Junio C Hamano [Wed, 29 Apr 2020 23:15:28 +0000 (16:15 -0700)]
Merge branch 'dd/ci-musl-libc'
A new CI job to build and run test suite on linux with musl libc
has been added.
* dd/ci-musl-libc:
travis: build and test on Linux with musl libc and busybox
ci/linux32: libify install-dependencies step
ci: refactor docker runner script
ci/linux32: parameterise command to switch arch
ci/lib-docker: preserve required environment variables
ci: make MAKEFLAGS available inside the Docker container in the Linux32 job
Junio C Hamano [Wed, 29 Apr 2020 23:15:27 +0000 (16:15 -0700)]
Merge branch 'dl/merge-autostash-rebase-quit-fix'
The stash entry created by "git rebase --autosquash" to keep the
initial dirty state were discarded by mistake upon "git rebase
--quit", which has been corrected.
* dl/merge-autostash-rebase-quit-fix:
rebase: save autostash entry into stash reflog on --quit
Junio C Hamano [Wed, 29 Apr 2020 23:15:27 +0000 (16:15 -0700)]
Merge branch 'dl/merge-autostash'
"git merge" learns the "--autostash" option.
* dl/merge-autostash: (22 commits)
pull: pass --autostash to merge
t5520: make test_pull_autostash() accept expect_parent_num
merge: teach --autostash option
sequencer: implement apply_autostash_oid()
sequencer: implement save_autostash()
sequencer: unlink autostash in apply_autostash()
sequencer: extract perform_autostash() from rebase
rebase: generify create_autostash()
rebase: extract create_autostash()
reset: extract reset_head() from rebase
rebase: generify reset_head()
rebase: use apply_autostash() from sequencer.c
sequencer: rename stash_sha1 to stash_oid
sequencer: make apply_autostash() accept a path
rebase: use read_oneliner()
sequencer: make read_oneliner() extern
sequencer: configurably warn on non-existent files
sequencer: make read_oneliner() accept flags
sequencer: make file exists check more efficient
sequencer: stop leaking buf
...
Junio C Hamano [Tue, 28 Apr 2020 22:50:33 +0000 (15:50 -0700)]
The fourth batch
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Tue, 28 Apr 2020 22:50:11 +0000 (15:50 -0700)]
Merge branch 'jn/demote-proto2-from-default'
Those fetching over protocol v2 from linux-next and other kernel
repositories are reporting that v2 often fetches way too much than
needed.
* jn/demote-proto2-from-default:
Revert "fetch: default to protocol version 2"
Junio C Hamano [Tue, 28 Apr 2020 22:50:11 +0000 (15:50 -0700)]
Merge branch 'jc/gnu-hurd-lets-fread-read-dirs'
GNU/Hurd is also among the ones that need the fopen() wrapper.
* jc/gnu-hurd-lets-fread-read-dirs:
config.mak.uname: Define FREAD_READS_DIRECTORIES for GNU/Hurd
Junio C Hamano [Tue, 28 Apr 2020 22:50:10 +0000 (15:50 -0700)]
Merge branch 'ms/doc-revision-illustration-fix'
Docfix.
* ms/doc-revision-illustration-fix:
docs: fix minor glitch in illustration
Junio C Hamano [Tue, 28 Apr 2020 22:50:09 +0000 (15:50 -0700)]
Merge branch 'tm/zsh-complete-switch-restore'
zsh command line completion (in contrib/) update.
* tm/zsh-complete-switch-restore:
complete: zsh: add missing sub cmd completion candidates
Junio C Hamano [Tue, 28 Apr 2020 22:50:09 +0000 (15:50 -0700)]
Merge branch 'mt/grep-cquote-path'
"git grep" did not quote a path with unusual character like other
commands (like "git diff", "git status") do, but did quote when run
from a subdirectory, both of which has been corrected.
* mt/grep-cquote-path:
grep: follow conventions for printing paths w/ unusual chars
Junio C Hamano [Tue, 28 Apr 2020 22:50:08 +0000 (15:50 -0700)]
Merge branch 'ds/log-exclude-decoration-config'
The "--decorate-refs" and "--decorate-refs-exclude" options "git
log" takes have learned a companion configuration variable
log.excludeDecoration that sits at the lowest priority in the
family.
* ds/log-exclude-decoration-config:
log: add log.excludeDecoration config option
log-tree: make ref_filter_match() a helper method
Junio C Hamano [Tue, 28 Apr 2020 22:50:07 +0000 (15:50 -0700)]
Merge branch 'vd/range-diff-with-custom-pretty-format-fix'
"git range-diff" fixes.
* vd/range-diff-with-custom-pretty-format-fix:
range-diff: avoid negative string precision
range-diff: fix a crash in parsing git-log output
Junio C Hamano [Tue, 28 Apr 2020 22:50:07 +0000 (15:50 -0700)]
Merge branch 'tb/diff-tree-with-notes'
"git diff-tree --pretty --notes" used to hit an assertion failure,
as it forgot to initialize the notes subsystem.
* tb/diff-tree-with-notes:
diff-tree.c: load notes machinery when required
Junio C Hamano [Tue, 28 Apr 2020 22:50:06 +0000 (15:50 -0700)]
Merge branch 'eb/mboxrd-doc'
Doc update.
* eb/mboxrd-doc:
Documentation: explain "mboxrd" pretty format
Junio C Hamano [Tue, 28 Apr 2020 22:50:06 +0000 (15:50 -0700)]
Merge branch 'js/stash-p-fix'
Allowing the user to split a patch hunk while "git stash -p" does
not work well; a band-aid has been added to make this (partially)
work better.
* js/stash-p-fix:
stash -p: (partially) fix bug concerning split hunks
t3904: fix incorrect demonstration of a bug
Junio C Hamano [Tue, 28 Apr 2020 22:50:05 +0000 (15:50 -0700)]
Merge branch 'dl/libify-a-few'
Code in builtin/*, i.e. those can only be called from within
built-in subcommands, that implements bulk of a couple of
subcommands have been moved to libgit.a so that they could be used
by others.
* dl/libify-a-few:
Lib-ify prune-packed
Lib-ify fmt-merge-msg
Junio C Hamano [Tue, 28 Apr 2020 22:50:04 +0000 (15:50 -0700)]
Merge branch 'jx/atomic-push'
"git push --atomic" used to show failures for refs that weren't
even pushed, which has been corrected.
* jx/atomic-push:
transport-helper: new method reject_atomic_push()
transport-helper: mark failure for atomic push
send-pack: mark failure of atomic push properly
t5543: never report what we do not push
send-pack: fix inconsistent porcelain output
Junio C Hamano [Tue, 28 Apr 2020 22:50:04 +0000 (15:50 -0700)]
Merge branch 'jt/avoid-prefetch-when-able-in-diff'
"git diff" in a partial clone learned to avoid lazy loading blob
objects in more casese when they are not needed.
* jt/avoid-prefetch-when-able-in-diff:
diff: restrict when prefetching occurs
diff: refactor object read
diff: make diff_populate_filespec_options struct
promisor-remote: accept 0 as oid_nr in function
Junio C Hamano [Tue, 28 Apr 2020 22:50:03 +0000 (15:50 -0700)]
Merge branch 'js/subtree-doc-update-to-asciidoctor-2'
Doc markup update.
* js/subtree-doc-update-to-asciidoctor-2:
subtree: fix build with AsciiDoctor 2
Junio C Hamano [Tue, 28 Apr 2020 22:50:02 +0000 (15:50 -0700)]
Merge branch 'ds/t5319-touch-fix'
Tests update to use "test-chmtime" instead of "touch -t".
* ds/t5319-touch-fix:
t5319: replace 'touch -m' with 'test-tool chmtime'
Junio C Hamano [Tue, 28 Apr 2020 22:50:02 +0000 (15:50 -0700)]
Merge branch 'ds/commit-graph-expiry-fix'
"git commit-graph write --expire-time=<timestamp>" did not use the
given timestamp correctly, which has been corrected.
* ds/commit-graph-expiry-fix:
commit-graph: fix buggy --expire-time option
Junio C Hamano [Tue, 28 Apr 2020 22:50:01 +0000 (15:50 -0700)]
Merge branch 'dr/doc-recurse-submodules'
Documentation updates around the "--recurse-submodules" option.
* dr/doc-recurse-submodules:
doc: --recurse-submodules mostly applies to active submodules
doc: be more precise on (fetch|push).recurseSubmodules
doc: explain how to deactivate submodule.recurse completely
doc: document --recurse-submodules for reset and restore
doc: list all commands affected by submodule.recurse
Junio C Hamano [Tue, 28 Apr 2020 22:50:00 +0000 (15:50 -0700)]
Merge branch 'jc/log-no-mailmap'
"git log" learns "--[no-]mailmap" as a synonym to "--[no-]use-mailmap"
* jc/log-no-mailmap:
log: give --[no-]use-mailmap a more sensible synonym --[no-]mailmap
clone: reorder --recursive/--recurse-submodules
parse-options: teach "git cmd -h" to show alias as alias
Junio C Hamano [Tue, 28 Apr 2020 22:50:00 +0000 (15:50 -0700)]
Merge branch 'ma/doc-discard-docbook-xsl-1.73'
Raise the minimum required version of docbook-xsl package to 1.74,
as 1.74.0 was from late 2008, which is more than 10 years old, and
drop compatibility cruft from our documentation suite.
* ma/doc-discard-docbook-xsl-1.73:
user-manual.conf: don't specify [listingblock]
INSTALL: drop support for docbook-xsl before 1.74
manpage-normal.xsl: fold in manpage-base.xsl
manpage-bold-literal.xsl: stop using git.docbook.backslash
Doc: drop support for docbook-xsl before 1.73.0
Doc: drop support for docbook-xsl before 1.72.0
Doc: drop support for docbook-xsl before 1.71.1
Junio C Hamano [Tue, 28 Apr 2020 22:49:59 +0000 (15:49 -0700)]
Merge branch 'lx/submodule-clear-variables'
The "git submodule" command did not initialize a few variables it
internally uses and was affected by variable settings leaked from
the environment.
* lx/submodule-clear-variables:
git-submodule.sh: setup uninitialized variables
Junio C Hamano [Tue, 28 Apr 2020 22:49:58 +0000 (15:49 -0700)]
Merge branch 'jk/fast-import-use-hashmap'
The custom hash function used by "git fast-import" has been
replaced with the one from hashmap.c, which gave us a nice
performance boost.
* jk/fast-import-use-hashmap:
fast-import: replace custom hash with hashmap.c
Junio C Hamano [Tue, 28 Apr 2020 22:49:58 +0000 (15:49 -0700)]
Merge branch 'jk/config-use-size-t'
The config API made mixed uses of int and size_t types to represent
length of various pieces of text it parsed, which has been updated
to use the correct type (i.e. size_t) throughout.
* jk/config-use-size-t:
config: reject parsing of files over INT_MAX
config: use size_t to store parsed variable baselen
git_config_parse_key(): return baselen as size_t
config: drop useless length variable in write_pair()
parse_config_key(): return subsection len as size_t
remote: drop auto-strlen behavior of make_branch() and make_rewrite()
Junio C Hamano [Tue, 28 Apr 2020 22:49:57 +0000 (15:49 -0700)]
Merge branch 'bc/constant-memequal'
Validation of push certificate has been made more robust against
timing attacks.
* bc/constant-memequal:
receive-pack: compilation fix
builtin/receive-pack: use constant-time comparison for HMAC value
Junio C Hamano [Tue, 28 Apr 2020 22:49:56 +0000 (15:49 -0700)]
Merge branch 'lr/freshen-file-fix'
The code that refreshes the last access and modified time of
on-disk packfiles and loose object files have been updated.
* lr/freshen-file-fix:
freshen_file(): use NULL `times' for implicit current-time
Junio C Hamano [Tue, 28 Apr 2020 22:49:56 +0000 (15:49 -0700)]
Merge branch 'en/rebase-doc-hooks-called-by-accident'
"git rebase" happens to call some hooks meant for "checkout" and
"commit" by this was not a designed behaviour than historical
accident. This has been documented.
* en/rebase-doc-hooks-called-by-accident:
git-rebase.txt: add another hook to the hooks section, and explain more
Junio C Hamano [Tue, 28 Apr 2020 22:49:55 +0000 (15:49 -0700)]
Merge branch 'jc/doc-test-leaving-early'
Document the recommended way to abort a failing test early (e.g. by
exiting a loop), which is to say "return 1".
* jc/doc-test-leaving-early:
t/README: suggest how to leave test early with failure
Junio C Hamano [Tue, 28 Apr 2020 22:49:54 +0000 (15:49 -0700)]
Merge branch 'dd/test-with-busybox'
Various tests have been updated to work around issues found with
shell utilities that come with busybox etc.
* dd/test-with-busybox:
t5703: feed raw data into test-tool unpack-sideband
t4124: tweak test so that non-compliant diff(1) can also be used
t7063: drop non-POSIX argument "-ls" from find(1)
t5616: use rev-parse instead to get HEAD's object_id
t5003: skip conversion test if unzip -a is unavailable
t5003: drop the subshell in test_lazy_prereq
test-lib-functions: test_cmp: eval $GIT_TEST_CMP
t4061: use POSIX compliant regex(7)
Denton Liu [Tue, 28 Apr 2020 09:31:31 +0000 (05:31 -0400)]
rebase: save autostash entry into stash reflog on --quit
In
a03b55530a (merge: teach --autostash option, 2020-04-07), the
--autostash option was introduced for `git merge`. Notably, when
`git merge --quit` is run with an autostash entry present, it is saved
into the stash reflog. This is contrasted with the current behaviour of
`git rebase --quit` where the autostash entry is simply just dropped out
of existence.
Adopt the behaviour of `git merge --quit` in `git rebase --quit` and
save the autostash entry into the stash reflog instead of just deleting
it.
Signed-off-by: Denton Liu <liu.denton@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Wed, 22 Apr 2020 20:42:29 +0000 (13:42 -0700)]
The third batch
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Wed, 22 Apr 2020 20:43:01 +0000 (13:43 -0700)]
Merge branch 'jk/credential-parsing-end-of-host-in-URL'
Parsing of URL for the credential helper has been corrected.
* jk/credential-parsing-end-of-host-in-URL:
credential: treat "?" and "#" in URLs as end of host
Junio C Hamano [Wed, 22 Apr 2020 20:43:00 +0000 (13:43 -0700)]
Merge branch 'jt/rebase-allow-duplicate'
Allow "git rebase" to reapply all local commits, even if the may be
already in the upstream, without checking first.
* jt/rebase-allow-duplicate:
rebase --merge: optionally skip upstreamed commits
Junio C Hamano [Wed, 22 Apr 2020 20:43:00 +0000 (13:43 -0700)]
Merge branch 'en/rebase-no-keep-empty'
"git rebase" (again) learns to honor "--no-keep-empty", which lets
the user to discard commits that are empty from the beginning (as
opposed to the ones that become empty because of rebasing). The
interactive rebase also marks commits that are empty in the todo.
* en/rebase-no-keep-empty:
rebase: fix an incompatible-options error message
rebase: reinstate --no-keep-empty
rebase -i: mark commits that begin empty in todo editor
Junio C Hamano [Wed, 22 Apr 2020 20:42:59 +0000 (13:42 -0700)]
Merge branch 'js/mingw-is-hidden-test-fix'
A Windows-specific test element has been made more robust against
misuse from both user's environment and programmer's errors.
* js/mingw-is-hidden-test-fix:
t: restrict `is_hidden` to be called only on Windows
mingw: make test_path_is_hidden more robust
t: consolidate the `is_hidden` functions
Junio C Hamano [Wed, 22 Apr 2020 20:42:58 +0000 (13:42 -0700)]
Merge branch 'js/mingw-isilon-nfs'
* js/mingw-isilon-nfs:
mingw: cope with the Isilon network file system
Junio C Hamano [Wed, 22 Apr 2020 20:42:58 +0000 (13:42 -0700)]
Merge branch 'js/flush-prompt-before-interative-input'
The interactive input from various codepaths are consolidated and
any prompt possibly issued earlier are fflush()ed before we read.
* js/flush-prompt-before-interative-input:
interactive: explicitly `fflush` stdout before expecting input
interactive: refactor code asking the user for interactive input
Junio C Hamano [Wed, 22 Apr 2020 20:42:57 +0000 (13:42 -0700)]
Merge branch 'ds/revision-show-pulls'
"git log" learned "--show-pulls" that helps pathspec limited
history views; a merge commit that takes the whole change from a
side branch, which is normally omitted from the output, is shown
in addition to the commits that introduce real changes.
* ds/revision-show-pulls:
revision: --show-pulls adds helpful merges
Junio C Hamano [Wed, 22 Apr 2020 20:42:56 +0000 (13:42 -0700)]
Merge branch 'ma/simplify-merge-config-parsing'
Code simplification.
* ma/simplify-merge-config-parsing:
merge: use skip_prefix to parse config key
Junio C Hamano [Wed, 22 Apr 2020 20:42:56 +0000 (13:42 -0700)]
Merge branch 'js/mingw-fixes'
Misc fixes for Windows.
* js/mingw-fixes:
mingw: help debugging by optionally executing bash with strace
mingw: do not treat `COM0` as a reserved file name
mingw: use modern strftime implementation if possible
Junio C Hamano [Wed, 22 Apr 2020 20:42:55 +0000 (13:42 -0700)]
Merge branch 'jc/missing-ref-store-fix'
We've left the command line parsing of "git log :/a/b/" broken for
about a full year without anybody noticing, which has been
corrected.
* jc/missing-ref-store-fix:
repository: mark the "refs" pointer as private
sha1-name: do not assume that the ref store is initialized
Junio C Hamano [Wed, 22 Apr 2020 20:42:54 +0000 (13:42 -0700)]
Merge branch 'ma/config-doc-fix'
Doc update.
* ma/config-doc-fix:
config.txt: move closing "----" to cover entire listing
Junio C Hamano [Wed, 22 Apr 2020 20:42:54 +0000 (13:42 -0700)]
Merge branch 'eb/format-patch-no-encode-headers'
The output from "git format-patch" uses RFC 2047 encoding for
non-ASCII letters on From: and Subject: headers, so that it can
directly be fed to e-mail programs. A new option has been added
to produce these headers in raw.
* eb/format-patch-no-encode-headers:
format-patch: teach --no-encode-email-headers
Junio C Hamano [Wed, 22 Apr 2020 20:42:53 +0000 (13:42 -0700)]
Merge branch 'pb/pull-fetch-doc'
The more aggressive updates to remote-tracking branches we had for
the past 7 years or so were not reflected in the documentation,
which has been corrected.
* pb/pull-fetch-doc:
pull doc: correct outdated description of an example
pull doc: refer to a specific section in 'fetch' doc
Junio C Hamano [Wed, 22 Apr 2020 20:42:52 +0000 (13:42 -0700)]
Merge branch 'dd/no-gpg-sign'
"git rebase" learned the "--no-gpg-sign" option to countermand
commit.gpgSign the user may have.
* dd/no-gpg-sign:
Documentation: document merge option --no-gpg-sign
Documentation: merge commit-tree --[no-]gpg-sign
Documentation: reword commit --no-gpg-sign
Documentation: document am --no-gpg-sign
cherry-pick/revert: honour --no-gpg-sign in all case
rebase.c: honour --no-gpg-sign
Junio C Hamano [Wed, 22 Apr 2020 20:42:52 +0000 (13:42 -0700)]
Merge branch 'js/t0007-typofix'
Typofix in a test script.
* js/t0007-typofix:
t0007: fix a typo
Junio C Hamano [Wed, 22 Apr 2020 20:42:51 +0000 (13:42 -0700)]
Merge branch 'en/sequencer-reflog-action'
"git rebase -i" did not leave the reflog entries correctly.
* en/sequencer-reflog-action:
sequencer: honor GIT_REFLOG_ACTION
Junio C Hamano [Wed, 22 Apr 2020 20:42:50 +0000 (13:42 -0700)]
Merge branch 'jk/use-quick-lookup-in-clone-for-tag-following'
The logic to auto-follow tags by "git clone --single-branch" was
not careful to avoid lazy-fetching unnecessary tags, which has been
corrected.
* jk/use-quick-lookup-in-clone-for-tag-following:
clone: use "quick" lookup while following tags
Junio C Hamano [Wed, 22 Apr 2020 20:42:50 +0000 (13:42 -0700)]
Merge branch 'ag/rebase-merge-allow-ff-under-abbrev-command'
"git rebase" with the merge backend did not work well when the
rebase.abbreviateCommands configuration was set.
* ag/rebase-merge-allow-ff-under-abbrev-command:
t3432: test `--merge' with `rebase.abbreviateCommands = true', too
sequencer: don't abbreviate a command if it doesn't have a short form
Junio C Hamano [Wed, 22 Apr 2020 20:42:49 +0000 (13:42 -0700)]
Merge branch 'jk/oid-array-cleanups'
Code cleanup.
* jk/oid-array-cleanups:
oidset: stop referring to sha1-array
ref-filter: stop referring to "sha1 array"
bisect: stop referring to sha1_array
test-tool: rename sha1-array to oid-array
oid_array: rename source file from sha1-array
oid_array: use size_t for iteration
oid_array: use size_t for count and allocation
Junio C Hamano [Wed, 22 Apr 2020 20:42:49 +0000 (13:42 -0700)]
Merge branch 'jm/gitweb-fastcgi-utf8'
Gitweb update.
* jm/gitweb-fastcgi-utf8:
gitweb: fix UTF-8 encoding when using CGI::Fast
Junio C Hamano [Wed, 22 Apr 2020 20:42:48 +0000 (13:42 -0700)]
Merge branch 'jc/allow-strlen-substitution-in-shell-scripts'
Coding guideline update.
* jc/allow-strlen-substitution-in-shell-scripts:
CodingGuidelines: allow ${#posix} == strlen($posix)
Junio C Hamano [Wed, 22 Apr 2020 20:42:47 +0000 (13:42 -0700)]
Merge branch 'en/pull-do-not-rebase-after-fast-forwarding'
"git pull --rebase" tried to run a rebase even after noticing that
the pull results in a fast-forward and no rebase is needed nor
sensible, for the past few years due to a mistake nobody noticed.
* en/pull-do-not-rebase-after-fast-forwarding:
pull: avoid running both merge and rebase
Junio C Hamano [Wed, 22 Apr 2020 20:42:46 +0000 (13:42 -0700)]
Merge branch 'dl/wrapper-fix-indentation'
Coding style fix.
* dl/wrapper-fix-indentation:
wrapper: indent with tabs
Junio C Hamano [Wed, 22 Apr 2020 20:42:45 +0000 (13:42 -0700)]
Merge branch 'ag/sequencer-i18n-messages'
Message fix.
* ag/sequencer-i18n-messages:
sequencer: mark messages for translation
Junio C Hamano [Wed, 22 Apr 2020 20:42:45 +0000 (13:42 -0700)]
Merge branch 'rs/pull-options-sync-code-and-doc'
"git pull" shares many options with underlying "git fetch", but
some of them were not documented and some of those that would make
sense to pass down were not passed down.
* rs/pull-options-sync-code-and-doc:
pull: pass documented fetch options on
pull: remove --update-head-ok from documentation
Junio C Hamano [Wed, 22 Apr 2020 20:42:45 +0000 (13:42 -0700)]
Merge branch 'js/walk-doc-optim'
Code cleanup.
* js/walk-doc-optim:
MyFirstObjectWalk: remove unnecessary conditional statement
Junio C Hamano [Wed, 22 Apr 2020 20:42:44 +0000 (13:42 -0700)]
Merge branch 'pb/rebase-doc-typofix'
Typofix.
* pb/rebase-doc-typofix:
git-rebase.txt: fix typo
Junio C Hamano [Wed, 22 Apr 2020 20:42:44 +0000 (13:42 -0700)]
Merge branch 'jk/p5310-drop-non-bitmap-timing'
Perf-test update.
* jk/p5310-drop-non-bitmap-timing:
p5310: stop timing non-bitmap pack-to-disk
Junio C Hamano [Wed, 22 Apr 2020 20:42:44 +0000 (13:42 -0700)]
Merge branch 'jk/harden-protocol-v2-delim-handling'
The server-end of the v2 protocol to serve "git clone" and "git
fetch" was not prepared to see a delim packets at unexpected
places, which led to a crash.
* jk/harden-protocol-v2-delim-handling:
test-lib-functions: simplify packetize() stdin code
upload-pack: handle unexpected delim packets
test-lib-functions: make packetize() more efficient
Junio C Hamano [Wed, 22 Apr 2020 20:42:44 +0000 (13:42 -0700)]
Merge branch 'jk/test-cleanup'
Test cleanup.
* jk/test-cleanup:
t/lib-*.sh: drop executable bit
t/lib-credential.sh: drop shebang line
Junio C Hamano [Wed, 22 Apr 2020 20:42:44 +0000 (13:42 -0700)]
Merge branch 'ak/run-command-on-cygwin-fix'
Utitiles run via the run_command() API were not spawned correctly
on Cygwin, when the paths to them are given as a full path with
backslashes.
* ak/run-command-on-cygwin-fix:
run-command: trigger PATH lookup properly on Cygwin
Junio C Hamano [Wed, 22 Apr 2020 20:42:44 +0000 (13:42 -0700)]
Merge branch 'dr/midx-avoid-int-underflow'
When fed a midx that records no objects, some codepaths tried to
loop from 0 through (num_objects-1), which, due to integer
arithmetic wrapping around, made it nonsense operation with out of
bounds array accesses. The code has been corrected to reject such
an midx file.
* dr/midx-avoid-int-underflow:
midx.c: fix an integer underflow
Junio C Hamano [Wed, 22 Apr 2020 20:42:44 +0000 (13:42 -0700)]
Merge branch 'dl/test-must-fail-fixes-3'
Test clean-up continues.
* dl/test-must-fail-fixes-3:
t5801: teach compare_refs() to accept !
t5612: stop losing return codes of git commands
t5612: don't use `test_must_fail test_cmp`
t5607: reorder `nongit test_must_fail`
t5550: simplify no matching line check
t5512: stop losing return codes of git commands
t5512: stop losing git exit code in here-docs
t5512: don't use `test_must_fail test_cmp`
Junio C Hamano [Wed, 22 Apr 2020 20:42:43 +0000 (13:42 -0700)]
Merge branch 'js/trace2-env-vars'
Trace2 enhancement to allow logging of the environment variables.
* js/trace2-env-vars:
trace2: teach Git to log environment variables
Junio C Hamano [Wed, 22 Apr 2020 20:42:43 +0000 (13:42 -0700)]
Merge branch 'jt/connectivity-check-optim-in-partial-clone'
Simplify the commit ancestry connectedness check in a partial clone
repository in which "promised" objects are assumed to be obtainable
lazily on-demand from promisor remote repositories.
* jt/connectivity-check-optim-in-partial-clone:
connected: always use partial clone optimization
Junio C Hamano [Wed, 22 Apr 2020 20:42:43 +0000 (13:42 -0700)]
Merge branch 'bc/faq'
Doc update.
* bc/faq:
docs: add a FAQ
Junio C Hamano [Wed, 22 Apr 2020 20:42:43 +0000 (13:42 -0700)]
Merge branch 'bk/p4-pre-edit-changelist'
"git p4" learned four new hooks and also "--no-verify" option to
bypass them (and the existing "p4-pre-submit" hook).
* bk/p4-pre-edit-changelist:
git-p4: add RCS keyword status message
git-p4: add p4 submit hooks
git-p4: restructure code in submit
git-p4: add --no-verify option
git-p4: add p4-pre-submit exit text
git-p4: create new function run_git_hook
git-p4: rewrite prompt to be Windows compatible
Junio C Hamano [Wed, 22 Apr 2020 20:42:43 +0000 (13:42 -0700)]
Merge branch 'mt/test-lib-bundled-short-options'
Minor test usability improvement.
* mt/test-lib-bundled-short-options:
test-lib: allow short options to be bundled
Junio C Hamano [Wed, 22 Apr 2020 20:42:43 +0000 (13:42 -0700)]
Merge branch 'js/import-tars-do-not-make-phony-files-from-pax-headers'
The import-tars importer (in contrib/fast-import/) used to create
phony files at the top-level of the repository when the archive
contains global PAX headers, which made its own logic to detect and
omit the common leading directory ineffective, which has been
corrected.
* js/import-tars-do-not-make-phony-files-from-pax-headers:
import-tars: ignore the global PAX header
Junio C Hamano [Wed, 22 Apr 2020 20:42:43 +0000 (13:42 -0700)]
Merge branch 'js/test-junit-finalization-fix'
Test fix.
* js/test-junit-finalization-fix:
tests(junit-xml): avoid invalid XML
Junio C Hamano [Wed, 22 Apr 2020 20:42:42 +0000 (13:42 -0700)]
Merge branch 'js/tests-gpg-integration-on-windows'
Enable tests that require GnuPG on Windows.
* js/tests-gpg-integration-on-windows:
tests: increase the verbosity of the GPG-related prereqs
tests: turn GPG, GPGSM and RFC1991 into lazy prereqs
tests: do not let lazy prereqs inside `test_expect_*` turn off tracing
t/lib-gpg.sh: stop pretending to be a stand-alone script
tests(gpg): allow the gpg-agent to start on Windows
Junio C Hamano [Wed, 22 Apr 2020 20:42:42 +0000 (13:42 -0700)]
Merge branch 'jk/t3419-drop-expensive-tests'
Test update.
* jk/t3419-drop-expensive-tests:
t3419: drop EXPENSIVE tests
Junio C Hamano [Wed, 22 Apr 2020 20:42:42 +0000 (13:42 -0700)]
Merge branch 'ds/doc-clone-filter'
Doc update.
* ds/doc-clone-filter:
clone: document --filter options
Junio C Hamano [Wed, 22 Apr 2020 20:42:42 +0000 (13:42 -0700)]
Merge branch 'ar/test-style-fixes'
Style fixes.
* ar/test-style-fixes:
t: fix whitespace around &&
t9500: remove spaces after redirect operators
Jonathan Nieder [Wed, 22 Apr 2020 15:50:47 +0000 (08:50 -0700)]
Revert "fetch: default to protocol version 2"
This reverts commit
684ceae32dae726c6a5c693b257b156926aba8b7.
Users fetching from linux-next and other kernel remotes are reporting
that the limited ref advertisement causes negotiation to reach
MAX_IN_VAIN, resulting in too-large fetches.
Reported-by: Lubomir Rintel <lkundrak@v3.sk>
Reported-by: "Dixit, Ashutosh" <ashutosh.dixit@intel.com>
Reported-by: Jiri Slaby <jslaby@suse.cz>
Reported-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Jessica Clarke [Wed, 22 Apr 2020 15:33:47 +0000 (16:33 +0100)]
config.mak.uname: Define FREAD_READS_DIRECTORIES for GNU/Hurd
GNU/Hurd is another platform that behaves like this. Set it to
UnfortunatelyYes so that config directory files are correctly processed.
This fixes the corresponding 'proper error on directory "files"' test in
t1308-config-set.sh.
Helped-by: Jeff King <peff@peff.net>
Signed-off-by: Jessica Clarke <jrtc27@jrtc27.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Wed, 22 Apr 2020 15:55:11 +0000 (08:55 -0700)]
receive-pack: compilation fix
We do not use C99 "for loop initial declaration" in our codebase
(yet), but one snuck in.
Reported-by: SZEDER Gábor <szeder.dev@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Michael F. Schönitzer [Tue, 21 Apr 2020 17:35:04 +0000 (17:35 +0000)]
docs: fix minor glitch in illustration
In the example by Jon Loeliger the selector 'A^2' was duplicated. This
might confuse readers.
Signed-off-by: Michael F. Schönitzer <michael@schoenitzer.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Taylor Blau [Tue, 21 Apr 2020 00:13:15 +0000 (18:13 -0600)]
diff-tree.c: load notes machinery when required
Since its introduction in
7249e91 (revision.c: support --notes
command-line option, 2011-03-29), combining '--notes' with any option
that causes us to format notes (e.g., '--pretty', '--format="%N"', etc)
results in a failed assertion at runtime.
$ git rev-list HEAD | git diff-tree --stdin --pretty=medium --notes
commit
8f3d9f354286745c751374f5f1fcafee6b3f3136
git: notes.c:1308: format_display_notes: Assertion `display_notes_trees' failed.
Aborted
This failure is due to diff-tree not calling 'load_display_notes' to
initialize the notes machinery.
Ordinarily, this failure isn't triggered, because it requires passing
both '--notes' and another of the above mentioned options. In the case
of '--pretty', for example, we set 'opt->verbose_header', causing
'show_log()' to eventually call 'format_display_notes()', which expects
a non-NULL 'display_note_trees'.
Without initializing the notes machinery, 'display_note_trees' remains
NULL, and thus triggers an assertion failure.
Fix this by initializing the notes machinery after parsing our options,
and harden this behavior against regression with a test in t4013. (Note
that the added ref in this test requires updating two unrelated tests
which use 'log --all', and thus need to learn about the new refs).
Reported-by: Jeff King <peff@peff.net>
Signed-off-by: Taylor Blau <me@ttaylorr.com>
Acked-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Matheus Tavares [Sun, 19 Apr 2020 06:33:24 +0000 (03:33 -0300)]
grep: follow conventions for printing paths w/ unusual chars
grep does not follow the conventions used by other Git commands when
printing paths that contain unusual characters (as double-quotes or
newlines). Commands such as ls-files, commit, status and diff will:
- Quote and escape unusual pathnames, by default.
- Print names verbatim and unquoted when "-z" is used.
But grep *never* quotes/escapes absolute paths with unusual chars and
*always* quotes/escapes relative ones, even with "-z". Besides being
inconsistent in its own output, the deviation from other Git commands
can be confusing. So let's make it follow the two rules above and add
some tests for this new behavior. Note that, making grep quote/escape
all unusual paths by default, also make it fully compliant with the
core.quotePath configuration, which is currently ignored for absolute
paths.
Reported-by: Greg Hurrell <greg@hurrell.net>
Helped-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Matheus Tavares <matheus.bernardino@usp.br>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Junio C Hamano [Mon, 20 Apr 2020 05:05:56 +0000 (22:05 -0700)]
Sync with 2.26.2
Jonathan Nieder [Sun, 19 Apr 2020 23:32:24 +0000 (16:32 -0700)]
Git 2.26.2
This merges up the security fix from v2.17.5.
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Jonathan Nieder [Sun, 19 Apr 2020 23:31:07 +0000 (16:31 -0700)]
Git 2.25.4
This merges up the security fix from v2.17.5.
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Jonathan Nieder [Sun, 19 Apr 2020 23:30:34 +0000 (16:30 -0700)]
Git 2.24.3
This merges up the security fix from v2.17.5.
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Jonathan Nieder [Sun, 19 Apr 2020 23:30:27 +0000 (16:30 -0700)]
Git 2.23.3
This merges up the security fix from v2.17.5.
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Jonathan Nieder [Sun, 19 Apr 2020 23:30:19 +0000 (16:30 -0700)]
Git 2.22.4
This merges up the security fix from v2.17.5.
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Jonathan Nieder [Sun, 19 Apr 2020 23:30:08 +0000 (16:30 -0700)]
Git 2.21.3
This merges up the security fix from v2.17.5.
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Jonathan Nieder [Sun, 19 Apr 2020 23:28:57 +0000 (16:28 -0700)]
Git 2.20.4
This merges up the security fix from v2.17.5.
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Jonathan Nieder [Sun, 19 Apr 2020 23:26:41 +0000 (16:26 -0700)]
Git 2.19.5
This merges up the security fix from v2.17.5.
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Jonathan Nieder [Sun, 19 Apr 2020 23:24:14 +0000 (16:24 -0700)]
Git 2.18.4
This merges up the security fix from v2.17.5.
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Jeff King [Sun, 19 Apr 2020 06:34:55 +0000 (02:34 -0400)]
Git 2.17.5
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Jonathan Nieder [Sun, 19 Apr 2020 03:57:22 +0000 (20:57 -0700)]
fsck: reject URL with empty host in .gitmodules
Git's URL parser interprets
https:///example.com/repo.git
to have no host and a path of "example.com/repo.git". Curl, on the
other hand, internally redirects it to https://example.com/repo.git. As
a result, until "credential: parse URL without host as empty host, not
unset", tricking a user into fetching from such a URL would cause Git to
send credentials for another host to example.com.
Teach fsck to block and detect .gitmodules files using such a URL to
prevent sharing them with Git versions that are not yet protected.
A relative URL in a .gitmodules file could also be used to trigger this.
The relative URL resolver used for .gitmodules does not normalize
sequences of slashes and can follow ".." components out of the path part
and to the host part of a URL, meaning that such a relative URL can be
used to traverse from a https://foo.example.com/innocent superproject to
a https:///attacker.example.com/exploit submodule. Fortunately,
redundant extra slashes in .gitmodules are rare, so we can catch this by
detecting one after a leading sequence of "./" and "../" components.
Helped-by: Jeff King <peff@peff.net>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Reviewed-by: Jeff King <peff@peff.net>
Jonathan Nieder [Sun, 19 Apr 2020 03:54:57 +0000 (20:54 -0700)]
credential: treat URL with empty scheme as invalid
Until "credential: refuse to operate when missing host or protocol",
Git's credential handling code interpreted URLs with empty scheme to
mean "give me credentials matching this host for any protocol".
Luckily libcurl does not recognize such URLs (it tries to look for a
protocol named "" and fails). Just in case that changes, let's reject
them within Git as well. This way, credential_from_url is guaranteed to
always produce a "struct credential" with protocol and host set.
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Jonathan Nieder [Sun, 19 Apr 2020 03:54:13 +0000 (20:54 -0700)]
credential: treat URL without scheme as invalid
libcurl permits making requests without a URL scheme specified. In
this case, it guesses the URL from the hostname, so I can run
git ls-remote http::ftp.example.com/path/to/repo
and it would make an FTP request.
Any user intentionally using such a URL is likely to have made a typo.
Unfortunately, credential_from_url is not able to determine the host and
protocol in order to determine appropriate credentials to send, and
until "credential: refuse to operate when missing host or protocol",
this resulted in another host's credentials being leaked to the named
host.
Teach credential_from_url_gently to consider such a URL to be invalid
so that fsck can detect and block gitmodules files with such URLs,
allowing server operators to avoid serving them to downstream users
running older versions of Git.
This also means that when such URLs are passed on the command line, Git
will print a clearer error so affected users can switch to the simpler
URL that explicitly specifies the host and protocol they intend.
One subtlety: .gitmodules files can contain relative URLs, representing
a URL relative to the URL they were cloned from. The relative URL
resolver used for .gitmodules can follow ".." components out of the path
part and past the host part of a URL, meaning that such a relative URL
can be used to traverse from a https://foo.example.com/innocent
superproject to a https::attacker.example.com/exploit submodule.
Fortunately a leading ':' in the first path component after a series of
leading './' and '../' components is unlikely to show up in other
contexts, so we can catch this by detecting that pattern.
Reported-by: Jeff King <peff@peff.net>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Reviewed-by: Jeff King <peff@peff.net>
Jeff King [Sun, 19 Apr 2020 03:53:09 +0000 (20:53 -0700)]
credential: die() when parsing invalid urls
When we try to initialize credential loading by URL and find that the
URL is invalid, we set all fields to NULL in order to avoid acting on
malicious input. Later when we request credentials, we diagonse the
erroneous input:
fatal: refusing to work with credential missing host field
This is problematic in two ways:
- The message doesn't tell the user *why* we are missing the host
field, so they can't tell from this message alone how to recover.
There can be intervening messages after the original warning of
bad input, so the user may not have the context to put two and two
together.
- The error only occurs when we actually need to get a credential. If
the URL permits anonymous access, the only encouragement the user gets
to correct their bogus URL is a quiet warning.
This is inconsistent with the check we perform in fsck, where any use
of such a URL as a submodule is an error.
When we see such a bogus URL, let's not try to be nice and continue
without helpers. Instead, die() immediately. This is simpler and
obviously safe. And there's very little chance of disrupting a normal
workflow.
It's _possible_ that somebody has a legitimate URL with a raw newline in
it. It already wouldn't work with credential helpers, so this patch
steps that up from an inconvenience to "we will refuse to work with it
at all". If such a case does exist, we should figure out a way to work
with it (especially if the newline is only in the path component, which
we normally don't even pass to helpers). But until we see a real report,
we're better off being defensive.
Reported-by: Carlo Arenas <carenas@gmail.com>
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Jonathan Nieder [Sun, 19 Apr 2020 03:52:34 +0000 (20:52 -0700)]
fsck: convert gitmodules url to URL passed to curl
In
07259e74ec1 (fsck: detect gitmodules URLs with embedded newlines,
2020-03-11), git fsck learned to check whether URLs in .gitmodules could
be understood by the credential machinery when they are handled by
git-remote-curl.
However, the check is overbroad: it checks all URLs instead of only
URLs that would be passed to git-remote-curl. In principle a git:// or
file:/// URL does not need to follow the same conventions as an http://
URL; in particular, git:// and file:// protocols are not succeptible to
issues in the credential API because they do not support attaching
credentials.
In the HTTP case, the URL in .gitmodules does not always match the URL
that would be passed to git-remote-curl and the credential machinery:
Git's URL syntax allows specifying a remote helper followed by a "::"
delimiter and a URL to be passed to it, so that
git ls-remote http::https://example.com/repo.git
invokes git-remote-http with https://example.com/repo.git as its URL
argument. With today's checks, that distinction does not make a
difference, but for a check we are about to introduce (for empty URL
schemes) it will matter.
.gitmodules files also support relative URLs. To ensure coverage for the
https based embedded-newline attack, urldecode and check them directly
for embedded newlines.
Helped-by: Jeff King <peff@peff.net>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Reviewed-by: Jeff King <peff@peff.net>
Jeff King [Sun, 19 Apr 2020 03:50:48 +0000 (20:50 -0700)]
credential: refuse to operate when missing host or protocol
The credential helper protocol was designed to be very flexible: the
fields it takes as input are treated as a pattern, and any missing
fields are taken as wildcards. This allows unusual things like:
echo protocol=https | git credential reject
to delete all stored https credentials (assuming the helpers themselves
treat the input that way). But when helpers are invoked automatically by
Git, this flexibility works against us. If for whatever reason we don't
have a "host" field, then we'd match _any_ host. When you're filling a
credential to send to a remote server, this is almost certainly not what
you want.
Prevent this at the layer that writes to the credential helper. Add a
check to the credential API that the host and protocol are always passed
in, and add an assertion to the credential_write function that speaks
credential helper protocol to be doubly sure.
There are a few ways this can be triggered in practice:
- the "git credential" command passes along arbitrary credential
parameters it reads from stdin.
- until the previous patch, when the host field of a URL is empty, we
would leave it unset (rather than setting it to the empty string)
- a URL like "example.com/foo.git" is treated by curl as if "http://"
was present, but our parser sees it as a non-URL and leaves all
fields unset
- the recent fix for URLs with embedded newlines blanks the URL but
otherwise continues. Rather than having the desired effect of
looking up no credential at all, many helpers will return _any_
credential
Our earlier test for an embedded newline didn't catch this because it
only checked that the credential was cleared, but didn't configure an
actual helper. Configuring the "verbatim" helper in the test would show
that it is invoked (it's obviously a silly helper which doesn't look at
its input, but the point is that it shouldn't be run at all). Since
we're switching this case to die(), we don't need to bother with a
helper. We can see the new behavior just by checking that the operation
fails.
We'll add new tests covering partial input as well (these can be
triggered through various means with url-parsing, but it's simpler to
just check them directly, as we know we are covered even if the url
parser changes behavior in the future).
[jn: changed to die() instead of logging and showing a manual
username/password prompt]
Reported-by: Carlo Arenas <carenas@gmail.com>
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>