity vulnerabilities but were elevated to
critical/high severity by the attack vector that allows a weakness where
files inside `.git/` can be inadvertently written during a `git clone`
to escalate to a Remote Code Execution attack by virtue of installing a
malicious `post-checkout` hook that Git will then run at the end of the
operation without giving the user a chance to see what code is executed.
Unfortunately, Git LFS uses a similar strategy to install its own
`post-checkout` hook during a `git clone`; In fact, Git LFS is
installing four separate hooks while running the `smudge` filter.
While this pattern is probably in want of being improved by introducing
better support in Git for Git LFS and other tools wishing to register
hooks to be run at various stages of Git's commands, let's undo the
clone protections to unbreak Git LFS-enabled clones.
This reverts commit
8db1e8743c0 (clone: prevent hooks from running
during a clone, 2024-03-28).
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Johannes Schindelin [Mon, 20 May 2024 20:22:03 +0000 (20 20:22 +0000)]
tests: verify that `clone -c core.hooksPath=/dev/null` works again
As part of the protections added in Git v2.45.1 and friends,
repository-local `core.hooksPath` settings are no longer allowed, as a
defense-in-depth mechanism to prevent future Git vulnerabilities to
raise to critical level if those vulnerabilities inadvertently allow the
repository-local config to be written.
What the added protection did not anticipate is that such a
repository-local `core.hooksPath` can not only be used to point to
maliciously-placed scripts in the current worktree, but also to
_prevent_ hooks from being called altogether.
We just reverted the `core.hooksPath` protections, based on the Git
maintainer's recommendation in
https://lore.kernel.org/git/xmqq4jaxvm8z.fsf@gitster.g/ to address this
concern as well as related ones. Let's make sure that we won't regress
while trying to protect the clone operation further.
Reported-by: Brooke Kuhlmann <brooke@alchemists.io>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Johannes Schindelin [Mon, 20 May 2024 20:22:02 +0000 (20 20:22 +0000)]
Revert "core.hooksPath: add some protection while cloning"
This defense-in-depth was intended to protect the clone operation
against future escalations where bugs in `git clone` would allow
attackers to write arbitrary files in the `.git/` directory would allow
for Remote Code Execution attacks via maliciously-placed hooks.
However, it turns out that the `core.hooksPath` protection has
unintentional side effects so severe that they do not justify the
benefit of the protections. For example, it has been reported in
https://lore.kernel.org/git/
FAFA34CB-9732-4A0A-87FB-
BDB272E6AEE8@alchemists.io/
that the following invocation, which is intended to make `git clone`
safer, is itself broken by that protective measure:
git clone --config core.hooksPath=/dev/null <url>
Since it turns out that the benefit does not justify the cost, let's revert
20f3588efc6 (core.hooksPath: add some protection while cloning,
2024-03-30).
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Johannes Schindelin [Mon, 20 May 2024 20:22:01 +0000 (20 20:22 +0000)]
init: use the correct path of the templates directory again
In
df93e407f06 (init: refactor the template directory discovery into its
own function, 2024-03-29), I refactored the way the templates directory
is discovered.
The refactoring was faithful, but missed a reference in the `Makefile`
where the `DEFAULT_GIT_TEMPLATE_DIR` constant is defined. As a
consequence, Git v2.45.1 and friends will always use the hard-coded path
`/usr/share/git-core/templates`.
Let's fix that by defining the `DEFAULT_GIT_TEMPLATE_DIR` when building
`setup.o`, where that constant is actually used.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Johannes Schindelin [Mon, 20 May 2024 20:22:00 +0000 (20 20:22 +0000)]
hook: plug a new memory leak
In
8db1e8743c0 (clone: prevent hooks from running during a clone,
2024-03-28), I introduced an inadvertent memory leak that was
unfortunately not caught before v2.45.1 was released. Here is a fix.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Jeff King [Thu, 9 May 2024 16:25:44 +0000 (9 12:25 -0400)]
ci: stop installing "gcc-13" for osx-gcc
Our osx-gcc job explicitly asks to install gcc-13. But since the GitHub
runner image already comes with gcc-13 installed, this is mostly doing
nothing (or in some cases it may install an incremental update over the
runner image). But worse, it recently started causing errors like:
==> Fetching gcc@13
==> Downloading https://ghcr.io/v2/homebrew/core/gcc/13/blobs/sha256:fb2403d97e2ce67eb441b54557cfb61980830f3ba26d4c5a1fe5ecd0c9730d1a
==> Pouring gcc@13--13.2.0.ventura.bottle.tar.gz
Error: The `brew link` step did not complete successfully
The formula built, but is not symlinked into /usr/local
Could not symlink bin/c++-13
Target /usr/local/bin/c++-13
is a symlink belonging to gcc. You can unlink it:
brew unlink gcc
which cause the whole CI job to bail.
I didn't track down the root cause, but I suspect it may be related to
homebrew recently switching the "gcc" default to gcc-14. And it may even
be fixed when a new runner image is released. But if we don't need to
run brew at all, it's one less thing for us to worry about.
[jc: cherry-picked from
v2.45.0-3-g7df2405b38]
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Jeff King [Thu, 9 May 2024 16:24:15 +0000 (9 12:24 -0400)]
ci: avoid bare "gcc" for osx-gcc job
On macOS, a bare "gcc" (without a version) will invoke a wrapper for
clang, not actual gcc. Even when gcc is installed via homebrew, that
only provides version-specific links in /usr/local/bin (like "gcc-13"),
and never a version-agnostic "gcc" wrapper.
As far as I can tell, this has been the case for a long time, and this
osx-gcc job has largely been doing nothing. We can point it at "gcc-13",
which will pick up the homebrew-installed version.
The fix here is specific to the github workflow file, as the gitlab one
does not have a matching job.
It's a little unfortunate that we cannot just ask for the latest version
of gcc which homebrew provides, but as far as I can tell there is no
easy alias (you'd have to find the highest number gcc-* in
/usr/local/bin yourself).
[jc: cherry-picked from
v2.45.0-2-g11c7001e3d]
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Jeff King [Thu, 9 May 2024 16:23:05 +0000 (9 12:23 -0400)]
ci: drop mention of BREW_INSTALL_PACKAGES variable
The last user of this variable went away in
4a6e4b9602 (CI: remove
Travis CI support, 2021-11-23), so it's doing nothing except making it
more confusing to find out which packages _are_ installed.
[jc: cherry-picked from
v2.45.0-1-g9d4453e8d6]
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Jeff King [Tue, 8 Aug 2023 18:15:31 +0000 (8 14:15 -0400)]
send-email: avoid creating more than one Term::ReadLine object
Every time git-send-email calls its ask() function to prompt the user,
we call term(), which instantiates a new Term::ReadLine object. But in
v1.46 of Term::ReadLine::Gnu (which provides the Term::ReadLine
interface on some platforms), its constructor refuses to create a second
instance[1]. So on systems with that version of the module, most
git-send-email instances will fail (as we usually prompt for both "to"
and "in-reply-to" unless the user provided them on the command line).
We can fix this by keeping a single instance variable and returning it
for each call to term(). In perl 5.10 and up, we could do that with a
"state" variable. But since we only require 5.008, we'll do it the
old-fashioned way, with a lexical "my" in its own scope.
Note that the tests in t9001 detect this problem as-is, since the
failure mode is for the program to die. But let's also beef up the
"Prompting works" test to check that it correctly handles multiple
inputs (if we had chosen to keep our FakeTerm hack in the previous
commit, then the failure mode would be incorrectly ignoring prompts
after the first).
[1] For discussion of why multiple instances are forbidden, see:
https://github.com/hirooih/perl-trg/issues/16
[jc: cherry-picked from v2.42.0-rc2~6^2]
Signed-off-by: Jeff King <peff@peff.net>
Acked-by: Taylor Blau <me@ttaylorr.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Jeff King [Tue, 8 Aug 2023 18:14:36 +0000 (8 14:14 -0400)]
send-email: drop FakeTerm hack
Back in
280242d1cc (send-email: do not barf when Term::ReadLine does not
like your terminal, 2006-07-02), we added a fallback for when
Term::ReadLine's constructor failed: we'd have a FakeTerm object
instead, which would then die if anybody actually tried to call
readline() on it. Since we instantiated the $term variable at program
startup, we needed this workaround to let the program run in modes when
we did not prompt the user.
But later, in
f4dc9432fd (send-email: lazily load modules for a big
speedup, 2021-05-28), we started loading Term::ReadLine lazily only when
ask() is called. So at that point we know we're trying to prompt the
user, and we can just die if ReadLine instantiation fails, rather than
making this fake object to lazily delay showing the error.
This should be OK even if there is no tty (e.g., we're in a cron job),
because Term::ReadLine will return a stub object in that case whose "IN"
and "OUT" functions return undef. And since
5906f54e47 (send-email:
don't attempt to prompt if tty is closed, 2009-03-31), we check for that
case and skip prompting.
And we can be sure that FakeTerm was not kicking in for such a
situation, because it has actually been broken since that commit! It
does not define "IN" or "OUT" methods, so perl would barf with an error.
If FakeTerm was in use, we were neither honoring what
5906f54e47 tried
to do, nor producing the readable message that
280242d1cc intended.
So we're better off just dropping FakeTerm entirely, and letting the
error reported by constructing Term::ReadLine through.
[jc: cherry-picked from v2.42.0-rc2~6^2~1]
Signed-off-by: Jeff King <peff@peff.net>
Acked-by: Taylor Blau <me@ttaylorr.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Jonathan Nieder [Mon, 20 May 2024 03:38:29 +0000 (20 03:38 +0000)]
debian: apply upstream changes to avoid v2.45.1 being a regression
From https://lore.kernel.org/git/xmqqy187nj4u.fsf@gitster.g/.
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Jonathan Nieder [Mon, 20 May 2024 02:53:13 +0000 (20 02:53 +0000)]
debian: new release
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Jonathan Nieder [Sat, 18 May 2024 23:03:08 +0000 (18 23:03 +0000)]
Merge tag 'v2.45.1' into debian-sid
Git 2.45.1
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Johannes Schindelin [Wed, 24 Apr 2024 07:17:11 +0000 (24 09:17 +0200)]
Git 2.45.1
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Johannes Schindelin [Wed, 24 Apr 2024 07:11:55 +0000 (24 09:11 +0200)]
Sync with 2.44.1
* maint-2.44: (41 commits)
Git 2.44.1
Git 2.43.4
Git 2.42.2
Git 2.41.1
Git 2.40.2
Git 2.39.4
fsck: warn about symlink pointing inside a gitdir
core.hooksPath: add some protection while cloning
init.templateDir: consider this config setting protected
clone: prevent hooks from running during a clone
Add a helper function to compare file contents
init: refactor the template directory discovery into its own function
find_hook(): refactor the `STRIP_EXTENSION` logic
clone: when symbolic links collide with directories, keep the latter
entry: report more colliding paths
t5510: verify that D/F confusion cannot lead to an RCE
submodule: require the submodule path to contain directories only
clone_submodule: avoid using `access()` on directories
submodules: submodule paths must not contain symlinks
clone: prevent clashing git dirs when cloning submodule in parallel
...
Junio C Hamano [Mon, 29 Apr 2024 14:30:29 +0000 (29 07:30 -0700)]
Git 2.45
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Mon, 29 Apr 2024 14:29:35 +0000 (29 07:29 -0700)]
Merge tag 'l10n-2.45.0-rnd1' of https://github.com/git-l10n/git-po
l10n-2.45.0-rnd1
* tag 'l10n-2.45.0-rnd1' of https://github.com/git-l10n/git-po:
l10n: tr: Update Turkish translations
l10n: zh_CN: for git 2.45 rounds
l10n: zh-TW: Git 2.45
l10n: vi: Updated translation for 2.45
l10n: TEAMS: retire l10n teams no update in 1 year
l10n: uk: v2.45 update
l10n: sv.po: Update Swedish translation
l10n: Update German translation
l10n: po-id for 2.45
l10n: bg.po: Updated Bulgarian translation (5652t)
l10n: fr: v2.45.0
l10n: Update Vietnamese team contact
Jiang Xin [Mon, 29 Apr 2024 06:50:23 +0000 (29 14:50 +0800)]
Merge branch 'master' of github.com:alshopov/git-po
* 'master' of github.com:alshopov/git-po:
l10n: bg.po: Updated Bulgarian translation (5652t)
Jiang Xin [Mon, 29 Apr 2024 06:49:44 +0000 (29 14:49 +0800)]
Merge branch 'fr_v2.45.0' of github.com:jnavila/git
* 'fr_v2.45.0' of github.com:jnavila/git:
l10n: fr: v2.45.0
Emir SARI [Mon, 15 Apr 2024 22:44:25 +0000 (16 01:44 +0300)]
l10n: tr: Update Turkish translations
Signed-off-by: Emir SARI <emir_sari@icloud.com>
Jiang Xin [Sun, 28 Apr 2024 12:36:57 +0000 (28 20:36 +0800)]
Merge branch 'l10n/zh-TW/240428' of github.com:l10n-tw/git-po
* 'l10n/zh-TW/240428' of github.com:l10n-tw/git-po:
l10n: zh-TW: Git 2.45
Jiang Xin [Sun, 28 Apr 2024 12:35:54 +0000 (28 20:35 +0800)]
Merge branch 'tl/zh_CN_2.45.0_rnd' of github.com:dyrone/git
* 'tl/zh_CN_2.45.0_rnd' of github.com:dyrone/git:
l10n: zh_CN: for git 2.45 rounds
Teng Long [Wed, 24 Apr 2024 13:43:34 +0000 (24 21:43 +0800)]
l10n: zh_CN: for git 2.45 rounds
Signed-off-by: Teng Long <dyroneteng@gmail.com>
Yi-Jyun Pan [Sun, 28 Apr 2024 10:46:20 +0000 (28 18:46 +0800)]
l10n: zh-TW: Git 2.45
Co-Authored-By: Lumynous <lumynou5.tw@gmail.com>
Co-Authored-By: Kisaragi Hiu <mail@kisaragi-hiu.com>
Signed-off-by: Yi-Jyun Pan <pan93412@gmail.com>
Jiang Xin [Sun, 28 Apr 2024 10:28:48 +0000 (28 18:28 +0800)]
Merge branch 'update-teams' of https://github.com/Nekosha/git-po
* 'update-teams' of https://github.com/Nekosha/git-po:
l10n: Update Vietnamese team contact
Vũ Tiến Hưng [Tue, 16 Apr 2024 09:13:00 +0000 (16 16:13 +0700)]
l10n: vi: Updated translation for 2.45
Signed-off-by: Vũ Tiến Hưng <newcomerminecraft@gmail.com>
Jiang Xin [Fri, 19 Apr 2024 07:57:47 +0000 (19 15:57 +0800)]
l10n: TEAMS: retire l10n teams no update in 1 year
Signed-off-by: Jiang Xin <worldhello.net@gmail.com>
Jiang Xin [Sat, 27 Apr 2024 23:30:08 +0000 (28 07:30 +0800)]
Merge branch 'l10n/uk/2.45-uk-update'
* '2.45-uk-update' of github.com:arkid15r/git-ukrainian-l10n:
l10n: uk: v2.45 update
Jiang Xin [Sat, 27 Apr 2024 23:25:22 +0000 (28 07:25 +0800)]
Merge branch 'l10n-de-2.45' of github.com:ralfth/git
* 'l10n-de-2.45' of github.com:ralfth/git:
l10n: Update German translation
Jiang Xin [Sat, 27 Apr 2024 23:23:52 +0000 (28 07:23 +0800)]
Merge branch 'po-id' of github.com:bagasme/git-po
* 'po-id' of github.com:bagasme/git-po:
l10n: po-id for 2.45
Arkadii Yakovets [Sat, 27 Apr 2024 18:41:08 +0000 (27 11:41 -0700)]
l10n: uk: v2.45 update
Co-authored-by: Kate Golovanova <kate@kgthreads.com>
Signed-off-by: Arkadii Yakovets <ark@cho.red>
Signed-off-by: Kate Golovanova <kate@kgthreads.com>
Peter Krefting [Sat, 27 Apr 2024 14:21:53 +0000 (27 15:21 +0100)]
l10n: sv.po: Update Swedish translation
Also fix some inconsistencies, and fix issue reported by
Anders Jonsson <anders.jonsson@norsjovallen.se>.
Signed-off-by: Peter Krefting <peter@softwolves.pp.se>
Ralf Thielow [Fri, 26 Apr 2024 14:24:36 +0000 (26 16:24 +0200)]
l10n: Update German translation
Reviewed-by: Matthias Rüster <matthias.ruester@gmail.com>
Signed-off-by: Ralf Thielow <ralf.thielow@gmail.com>
Bagas Sanjaya [Wed, 17 Apr 2024 05:41:49 +0000 (17 12:41 +0700)]
l10n: po-id for 2.45
Translate following new components:
* refs/reftable-backend.c
Update following components:
* branch.c
* builtin/column.c
* builtin/config.c
* builtin/for-each-ref.c
* builtin/pack-refs.c
* revision.c
Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
Junio C Hamano [Thu, 25 Apr 2024 17:34:24 +0000 (25 10:34 -0700)]
Merge branch 'rj/add-i-leak-fix'
Leakfix.
* rj/add-i-leak-fix:
add: plug a leak on interactive_add
add-patch: plug a leak handling the '/' command
add-interactive: plug a leak in get_untracked_files
apply: plug a leak in apply_data
Junio C Hamano [Thu, 25 Apr 2024 17:34:23 +0000 (25 10:34 -0700)]
Merge branch 'rs/vsnprintf-failure-is-not-a-bug'
Demote a BUG() to an die() when the failure from vsnprintf() may
not be due to a programmer error.
* rs/vsnprintf-failure-is-not-a-bug:
don't report vsnprintf(3) error as bug
Taylor Blau [Wed, 24 Apr 2024 16:27:05 +0000 (24 12:27 -0400)]
Documentation/RelNotes/2.45.0.txt: fix typo
Signed-off-by: Taylor Blau <me@ttaylorr.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Tue, 23 Apr 2024 22:05:07 +0000 (23 15:05 -0700)]
Git 2.45-rc1
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Tue, 23 Apr 2024 22:05:56 +0000 (23 15:05 -0700)]
Merge branch 'ps/run-auto-maintenance-in-receive-pack'
The "receive-pack" program (which responds to "git push") was not
converted to run "git maintenance --auto" when other codepaths that
used to run "git gc --auto" were updated, which has been corrected.
* ps/run-auto-maintenance-in-receive-pack:
builtin/receive-pack: convert to use git-maintenance(1)
run-command: introduce function to prepare auto-maintenance process
Junio C Hamano [Tue, 23 Apr 2024 22:05:56 +0000 (23 15:05 -0700)]
Merge branch 'pk/bisect-use-show'
When "git bisect" reports the commit it determined to be the
culprit, we used to show it in a format that does not honor common
UI tweaks, like log.date and log.decorate. The code has been
taught to use "git show" to follow more customizations.
* pk/bisect-use-show:
bisect: report the found commit with "show"
Junio C Hamano [Tue, 23 Apr 2024 18:52:19 +0000 (23 11:52 -0700)]
A bit more topics before -rc1
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Tue, 23 Apr 2024 18:52:41 +0000 (23 11:52 -0700)]
Merge branch 'rs/apply-reject-long-name'
The filename used for rejected hunks "git apply --reject" creates
was limited to PATH_MAX, which has been lifted.
* rs/apply-reject-long-name:
apply: avoid using fixed-size buffer in write_out_one_reject()
Junio C Hamano [Tue, 23 Apr 2024 18:52:41 +0000 (23 11:52 -0700)]
Merge branch 'mr/rerere-crash-fix'
When .git/rr-cache/ rerere database gets corrupted or rerere is fed to
work on a file with conflicted hunks resolved incompletely, the rerere
machinery got confused and segfaulted, which has been corrected.
* mr/rerere-crash-fix:
rerere: fix crashes due to unmatched opening conflict markers
Junio C Hamano [Tue, 23 Apr 2024 18:52:41 +0000 (23 11:52 -0700)]
Merge branch 'rs/imap-send-simplify-cmd-issuing-codepath'
Code simplification.
* rs/imap-send-simplify-cmd-issuing-codepath:
imap-send: increase command size limit
Junio C Hamano [Tue, 23 Apr 2024 18:52:40 +0000 (23 11:52 -0700)]
Merge branch 'xx/rfc2822-date-format-in-doc'
Docfix.
* xx/rfc2822-date-format-in-doc:
Documentation: fix typos describing date format
Junio C Hamano [Tue, 23 Apr 2024 18:52:40 +0000 (23 11:52 -0700)]
Merge branch 'ps/missing-btmp-fix'
GIt 2.44 introduced a regression that makes the updated code to
barf in repositories with multi-pack index written by older
versions of Git, which has been corrected.
* ps/missing-btmp-fix:
pack-bitmap: gracefully handle missing BTMP chunks
Junio C Hamano [Tue, 23 Apr 2024 18:52:39 +0000 (23 11:52 -0700)]
Merge branch 'la/format-trailer-info'
The code to format trailers have been cleaned up.
* la/format-trailer-info:
trailer: finish formatting unification
trailer: begin formatting unification
format_trailer_info(): append newline for non-trailer lines
format_trailer_info(): drop redundant unfold_value()
format_trailer_info(): use trailer_item objects
Junio C Hamano [Tue, 23 Apr 2024 18:52:39 +0000 (23 11:52 -0700)]
Merge branch 'dd/t9604-use-posix-timezones'
The cvsimport tests required that the platform understands
traditional timezone notations like CST6CDT, which has been
updated to work on those systems as long as they understand
POSIX notation with explicit tz transition dates.
* dd/t9604-use-posix-timezones:
t9604: Fix test for musl libc and new Debian
Junio C Hamano [Tue, 23 Apr 2024 18:52:39 +0000 (23 11:52 -0700)]
Merge branch 'rj/launch-editor-error-message'
Git writes a "waiting for your editor" message on an incomplete
line after launching an editor, and then append another error
message on the same line if the editor errors out. It now clears
the "waiting for..." line before giving the error message.
* rj/launch-editor-error-message:
launch_editor: waiting message on error
Junio C Hamano [Tue, 23 Apr 2024 18:52:38 +0000 (23 11:52 -0700)]
Merge branch 'yb/replay-doc-linkfix'
Docfix.
* yb/replay-doc-linkfix:
Documentation: fix linkgit reference
Junio C Hamano [Tue, 23 Apr 2024 18:52:38 +0000 (23 11:52 -0700)]
Merge branch 'rs/no-openssl-compilation-fix-on-macos'
Build fix.
* rs/no-openssl-compilation-fix-on-macos:
git-compat-util: fix NO_OPENSSL on current macOS
Junio C Hamano [Tue, 23 Apr 2024 18:52:37 +0000 (23 11:52 -0700)]
Merge branch 'ta/fast-import-parse-path-fix'
The way "git fast-import" handles paths described in its input has
been tightened up and more clearly documented.
* ta/fast-import-parse-path-fix:
fast-import: make comments more precise
fast-import: forbid escaped NUL in paths
fast-import: document C-style escapes for paths
fast-import: improve documentation for path quoting
fast-import: remove dead strbuf
fast-import: allow unquoted empty path for root
fast-import: directly use strbufs for paths
fast-import: tighten path unquoting
Junio C Hamano [Tue, 23 Apr 2024 18:52:37 +0000 (23 11:52 -0700)]
Merge branch 'ps/reftable-block-iteration-optim'
The code to iterate over reftable blocks has seen some optimization
to reduce memory allocation and deallocation.
* ps/reftable-block-iteration-optim:
reftable/block: avoid copying block iterators on seek
reftable/block: reuse `zstream` state on inflation
reftable/block: open-code call to `uncompress2()`
reftable/block: reuse uncompressed blocks
reftable/reader: iterate to next block in place
reftable/block: move ownership of block reader into `struct table_iter`
reftable/block: introduce `block_reader_release()`
reftable/block: better grouping of functions
reftable/block: merge `block_iter_seek()` and `block_reader_seek()`
reftable/block: rename `block_reader_start()`
Rubén Justo [Mon, 22 Apr 2024 22:54:18 +0000 (23 00:54 +0200)]
add: plug a leak on interactive_add
Plug a leak we have since
5a76aff1a6 (add: convert to use
parse_pathspec, 2013-07-14).
This leak can be triggered with:
$ git add -p anything
Fixing this leak allows us to mark as leak-free the following tests:
+ t3701-add-interactive.sh
+ t7514-commit-patch.sh
Mark them with "TEST_PASSES_SANITIZE_LEAK=true" to notice and fix
promply any new leak that may be introduced and triggered by them in the
future.
Signed-off-by: Rubén Justo <rjusto@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Rubén Justo [Mon, 22 Apr 2024 22:54:14 +0000 (23 00:54 +0200)]
add-patch: plug a leak handling the '/' command
Plug a leak we have since
d6cf873340 (built-in add -p: implement the '/'
("search regex") command, 2019-12-13).
This leak can be triggered with:
$ printf "A\n\nB\n" >file
$ git add file && git commit -m file
$ printf "AA\n\nBB\n" >file
$ printf "s\n/ .\n" >lines
$ git add -p <lines
Signed-off-by: Rubén Justo <rjusto@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Rubén Justo [Mon, 22 Apr 2024 22:54:08 +0000 (23 00:54 +0200)]
add-interactive: plug a leak in get_untracked_files
Plug a leak we have since
ab1e1cccaf (built-in add -i: re-implement
`add-untracked` in C, 2019-11-29).
This leak can be triggered with:
$ echo a | git add -i
As a curiosity, we have a somewhat similar function in builtin/stash.c,
which correctly frees the memory.
Signed-off-by: Rubén Justo <rjusto@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Rubén Justo [Mon, 22 Apr 2024 22:54:05 +0000 (23 00:54 +0200)]
apply: plug a leak in apply_data
We have an execution path in apply_data that leaks the local struct
image. Plug it.
This leak can be triggered with:
$ echo foo >file
$ git add file && git commit -m file
$ echo bar >file
$ git diff file >diff
$ sed s/foo/frotz/ <diff >baddiff
$ git apply --cached <baddiff
Fixing this leak allows us to mark as leak-free the following tests:
+ t2016-checkout-patch.sh
+ t4103-apply-binary.sh
+ t4104-apply-boundary.sh
+ t4113-apply-ending.sh
+ t4117-apply-reject.sh
+ t4123-apply-shrink.sh
+ t4252-am-options.sh
+ t4258-am-quoted-cr.sh
Mark them with "TEST_PASSES_SANITIZE_LEAK=true" to notice and fix
promply any new leak that may be introduced and triggered by them in the
future.
Signed-off-by: Rubén Justo <rjusto@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Patrick Steinhardt [Mon, 22 Apr 2024 06:35:11 +0000 (22 08:35 +0200)]
docs: address typos in Git v2.45 changelog
Address some typos in the Git v2.45 changelog.
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Patrick Steinhardt [Mon, 22 Apr 2024 06:35:06 +0000 (22 08:35 +0200)]
docs: improve changelog entry for `git pack-refs --auto`
The changelog entry for the new `git pack-refs --auto` mode only says
that the new flag is useful, but doesn't really say what it does. Add
some more information.
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Orgad Shaneh [Sat, 20 Apr 2024 19:51:30 +0000 (20 19:51 +0000)]
docs: remove duplicate entry and fix typo in 2.45 changelog
Signed-off-by: Orgad Shaneh <orgads@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
René Scharfe [Sun, 21 Apr 2024 12:40:28 +0000 (21 14:40 +0200)]
don't report vsnprintf(3) error as bug
strbuf_addf() has been reporting a negative return value of vsnprintf(3)
as a bug since
f141bd804d (Handle broken vsnprintf implementations in
strbuf, 2007-11-13). Other functions copied that behavior:
7b03c89ebd (add xsnprintf helper function, 2015-09-24)
5ef264dbdb (strbuf.c: add `strbuf_insertf()` and `strbuf_vinsertf()`, 2019-02-25)
8d25663d70 (mem-pool: add mem_pool_strfmt(), 2024-02-25)
However, vsnprintf(3) can legitimately return a negative value if the
formatted output would be longer than INT_MAX. Stop accusing it of
being broken and just report the fact that formatting failed.
Suggested-by: Jeff King <peff@peff.net>
Signed-off-by: René Scharfe <l.s.r@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Alexander Shopov [Sun, 21 Apr 2024 12:20:00 +0000 (21 14:20 +0200)]
l10n: bg.po: Updated Bulgarian translation (5652t)
Signed-off-by: Alexander Shopov <ash@kambanaria.org>
Jean-Noël Avila [Sat, 20 Apr 2024 09:06:46 +0000 (20 17:06 +0800)]
l10n: fr: v2.45.0
Signed-off-by: Jean-Noël Avila <jn.avila@free.fr>
Vũ Tiến Hưng [Sat, 20 Apr 2024 05:02:27 +0000 (20 12:02 +0700)]
l10n: Update Vietnamese team contact
The previous team has not maintained the translation since 2.37. Leader
has agreed to transfer leadership to me.
Signed-off-by: Vũ Tiến Hưng <newcomerminecraft@gmail.com>
Junio C Hamano [Fri, 19 Apr 2024 16:11:41 +0000 (19 09:11 -0700)]
Git 2.45-rc0
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Fri, 19 Apr 2024 16:13:47 +0000 (19 09:13 -0700)]
Merge branch 'la/mailmap-entry'
Update contact address for Linus Arver.
* la/mailmap-entry:
mailmap: change primary address for Linus Arver
Junio C Hamano [Fri, 19 Apr 2024 16:13:47 +0000 (19 09:13 -0700)]
Merge branch 'pf/commitish-committish'
Spellfix.
* pf/commitish-committish:
typo: replace 'commitish' with 'committish'
Johannes Schindelin [Wed, 10 Apr 2024 20:10:07 +0000 (10 22:10 +0200)]
Git 2.44.1
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Johannes Schindelin [Wed, 10 Apr 2024 20:10:06 +0000 (10 22:10 +0200)]
Sync with 2.43.4
* maint-2.43: (40 commits)
Git 2.43.4
Git 2.42.2
Git 2.41.1
Git 2.40.2
Git 2.39.4
fsck: warn about symlink pointing inside a gitdir
core.hooksPath: add some protection while cloning
init.templateDir: consider this config setting protected
clone: prevent hooks from running during a clone
Add a helper function to compare file contents
init: refactor the template directory discovery into its own function
find_hook(): refactor the `STRIP_EXTENSION` logic
clone: when symbolic links collide with directories, keep the latter
entry: report more colliding paths
t5510: verify that D/F confusion cannot lead to an RCE
submodule: require the submodule path to contain directories only
clone_submodule: avoid using `access()` on directories
submodules: submodule paths must not contain symlinks
clone: prevent clashing git dirs when cloning submodule in parallel
t7423: add tests for symlinked submodule directories
...
Johannes Schindelin [Wed, 10 Apr 2024 20:04:50 +0000 (10 22:04 +0200)]
Git 2.43.4
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Johannes Schindelin [Wed, 10 Apr 2024 20:04:48 +0000 (10 22:04 +0200)]
Sync with 2.42.2
* maint-2.42: (39 commits)
Git 2.42.2
Git 2.41.1
Git 2.40.2
Git 2.39.4
fsck: warn about symlink pointing inside a gitdir
core.hooksPath: add some protection while cloning
init.templateDir: consider this config setting protected
clone: prevent hooks from running during a clone
Add a helper function to compare file contents
init: refactor the template directory discovery into its own function
find_hook(): refactor the `STRIP_EXTENSION` logic
clone: when symbolic links collide with directories, keep the latter
entry: report more colliding paths
t5510: verify that D/F confusion cannot lead to an RCE
submodule: require the submodule path to contain directories only
clone_submodule: avoid using `access()` on directories
submodules: submodule paths must not contain symlinks
clone: prevent clashing git dirs when cloning submodule in parallel
t7423: add tests for symlinked submodule directories
has_dir_name(): do not get confused by characters < '/'
...
Johannes Schindelin [Wed, 10 Apr 2024 19:51:47 +0000 (10 21:51 +0200)]
Git 2.42.2
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Johannes Schindelin [Wed, 17 Apr 2024 09:39:09 +0000 (17 11:39 +0200)]
Sync with 2.41.1
* maint-2.41: (38 commits)
Git 2.41.1
Git 2.40.2
Git 2.39.4
fsck: warn about symlink pointing inside a gitdir
core.hooksPath: add some protection while cloning
init.templateDir: consider this config setting protected
clone: prevent hooks from running during a clone
Add a helper function to compare file contents
init: refactor the template directory discovery into its own function
find_hook(): refactor the `STRIP_EXTENSION` logic
clone: when symbolic links collide with directories, keep the latter
entry: report more colliding paths
t5510: verify that D/F confusion cannot lead to an RCE
submodule: require the submodule path to contain directories only
clone_submodule: avoid using `access()` on directories
submodules: submodule paths must not contain symlinks
clone: prevent clashing git dirs when cloning submodule in parallel
t7423: add tests for symlinked submodule directories
has_dir_name(): do not get confused by characters < '/'
docs: document security issues around untrusted .git dirs
...
Johannes Schindelin [Wed, 10 Apr 2024 19:06:57 +0000 (10 21:06 +0200)]
Git 2.41.1
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Johannes Schindelin [Wed, 17 Apr 2024 09:38:18 +0000 (17 11:38 +0200)]
Sync with 2.40.2
* maint-2.40: (39 commits)
Git 2.40.2
Git 2.39.4
fsck: warn about symlink pointing inside a gitdir
core.hooksPath: add some protection while cloning
init.templateDir: consider this config setting protected
clone: prevent hooks from running during a clone
Add a helper function to compare file contents
init: refactor the template directory discovery into its own function
find_hook(): refactor the `STRIP_EXTENSION` logic
clone: when symbolic links collide with directories, keep the latter
entry: report more colliding paths
t5510: verify that D/F confusion cannot lead to an RCE
submodule: require the submodule path to contain directories only
clone_submodule: avoid using `access()` on directories
submodules: submodule paths must not contain symlinks
clone: prevent clashing git dirs when cloning submodule in parallel
t7423: add tests for symlinked submodule directories
has_dir_name(): do not get confused by characters < '/'
docs: document security issues around untrusted .git dirs
upload-pack: disable lazy-fetching by default
...
Johannes Schindelin [Wed, 10 Apr 2024 18:56:02 +0000 (10 20:56 +0200)]
Git 2.40.2
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>