summaryrefslogtreecommitdiff
path: root/Documentation/RelNotes
diff options
context:
space:
mode:
Diffstat (limited to 'Documentation/RelNotes')
-rw-r--r--Documentation/RelNotes/1.7.11.7.txt2
-rw-r--r--Documentation/RelNotes/2.13.7.txt20
-rw-r--r--Documentation/RelNotes/2.14.4.txt5
-rw-r--r--Documentation/RelNotes/2.14.5.txt16
-rw-r--r--Documentation/RelNotes/2.15.2.txt3
-rw-r--r--Documentation/RelNotes/2.15.3.txt6
-rw-r--r--Documentation/RelNotes/2.16.4.txt5
-rw-r--r--Documentation/RelNotes/2.16.5.txt6
-rw-r--r--Documentation/RelNotes/2.17.0.txt2
-rw-r--r--Documentation/RelNotes/2.17.1.txt16
-rw-r--r--Documentation/RelNotes/2.17.2.txt12
-rw-r--r--Documentation/RelNotes/2.18.0.txt583
-rw-r--r--Documentation/RelNotes/2.18.1.txt6
-rw-r--r--Documentation/RelNotes/2.19.0.txt615
-rw-r--r--Documentation/RelNotes/2.19.1.txt6
-rw-r--r--Documentation/RelNotes/2.19.2.txt108
-rw-r--r--Documentation/RelNotes/2.20.0.txt700
17 files changed, 2109 insertions, 2 deletions
diff --git a/Documentation/RelNotes/1.7.11.7.txt b/Documentation/RelNotes/1.7.11.7.txt
index e7e79d999b..e743a2a8e4 100644
--- a/Documentation/RelNotes/1.7.11.7.txt
+++ b/Documentation/RelNotes/1.7.11.7.txt
@@ -25,7 +25,7 @@ Fixes since v1.7.11.6
references" nor "Reload" did not update what is shown as the
contents of it, when the user overwrote the tag with "git tag -f".
- * "git for-each-ref" did not currectly support more than one --sort
+ * "git for-each-ref" did not correctly support more than one --sort
option.
* "git log .." errored out saying it is both rev range and a path
diff --git a/Documentation/RelNotes/2.13.7.txt b/Documentation/RelNotes/2.13.7.txt
new file mode 100644
index 0000000000..09fc01406c
--- /dev/null
+++ b/Documentation/RelNotes/2.13.7.txt
@@ -0,0 +1,20 @@
+Git v2.13.7 Release Notes
+=========================
+
+Fixes since v2.13.6
+-------------------
+
+ * Submodule "names" come from the untrusted .gitmodules file, but we
+ blindly append them to $GIT_DIR/modules to create our on-disk repo
+ paths. This means you can do bad things by putting "../" into the
+ name. We now enforce some rules for submodule names which will cause
+ Git to ignore these malicious names (CVE-2018-11235).
+
+ Credit for finding this vulnerability and the proof of concept from
+ which the test script was adapted goes to Etienne Stalmans.
+
+ * It was possible to trick the code that sanity-checks paths on NTFS
+ into reading random piece of memory (CVE-2018-11233).
+
+Credit for fixing for these bugs goes to Jeff King, Johannes
+Schindelin and others.
diff --git a/Documentation/RelNotes/2.14.4.txt b/Documentation/RelNotes/2.14.4.txt
new file mode 100644
index 0000000000..97755a89d9
--- /dev/null
+++ b/Documentation/RelNotes/2.14.4.txt
@@ -0,0 +1,5 @@
+Git v2.14.4 Release Notes
+=========================
+
+This release is to forward-port the fixes made in the v2.13.7 version
+of Git. See its release notes for details.
diff --git a/Documentation/RelNotes/2.14.5.txt b/Documentation/RelNotes/2.14.5.txt
new file mode 100644
index 0000000000..130645fb29
--- /dev/null
+++ b/Documentation/RelNotes/2.14.5.txt
@@ -0,0 +1,16 @@
+Git v2.14.5 Release Notes
+=========================
+
+This release is to address the recently reported CVE-2018-17456.
+
+Fixes since v2.14.4
+-------------------
+
+ * Submodules' "URL"s come from the untrusted .gitmodules file, but
+ we blindly gave it to "git clone" to clone submodules when "git
+ clone --recurse-submodules" was used to clone a project that has
+ such a submodule. The code has been hardened to reject such
+ malformed URLs (e.g. one that begins with a dash).
+
+Credit for finding and fixing this vulnerability goes to joernchen
+and Jeff King, respectively.
diff --git a/Documentation/RelNotes/2.15.2.txt b/Documentation/RelNotes/2.15.2.txt
index 9f7e28f8a2..b480e56b68 100644
--- a/Documentation/RelNotes/2.15.2.txt
+++ b/Documentation/RelNotes/2.15.2.txt
@@ -43,5 +43,8 @@ Fixes since v2.15.1
* Clarify and enhance documentation for "merge-base --fork-point", as
it was clear what it computed but not why/what for.
+ * This release also contains the fixes made in the v2.13.7 version of
+ Git. See its release notes for details.
+
Also contains various documentation updates and code clean-ups.
diff --git a/Documentation/RelNotes/2.15.3.txt b/Documentation/RelNotes/2.15.3.txt
new file mode 100644
index 0000000000..fd2e6f8df7
--- /dev/null
+++ b/Documentation/RelNotes/2.15.3.txt
@@ -0,0 +1,6 @@
+Git v2.15.3 Release Notes
+=========================
+
+This release merges up the fixes that appear in v2.14.5 to address
+the recently reported CVE-2018-17456; see the release notes for that
+version for details.
diff --git a/Documentation/RelNotes/2.16.4.txt b/Documentation/RelNotes/2.16.4.txt
new file mode 100644
index 0000000000..6be538ba30
--- /dev/null
+++ b/Documentation/RelNotes/2.16.4.txt
@@ -0,0 +1,5 @@
+Git v2.16.4 Release Notes
+=========================
+
+This release is to forward-port the fixes made in the v2.13.7 version
+of Git. See its release notes for details.
diff --git a/Documentation/RelNotes/2.16.5.txt b/Documentation/RelNotes/2.16.5.txt
new file mode 100644
index 0000000000..cb8ee02a9a
--- /dev/null
+++ b/Documentation/RelNotes/2.16.5.txt
@@ -0,0 +1,6 @@
+Git v2.16.5 Release Notes
+=========================
+
+This release merges up the fixes that appear in v2.14.5 to address
+the recently reported CVE-2018-17456; see the release notes for that
+version for details.
diff --git a/Documentation/RelNotes/2.17.0.txt b/Documentation/RelNotes/2.17.0.txt
index d6db0e19cf..c2cf891f71 100644
--- a/Documentation/RelNotes/2.17.0.txt
+++ b/Documentation/RelNotes/2.17.0.txt
@@ -342,7 +342,7 @@ Fixes since v2.16
validate the data and connected-ness of objects in the received
pack; the code to perform this check has been taught about the
narrow clone's convention that missing objects that are reachable
- from objects in a pack that came from a promissor remote is OK.
+ from objects in a pack that came from a promisor remote is OK.
* There was an unused file-scope static variable left in http.c when
building for versions of libCURL that is older than 7.19.4, which
diff --git a/Documentation/RelNotes/2.17.1.txt b/Documentation/RelNotes/2.17.1.txt
new file mode 100644
index 0000000000..e01384fe8e
--- /dev/null
+++ b/Documentation/RelNotes/2.17.1.txt
@@ -0,0 +1,16 @@
+Git v2.17.1 Release Notes
+=========================
+
+Fixes since v2.17
+-----------------
+
+ * This release contains the same fixes made in the v2.13.7 version of
+ Git, covering CVE-2018-11233 and 11235, and forward-ported to
+ v2.14.4, v2.15.2 and v2.16.4 releases. See release notes to
+ v2.13.7 for details.
+
+ * In addition to the above fixes, this release has support on the
+ server side to reject pushes to repositories that attempt to create
+ such problematic .gitmodules file etc. as tracked contents, to help
+ hosting sites protect their customers by preventing malicious
+ contents from spreading.
diff --git a/Documentation/RelNotes/2.17.2.txt b/Documentation/RelNotes/2.17.2.txt
new file mode 100644
index 0000000000..ef021be870
--- /dev/null
+++ b/Documentation/RelNotes/2.17.2.txt
@@ -0,0 +1,12 @@
+Git v2.17.2 Release Notes
+=========================
+
+This release merges up the fixes that appear in v2.14.5 to address
+the recently reported CVE-2018-17456; see the release notes for that
+version for details.
+
+In addition, this release also teaches "fsck" and the server side
+logic to reject pushes to repositories that attempt to create such a
+problematic ".gitmodules" file as tracked contents, to help hosting
+sites protect their customers by preventing malicious contents from
+spreading.
diff --git a/Documentation/RelNotes/2.18.0.txt b/Documentation/RelNotes/2.18.0.txt
new file mode 100644
index 0000000000..3ea280cf68
--- /dev/null
+++ b/Documentation/RelNotes/2.18.0.txt
@@ -0,0 +1,583 @@
+Git 2.18 Release Notes
+======================
+
+Updates since v2.17
+-------------------
+
+UI, Workflows & Features
+
+ * Rename detection logic that is used in "merge" and "cherry-pick" has
+ learned to guess when all of x/a, x/b and x/c have moved to z/a,
+ z/b and z/c, it is likely that x/d added in the meantime would also
+ want to move to z/d by taking the hint that the entire directory
+ 'x' moved to 'z'. A bug causing dirty files involved in a rename
+ to be overwritten during merge has also been fixed as part of this
+ work. Incidentally, this also avoids updating a file in the
+ working tree after a (non-trivial) merge whose result matches what
+ our side originally had.
+
+ * "git filter-branch" learned to use a different exit code to allow
+ the callers to tell the case where there was no new commits to
+ rewrite from other error cases.
+
+ * When built with more recent cURL, GIT_SSL_VERSION can now specify
+ "tlsv1.3" as its value.
+
+ * "git gui" learned that "~/.ssh/id_ecdsa.pub" and
+ "~/.ssh/id_ed25519.pub" are also possible SSH key files.
+ (merge 2e2f0288ef bb/git-gui-ssh-key-files later to maint).
+
+ * "git gui" performs commit upon CTRL/CMD+ENTER but the
+ CTRL/CMD+KP_ENTER (i.e. enter key on the numpad) did not have the
+ same key binding. It now does.
+ (merge 28a1d94a06 bp/git-gui-bind-kp-enter later to maint).
+
+ * "git gui" has been taught to work with old versions of tk (like
+ 8.5.7) that do not support "ttk::style theme use" as a way to query
+ the current theme.
+ (merge 4891961105 cb/git-gui-ttk-style later to maint).
+
+ * "git rebase" has learned to honor "--signoff" option when using
+ backends other than "am" (but not "--preserve-merges").
+
+ * "git branch --list" during an interrupted "rebase -i" now lets
+ users distinguish the case where a detached HEAD is being rebased
+ and a normal branch is being rebased.
+
+ * "git mergetools" learned talking to guiffy.
+
+ * The scripts in contrib/emacs/ have outlived their usefulness and
+ have been replaced with a stub that errors out and tells the user
+ there are replacements.
+
+ * The new "working-tree-encoding" attribute can ask Git to convert the
+ contents to the specified encoding when checking out to the working
+ tree (and the other way around when checking in).
+
+ * The "git config" command uses separate options e.g. "--int",
+ "--bool", etc. to specify what type the caller wants the value to
+ be interpreted as. A new "--type=<typename>" option has been
+ introduced, which would make it cleaner to define new types.
+
+ * "git config --get" learned the "--default" option, to help the
+ calling script. Building on top of the above changes, the
+ "git config" learns "--type=color" type. Taken together, you can
+ do things like "git config --get foo.color --default blue" and get
+ the ANSI color sequence for the color given to foo.color variable,
+ or "blue" if the variable does not exist.
+
+ * "git ls-remote" learned an option to allow sorting its output based
+ on the refnames being shown.
+
+ * The command line completion (in contrib/) has been taught that "git
+ stash save" has been deprecated ("git stash push" is the preferred
+ spelling in the new world) and does not offer it as a possible
+ completion candidate when "git stash push" can be.
+
+ * "git gc --prune=nonsense" spent long time repacking and then
+ silently failed when underlying "git prune --expire=nonsense"
+ failed to parse its command line. This has been corrected.
+
+ * Error messages from "git push" can be painted for more visibility.
+
+ * "git http-fetch" (deprecated) had an optional and experimental
+ "feature" to fetch only commits and/or trees, which nobody used.
+ This has been removed.
+
+ * The functionality of "$GIT_DIR/info/grafts" has been superseded by
+ the "refs/replace/" mechanism for some time now, but the internal
+ code had support for it in many places, which has been cleaned up
+ in order to drop support of the "grafts" mechanism.
+
+ * "git worktree add" learned to check out an existing branch.
+
+ * "git --no-pager cmd" did not have short-and-sweet single letter
+ option. Now it does as "-P".
+ (merge 7213c28818 js/no-pager-shorthand later to maint).
+
+ * "git rebase" learned "--rebase-merges" to transplant the whole
+ topology of commit graph elsewhere.
+
+ * "git status" learned to pay attention to UI related diff
+ configuration variables such as diff.renames.
+
+ * The command line completion mechanism (in contrib/) learned to load
+ custom completion file for "git $command" where $command is a
+ custom "git-$command" that the end user has on the $PATH when using
+ newer version of bash-completion.
+
+ * "git send-email" can sometimes offer confirmation dialog "Send this
+ email?" with choices 'Yes', 'No', 'Quit', and 'All'. A new action
+ 'Edit' has been added to this dialog's choice.
+
+ * With merge.renames configuration set to false, the recursive merge
+ strategy can be told not to spend cycles trying to find renamed
+ paths and merge them accordingly.
+
+ * "git status" learned to honor a new status.renames configuration to
+ skip rename detection, which could be useful for those who want to
+ do so without disabling the default rename detection done by the
+ "git diff" command.
+
+ * Command line completion (in contrib/) learned to complete pathnames
+ for various commands better.
+
+ * "git blame" learns to unhighlight uninteresting metadata from the
+ originating commit on lines that are the same as the previous one,
+ and also paint lines in different colors depending on the age of
+ the commit.
+
+ * Transfer protocol v2 learned to support the partial clone.
+
+ * When a short hexadecimal string is used to name an object but there
+ are multiple objects that share the string as the prefix of their
+ names, the code lists these ambiguous candidates in a help message.
+ These object names are now sorted according to their types for
+ easier eyeballing.
+
+ * "git fetch $there $refspec" that talks over protocol v2 can take
+ advantage of server-side ref filtering; the code has been extended
+ so that this mechanism triggers also when fetching with configured
+ refspec.
+
+ * Our HTTP client code used to advertise that we accept gzip encoding
+ from the other side; instead, just let cURL library to advertise
+ and negotiate the best one.
+
+ * "git p4" learned to "unshelve" shelved commit from P4.
+ (merge 123f631761 ld/p4-unshelve later to maint).
+
+
+Performance, Internal Implementation, Development Support etc.
+
+ * A "git fetch" from a repository with insane number of refs into a
+ repository that is already up-to-date still wasted too many cycles
+ making many lstat(2) calls to see if these objects at the tips
+ exist as loose objects locally. These lstat(2) calls are optimized
+ away by enumerating all loose objects beforehand.
+ It is unknown if the new strategy negatively affects existing use
+ cases, fetching into a repository with many loose objects from a
+ repository with small number of refs.
+
+ * Git can be built to use either v1 or v2 of the PCRE library, and so
+ far, the build-time configuration USE_LIBPCRE=YesPlease instructed
+ the build procedure to use v1, but now it means v2. USE_LIBPCRE1
+ and USE_LIBPCRE2 can be used to explicitly choose which version to
+ use, as before.
+
+ * The build procedure learned to optionally use symbolic links
+ (instead of hardlinks and copies) to install "git-foo" for built-in
+ commands, whose binaries are all identical.
+
+ * Conversion from uchar[20] to struct object_id continues.
+
+ * The way "git worktree prune" worked internally has been simplified,
+ by assuming how "git worktree move" moves an existing worktree to a
+ different place.
+
+ * Code clean-up for the "repository" abstraction.
+ (merge 00a3da2a13 nd/remove-ignore-env-field later to maint).
+
+ * Code to find the length to uniquely abbreviate object names based
+ on packfile content, which is a relatively recent addtion, has been
+ optimized to use the same fan-out table.
+
+ * The mechanism to use parse-options API to automate the command line
+ completion continues to get extended and polished.
+
+ * Copies of old scripted Porcelain commands in contrib/examples/ have
+ been removed.
+
+ * Some tests that rely on the exact hardcoded values of object names
+ have been updated in preparation for hash function migration.
+
+ * Perf-test update.
+
+ * Test helper update.
+
+ * The effort continues to refactor the internal global data structure
+ to make it possible to open multiple repositories, work with and
+ then close them,
+
+ * Small test-helper programs have been consolidated into a single
+ binary.
+
+ * API clean-up around ref-filter code.
+
+ * Shell completion (in contrib) that gives list of paths have been
+ optimized somewhat.
+
+ * The index file is updated to record the fsmonitor section after a
+ full scan was made, to avoid wasting the effort that has already
+ spent.
+
+ * Performance measuring framework in t/perf learned to help bisecting
+ performance regressions.
+
+ * Some multi-word source filenames are being renamed to separate
+ words with dashes instead of underscores.
+
+ * An reusable "memory pool" implementation has been extracted from
+ fast-import.c, which in turn has become the first user of the
+ mem-pool API.
+
+ * A build-time option has been added to allow Git to be told to refer
+ to its associated files relative to the main binary, in the same
+ way that has been possible on Windows for quite some time, for
+ Linux, BSDs and Darwin.
+
+ * Precompute and store information necessary for ancestry traversal
+ in a separate file to optimize graph walking.
+
+ * The effort to pass the repository in-core structure throughout the
+ API continues. This round deals with the code that implements the
+ refs/replace/ mechanism.
+
+ * The build procedure "make DEVELOPER=YesPlease" learned to enable a
+ bit more warning options depending on the compiler used to help
+ developers more. There also is "make DEVOPTS=tokens" knob
+ available now, for those who want to help fixing warnings we
+ usually ignore, for example.
+
+ * A new version of the transport protocol is being worked on.
+
+ * The code to interface to GPG has been restructured somewhat to make
+ it cleaner to integrate with other types of signature systems later.
+
+ * The code has been taught to use the duplicated information stored
+ in the commit-graph file to learn the tree object name for a commit
+ to avoid opening and parsing the commit object when it makes sense
+ to do so.
+
+ * "git gc" in a large repository takes a lot of time as it considers
+ to repack all objects into one pack by default. The command has
+ been taught to pretend as if the largest existing packfile is
+ marked with ".keep" so that it is left untouched while objects in
+ other packs and loose ones are repacked.
+
+ * The transport protocol v2 is getting updated further.
+
+ * The codepath around object-info API has been taught to take the
+ repository object (which in turn tells the API which object store
+ the objects are to be located).
+
+ * "git pack-objects" needs to allocate tons of "struct object_entry"
+ while doing its work, and shrinking its size helps the performance
+ quite a bit.
+
+ * The implementation of "git rebase -i --root" has been updated to use
+ the sequencer machinery more.
+
+ * Developer support update, by using BUG() macro instead of die() to
+ mark codepaths that should not happen more clearly.
+
+ * Developer support. Use newer GCC on one of the builds done at
+ TravisCI.org to get more warnings and errors diagnosed.
+
+ * Conversion from uchar[20] to struct object_id continues.
+
+ * By code restructuring of submodule merge in merge-recursive,
+ informational messages from the codepath are now given using the
+ same mechanism as other output, and honor the merge.verbosity
+ configuration. The code also learned to give a few new messages
+ when a submodule three-way merge resolves cleanly when one side
+ records a descendant of the commit chosen by the other side.
+
+ * Avoid unchecked snprintf() to make future code auditing easier.
+ (merge ac4896f007 jk/snprintf-truncation later to maint).
+
+ * Many tests hardcode the raw object names, which would change once
+ we migrate away from SHA-1. While some of them must test against
+ exact object names, most of them do not have to use hardcoded
+ constants in the test. The latter kind of tests have been updated
+ to test the moral equivalent of the original without hardcoding the
+ actual object names.
+
+ * The list of commands with their various attributes were spread
+ across a few places in the build procedure, but it now is getting a
+ bit more consolidated to allow more automation.
+
+ * Quite a many tests assumed that newly created refs are made as
+ loose refs using the files backend, which have been updated to use
+ proper plumbing like rev-parse and update-ref, to avoid breakage
+ once we start using different ref backends.
+
+
+Also contains various documentation updates and code clean-ups.
+
+
+Fixes since v2.17
+-----------------
+
+ * "git shortlog cruft" aborted with a BUG message when run outside a
+ Git repository. The command has been taught to complain about
+ extra and unwanted arguments on its command line instead in such a
+ case.
+ (merge 4aa0161e83 ma/shortlog-revparse later to maint).
+
+ * "git stash push -u -- <pathspec>" gave an unnecessary and confusing
+ error message when there was no tracked files that match the
+ <pathspec>, which has been fixed.
+ (merge 353278687e tg/stash-untracked-with-pathspec-fix later to maint).
+
+ * "git tag --contains no-such-commit" gave a full list of options
+ after giving an error message.
+ (merge 3bb0923f06 ps/contains-id-error-message later to maint).
+
+ * "diff-highlight" filter (in contrib/) learned to understand "git log
+ --graph" output better.
+ (merge 4551fbba14 jk/diff-highlight-graph-fix later to maint).
+
+ * when refs that do not point at committish are given, "git
+ filter-branch" gave a misleading error messages. This has been
+ corrected.
+ (merge f78ab355e7 yk/filter-branch-non-committish-refs later to maint).
+
+ * "git submodule status" misbehaved on a submodule that has been
+ removed from the working tree.
+ (merge 74b6bda32f rs/status-with-removed-submodule later to maint).
+
+ * When credential helper exits very quickly without reading its
+ input, it used to cause Git to die with SIGPIPE, which has been
+ fixed.
+ (merge a0d51e8d0e eb/cred-helper-ignore-sigpipe later to maint).
+
+ * "git rebase --keep-empty" still removed an empty commit if the
+ other side contained an empty commit (due to the "does an
+ equivalent patch exist already?" check), which has been corrected.
+ (merge 3d946165e1 pw/rebase-keep-empty-fixes later to maint).
+
+ * Some codepaths, including the refs API, get and keep relative
+ paths, that go out of sync when the process does chdir(2). The
+ chdir-notify API is introduced to let these codepaths adjust these
+ cached paths to the new current directory.
+ (merge fb9c2d2703 jk/relative-directory-fix later to maint).
+
+ * "cd sub/dir && git commit ../path" ought to record the changes to
+ the file "sub/path", but this regressed long time ago.
+ (merge 86238e07ef bw/commit-partial-from-subdirectory-fix later to maint).
+
+ * Recent introduction of "--log-destination" option to "git daemon"
+ did not work well when the daemon was run under "--inetd" mode.
+ (merge e67d906d73 lw/daemon-log-destination later to maint).
+
+ * Small fix to the autoconf build procedure.
+ (merge 249482daf0 es/fread-reads-dir-autoconf-fix later to maint).
+
+ * Fix an unexploitable (because the oversized contents are not under
+ attacker's control) buffer overflow.
+ (merge d8579accfa bp/fsmonitor-bufsize-fix later to maint).
+
+ * Recent simplification of build procedure forgot a bit of tweak to
+ the build procedure of contrib/mw-to-git/
+ (merge d8698987f3 ab/simplify-perl-makefile later to maint).
+
+ * Moving a submodule that itself has submodule in it with "git mv"
+ forgot to make necessary adjustment to the nested sub-submodules;
+ now the codepath learned to recurse into the submodules.
+
+ * "git config --unset a.b", when "a.b" is the last variable in an
+ otherwise empty section "a", left an empty section "a" behind, and
+ worse yet, a subsequent "git config a.c value" did not reuse that
+ empty shell and instead created a new one. These have been
+ (partially) corrected.
+ (merge c71d8bb38a js/empty-config-section-fix later to maint).
+
+ * "git worktree remove" learned that "-f" is a shorthand for
+ "--force" option, just like for "git worktree add".
+ (merge d228eea514 sb/worktree-remove-opt-force later to maint).
+
+ * The completion script (in contrib/) learned to clear cached list of
+ command line options upon dot-sourcing it again in a more efficient
+ way.
+ (merge 94408dc71c sg/completion-clear-cached later to maint).
+
+ * "git svn" had a minor thinko/typo which has been fixed.
+ (merge 51db271587 ab/git-svn-get-record-typofix later to maint).
+
+ * During a "rebase -i" session, the code could give older timestamp
+ to commits created by later "pick" than an earlier "reword", which
+ has been corrected.
+ (merge 12f7babd6b js/ident-date-fix later to maint).
+
+ * "git submodule status" did not check the symbolic revision name it
+ computed for the submodule HEAD is not the NULL, and threw it at
+ printf routines, which has been corrected.
+ (merge 0b5e2ea7cf nd/submodule-status-fix later to maint).
+
+ * When fed input that already has In-Reply-To: and/or References:
+ headers and told to add the same information, "git send-email"
+ added these headers separately, instead of appending to an existing
+ one, which is a violation of the RFC. This has been corrected.
+ (merge 256be1d3f0 sa/send-email-dedup-some-headers later to maint).
+
+ * "git fast-export" had a regression in v2.15.0 era where it skipped
+ some merge commits in certain cases, which has been corrected.
+ (merge be011bbe00 ma/fast-export-skip-merge-fix later to maint).
+
+ * The code did not propagate the terminal width to subprocesses via
+ COLUMNS environment variable, which it now does. This caused
+ trouble to "git column" helper subprocess when "git tag --column=row"
+ tried to list the existing tags on a display with non-default width.
+ (merge b5d5a567fb nd/term-columns later to maint).
+
+ * We learned that our source files with ".pl" and ".py" extensions
+ are Perl and Python files respectively and changes to them are
+ better viewed as such with appropriate diff drivers.
+ (merge 7818b619e2 ab/perl-python-attrs later to maint).
+
+ * "git rebase -i" sometimes left intermediate "# This is a
+ combination of N commits" message meant for the human consumption
+ inside an editor in the final result in certain corner cases, which
+ has been fixed.
+ (merge 15ef69314d js/rebase-i-clean-msg-after-fixup-continue later to maint).
+
+ * A test to see if the filesystem normalizes UTF-8 filename has been
+ updated to check what we need to know in a more direct way, i.e. a
+ path created in NFC form can be accessed with NFD form (or vice
+ versa) to cope with APFS as well as HFS.
+ (merge 742ae10e35 tb/test-apfs-utf8-normalization later to maint).
+
+ * "git format-patch --cover --attach" created a broken MIME multipart
+ message for the cover letter, which has been fixed by keeping the
+ cover letter as plain text file.
+ (merge 50cd54ef4e bc/format-patch-cover-no-attach later to maint).
+
+ * The split-index feature had a long-standing and dormant bug in
+ certain use of the in-core merge machinery, which has been fixed.
+ (merge 7db118303a en/unpack-trees-split-index-fix later to maint).
+
+ * Asciidoctor gives a reasonable imitation for AsciiDoc, but does not
+ render illustration in a literal block correctly when indented with
+ HT by default. The problem is fixed by forcing 8-space tabs.
+ (merge 379805051d bc/asciidoctor-tab-width later to maint).
+
+ * Code clean-up to adjust to a more recent lockfile API convention that
+ allows lockfile instances kept on the stack.
+ (merge 0fa5a2ed8d ma/lockfile-cleanup later to maint).
+
+ * the_repository->index is not a allocated piece of memory but
+ repo_clear() indiscriminately attempted to free(3) it, which has
+ been corrected.
+ (merge 74373b5f10 nd/repo-clear-keep-the-index later to maint).
+
+ * Code clean-up to avoid non-standard-conformant pointer arithmetic.
+ (merge c112084af9 rs/no-null-ptr-arith-in-fast-export later to maint).
+
+ * Code clean-up to turn history traversal more robust in a
+ semi-corrupt repository.
+ (merge 8702b30fd7 jk/unavailable-can-be-missing later to maint).
+
+ * "git update-ref A B" is supposed to ensure that ref A does not yet
+ exist when B is a NULL OID, but this check was not done correctly
+ for pseudo-refs outside refs/ hierarchy, e.g. MERGE_HEAD.
+
+ * "git submodule update" and "git submodule add" supported the
+ "--reference" option to borrow objects from a neighbouring local
+ repository like "git clone" does, but lacked the more recent
+ invention "--dissociate". Also "git submodule add" has been taught
+ to take the "--progress" option.
+ (merge a0ef29341a cf/submodule-progress-dissociate later to maint).
+
+ * Update credential-netrc helper (in contrib/) to allow customizing
+ the GPG used to decrypt the encrypted .netrc file.
+ (merge 786ef50a23 lm/credential-netrc later to maint).
+
+ * "git submodule update" attempts two different kinds of "git fetch"
+ against the upstream repository to grab a commit bound at the
+ submodule's path, but it incorrectly gave up if the first kind
+ (i.e. a normal fetch) failed, making the second "last resort" one
+ (i.e. fetching an exact commit object by object name) ineffective.
+ This has been corrected.
+ (merge e30d833671 sb/submodule-update-try-harder later to maint).
+
+ * Error behaviour of "git grep" when it cannot read the index was
+ inconsistent with other commands that uses the index, which has
+ been corrected to error out early.
+ (merge b2aa84c789 sb/grep-die-on-unreadable-index later to maint).
+
+ * We used to call regfree() after regcomp() failed in some codepaths,
+ which have been corrected.
+ (merge 17154b1576 ma/regex-no-regfree-after-comp-fail later to maint).
+
+ * The import-tars script (in contrib/) has been taught to handle
+ tarballs with overly long paths that use PAX extended headers.
+ (merge 12ecea46e3 pa/import-tars-long-names later to maint).
+
+ * "git rev-parse Y..." etc. misbehaved when given endpoints were
+ not committishes.
+ (merge 0ed556d38f en/rev-parse-invalid-range later to maint).
+
+ * "git pull --recurse-submodules --rebase", when the submodule
+ repository's history did not have anything common between ours and
+ the upstream's, failed to execute. We need to fetch from them to
+ continue even in such a case.
+ (merge 4d36f88be7 jt/submodule-pull-recurse-rebase later to maint).
+
+ * "git remote update" can take both a single remote nickname and a
+ nickname for remote groups, but only one of them was documented.
+ (merge a97447a42a nd/remote-update-doc later to maint).
+
+ * "index-pack --strict" has been taught to make sure that it runs the
+ final object integrity checks after making the freshly indexed
+ packfile available to itself.
+ (merge 3737746120 jk/index-pack-maint later to maint).
+
+ * Make zlib inflate codepath more robust against versions of zlib
+ that clobber unused portion of outbuf.
+ (merge b611396e97 jl/zlib-restore-nul-termination later to maint).
+
+ * Fix old merge glitch in Documentation during v2.13-rc0 era.
+ (merge 28cb06020b mw/doc-merge-enumfix later to maint).
+
+ * The code to read compressed bitmap was not careful to avoid reading
+ past the end of the file, which has been corrected.
+ (merge 1140bf01ec jk/ewah-bounds-check later to maint).
+
+ * "make NO_ICONV=NoThanks" did not override NEEDS_LIBICONV
+ (i.e. linkage of -lintl, -liconv, etc. that are platform-specific
+ tweaks), which has been corrected.
+ (merge fdb1fbbc7d es/make-no-iconv later to maint).
+
+ * Other minor doc, test and build updates and code cleanups.
+ (merge 248f66ed8e nd/trace-with-env later to maint).
+ (merge 14ced5562c ys/bisect-object-id-missing-conversion-fix later to maint).
+ (merge 5988eb631a ab/doc-hash-brokenness later to maint).
+ (merge a4d4e32a70 pk/test-avoid-pipe-hiding-exit-status later to maint).
+ (merge 05e293c1ac jk/flockfile-stdio later to maint).
+ (merge e9184b0789 jk/t5561-missing-curl later to maint).
+ (merge b1801b85a3 nd/worktree-move later to maint).
+ (merge bbd374dd20 ak/bisect-doc-typofix later to maint).
+ (merge 4855f06fb3 mn/send-email-credential-doc later to maint).
+ (merge 8523b1e355 en/doc-typoes later to maint).
+ (merge 43b44ccfe7 js/t5404-path-fix later to maint).
+ (merge decf711fc1 ps/test-chmtime-get later to maint).
+ (merge 22d11a6e8e es/worktree-docs later to maint).
+ (merge 92a5dbbc22 tg/use-git-contacts later to maint).
+ (merge adc887221f tq/t1510 later to maint).
+ (merge bed21a8ad6 sg/doc-gc-quote-mismatch-fix later to maint).
+ (merge 73364e4f10 tz/doc-git-urls-reference later to maint).
+ (merge cd1e606bad bc/mailmap-self later to maint).
+ (merge f7997e3682 ao/config-api-doc later to maint).
+ (merge ee930754d8 jk/apply-p-doc later to maint).
+ (merge 011b648646 nd/pack-format-doc later to maint).
+ (merge 87a6bb701a sg/t5310-jgit-bitmap-test later to maint).
+ (merge f6b82970aa sg/t5516-fixes later to maint).
+ (merge 4362da078e sg/t7005-spaces-in-filenames-cleanup later to maint).
+ (merge 7d0ee47c11 js/test-unset-prereq later to maint).
+ (merge 5356a3c354 ah/misc-doc-updates later to maint).
+ (merge 92c4a7a129 nd/completion-aliasfiletype-typofix later to maint).
+ (merge 58bd77b66a nd/pack-unreachable-objects-doc later to maint).
+ (merge 4ed79d5203 sg/t6500-no-redirect-of-stdin later to maint).
+ (merge 17b8a2d6cd jk/config-blob-sans-repo later to maint).
+ (merge 590551ca2c rd/tag-doc-lightweight later to maint).
+ (merge 44f560fc16 rd/init-typo later to maint).
+ (merge f156a0934a rd/p4-doc-markup-env later to maint).
+ (merge 2a00502b14 tg/doc-sec-list later to maint).
+ (merge 47cc91310a jk/submodule-fsck-loose-fixup later to maint).
+ (merge efde7b725c rd/comment-typofix-in-sha1-file later to maint).
+ (merge 7eedad15df rd/diff-options-typofix later to maint).
+ (merge 58ebd936cc km/doc-workflows-typofix later to maint).
+ (merge 30aa96cdf8 rd/doc-remote-tracking-with-hyphen later to maint).
+ (merge cf317877e3 ks/branch-set-upstream later to maint).
+ (merge 8de19d6be8 sg/t7406-chain-fix later to maint).
diff --git a/Documentation/RelNotes/2.18.1.txt b/Documentation/RelNotes/2.18.1.txt
new file mode 100644
index 0000000000..2098cdd776
--- /dev/null
+++ b/Documentation/RelNotes/2.18.1.txt
@@ -0,0 +1,6 @@
+Git v2.18.1 Release Notes
+=========================
+
+This release merges up the fixes that appear in v2.14.5 and in
+v2.17.2 to address the recently reported CVE-2018-17456; see the
+release notes for those versions for details.
diff --git a/Documentation/RelNotes/2.19.0.txt b/Documentation/RelNotes/2.19.0.txt
new file mode 100644
index 0000000000..a06ccf6e2a
--- /dev/null
+++ b/Documentation/RelNotes/2.19.0.txt
@@ -0,0 +1,615 @@
+Git 2.19 Release Notes
+======================
+
+Updates since v2.18
+-------------------
+
+UI, Workflows & Features
+
+ * "git diff" compares the index and the working tree. For paths
+ added with intent-to-add bit, the command shows the full contents
+ of them as added, but the paths themselves were not marked as new
+ files. They are now shown as new by default.
+
+ "git apply" learned the "--intent-to-add" option so that an
+ otherwise working-tree-only application of a patch will add new
+ paths to the index marked with the "intent-to-add" bit.
+
+ * "git grep" learned the "--column" option that gives not just the
+ line number but the column number of the hit.
+
+ * The "-l" option in "git branch -l" is an unfortunate short-hand for
+ "--create-reflog", but many users, both old and new, somehow expect
+ it to be something else, perhaps "--list". This step warns when "-l"
+ is used as a short-hand for "--create-reflog" and warns about the
+ future repurposing of the it when it is used.
+
+ * The userdiff pattern for .php has been updated.
+
+ * The content-transfer-encoding of the message "git send-email" sends
+ out by default was 8bit, which can cause trouble when there is an
+ overlong line to bust RFC 5322/2822 limit. A new option 'auto' to
+ automatically switch to quoted-printable when there is such a line
+ in the payload has been introduced and is made the default.
+
+ * "git checkout" and "git worktree add" learned to honor
+ checkout.defaultRemote when auto-vivifying a local branch out of a
+ remote tracking branch in a repository with multiple remotes that
+ have tracking branches that share the same names.
+ (merge 8d7b558bae ab/checkout-default-remote later to maint).
+
+ * "git grep" learned the "--only-matching" option.
+
+ * "git rebase --rebase-merges" mode now handles octopus merges as
+ well.
+
+ * Add a server-side knob to skip commits in exponential/fibbonacci
+ stride in an attempt to cover wider swath of history with a smaller
+ number of iterations, potentially accepting a larger packfile
+ transfer, instead of going back one commit a time during common
+ ancestor discovery during the "git fetch" transaction.
+ (merge 42cc7485a2 jt/fetch-negotiator-skipping later to maint).
+
+ * A new configuration variable core.usereplacerefs has been added,
+ primarily to help server installations that want to ignore the
+ replace mechanism altogether.
+
+ * Teach "git tag -s" etc. a few configuration variables (gpg.format
+ that can be set to "openpgp" or "x509", and gpg.<format>.program
+ that is used to specify what program to use to deal with the format)
+ to allow x.509 certs with CMS via "gpgsm" to be used instead of
+ openpgp via "gnupg".
+
+ * Many more strings are prepared for l10n.
+
+ * "git p4 submit" learns to ask its own pre-submit hook if it should
+ continue with submitting.
+
+ * The test performed at the receiving end of "git push" to prevent
+ bad objects from entering repository can be customized via
+ receive.fsck.* configuration variables; we now have gained a
+ counterpart to do the same on the "git fetch" side, with
+ fetch.fsck.* configuration variables.
+
+ * "git pull --rebase=interactive" learned "i" as a short-hand for
+ "interactive".
+
+ * "git instaweb" has been adjusted to run better with newer Apache on
+ RedHat based distros.
+
+ * "git range-diff" is a reimplementation of "git tbdiff" that lets us
+ compare individual patches in two iterations of a topic.
+
+ * The sideband code learned to optionally paint selected keywords at
+ the beginning of incoming lines on the receiving end.
+
+ * "git branch --list" learned to take the default sort order from the
+ 'branch.sort' configuration variable, just like "git tag --list"
+ pays attention to 'tag.sort'.
+
+ * "git worktree" command learned "--quiet" option to make it less
+ verbose.
+
+
+Performance, Internal Implementation, Development Support etc.
+
+ * The bulk of "git submodule foreach" has been rewritten in C.
+
+ * The in-core "commit" object had an all-purpose "void *util" field,
+ which was tricky to use especially in library-ish part of the
+ code. All of the existing uses of the field has been migrated to a
+ more dedicated "commit-slab" mechanism and the field is eliminated.
+
+ * A less often used command "git show-index" has been modernized.
+ (merge fb3010c31f jk/show-index later to maint).
+
+ * The conversion to pass "the_repository" and then "a_repository"
+ throughout the object access API continues.
+
+ * Continuing with the idea to programatically enumerate various
+ pieces of data required for command line completion, teach the
+ codebase to report the list of configuration variables
+ subcommands care about to help complete them.
+
+ * Separate "rebase -p" codepath out of "rebase -i" implementation to
+ slim down the latter and make it easier to manage.
+
+ * Make refspec parsing codepath more robust.
+
+ * Some flaky tests have been fixed.
+
+ * Continuing with the idea to programmatically enumerate various
+ pieces of data required for command line completion, the codebase
+ has been taught to enumerate options prefixed with "--no-" to
+ negate them.
+
+ * Build and test procedure for netrc credential helper (in contrib/)
+ has been updated.
+
+ * Remove unused function definitions and declarations from ewah
+ bitmap subsystem.
+
+ * Code preparation to make "git p4" closer to be usable with Python 3.
+
+ * Tighten the API to make it harder to misuse in-tree .gitmodules
+ file, even though it shares the same syntax with configuration
+ files, to read random configuration items from it.
+
+ * "git fast-import" has been updated to avoid attempting to create
+ delta against a zero-byte-long string, which is pointless.
+
+ * The codebase has been updated to compile cleanly with -pedantic
+ option.
+ (merge 2b647a05d7 bb/pedantic later to maint).
+
+ * The character display width table has been updated to match the
+ latest Unicode standard.
+ (merge 570951eea2 bb/unicode-11-width later to maint).
+
+ * test-lint now looks for broken use of "VAR=VAL shell_func" in test
+ scripts.
+
+ * Conversion from uchar[40] to struct object_id continues.
+
+ * Recent "security fix" to pay attention to contents of ".gitmodules"
+ while accepting "git push" was a bit overly strict than necessary,
+ which has been adjusted.
+
+ * "git fsck" learns to make sure the optional commit-graph file is in
+ a sane state.
+
+ * "git diff --color-moved" feature has further been tweaked.
+
+ * Code restructuring and a small fix to transport protocol v2 during
+ fetching.
+
+ * Parsing of -L[<N>][,[<M>]] parameters "git blame" and "git log"
+ take has been tweaked.
+
+ * lookup_commit_reference() and friends have been updated to find
+ in-core object for a specific in-core repository instance.
+
+ * Various glitches in the heuristics of merge-recursive strategy have
+ been documented in new tests.
+
+ * "git fetch" learned a new option "--negotiation-tip" to limit the
+ set of commits it tells the other end as "have", to reduce wasted
+ bandwidth and cycles, which would be helpful when the receiving
+ repository has a lot of refs that have little to do with the
+ history at the remote it is fetching from.
+
+ * For a large tree, the index needs to hold many cache entries
+ allocated on heap. These cache entries are now allocated out of a
+ dedicated memory pool to amortize malloc(3) overhead.
+
+ * Tests to cover various conflicting cases have been added for
+ merge-recursive.
+
+ * Tests to cover conflict cases that involve submodules have been
+ added for merge-recursive.
+
+ * Look for broken "&&" chains that are hidden in subshell, many of
+ which have been found and corrected.
+
+ * The singleton commit-graph in-core instance is made per in-core
+ repository instance.
+
+ * "make DEVELOPER=1 DEVOPTS=pedantic" allows developers to compile
+ with -pedantic option, which may catch more problematic program
+ constructs and potential bugs.
+
+ * Preparatory code to later add json output for telemetry data has
+ been added.
+
+ * Update the way we use Coccinelle to find out-of-style code that
+ need to be modernised.
+
+ * It is too easy to misuse system API functions such as strcat();
+ these selected functions are now forbidden in this codebase and
+ will cause a compilation failure.
+
+ * Add a script (in contrib/) to help users of VSCode work better with
+ our codebase.
+
+ * The Travis CI scripts were taught to ship back the test data from
+ failed tests.
+ (merge aea8879a6a sg/travis-retrieve-trash-upon-failure later to maint).
+
+ * The parse-options machinery learned to refrain from enclosing
+ placeholder string inside a "<bra" and "ket>" pair automatically
+ without PARSE_OPT_LITERAL_ARGHELP. Existing help text for option
+ arguments that are not formatted correctly have been identified and
+ fixed.
+ (merge 5f0df44cd7 rs/parse-opt-lithelp later to maint).
+
+ * Noiseword "extern" has been removed from function decls in the
+ header files.
+
+ * A few atoms like %(objecttype) and %(objectsize) in the format
+ specifier of "for-each-ref --format=<format>" can be filled without
+ getting the full contents of the object, but just with the object
+ header. These cases have been optimized by calling
+ oid_object_info() API (instead of reading and inspecting the data).
+
+ * The end result of documentation update has been made to be
+ inspected more easily to help developers.
+
+ * The API to iterate over all objects learned to optionally list
+ objects in the order they appear in packfiles, which helps locality
+ of access if the caller accesses these objects while as objects are
+ enumerated.
+
+ * Improve built-in facility to catch broken &&-chain in the tests.
+
+ * The more library-ish parts of the codebase learned to work on the
+ in-core index-state instance that is passed in by their callers,
+ instead of always working on the singleton "the_index" instance.
+
+ * A test prerequisite defined by various test scripts with slightly
+ different semantics has been consolidated into a single copy and
+ made into a lazily defined one.
+ (merge 6ec633059a wc/make-funnynames-shared-lazy-prereq later to maint).
+
+ * After a partial clone, repeated fetches from promisor remote would
+ have accumulated many packfiles marked with .promisor bit without
+ getting them coalesced into fewer packfiles, hurting performance.
+ "git repack" now learned to repack them.
+
+ * Partially revert the support for multiple hash functions to regain
+ hash comparison performance; we'd think of a way to do this better
+ in the next cycle.
+
+ * "git help --config" (which is used in command line completion)
+ missed the configuration variables not described in the main
+ config.txt file but are described in another file that is included
+ by it, which has been corrected.
+
+ * The test linter code has learned that the end of here-doc mark
+ "EOF" can be quoted in a double-quote pair, not just in a
+ single-quote pair.
+
+
+Fixes since v2.18
+-----------------
+
+ * "git remote update" can take both a single remote nickname and a
+ nickname for remote groups, and the completion script (in contrib/)
+ has been taught about it.
+ (merge 9cd4382ad5 ls/complete-remote-update-names later to maint).
+
+ * "git fetch --shallow-since=<cutoff>" that specifies the cut-off
+ point that is newer than the existing history used to end up
+ grabbing the entire history. Such a request now errors out.
+ (merge e34de73c56 nd/reject-empty-shallow-request later to maint).
+
+ * Fix for 2.17-era regression around `core.safecrlf`.
+ (merge 6cb09125be as/safecrlf-quiet-fix later to maint).
+
+ * The recent addition of "partial clone" experimental feature kicked
+ in when it shouldn't, namely, when there is no partial-clone filter
+ defined even if extensions.partialclone is set.
+ (merge cac1137dc4 jh/partial-clone later to maint).
+
+ * "git send-pack --signed" (hence "git push --signed" over the http
+ transport) did not read user ident from the config mechanism to
+ determine whom to sign the push certificate as, which has been
+ corrected.
+ (merge d067d98887 ms/send-pack-honor-config later to maint).
+
+ * "git fetch-pack --all" used to unnecessarily fail upon seeing an
+ annotated tag that points at an object other than a commit.
+ (merge c12c9df527 jk/fetch-all-peeled-fix later to maint).
+
+ * When user edits the patch in "git add -p" and the user's editor is
+ set to strip trailing whitespaces indiscriminately, an empty line
+ that is unchanged in the patch would become completely empty
+ (instead of a line with a sole SP on it). The code introduced in
+ Git 2.17 timeframe failed to parse such a patch, but now it learned
+ to notice the situation and cope with it.
+ (merge f4d35a6b49 pw/add-p-recount later to maint).
+
+ * The code to try seeing if a fetch is necessary in a submodule
+ during a fetch with --recurse-submodules got confused when the path
+ to the submodule was changed in the range of commits in the
+ superproject, sometimes showing "(null)". This has been corrected.
+
+ * Bugfix for "rebase -i" corner case regression.
+ (merge a9279c6785 pw/rebase-i-keep-reword-after-conflict later to maint).
+
+ * Recently added "--base" option to "git format-patch" command did
+ not correctly generate prereq patch ids.
+ (merge 15b76c1fb3 xy/format-patch-prereq-patch-id-fix later to maint).
+
+ * POSIX portability fix in Makefile to fix a glitch introduced a few
+ releases ago.
+ (merge 6600054e9b dj/runtime-prefix later to maint).
+
+ * "git filter-branch" when used with the "--state-branch" option
+ still attempted to rewrite the commits whose filtered result is
+ known from the previous attempt (which is recorded on the state
+ branch); the command has been corrected not to waste cycles doing
+ so.
+ (merge 709cfe848a mb/filter-branch-optim later to maint).
+
+ * Clarify that setting core.ignoreCase to deviate from reality would
+ not turn a case-incapable filesystem into a case-capable one.
+ (merge 48294b512a ms/core-icase-doc later to maint).
+
+ * "fsck.skipList" did not prevent a blob object listed there from
+ being inspected for is contents (e.g. we recently started to
+ inspect the contents of ".gitmodules" for certain malicious
+ patterns), which has been corrected.
+ (merge fb16287719 rj/submodule-fsck-skip later to maint).
+
+ * "git checkout --recurse-submodules another-branch" did not report
+ in which submodule it failed to update the working tree, which
+ resulted in an unhelpful error message.
+ (merge ba95d4e4bd sb/submodule-move-head-error-msg later to maint).
+
+ * "git rebase" behaved slightly differently depending on which one of
+ the three backends gets used; this has been documented and an
+ effort to make them more uniform has begun.
+ (merge b00bf1c9a8 en/rebase-consistency later to maint).
+
+ * The "--ignore-case" option of "git for-each-ref" (and its friends)
+ did not work correctly, which has been fixed.
+ (merge e674eb2528 jk/for-each-ref-icase later to maint).
+
+ * "git fetch" failed to correctly validate the set of objects it
+ received when making a shallow history deeper, which has been
+ corrected.
+ (merge cf1e7c0770 jt/connectivity-check-after-unshallow later to maint).
+
+ * Partial clone support of "git clone" has been updated to correctly
+ validate the objects it receives from the other side. The server
+ side has been corrected to send objects that are directly
+ requested, even if they may match the filtering criteria (e.g. when
+ doing a "lazy blob" partial clone).
+ (merge a7e67c11b8 jt/partial-clone-fsck-connectivity later to maint).
+
+ * Handling of an empty range by "git cherry-pick" was inconsistent
+ depending on how the range ended up to be empty, which has been
+ corrected.
+ (merge c5e358d073 jk/empty-pick-fix later to maint).
+
+ * "git reset --merge" (hence "git merge ---abort") and "git reset --hard"
+ had trouble working correctly in a sparsely checked out working
+ tree after a conflict, which has been corrected.
+ (merge b33fdfc34c mk/merge-in-sparse-checkout later to maint).
+
+ * Correct a broken use of "VAR=VAL shell_func" in a test.
+ (merge 650161a277 jc/t3404-one-shot-export-fix later to maint).
+
+ * "git rev-parse ':/substring'" did not consider the history leading
+ only to HEAD when looking for a commit with the given substring,
+ when the HEAD is detached. This has been fixed.
+ (merge 6b3351e799 wc/find-commit-with-pattern-on-detached-head later to maint).
+
+ * Build doc update for Windows.
+ (merge ede8d89bb1 nd/command-list later to maint).
+
+ * core.commentchar is now honored when preparing the list of commits
+ to replay in "rebase -i".
+
+ * "git pull --rebase" on a corrupt HEAD caused a segfault. In
+ general we substitute an empty tree object when running the in-core
+ equivalent of the diff-index command, and the codepath has been
+ corrected to do so as well to fix this issue.
+ (merge 3506dc9445 jk/has-uncommitted-changes-fix later to maint).
+
+ * httpd tests saw occasional breakage due to the way its access log
+ gets inspected by the tests, which has been updated to make them
+ less flaky.
+ (merge e8b3b2e275 sg/httpd-test-unflake later to maint).
+
+ * Tests to cover more D/F conflict cases have been added for
+ merge-recursive.
+
+ * "git gc --auto" opens file descriptors for the packfiles before
+ spawning "git repack/prune", which would upset Windows that does
+ not want a process to work on a file that is open by another
+ process. The issue has been worked around.
+ (merge 12e73a3ce4 kg/gc-auto-windows-workaround later to maint).
+
+ * The recursive merge strategy did not properly ensure there was no
+ change between HEAD and the index before performing its operation,
+ which has been corrected.
+ (merge 55f39cf755 en/dirty-merge-fixes later to maint).
+
+ * "git rebase" started exporting GIT_DIR environment variable and
+ exposing it to hook scripts when part of it got rewritten in C.
+ Instead of matching the old scripted Porcelains' behaviour,
+ compensate by also exporting GIT_WORK_TREE environment as well to
+ lessen the damage. This can harm existing hooks that want to
+ operate on different repository, but the current behaviour is
+ already broken for them anyway.
+ (merge ab5e67d751 bc/sequencer-export-work-tree-as-well later to maint).
+
+ * "git send-email" when using in a batched mode that limits the
+ number of messages sent in a single SMTP session lost the contents
+ of the variable used to choose between tls/ssl, unable to send the
+ second and later batches, which has been fixed.
+ (merge 636f3d7ac5 jm/send-email-tls-auth-on-batch later to maint).
+
+ * The lazy clone support had a few places where missing but promised
+ objects were not correctly tolerated, which have been fixed.
+
+ * One of the "diff --color-moved" mode "dimmed_zebra" that was named
+ in an unusual way has been deprecated and replaced by
+ "dimmed-zebra".
+ (merge e3f2f5f9cd es/diff-color-moved-fix later to maint).
+
+ * The wire-protocol v2 relies on the client to send "ref prefixes" to
+ limit the bandwidth spent on the initial ref advertisement. "git
+ clone" when learned to speak v2 forgot to do so, which has been
+ corrected.
+ (merge 402c47d939 bw/clone-ref-prefixes later to maint).
+
+ * "git diff --histogram" had a bad memory usage pattern, which has
+ been rearranged to reduce the peak usage.
+ (merge 79cb2ebb92 sb/histogram-less-memory later to maint).
+
+ * Code clean-up to use size_t/ssize_t when they are the right type.
+ (merge 7726d360b5 jk/size-t later to maint).
+
+ * The wire-protocol v2 relies on the client to send "ref prefixes" to
+ limit the bandwidth spent on the initial ref advertisement. "git
+ fetch $remote branch:branch" that asks tags that point into the
+ history leading to the "branch" automatically followed sent to
+ narrow prefix and broke the tag following, which has been fixed.
+ (merge 2b554353a5 jt/tag-following-with-proto-v2-fix later to maint).
+
+ * When the sparse checkout feature is in use, "git cherry-pick" and
+ other mergy operations lost the skip_worktree bit when a path that
+ is excluded from checkout requires content level merge, which is
+ resolved as the same as the HEAD version, without materializing the
+ merge result in the working tree, which made the path appear as
+ deleted. This has been corrected by preserving the skip_worktree
+ bit (and not materializing the file in the working tree).
+ (merge 2b75fb601c en/merge-recursive-skip-fix later to maint).
+
+ * The "author-script" file "git rebase -i" creates got broken when
+ we started to move the command away from shell script, which is
+ getting fixed now.
+ (merge 5522bbac20 es/rebase-i-author-script-fix later to maint).
+
+ * The automatic tree-matching in "git merge -s subtree" was broken 5
+ years ago and nobody has noticed since then, which is now fixed.
+ (merge 2ec4150713 jk/merge-subtree-heuristics later to maint).
+
+ * "git fetch $there refs/heads/s" ought to fetch the tip of the
+ branch 's', but when "refs/heads/refs/heads/s", i.e. a branch whose
+ name is "refs/heads/s" exists at the same time, fetched that one
+ instead by mistake. This has been corrected to honor the usual
+ disambiguation rules for abbreviated refnames.
+ (merge 60650a48c0 jt/refspec-dwim-precedence-fix later to maint).
+
+ * Futureproofing a helper function that can easily be misused.
+ (merge 65bb21e77e es/want-color-fd-defensive later to maint).
+
+ * The http-backend (used for smart-http transport) used to slurp the
+ whole input until EOF, without paying attention to CONTENT_LENGTH
+ that is supplied in the environment and instead expecting the Web
+ server to close the input stream. This has been fixed.
+ (merge eebfe40962 mk/http-backend-content-length later to maint).
+
+ * "git merge --abort" etc. did not clean things up properly when
+ there were conflicted entries in the index in certain order that
+ are involved in D/F conflicts. This has been corrected.
+ (merge ad3762042a en/abort-df-conflict-fixes later to maint).
+
+ * "git diff --indent-heuristic" had a bad corner case performance.
+ (merge 301ef85401 sb/indent-heuristic-optim later to maint).
+
+ * The "--exec" option to "git rebase --rebase-merges" placed the exec
+ commands at wrong places, which has been corrected.
+
+ * "git verify-tag" and "git verify-commit" have been taught to use
+ the exit status of underlying "gpg --verify" to signal bad or
+ untrusted signature they found.
+ (merge 4e5dc9ca17 jc/gpg-status later to maint).
+
+ * "git mergetool" stopped and gave an extra prompt to continue after
+ the last path has been handled, which did not make much sense.
+ (merge d651a54b8a ng/mergetool-lose-final-prompt later to maint).
+
+ * Among the three codepaths we use O_APPEND to open a file for
+ appending, one used for writing GIT_TRACE output requires O_APPEND
+ implementation that behaves sensibly when multiple processes are
+ writing to the same file. POSIX emulation used in the Windows port
+ has been updated to improve in this area.
+ (merge d641097589 js/mingw-o-append later to maint).
+
+ * "git pull --rebase -v" in a repository with a submodule barfed as
+ an intermediate process did not understand what "-v(erbose)" flag
+ meant, which has been fixed.
+ (merge e84c3cf3dc sb/pull-rebase-submodule later to maint).
+
+ * Recent update to "git config" broke updating variable in a
+ subsection, which has been corrected.
+ (merge bff7df7a87 sb/config-write-fix later to maint).
+
+ * When "git rebase -i" is told to squash two or more commits into
+ one, it labeled the log message for each commit with its number.
+ It correctly called the first one "1st commit", but the next one
+ was "commit #1", which was off-by-one. This has been corrected.
+ (merge dd2e36ebac pw/rebase-i-squash-number-fix later to maint).
+
+ * "git rebase -i", when a 'merge <branch>' insn in its todo list
+ fails, segfaulted, which has been (minimally) corrected.
+ (merge bc9238bb09 pw/rebase-i-merge-segv-fix later to maint).
+
+ * "git cherry-pick --quit" failed to remove CHERRY_PICK_HEAD even
+ though we won't be in a cherry-pick session after it returns, which
+ has been corrected.
+ (merge 3e7dd99208 nd/cherry-pick-quit-fix later to maint).
+
+ * In a recent update in 2.18 era, "git pack-objects" started
+ producing a larger than necessary packfiles by missing
+ opportunities to use large deltas. This has been corrected.
+
+ * The meaning of the possible values the "core.checkStat"
+ configuration variable can take were not adequately documented,
+ which has been fixed.
+ (merge 9bf5d4c4e2 nd/config-core-checkstat-doc later to maint).
+
+ * Recent "git rebase -i" update started to write bogusly formatted
+ author-script, with a matching broken reading code. These are
+ fixed.
+
+ * Recent addition of "directory rename" heuristics to the
+ merge-recursive backend makes the command susceptible to false
+ positives and false negatives. In the context of "git am -3",
+ which does not know about surrounding unmodified paths and thus
+ cannot inform the merge machinery about the full trees involved,
+ this risk is particularly severe. As such, the heuristic is
+ disabled for "git am -3" to keep the machinery "more stupid but
+ predictable".
+
+ * "git merge-base" in 2.19-rc1 has performance regression when the
+ (experimental) commit-graph feature is in use, which has been
+ mitigated.
+
+ * Code cleanup, docfix, build fix, etc.
+ (merge aee9be2ebe sg/update-ref-stdin-cleanup later to maint).
+ (merge 037714252f jc/clean-after-sanity-tests later to maint).
+ (merge 5b26c3c941 en/merge-recursive-cleanup later to maint).
+ (merge 0dcbc0392e bw/config-refer-to-gitsubmodules-doc later to maint).
+ (merge bb4d000e87 bw/protocol-v2 later to maint).
+ (merge 928f0ab4ba vs/typofixes later to maint).
+ (merge d7f590be84 en/rebase-i-microfixes later to maint).
+ (merge 81d395cc85 js/rebase-recreate-merge later to maint).
+ (merge 51d1863168 tz/exclude-doc-smallfixes later to maint).
+ (merge a9aa3c0927 ds/commit-graph later to maint).
+ (merge 5cf8e06474 js/enhanced-version-info later to maint).
+ (merge 6aaded5509 tb/config-default later to maint).
+ (merge 022d2ac1f3 sb/blame-color later to maint).
+ (merge 5a06a20e0c bp/test-drop-caches-for-windows later to maint).
+ (merge dd61cc1c2e jk/ui-color-always-to-auto later to maint).
+ (merge 1e83b9bfdd sb/trailers-docfix later to maint).
+ (merge ab29f1b329 sg/fast-import-dump-refs-on-checkpoint-fix later to maint).
+ (merge 6a8ad880f0 jn/subtree-test-fixes later to maint).
+ (merge ffbd51cc60 nd/pack-objects-threading-doc later to maint).
+ (merge e9dac7be60 es/mw-to-git-chain-fix later to maint).
+ (merge fe583c6c7a rs/remote-mv-leakfix later to maint).
+ (merge 69885ab015 en/t3031-title-fix later to maint).
+ (merge 8578037bed nd/config-blame-sort later to maint).
+ (merge 8ad169c4ba hn/config-in-code-comment later to maint).
+ (merge b7446fcfdf ar/t4150-am-scissors-test-fix later to maint).
+ (merge a8132410ee js/typofixes later to maint).
+ (merge 388d0ff6e5 en/update-index-doc later to maint).
+ (merge e05aa688dd jc/update-index-doc later to maint).
+ (merge 10c600172c sg/t5310-empty-input-fix later to maint).
+ (merge 5641eb9465 jh/partial-clone-doc later to maint).
+ (merge 2711b1ad5e ab/submodule-relative-url-tests later to maint).
+ (merge ce528de023 ab/unconditional-free-and-null later to maint).
+ (merge bbc072f5d8 rs/opt-updates later to maint).
+ (merge 69d846f053 jk/use-compat-util-in-test-tool later to maint).
+ (merge 1820703045 js/larger-timestamps later to maint).
+ (merge c8b35b95e1 sg/t4051-fix later to maint).
+ (merge 30612cb670 sg/t0020-conversion-fix later to maint).
+ (merge 15da753709 sg/t7501-thinkofix later to maint).
+ (merge 79b04f9b60 sg/t3903-missing-fix later to maint).
+ (merge 2745817028 sg/t3420-autostash-fix later to maint).
+ (merge 7afb0d6777 sg/test-rebase-editor-fix later to maint).
+ (merge 6c6ce21baa es/freebsd-iconv-portability later to maint).
diff --git a/Documentation/RelNotes/2.19.1.txt b/Documentation/RelNotes/2.19.1.txt
new file mode 100644
index 0000000000..da7672674e
--- /dev/null
+++ b/Documentation/RelNotes/2.19.1.txt
@@ -0,0 +1,6 @@
+Git v2.19.1 Release Notes
+=========================
+
+This release merges up the fixes that appear in v2.14.5 and in
+v2.17.2 to address the recently reported CVE-2018-17456; see the
+release notes for those versions for details.
diff --git a/Documentation/RelNotes/2.19.2.txt b/Documentation/RelNotes/2.19.2.txt
new file mode 100644
index 0000000000..759e6ca957
--- /dev/null
+++ b/Documentation/RelNotes/2.19.2.txt
@@ -0,0 +1,108 @@
+Git v2.19.2 Release Notes
+=========================
+
+Fixes since v2.19.1
+-------------------
+
+ * "git interpret-trailers" and its underlying machinery had a buggy
+ code that attempted to ignore patch text after commit log message,
+ which triggered in various codepaths that will always get the log
+ message alone and never get such an input.
+
+ * "git rebase -i" did not clear the state files correctly when a run
+ of "squash/fixup" is aborted and then the user manually amended the
+ commit instead, which has been corrected.
+
+ * When fsmonitor is in use, after operation on submodules updates
+ .gitmodules, we lost track of the fact that we did so and relied on
+ stale fsmonitor data.
+
+ * Fix for a long-standing bug that leaves the index file corrupt when
+ it shrinks during a partial commit.
+
+ * Further fix for O_APPEND emulation on Windows
+
+ * A corner case bugfix in "git rerere" code.
+
+ * "git add ':(attr:foo)'" is not supported and is supposed to be
+ rejected while the command line arguments are parsed, but we fail
+ to reject such a command line upfront.
+
+ * "git rebase" etc. in Git 2.19 fails to abort when given an empty
+ commit log message as result of editing, which has been corrected.
+
+ * The code to backfill objects in lazily cloned repository did not
+ work correctly, which has been corrected.
+
+ * Update error messages given by "git remote" and make them consistent.
+
+ * "git update-ref" learned to make both "--no-deref" and "--stdin"
+ work at the same time.
+
+ * Recently added "range-diff" had a corner-case bug to cause it
+ segfault, which has been corrected.
+
+ * The recently introduced commit-graph auxiliary data is incompatible
+ with mechanisms such as replace & grafts that "breaks" immutable
+ nature of the object reference relationship. Disable optimizations
+ based on its use (and updating existing commit-graph) when these
+ incompatible features are in use in the repository.
+
+ * The mailmap file update.
+
+ * The code in "git status" sometimes hit an assertion failure. This
+ was caused by a structure that was reused without cleaning the data
+ used for the first run, which has been corrected.
+
+ * A corner-case bugfix.
+
+ * A partial clone that is configured to lazily fetch missing objects
+ will on-demand issue a "git fetch" request to the originating
+ repository to fill not-yet-obtained objects. The request has been
+ optimized for requesting a tree object (and not the leaf blob
+ objects contained in it) by telling the originating repository that
+ no blobs are needed.
+
+ * The codepath to support the experimental split-index mode had
+ remaining "racily clean" issues fixed.
+
+ * "git log --graph" showing an octopus merge sometimes miscounted the
+ number of display columns it is consuming to show the merge and its
+ parent commits, which has been corrected.
+
+ * The implementation of run_command() API on the UNIX platforms had a
+ bug that caused a command not on $PATH to be found in the current
+ directory.
+
+ * A mutex used in "git pack-objects" were not correctly initialized
+ and this caused "git repack" to dump core on Windows.
+
+ * Under certain circumstances, "git diff D:/a/b/c D:/a/b/d" on
+ Windows would strip initial parts from the paths because they
+ were not recognized as absolute, which has been corrected.
+
+ * The receive.denyCurrentBranch=updateInstead codepath kicked in even
+ when the push should have been rejected due to other reasons, such
+ as it does not fast-forward or the update-hook rejects it, which
+ has been corrected.
+
+ * "git repack" in a shallow clone did not correctly update the
+ shallow points in the repository, leading to a repository that
+ does not pass fsck.
+
+ * Operations on promisor objects make sense in the context of only a
+ small subset of the commands that internally use the revisions
+ machinery, but the "--exclude-promisor-objects" option were taken
+ and led to nonsense results by commands like "log", to which it
+ didn't make much sense. This has been corrected.
+
+ * The "container" mode of TravisCI is going away. Our .travis.yml
+ file is getting prepared for the transition.
+
+ * Our test scripts can now take the '-V' option as a synonym for the
+ '--verbose-log' option.
+
+ * A regression in Git 2.12 era made "git fsck" fall into an infinite
+ loop while processing truncated loose objects.
+
+Also contains various documentation updates and code clean-ups.
diff --git a/Documentation/RelNotes/2.20.0.txt b/Documentation/RelNotes/2.20.0.txt
new file mode 100644
index 0000000000..e71fe3dee1
--- /dev/null
+++ b/Documentation/RelNotes/2.20.0.txt
@@ -0,0 +1,700 @@
+Git 2.20 Release Notes
+======================
+
+Backward Compatibility Notes
+----------------------------
+
+ * "git branch -l <foo>" used to be a way to ask a reflog to be
+ created while creating a new branch, but that is no longer the
+ case. It is a short-hand for "git branch --list <foo>" now.
+
+ * "git push" into refs/tags/* hierarchy is rejected without getting
+ forced, but "git fetch" (misguidedly) used the "fast forwarding"
+ rule used for the refs/heads/* hierarchy; this has been corrected,
+ which means some fetches of tags that did not fail with older
+ version of Git will fail without "--force" with this version.
+
+ * "git help -a" now gives verbose output (same as "git help -av").
+ Those who want the old output may say "git help --no-verbose -a"..
+
+ * "git cpn --help", when "cpn" is an alias to, say, "cherry-pick -n",
+ reported only the alias expansion of "cpn" in earlier versions of
+ Git. It now runs "git cherry-pick --help" to show the manual page
+ of the command, while sending the alias expansion to the standard
+ error stream.
+
+ * "git send-email" learned to grab address-looking string on any
+ trailer whose name ends with "-by". This is a backward-incompatible
+ change. Adding "--suppress-cc=misc-by" on the command line, or
+ setting sendemail.suppresscc configuration variable to "misc-by",
+ can be used to disable this behaviour.
+
+
+Updates since v2.19
+-------------------
+
+UI, Workflows & Features
+
+ * Running "git clone" against a project that contain two files with
+ pathnames that differ only in cases on a case insensitive
+ filesystem would result in one of the files lost because the
+ underlying filesystem is incapable of holding both at the same
+ time. An attempt is made to detect such a case and warn.
+
+ * "git checkout -b newbranch [HEAD]" should not have to do as much as
+ checking out a commit different from HEAD. An attempt is made to
+ optimize this special case.
+
+ * "git rev-list --stdin </dev/null" used to be an error; it now shows
+ no output without an error. "git rev-list --stdin --default HEAD"
+ still falls back to the given default when nothing is given on the
+ standard input.
+
+ * Lift code from GitHub to restrict delta computation so that an
+ object that exists in one fork is not made into a delta against
+ another object that does not appear in the same forked repository.
+
+ * "git format-patch" learned new "--interdiff" and "--range-diff"
+ options to explain the difference between this version and the
+ previous attempt in the cover letter (or after the three-dashes as
+ a comment).
+
+ * "git mailinfo" used in "git am" learned to make a best-effort
+ recovery of a patch corrupted by MUA that sends text/plain with
+ format=flawed option.
+ (merge 3aa4d81f88 rs/mailinfo-format-flowed later to maint).
+
+ * The rules used by "git push" and "git fetch" to determine if a ref
+ can or cannot be updated were inconsistent; specifically, fetching
+ to update existing tags were allowed even though tags are supposed
+ to be unmoving anchoring points. "git fetch" was taught to forbid
+ updates to existing tags without the "--force" option.
+
+ * "git multi-pack-index" learned to detect corruption in the .midx
+ file it uses, and this feature has been integrated into "git fsck".
+
+ * Generation of (experimental) commit-graph files have so far been
+ fairly silent, even though it takes noticeable amount of time in a
+ meaningfully large repository. The users will now see progress
+ output.
+
+ * The minimum version of Windows supported by Windows port of Git is
+ now set to Vista.
+
+ * The completion script (in contrib/) learned to complete a handful of
+ options "git stash list" command takes.
+
+ * The completion script (in contrib/) learned that "git fetch
+ --multiple" only takes remote names as arguments and no refspecs.
+
+ * "git status" learns to show progress bar when refreshing the index
+ takes a long time.
+ (merge ae9af12287 nd/status-refresh-progress later to maint).
+
+ * "git help -a" and "git help -av" give different pieces of
+ information, and generally the "verbose" version is more friendly
+ to the new users. "git help -a" by default now uses the more
+ verbose output (with "--no-verbose", you can go back to the
+ original). Also "git help -av" now lists aliases and external
+ commands, which it did not used to.
+
+ * Unlike "grep", "git grep" by default recurses to the whole tree.
+ The command learned "git grep --recursive" option, so that "git
+ grep --no-recursive" can serve as a synonym to setting the
+ max-depth to 0.
+
+ * When pushing into a repository that borrows its objects from an
+ alternate object store, "git receive-pack" that responds to the
+ push request on the other side lists the tips of refs in the
+ alternate to reduce the amount of objects transferred. This
+ sometimes is detrimental when the number of refs in the alternate
+ is absurdly large, in which case the bandwidth saved in potentially
+ fewer objects transferred is wasted in excessively large ref
+ advertisement. The alternate refs that are advertised are now
+ configurable with a pair of configuration variables.
+
+ * "git cmd --help" when "cmd" is aliased used to only say "cmd is
+ aliased to ...". Now it shows that to the standard error stream
+ and runs "git $cmd --help" where $cmd is the first word of the
+ alias expansion.
+
+ * The documentation of "git gc" has been updated to mention that it
+ is no longer limited to "pruning away crufts" but also updates
+ ancillary files like commit-graph as a part of repository
+ optimization.
+
+ * "git p4 unshelve" improvements.
+
+ * The logic to select the default user name and e-mail on Windows has
+ been improved.
+ (merge 501afcb8b0 js/mingw-default-ident later to maint).
+
+ * The "rev-list --filter" feature learned to exclude all trees via
+ "tree:0" filter.
+
+ * "git send-email" learned to grab address-looking string on any
+ trailer whose name ends with "-by"; --suppress-cc=misc-by on the
+ command line, or setting sendemail.suppresscc configuration
+ variable to "misc-by", can be used to disable this behaviour.
+
+ * "git mergetool" learned to take the "--[no-]gui" option, just like
+ "git difftool" does.
+
+ * "git rebase -i" learned a new insn, 'break', that the user can
+ insert in the to-do list. Upon hitting it, the command returns
+ control back to the user.
+
+ * New "--pretty=format:" placeholders %GF and %GP that show the GPG
+ key fingerprints have been invented.
+
+ * On platforms with recent cURL library, http.sslBackend configuration
+ variable can be used to choose a different SSL backend at runtime.
+ The Windows port uses this mechanism to switch between OpenSSL and
+ Secure Channel while talking over the HTTPS protocol.
+
+ * "git send-email" learned to disable SMTP authentication via the
+ "--smtp-auth=none" option, even when the smtp username is given
+ (which turns the authentication on by default).
+
+ * A fourth class of configuration files (in addition to the
+ traditional "system wide", "per user in the $HOME directory" and
+ "per repository in the $GIT_DIR/config") has been introduced so
+ that different worktrees that share the same repository (hence the
+ same $GIT_DIR/config file) can use different customization.
+
+ * A pattern with '**' that does not have a slash on either side used
+ to be an invalid one, but the code now treats such double-asterisks
+ the same way as two normal asterisks that happen to be adjacent to
+ each other.
+ (merge e5bbe09e88 nd/wildmatch-double-asterisk later to maint).
+
+ * The "--no-patch" option, which can be used to get a high-level
+ overview without the actual line-by-line patch difference shown, of
+ the "range-diff" command was earlier broken, which has been
+ corrected.
+
+ * The recently merged "rebase in C" has an escape hatch to use the
+ scripted version when necessary, but it hasn't been documented,
+ which has been corrected.
+
+
+Performance, Internal Implementation, Development Support etc.
+
+ * Developer builds now use -Wunused-function compilation option.
+
+ * One of our CI tests to run with "unusual/experimental/random"
+ settings now also uses commit-graph and midx.
+
+ * When there are too many packfiles in a repository (which is not
+ recommended), looking up an object in these would require
+ consulting many pack .idx files; a new mechanism to have a single
+ file that consolidates all of these .idx files is introduced.
+
+ * "git submodule update" is getting rewritten piece-by-piece into C.
+
+ * The code for computing history reachability has been shuffled,
+ obtained a bunch of new tests to cover them, and then being
+ improved.
+
+ * The unpack_trees() API used in checking out a branch and merging
+ walks one or more trees along with the index. When the cache-tree
+ in the index tells us that we are walking a tree whose flattened
+ contents is known (i.e. matches a span in the index), as linearly
+ scanning a span in the index is much more efficient than having to
+ open tree objects recursively and listing their entries, the walk
+ can be optimized, which has been done.
+
+ * When creating a thin pack, which allows objects to be made into a
+ delta against another object that is not in the resulting pack but
+ is known to be present on the receiving end, the code learned to
+ take advantage of the reachability bitmap; this allows the server
+ to send a delta against a base beyond the "boundary" commit.
+
+ * spatch transformation to replace boolean uses of !hashcmp() to
+ newly introduced oideq() is added, and applied, to regain
+ performance lost due to support of multiple hash algorithms.
+
+ * Fix a bug in which the same path could be registered under multiple
+ worktree entries if the path was missing (for instance, was removed
+ manually). Also, as a convenience, expand the number of cases in
+ which --force is applicable.
+
+ * Split Documentation/config.txt for easier maintenance.
+ (merge 6014363f0b nd/config-split later to maint).
+
+ * Test helper binaries clean-up.
+ (merge c9a1f4161f nd/test-tool later to maint).
+
+ * Various tests have been updated to make it easier to swap the
+ hash function used for object identification.
+ (merge ae0c89d41b bc/hash-independent-tests later to maint).
+
+ * Update fsck.skipList implementation and documentation.
+ (merge 371a655074 ab/fsck-skiplist later to maint).
+
+ * An alias that expands to another alias has so far been forbidden,
+ but now it is allowed to create such an alias.
+
+ * Various test scripts have been updated for style and also correct
+ handling of exit status of various commands.
+
+ * "gc --auto" ended up calling exit(-1) upon error, which has been
+ corrected to use exit(1). Also the error reporting behaviour when
+ daemonized has been updated to exit with zero status when stopping
+ due to a previously discovered error (which implies there is no
+ point running gc to improve the situation); we used to exit with
+ failure in such a case.
+
+ * Various codepaths in the core-ish part learned to work on an
+ arbitrary in-core index structure, not necessarily the default
+ instance "the_index".
+ (merge b3c7eef9b0 nd/the-index later to maint).
+
+ * Code clean-up in the internal machinery used by "git status" and
+ "git commit --dry-run".
+ (merge 73ba5d78b4 ss/wt-status-committable later to maint).
+
+ * Some environment variables that control the runtime options of Git
+ used during tests are getting renamed for consistency.
+ (merge 4231d1ba99 bp/rename-test-env-var later to maint).
+
+ * A pair of new extensions to the index file have been introduced.
+ They allow the index file to be read in parallel for performance.
+
+ * The oidset API was built on top of the oidmap API which in turn is
+ on the hashmap API. Replace the implementation to build on top of
+ the khash API and gain performance.
+
+ * Over some transports, fetching objects with an exact commit object
+ name can be done without first seeing the ref advertisements. The
+ code has been optimized to exploit this.
+
+ * In a partial clone that will lazily be hydrated from the
+ originating repository, we generally want to avoid "does this
+ object exist (locally)?" on objects that we deliberately omitted
+ when we created the clone. The cache-tree codepath (which is used
+ to write a tree object out of the index) however insisted that the
+ object exists, even for paths that are outside of the partial
+ checkout area. The code has been updated to avoid such a check.
+
+ * To help developers, an EditorConfig file that attempts to follow
+ the project convention has been added.
+ (merge b548d698a0 bc/editorconfig later to maint).
+
+ * The result of coverage test can be combined with "git blame" to
+ check the test coverage of code introduced recently with a new
+ 'coverage-diff' tool (in contrib/).
+ (merge 783faedd65 ds/coverage-diff later to maint).
+
+ * An experiment to fuzz test a few areas, hopefully we can gain more
+ coverage to various areas.
+
+ * More codepaths are moving away from hardcoded hash sizes.
+
+ * The way the Windows port figures out the current directory has been
+ improved.
+
+ * The way DLLs are loaded on the Windows port has been improved.
+
+ * Some tests have been reorganized and renamed; "ls t/" now gives a
+ better overview of what is tested for these scripts than before.
+
+ * "git rebase" and "git rebase -i" have been reimplemented in C.
+
+ * Windows port learned to use nano-second resolution file timestamps.
+
+ * The overly large Documentation/config.txt file have been split into
+ million little pieces. This potentially allows each individual piece
+ to be included into the manual page of the command it affects more easily.
+
+ * Replace three string-list instances used as look-up tables in "git
+ fetch" with hashmaps.
+
+ * Unify code to read the author-script used in "git am" and the
+ commands that use the sequencer machinery, e.g. "git rebase -i".
+
+ * In preparation to the day when we can deprecate and remove the
+ "rebase -p", make sure we can skip and later remove tests for
+ it.
+
+ * The history traversal used to implement the tag-following has been
+ optimized by introducing a new helper.
+
+ * The helper function to refresh the cached stat information in the
+ in-core index has learned to perform the lstat() part of the
+ operation in parallel on multi-core platforms.
+
+ * The code to traverse objects for reachability, used to decide what
+ objects are unreferenced and expendable, have been taught to also
+ consider per-worktree refs of other worktrees as starting points to
+ prevent data loss.
+
+ * "git add" needs to internally run "diff-files" equivalent, and the
+ codepath learned the same optimization as "diff-files" has to run
+ lstat(2) in parallel to find which paths have been updated in the
+ working tree.
+
+ * The procedure to install dependencies before testing at Travis CI
+ is getting revamped for both simplicity and flexibility, taking
+ advantage of the recent move to the vm-based environment.
+
+ * The support for format-patch (and send-email) by the command-line
+ completion script (in contrib/) has been simplified a bit.
+
+ * The revision walker machinery learned to take advantage of the
+ commit generation numbers stored in the commit-graph file.
+
+ * The codebase has been cleaned up to reduce "#ifndef NO_PTHREADS".
+
+ * The way -lcurl library gets linked has been simplified by taking
+ advantage of the fact that we can just ask curl-config command how.
+
+ * Various functions have been audited for "-Wunused-parameter" warnings
+ and bugs in them got fixed.
+
+ * A sanity check for start-up sequence has been added in the config
+ API codepath.
+
+ * The build procedure to link for fuzzing test has been made
+ customizable with a new Makefile variable.
+
+ * The way "git rebase" parses and forwards the command line options
+ meant for underlying "git am" has been revamped, which fixed for
+ options with parameters that were not passed correctly.
+
+ * Our testing framework uses a special i18n "poisoned localization"
+ feature to find messages that ought to stay constant but are
+ incorrectly marked to be translated. This feature has been made
+ into a runtime option (it used to be a compile-time option).
+
+ * "git push" used to check ambiguities between object-names and
+ refnames while processing the list of refs' old and new values,
+ which was unnecessary (as it knew that it is feeding raw object
+ names). This has been optimized out.
+
+ * The xcurl_off_t() helper function is used to cast size_t to
+ curl_off_t, but some compilers gave warnings against the code to
+ ensure the casting is done without wraparound, when size_t is
+ narrower than curl_off_t. This warning has been squelched.
+
+ * Code preparation to replace ulong vars with size_t vars where
+ appropriate continues.
+
+ * The "test installed Git" mode of our test suite has been updated to
+ work better.
+
+ * A coding convention around the Coccinelle semantic patches to have
+ two classes to ease code migration process has been proposed and
+ its support has been added to the Makefile.
+
+ * The "container" mode of TravisCI is going away. Our .travis.yml
+ file is getting prepared for the transition.
+ (merge 32ee384be8 ss/travis-ci-force-vm-mode later to maint).
+
+ * Our test scripts can now take the '-V' option as a synonym for the
+ '--verbose-log' option.
+ (merge a5f52c6dab sg/test-verbose-log later to maint).
+
+
+Fixes since v2.19
+-----------------
+
+ * "git interpret-trailers" and its underlying machinery had a buggy
+ code that attempted to ignore patch text after commit log message,
+ which triggered in various codepaths that will always get the log
+ message alone and never get such an input.
+ (merge 66e83d9b41 jk/trailer-fixes later to maint).
+
+ * Malformed or crafted data in packstream can make our code attempt
+ to read or write past the allocated buffer and abort, instead of
+ reporting an error, which has been fixed.
+
+ * "git rebase -i" did not clear the state files correctly when a run
+ of "squash/fixup" is aborted and then the user manually amended the
+ commit instead, which has been corrected.
+ (merge 10d2f35436 js/rebase-i-autosquash-fix later to maint).
+
+ * When fsmonitor is in use, after operation on submodules updates
+ .gitmodules, we lost track of the fact that we did so and relied on
+ stale fsmonitor data.
+ (merge 43f1180814 bp/mv-submodules-with-fsmonitor later to maint).
+
+ * Fix for a long-standing bug that leaves the index file corrupt when
+ it shrinks during a partial commit.
+ (merge 6c003d6ffb jk/reopen-tempfile-truncate later to maint).
+
+ * Further fix for O_APPEND emulation on Windows
+ (merge eeaf7ddac7 js/mingw-o-append later to maint).
+
+ * A corner case bugfix in "git rerere" code.
+ (merge ad2bf0d9b4 en/rerere-multi-stage-1-fix later to maint).
+
+ * "git add ':(attr:foo)'" is not supported and is supposed to be
+ rejected while the command line arguments are parsed, but we fail
+ to reject such a command line upfront.
+ (merge 84d938b732 nd/attr-pathspec-fix later to maint).
+
+ * Recent update broke the reachability algorithm when refs (e.g.
+ tags) that point at objects that are not commit were involved,
+ which has been fixed.
+
+ * "git rebase" etc. in Git 2.19 fails to abort when given an empty
+ commit log message as result of editing, which has been corrected.
+ (merge a3ec9eaf38 en/sequencer-empty-edit-result-aborts later to maint).
+
+ * The code to backfill objects in lazily cloned repository did not
+ work correctly, which has been corrected.
+ (merge e68302011c jt/lazy-object-fetch-fix later to maint).
+
+ * Update error messages given by "git remote" and make them consistent.
+ (merge 5025425dff ms/remote-error-message-update later to maint).
+
+ * "git update-ref" learned to make both "--no-deref" and "--stdin"
+ work at the same time.
+ (merge d345e9fbe7 en/update-ref-no-deref-stdin later to maint).
+
+ * Recently added "range-diff" had a corner-case bug to cause it
+ segfault, which has been corrected.
+ (merge e467a90c7a tg/range-diff-corner-case-fix later to maint).
+
+ * The recently introduced commit-graph auxiliary data is incompatible
+ with mechanisms such as replace & grafts that "breaks" immutable
+ nature of the object reference relationship. Disable optimizations
+ based on its use (and updating existing commit-graph) when these
+ incompatible features are in use in the repository.
+ (merge 829a321569 ds/commit-graph-with-grafts later to maint).
+
+ * The mailmap file update.
+ (merge 255eb03edf jn/mailmap-update later to maint).
+
+ * The code in "git status" sometimes hit an assertion failure. This
+ was caused by a structure that was reused without cleaning the data
+ used for the first run, which has been corrected.
+ (merge 3e73cc62c0 en/status-multiple-renames-to-the-same-target-fix later to maint).
+
+ * "git fetch $repo $object" in a partial clone did not correctly
+ fetch the asked-for object that is referenced by an object in
+ promisor packfile, which has been fixed.
+
+ * A corner-case bugfix.
+ (merge c5cbb27cb5 sm/show-superproject-while-conflicted later to maint).
+
+ * Various fixes to "diff --color-moved-ws".
+
+ * A partial clone that is configured to lazily fetch missing objects
+ will on-demand issue a "git fetch" request to the originating
+ repository to fill not-yet-obtained objects. The request has been
+ optimized for requesting a tree object (and not the leaf blob
+ objects contained in it) by telling the originating repository that
+ no blobs are needed.
+ (merge 4c7f9567ea jt/non-blob-lazy-fetch later to maint).
+
+ * The codepath to support the experimental split-index mode had
+ remaining "racily clean" issues fixed.
+ (merge 4c490f3d32 sg/split-index-racefix later to maint).
+
+ * "git log --graph" showing an octopus merge sometimes miscounted the
+ number of display columns it is consuming to show the merge and its
+ parent commits, which has been corrected.
+ (merge 04005834ed np/log-graph-octopus-fix later to maint).
+
+ * "git range-diff" did not work well when the compared ranges had
+ changes in submodules and the "--submodule=log" was used.
+
+ * The implementation of run_command() API on the UNIX platforms had a
+ bug that caused a command not on $PATH to be found in the current
+ directory.
+ (merge f67b980771 jk/run-command-notdot later to maint).
+
+ * A mutex used in "git pack-objects" were not correctly initialized
+ and this caused "git repack" to dump core on Windows.
+ (merge 34204c8166 js/pack-objects-mutex-init-fix later to maint).
+
+ * Under certain circumstances, "git diff D:/a/b/c D:/a/b/d" on
+ Windows would strip initial parts from the paths because they
+ were not recognized as absolute, which has been corrected.
+ (merge ffd04e92e2 js/diff-notice-has-drive-prefix later to maint).
+
+ * The receive.denyCurrentBranch=updateInstead codepath kicked in even
+ when the push should have been rejected due to other reasons, such
+ as it does not fast-forward or the update-hook rejects it, which
+ has been corrected.
+ (merge b072a25fad jc/receive-deny-current-branch-fix later to maint).
+
+ * The logic to determine the archive type "git archive" uses did not
+ correctly kick in for "git archive --remote", which has been
+ corrected.
+
+ * "git repack" in a shallow clone did not correctly update the
+ shallow points in the repository, leading to a repository that
+ does not pass fsck.
+ (merge 5dcfbf564c js/shallow-and-fetch-prune later to maint).
+
+ * Some codepaths failed to form a proper URL when .gitmodules record
+ the URL to a submodule repository as relative to the repository of
+ superproject, which has been corrected.
+ (merge e0a862fdaf sb/submodule-url-to-absolute later to maint).
+
+ * "git fetch" over protocol v2 into a shallow repository failed to
+ fetch full history behind a new tip of history that was diverged
+ before the cut-off point of the history that was previously fetched
+ shallowly.
+
+ * The command line completion machinery (in contrib/) has been
+ updated to allow the completion script to tweak the list of options
+ that are reported by the parse-options machinery correctly.
+ (merge 276b49ff34 nd/completion-negation later to maint).
+
+ * Operations on promisor objects make sense in the context of only a
+ small subset of the commands that internally use the revisions
+ machinery, but the "--exclude-promisor-objects" option were taken
+ and led to nonsense results by commands like "log", to which it
+ didn't make much sense. This has been corrected.
+ (merge 669b1d2aae md/exclude-promisor-objects-fix later to maint).
+
+ * A regression in Git 2.12 era made "git fsck" fall into an infinite
+ loop while processing truncated loose objects.
+ (merge 18ad13e5b2 jk/detect-truncated-zlib-input later to maint).
+
+ * "git ls-remote $there foo" was broken by recent update for the
+ protocol v2 and stopped showing refs that match 'foo' that are not
+ refs/{heads,tags}/foo, which has been fixed.
+ (merge 6a139cdd74 jk/proto-v2-ref-prefix-fix later to maint).
+
+ * Additional comment on a tricky piece of code to help developers.
+ (merge 0afbe3e806 jk/stream-pack-non-delta-clarification later to maint).
+
+ * A couple of tests used to leave the repository in a state that is
+ deliberately corrupt, which have been corrected.
+ (merge aa984dbe5e ab/pack-tests-cleanup later to maint).
+
+ * The submodule support has been updated to read from the blob at
+ HEAD:.gitmodules when the .gitmodules file is missing from the
+ working tree.
+ (merge 2b1257e463 ao/submodule-wo-gitmodules-checked-out later to maint).
+
+ * "git fetch" was a bit loose in parsing responses from the other side
+ when talking over the protocol v2.
+
+ * "git rev-parse --exclude=* --branches --branches" (i.e. first
+ saying "add only things that do not match '*' out of all branches"
+ and then adding all branches, without any exclusion this time)
+ worked as expected, but "--exclude=* --all --all" did not work the
+ same way, which has been fixed.
+ (merge 5221048092 ag/rev-parse-all-exclude-fix later to maint).
+
+ * "git send-email --transfer-encoding=..." in recent versions of Git
+ sometimes produced an empty "Content-Transfer-Encoding:" header,
+ which has been corrected.
+ (merge 3c88e46f1a al/send-email-auto-cte-fixup later to maint).
+
+ * The interface into "xdiff" library used to discover the offset and
+ size of a generated patch hunk by first formatting it into the
+ textual hunk header "@@ -n,m +k,l @@" and then parsing the numbers
+ out. A new interface has been introduced to allow callers a more
+ direct access to them.
+ (merge 5eade0746e jk/xdiff-interface later to maint).
+
+ * Pathspec matching against a tree object were buggy when negative
+ pathspec elements were involved, which has been fixed.
+ (merge b7845cebc0 nd/tree-walk-path-exclusion later to maint).
+
+ * "git merge" and "git pull" that merges into an unborn branch used
+ to completely ignore "--verify-signatures", which has been
+ corrected.
+ (merge 01a31f3bca jk/verify-sig-merge-into-void later to maint).
+
+ * "git rebase --autostash" did not correctly re-attach the HEAD at times.
+
+ * "rev-parse --exclude=<pattern> --branches=<pattern>" etc. did not
+ quite work, which has been corrected.
+ (merge 9ab9b5df0e ra/rev-parse-exclude-glob later to maint).
+
+ * When editing a patch in a "git add -i" session, a hunk could be
+ made to no-op. The "git apply" program used to reject a patch with
+ such a no-op hunk to catch user mistakes, but it is now updated to
+ explicitly allow a no-op hunk in an edited patch.
+ (merge 22cb3835b9 js/apply-recount-allow-noop later to maint).
+
+ * The URL to an MSDN page in a comment has been updated.
+ (merge 2ef2ae2917 js/mingw-msdn-url later to maint).
+
+ * "git ls-remote --sort=<thing>" can feed an object that is not yet
+ available into the comparison machinery and segfault, which has
+ been corrected to check such a request upfront and reject it.
+
+ * When "git bundle" aborts due to an empty commit ranges
+ (i.e. resulting in an empty pack), it left a file descriptor to an
+ lockfile open, which resulted in leftover lockfile on Windows where
+ you cannot remove a file with an open file descriptor. This has
+ been corrected.
+ (merge 2c8ee1f53c jk/close-duped-fd-before-unlock-for-bundle later to maint).
+
+ * "git format-patch --stat=<width>" can be used to specify the width
+ used by the diffstat (shown in the cover letter).
+ (merge 284aeb7e60 nd/format-patch-cover-letter-stat-width later to maint).
+
+ * The way .git/index and .git/sharedindex* files were initially
+ created gave these files different perm bits until they were
+ adjusted for shared repository settings. This was made consistent.
+ (merge c9d6c78870 cc/shared-index-permbits later to maint).
+
+ * "git rebase --stat" to transplant a piece of history onto a totally
+ unrelated history were not working before and silently showed wrong
+ result. With the recent reimplementation in C, it started to instead
+ die with an error message, as the original logic was not prepared
+ to cope with this case. This has now been fixed.
+
+ * The advice message to tell the user to migrate an existing graft
+ file to the replace system when a graft file was read was shown
+ even when "git replace --convert-graft-file" command, which is the
+ way the message suggests to use, was running, which made little
+ sense.
+ (merge 8821e90a09 ab/replace-graft-with-replace-advice later to maint).
+
+ * "git diff --raw" lost ellipses to adjust the output columns for
+ some time now, but the documentation still showed them.
+
+ * Code cleanup, docfix, build fix, etc.
+ (merge 96a7501aad ts/doc-build-manpage-xsl-quietly later to maint).
+ (merge b9b07efdb2 tg/conflict-marker-size later to maint).
+ (merge fa0aeea770 sg/doc-trace-appends later to maint).
+ (merge d64324cb60 tb/void-check-attr later to maint).
+ (merge c3b9bc94b9 en/double-semicolon-fix later to maint).
+ (merge 79336116f5 sg/t3701-tighten-trace later to maint).
+ (merge 801fa63a90 jk/dev-build-format-security later to maint).
+ (merge 0597dd62ba sb/string-list-remove-unused later to maint).
+ (merge db2d36fad8 bw/protocol-v2 later to maint).
+ (merge 456d7cd3a9 sg/split-index-test later to maint).
+ (merge 7b6057c852 tq/refs-internal-comment-fix later to maint).
+ (merge 29e8dc50ad tg/t5551-with-curl-7.61.1 later to maint).
+ (merge 55f6bce2c9 fe/doc-updates later to maint).
+ (merge 7987d2232d jk/check-everything-connected-is-long-gone later to maint).
+ (merge 4ba3c9be47 dz/credential-doc-url-matching-rules later to maint).
+ (merge 4c399442f7 ma/commit-graph-docs later to maint).
+ (merge fc0503b04e ma/t1400-undebug-test later to maint).
+ (merge e56b53553a nd/packobjectshook-doc-fix later to maint).
+ (merge c56170a0c4 ma/mailing-list-address-in-git-help later to maint).
+ (merge 6e8fc70fce rs/sequencer-oidset-insert-avoids-dups later to maint).
+ (merge ad0b8f9575 mw/doc-typofixes later to maint).
+ (merge d9f079ad1a jc/how-to-document-api later to maint).
+ (merge b1492bf315 ma/t7005-bash-workaround later to maint).
+ (merge ac1f98a0df du/rev-parse-is-plumbing later to maint).
+ (merge ca8ed443a5 mm/doc-no-dashed-git later to maint).
+ (merge ce366a8144 du/get-tar-commit-id-is-plumbing later to maint).
+ (merge 61018fe9e0 du/cherry-is-plumbing later to maint).
+ (merge c7e5fe79b9 sb/strbuf-h-update later to maint).
+ (merge 8d2008196b tq/branch-create-wo-branch-get later to maint).
+ (merge 2e3c894f4b tq/branch-style-fix later to maint).
+ (merge c5d844af9c sg/doc-show-branch-typofix later to maint).
+ (merge 081d91618b ah/doc-updates later to maint).
+ (merge b84c783882 jc/cocci-preincr later to maint).
+ (merge 5e495f8122 uk/merge-subtree-doc-update later to maint).
+ (merge aaaa881822 jk/uploadpack-packobjectshook-fix later to maint).
+ (merge 3063477445 tb/char-may-be-unsigned later to maint).
+ (merge 8c64bc9420 sg/test-rebase-editor-fix later to maint).
+ (merge 71571cd7d6 ma/sequencer-do-reset-saner-loop-termination later to maint).
+ (merge 9a4cb8781e cb/notes-freeing-always-null-fix later to maint).
+ (merge 3006f5ee16 ma/reset-doc-rendering-fix later to maint).
+ (merge 4c2eb06419 sg/daemon-test-signal-fix later to maint).
+ (merge d27525e519 ss/msvc-strcasecmp later to maint).