diff options
Diffstat (limited to 'Documentation/RelNotes')
57 files changed, 5637 insertions, 44 deletions
diff --git a/Documentation/RelNotes/1.7.10.1.txt b/Documentation/RelNotes/1.7.10.1.txt index be68524cff..71a86cb7c6 100644 --- a/Documentation/RelNotes/1.7.10.1.txt +++ b/Documentation/RelNotes/1.7.10.1.txt @@ -69,7 +69,7 @@ Fixes since v1.7.10 * The 'push to upstream' implementation was broken in some corner cases. "git push $there" without refspec, when the current branch is set to push to a remote different from $there, used to push to - $there using the upstream information to a remote unreleated to + $there using the upstream information to a remote unrelated to $there. * Giving "--continue" to a conflicted "rebase -i" session skipped a diff --git a/Documentation/RelNotes/1.7.11.7.txt b/Documentation/RelNotes/1.7.11.7.txt index e7e79d999b..e743a2a8e4 100644 --- a/Documentation/RelNotes/1.7.11.7.txt +++ b/Documentation/RelNotes/1.7.11.7.txt @@ -25,7 +25,7 @@ Fixes since v1.7.11.6 references" nor "Reload" did not update what is shown as the contents of it, when the user overwrote the tag with "git tag -f". - * "git for-each-ref" did not currectly support more than one --sort + * "git for-each-ref" did not correctly support more than one --sort option. * "git log .." errored out saying it is both rev range and a path diff --git a/Documentation/RelNotes/2.10.3.txt b/Documentation/RelNotes/2.10.3.txt index 277a2a18a7..ad6a01bf83 100644 --- a/Documentation/RelNotes/2.10.3.txt +++ b/Documentation/RelNotes/2.10.3.txt @@ -45,4 +45,11 @@ Fixes since v2.10.2 * Improve the rule to convert "unsigned char [20]" into "struct object_id *" in contrib/coccinelle/ + * "git-shell" rejects a request to serve a repository whose name + begins with a dash, which makes it no longer possible to get it + confused into spawning service programs like "git-upload-pack" with + an option like "--help", which in turn would spawn an interactive + pager, instead of working with the repository user asked to access + (i.e. the one whose name is "--help"). + Also contains minor documentation updates and code clean-ups. diff --git a/Documentation/RelNotes/2.10.4.txt b/Documentation/RelNotes/2.10.4.txt new file mode 100644 index 0000000000..ee8142ad24 --- /dev/null +++ b/Documentation/RelNotes/2.10.4.txt @@ -0,0 +1,4 @@ +Git v2.10.4 Release Notes +========================= + +This release forward-ports the fix for "ssh://..." URL from Git v2.7.6 diff --git a/Documentation/RelNotes/2.10.5.txt b/Documentation/RelNotes/2.10.5.txt new file mode 100644 index 0000000000..a498fd6fdc --- /dev/null +++ b/Documentation/RelNotes/2.10.5.txt @@ -0,0 +1,17 @@ +Git v2.10.5 Release Notes +========================= + +Fixes since v2.10.4 +------------------- + + * "git cvsserver" no longer is invoked by "git daemon" by default, + as it is old and largely unmaintained. + + * Various Perl scripts did not use safe_pipe_capture() instead of + backticks, leaving them susceptible to end-user input. They have + been corrected. + +Credits go to joernchen <joernchen@phenoelit.de> for finding the +unsafe constructs in "git cvsserver", and to Jeff King at GitHub for +finding and fixing instances of the same issue in other scripts. + diff --git a/Documentation/RelNotes/2.11.2.txt b/Documentation/RelNotes/2.11.2.txt new file mode 100644 index 0000000000..7428851168 --- /dev/null +++ b/Documentation/RelNotes/2.11.2.txt @@ -0,0 +1,12 @@ +Git v2.11.2 Release Notes +========================= + +Fixes since v2.11.1 +------------------- + + * "git-shell" rejects a request to serve a repository whose name + begins with a dash, which makes it no longer possible to get it + confused into spawning service programs like "git-upload-pack" with + an option like "--help", which in turn would spawn an interactive + pager, instead of working with the repository user asked to access + (i.e. the one whose name is "--help"). diff --git a/Documentation/RelNotes/2.11.3.txt b/Documentation/RelNotes/2.11.3.txt new file mode 100644 index 0000000000..4e3b78d0e8 --- /dev/null +++ b/Documentation/RelNotes/2.11.3.txt @@ -0,0 +1,4 @@ +Git v2.11.3 Release Notes +========================= + +This release forward-ports the fix for "ssh://..." URL from Git v2.7.6 diff --git a/Documentation/RelNotes/2.11.4.txt b/Documentation/RelNotes/2.11.4.txt new file mode 100644 index 0000000000..ad4da8eb09 --- /dev/null +++ b/Documentation/RelNotes/2.11.4.txt @@ -0,0 +1,17 @@ +Git v2.11.4 Release Notes +========================= + +Fixes since v2.11.3 +------------------- + + * "git cvsserver" no longer is invoked by "git daemon" by default, + as it is old and largely unmaintained. + + * Various Perl scripts did not use safe_pipe_capture() instead of + backticks, leaving them susceptible to end-user input. They have + been corrected. + +Credits go to joernchen <joernchen@phenoelit.de> for finding the +unsafe constructs in "git cvsserver", and to Jeff King at GitHub for +finding and fixing instances of the same issue in other scripts. + diff --git a/Documentation/RelNotes/2.12.0.txt b/Documentation/RelNotes/2.12.0.txt index 29154805b4..ef8b97da9b 100644 --- a/Documentation/RelNotes/2.12.0.txt +++ b/Documentation/RelNotes/2.12.0.txt @@ -264,7 +264,7 @@ notes for details). needed it so far. * Git 2.11 had a minor regression in "merge --ff-only" that competed - with another process that simultanously attempted to update the + with another process that simultaneously attempted to update the index. We used to explain what went wrong with an error message, but the new code silently failed. The error message has been resurrected. diff --git a/Documentation/RelNotes/2.12.2.txt b/Documentation/RelNotes/2.12.2.txt new file mode 100644 index 0000000000..441939709c --- /dev/null +++ b/Documentation/RelNotes/2.12.2.txt @@ -0,0 +1,83 @@ +Git v2.12.2 Release Notes +========================= + +Fixes since v2.12.1 +------------------- + + * "git status --porcelain" is supposed to give a stable output, but a + few strings were left as translatable by mistake. + + * "Dumb http" transport used to misparse a nonsense http-alternates + response, which has been fixed. + + * "git diff --quiet" relies on the size field in diff_filespec to be + correctly populated, but diff_populate_filespec() helper function + made an incorrect short-cut when asked only to populate the size + field for paths that need to go through convert_to_git() (e.g. CRLF + conversion). + + * There is no need for Python only to give a few messages to the + standard error stream, but we somehow did. + + * A leak in a codepath to read from a packed object in (rare) cases + has been plugged. + + * "git upload-pack", which is a counter-part of "git fetch", did not + report a request for a ref that was not advertised as invalid. + This is generally not a problem (because "git fetch" will stop + before making such a request), but is the right thing to do. + + * A "gc.log" file left by a backgrounded "gc --auto" disables further + automatic gc; it has been taught to run at least once a day (by + default) by ignoring a stale "gc.log" file that is too old. + + * "git remote rm X", when a branch has remote X configured as the + value of its branch.*.remote, tried to remove branch.*.remote and + branch.*.merge and failed if either is unset. + + * A caller of tempfile API that uses stdio interface to write to + files may ignore errors while writing, which is detected when + tempfile is closed (with a call to ferror()). By that time, the + original errno that may have told us what went wrong is likely to + be long gone and was overwritten by an irrelevant value. + close_tempfile() now resets errno to EIO to make errno at least + predictable. + + * "git show-branch" expected there were only very short branch names + in the repository and used a fixed-length buffer to hold them + without checking for overflow. + + * The code that parses header fields in the commit object has been + updated for (micro)performance and code hygiene. + + * A test that creates a confusing branch whose name is HEAD has been + corrected not to do so. + + * "Cc:" on the trailer part does not have to conform to RFC strictly, + unlike in the e-mail header. "git send-email" has been updated to + ignore anything after '>' when picking addresses, to allow non-address + cruft like " # stable 4.4" after the address. + + * "git push" had a handful of codepaths that could lead to a deadlock + when unexpected error happened, which has been fixed. + + * Code to read submodule.<name>.ignore config did not state the + variable name correctly when giving an error message diagnosing + misconfiguration. + + * "git ls-remote" and "git archive --remote" are designed to work + without being in a directory under Git's control. However, recent + updates revealed that we randomly look into a directory called + .git/ without actually doing necessary set-up when working in a + repository. Stop doing so. + + * The code to parse the command line "git grep <patterns>... <rev> + [[--] <pathspec>...]" has been cleaned up, and a handful of bugs + have been fixed (e.g. we used to check "--" if it is a rev). + + * The code to parse "git -c VAR=VAL cmd" and set configuration + variable for the duration of cmd had two small bugs, which have + been fixed. + This supersedes jc/config-case-cmdline topic that has been discarded. + +Also contains various documentation updates and code clean-ups. diff --git a/Documentation/RelNotes/2.12.3.txt b/Documentation/RelNotes/2.12.3.txt new file mode 100644 index 0000000000..ebca846d5d --- /dev/null +++ b/Documentation/RelNotes/2.12.3.txt @@ -0,0 +1,64 @@ +Git v2.12.3 Release Notes +========================= + +Fixes since v2.12.2 +------------------- + + * The "parse_config_key()" API function has been cleaned up. + + * An helper function to make it easier to append the result from + real_path() to a strbuf has been added. + + * The t/perf performance test suite was not prepared to test not so + old versions of Git, but now it covers versions of Git that are not + so ancient. + + * Picking two versions of Git and running tests to make sure the + older one and the newer one interoperate happily has now become + possible. + + * Teach the "debug" helper used in the test framework that allows a + command to run under "gdb" to make the session interactive. + + * "git repack --depth=<n>" for a long time busted the specified depth + when reusing delta from existing packs. This has been corrected. + + * user.email that consists of only cruft chars should consistently + error out, but didn't. + + * A few tests were run conditionally under (rare) conditions where + they cannot be run (like running cvs tests under 'root' account). + + * "git branch @" created refs/heads/@ as a branch, and in general the + code that handled @{-1} and @{upstream} was a bit too loose in + disambiguating. + + * "git fetch" that requests a commit by object name, when the other + side does not allow such an request, failed without much + explanation. + + * "git filter-branch --prune-empty" drops a single-parent commit that + becomes a no-op, but did not drop a root commit whose tree is empty. + + * Recent versions of Git treats http alternates (used in dumb http + transport) just like HTTP redirects and requires the client to + enable following it, due to security concerns. But we forgot to + give a warning when we decide not to honor the alternates. + + * NO_PTHREADS build has been broken for some time; now fixed. + + * Fix for potential segv introduced in v2.11.0 and later (also + v2.10.2). + + * A few unterminated here documents in tests were fixed, which in + turn revealed incorrect expectations the tests make. These tests + have been updated. + + * "git-shell" rejects a request to serve a repository whose name + begins with a dash, which makes it no longer possible to get it + confused into spawning service programs like "git-upload-pack" with + an option like "--help", which in turn would spawn an interactive + pager, instead of working with the repository user asked to access + (i.e. the one whose name is "--help"). + +Also contains various documentation updates and code clean-ups. diff --git a/Documentation/RelNotes/2.12.4.txt b/Documentation/RelNotes/2.12.4.txt new file mode 100644 index 0000000000..3f56938221 --- /dev/null +++ b/Documentation/RelNotes/2.12.4.txt @@ -0,0 +1,4 @@ +Git v2.12.4 Release Notes +========================= + +This release forward-ports the fix for "ssh://..." URL from Git v2.7.6 diff --git a/Documentation/RelNotes/2.12.5.txt b/Documentation/RelNotes/2.12.5.txt new file mode 100644 index 0000000000..8fa73cfce7 --- /dev/null +++ b/Documentation/RelNotes/2.12.5.txt @@ -0,0 +1,17 @@ +Git v2.12.5 Release Notes +========================= + +Fixes since v2.12.4 +------------------- + + * "git cvsserver" no longer is invoked by "git daemon" by default, + as it is old and largely unmaintained. + + * Various Perl scripts did not use safe_pipe_capture() instead of + backticks, leaving them susceptible to end-user input. They have + been corrected. + +Credits go to joernchen <joernchen@phenoelit.de> for finding the +unsafe constructs in "git cvsserver", and to Jeff King at GitHub for +finding and fixing instances of the same issue in other scripts. + diff --git a/Documentation/RelNotes/2.13.0.txt b/Documentation/RelNotes/2.13.0.txt index 0d4a3ef931..aa99d4b3ce 100644 --- a/Documentation/RelNotes/2.13.0.txt +++ b/Documentation/RelNotes/2.13.0.txt @@ -12,8 +12,18 @@ Backward compatibility notes. release (yet). * The historical argument order "git merge <msg> HEAD <commit>..." - has been deprecated for quite some time, and will be removed in a - future release. + has been deprecated for quite some time, and is now removed. + + * The default location "~/.git-credential-cache/socket" for the + socket used to communicate with the credential-cache daemon has + been moved to "~/.cache/git/credential/socket". + + * Git now avoids blindly falling back to ".git" when the setup + sequence said we are _not_ in Git repository. A corner case that + happens to work right now may be broken by a call to die("BUG"). + We've tried hard to locate such cases and fixed them, but there + might still be cases that need to be addressed--bug reports are + greatly appreciated. Updates since v2.12 @@ -77,16 +87,13 @@ UI, Workflows & Features unlike in the e-mail header. "git send-email" has been updated to ignore anything after '>' when picking addresses, to allow non-address cruft like " # stable 4.4" after the address. - (merge 9d3343961b jh/send-email-one-cc later to maint). * When "git submodule init" decides that the submodule in the working tree is its upstream, it now gives a warning as it is not a very common setup. - (merge d1b3b81aab sb/submodule-init-url-selection later to maint). - * "git stash save" takes a pathspec so that the local changes can be + * "git stash push" takes a pathspec so that the local changes can be stashed away only partially. - (merge 9e140909f6 tg/stash-push later to maint). * Documentation for "git ls-files" did not refer to core.quotePath. @@ -113,6 +120,87 @@ UI, Workflows & Features repository and was quite messy due to its "chicken-and-egg" nature. The code has been restructured. + * The command line prompt (in contrib/) learned a new 'tag' style + that can be specified with GIT_PS1_DESCRIBE_STYLE, to describe a + detached HEAD with "git describe --tags". + + * The configuration file learned a new "includeIf.<condition>.path" + that includes the contents of the given path only when the + condition holds. This allows you to say "include this work-related + bit only in the repositories under my ~/work/ directory". + + * Recent update to "rebase -i" started showing a message that is not + a warning with "warning:" prefix by mistake. This has been fixed. + + * Recently we started passing the "--push-options" through the + external remote helper interface; now the "smart HTTP" remote + helper understands what to do with the passed information. + + * "git describe --dirty" dies when it cannot be determined if the + state in the working tree matches that of HEAD (e.g. broken + repository or broken submodule). The command learned a new option + "git describe --broken" to give "$name-broken" (where $name is the + description of HEAD) in such a case. + + * "git checkout" is taught the "--recurse-submodules" option. + + * Recent enhancement to "git stash push" command to support pathspec + to allow only a subset of working tree changes to be stashed away + was found to be too chatty and exposed the internal implementation + detail (e.g. when it uses reset to match the index to HEAD before + doing other things, output from reset seeped out). These, and + other chattyness has been fixed. + + * "git merge <message> HEAD <commit>" syntax that has been deprecated + since October 2007 has been removed. + + * The refs completion for large number of refs has been sped up, + partly by giving up disambiguating ambiguous refs and partly by + eliminating most of the shell processing between 'git for-each-ref' + and 'ls-remote' and Bash's completion facility. + + * On many keyboards, typing "@{" involves holding down SHIFT key and + one can easily end up with "@{Up..." when typing "@{upstream}". As + the upstream/push keywords do not appear anywhere else in the syntax, + we can safely accept them case insensitively without introducing + ambiguity or confusion to solve this. + + * "git tag/branch/for-each-ref" family of commands long allowed to + filter the refs by "--contains X" (show only the refs that are + descendants of X), "--merged X" (show only the refs that are + ancestors of X), "--no-merged X" (show only the refs that are not + ancestors of X). One curious omission, "--no-contains X" (show + only the refs that are not descendants of X) has been added to + them. + + * The default behaviour of "git log" in an interactive session has + been changed to enable "--decorate". + + * The output from "git status --short" has been extended to show + various kinds of dirtyness in submodules differently; instead of to + "M" for modified, 'm' and '?' can be shown to signal changes only + to the working tree of the submodule but not the commit that is + checked out. + + * Allow the http.postbuffer configuration variable to be set to a + size that can be expressed in size_t, which can be larger than + ulong on some platforms. + + * "git rebase" learns "--signoff" option. + + * The completion script (in contrib/) learned to complete "git push + --delete b<TAB>" to complete branch name to be deleted. + + * "git worktree add --lock" allows to lock a worktree immediately + after it's created. This helps prevent a race between "git worktree + add; git worktree lock" and "git worktree prune". + + * Completion for "git checkout <branch>" that auto-creates the branch + out of a remote tracking branch can now be disabled, as this + completion often gets in the way when completing to checkout an + existing local branch that happens to share the same prefix with + bunch of remote tracking branches. + Performance, Internal Implementation, Development Support etc. @@ -137,19 +225,15 @@ Performance, Internal Implementation, Development Support etc. errno from failed system calls. * The "parse_config_key()" API function has been cleaned up. - (merge ad8c7cdadd jk/parse-config-key-cleanup later to maint). * A test that creates a confusing branch whose name is HEAD has been corrected not to do so. - (merge f0252ca23c jk/t6300-cleanup later to maint). * The code that parses header fields in the commit object has been updated for (micro)performance and code hygiene. - (merge b072504ce1 rs/commit-parsing-optim later to maint). * An helper function to make it easier to append the result from real_path() to a strbuf has been added. - (merge 33ad9ddd0b rs/strbuf-add-real-path later to maint). * Reduce authentication round-trip over HTTP when the server supports just a single authentication method. This also improves the @@ -164,7 +248,6 @@ Performance, Internal Implementation, Development Support etc. * The t/perf performance test suite was not prepared to test not so old versions of Git, but now it covers versions of Git that are not so ancient. - (merge 28e1fb5466 jt/perf-updates later to maint). * Add 32-bit Linux variant to the set of platforms to be tested with Travis CI. @@ -177,15 +260,78 @@ Performance, Internal Implementation, Development Support etc. * Picking two versions of Git and running tests to make sure the older one and the newer one interoperate happily has now become possible. - (merge bd4d9d993c jk/interop-test later to maint). - - * "uchar [40]" to "struct object_id" conversion continues. * "git tag --contains" used to (ab)use the object bits to keep track of the state of object reachability without clearing them after use; this has been cleaned up and made to use the newer commit-slab facility. + * The "debug" helper used in the test framework learned to run + a command under "gdb" interactively. + + * The "detect attempt to create collisions" variant of SHA-1 + implementation by Marc Stevens (CWI) and Dan Shumow (Microsoft) + has been integrated and made the default. + + * The test framework learned to detect unterminated here documents. + + * The name-hash used for detecting paths that are different only in + cases (which matter on case insensitive filesystems) has been + optimized to take advantage of multi-threading when it makes sense. + + * An earlier version of sha1dc/sha1.c that was merged to 'master' + compiled incorrectly on Windows, which has been fixed. + + * "what URL do we want to update this submodule?" and "are we + interested in this submodule?" are split into two distinct + concepts, and then the way used to express the latter got extended, + paving a way to make it easier to manage a project with many + submodules and make it possible to later extend use of multiple + worktrees for a project with submodules. + + * Some debugging output from "git describe" were marked for l10n, + but some weren't. Mark missing ones for l10n. + + * Define a new task in .travis.yml that triggers a test session on + Windows run elsewhere. + + * Conversion from uchar[20] to struct object_id continues. + + * The "submodule" specific field in the ref_store structure is + replaced with a more generic "gitdir" that can later be used also + when dealing with ref_store that represents the set of refs visible + from the other worktrees. + + * The string-list API used a custom reallocation strategy that was + very inefficient, instead of using the usual ALLOC_GROW() macro, + which has been fixed. + (merge 950a234cbd jh/string-list-micro-optim later to maint). + + * In a 2- and 3-way merge of trees, more than one source trees often + end up sharing an identical subtree; optimize by not reading the + same tree multiple times in such a case. + (merge d12a8cf0af jh/unpack-trees-micro-optim later to maint). + + * The index file has a trailing SHA-1 checksum to detect file + corruption, and historically we checked it every time the index + file is used. Omit the validation during normal use, and instead + verify only in "git fsck". + + * Having a git command on the upstream side of a pipe in a test + script will hide the exit status from the command, which may cause + us to fail to notice a breakage; rewrite tests in a script to avoid + this issue. + + * Travis CI learns to run coccicheck. + + * "git checkout" that handles a lot of paths has been optimized by + reducing the number of unnecessary checks of paths in the + has_dir_name() function. + + * The internals of the refs API around the cached refs has been + streamlined. + + * Output from perf tests have been updated to align their titles. Also contains various documentation updates and code clean-ups. @@ -193,30 +339,26 @@ Also contains various documentation updates and code clean-ups. Fixes since v2.12 ----------------- -Unless otherwise noted, all the fixes since v2.9 in the maintenance +Unless otherwise noted, all the fixes since v2.12 in the maintenance track are contained in this release (see the maintenance releases' notes for details). * "git repack --depth=<n>" for a long time busted the specified depth when reusing delta from existing packs. This has been corrected. - (merge 42b766d765 jk/delta-chain-limit later to maint). * The code to parse the command line "git grep <patterns>... <rev> [[--] <pathspec>...]" has been cleaned up, and a handful of bugs have been fixed (e.g. we used to check "--" if it is a rev). - (merge 131f3c96d2 jk/grep-no-index-fix later to maint). * "git ls-remote" and "git archive --remote" are designed to work without being in a directory under Git's control. However, recent updates revealed that we randomly look into a directory called .git/ without actually doing necessary set-up when working in a repository. Stop doing so. - (merge 4b0c3c7735 jn/remote-helpers-with-git-dir later to maint). * "git show-branch" expected there were only very short branch names in the repository and used a fixed-length buffer to hold them without checking for overflow. - (merge d3cc5f4c44 jk/show-branch-lift-name-len-limit later to maint). * A caller of tempfile API that uses stdio interface to write to files may ignore errors while writing, which is detected when @@ -225,36 +367,29 @@ notes for details). be long gone and was overwritten by an irrelevant value. close_tempfile() now resets errno to EIO to make errno at least predictable. - (merge 7e8c9355b7 jk/tempfile-ferror-fclose-confusion later to maint). * "git remote rm X", when a branch has remote X configured as the value of its branch.*.remote, tried to remove branch.*.remote and branch.*.merge and failed if either is unset. - (merge 20690b2139 rl/remote-allow-missing-branch-name-merge later to maint). * A "gc.log" file left by a backgrounded "gc --auto" disables further automatic gc; it has been taught to run at least once a day (by default) by ignoring a stale "gc.log" file that is too old. - (merge a831c06a2b dt/gc-ignore-old-gc-logs later to maint). * The code to parse "git -c VAR=VAL cmd" and set configuration variable for the duration of cmd had two small bugs, which have been fixed. - (merge 1274a155af jc/config-case-cmdline-take-2 later to maint). * user.email that consists of only cruft chars should consistently error out, but didn't. - (merge 94425552f3 jk/ident-empty later to maint). * "git upload-pack", which is a counter-part of "git fetch", did not report a request for a ref that was not advertised as invalid. This is generally not a problem (because "git fetch" will stop before making such a request), but is the right thing to do. - (merge bdb31eada7 jt/upload-pack-error-report later to maint). * A leak in a codepath to read from a packed object in (rare) cases has been plugged. - (merge 886ddf4777 rs/sha1-file-plug-fallback-base-leak later to maint). * When a redirected http transport gets an error during the redirected request, we ignored the error we got from the server, @@ -272,7 +407,6 @@ notes for details). * There is no need for Python only to give a few messages to the standard error stream, but we somehow did. - (merge b8686c661d ss/remote-bzr-hg-placeholder-wo-python later to maint). * The code to parse "git log -L..." command line was buggy when there are many ranges specified with -L; overrun of the allocated buffer @@ -286,39 +420,31 @@ notes for details). made an incorrect short-cut when asked only to populate the size field for paths that need to go through convert_to_git() (e.g. CRLF conversion). - (merge 12426e114b jc/diff-populate-filespec-size-only-fix later to maint). * A few tests were run conditionally under (rare) conditions where they cannot be run (like running cvs tests under 'root' account). - (merge c6507484a2 ab/cond-skip-tests later to maint). * "git branch @" created refs/heads/@ as a branch, and in general the code that handled @{-1} and @{upstream} was a bit too loose in disambiguating. - (merge fd4692ff70 jk/interpret-branch-name later to maint). * "git fetch" that requests a commit by object name, when the other side does not allow such an request, failed without much explanation. - (merge d56583ded6 mm/fetch-show-error-message-on-unadvertised-object later to maint). * "git filter-branch --prune-empty" drops a single-parent commit that becomes a no-op, but did not drop a root commit whose tree is empty. - (merge 32da7467eb dp/filter-branch-prune-empty later to maint). * Recent versions of Git treats http alternates (used in dumb http transport) just like HTTP redirects and requires the client to enable following it, due to security concerns. But we forgot to give a warning when we decide not to honor the alternates. - (merge 5cae73d5d2 ew/http-alternates-as-redirects-warning later to maint). * "git push" had a handful of codepaths that could lead to a deadlock when unexpected error happened, which has been fixed. - (merge d1a13d3fcb jk/push-deadlock-regression-fix later to maint). * "Dumb http" transport used to misparse a nonsense http-alternates response, which has been fixed. - (merge d61434ae81 jk/http-walker-buffer-underflow-fix later to maint). * "git add -p <pathspec>" unnecessarily expanded the pathspec to a list of individual files that matches the pathspec by running "git @@ -332,11 +458,161 @@ notes for details). * "git status --porcelain" is supposed to give a stable output, but a few strings were left as translatable by mistake. - (merge b9e2bc560a mg/status-porcelain-no-i18n later to maint). + + * "git revert -m 0 $merge_commit" complained that reverting a merge + needs to say relative to which parent the reversion needs to + happen, as if "-m 0" weren't given. The correct diagnosis is that + "-m 0" does not refer to the first parent ("-m 1" does). This has + been fixed. + + * Code to read submodule.<name>.ignore config did not state the + variable name correctly when giving an error message diagnosing + misconfiguration. + + * Fix for NO_PTHREADS build. + + * Fix for potential segv introduced in v2.11.0 and later (also + v2.10.2) to "git log --pickaxe-regex -S". + + * A few unterminated here documents in tests were fixed, which in + turn revealed incorrect expectations the tests make. These tests + have been updated. + + * Fix for NO_PTHREADS option. + (merge 2225e1ea20 bw/grep-recurse-submodules later to maint). + + * Git now avoids blindly falling back to ".git" when the setup + sequence said we are _not_ in Git repository. A corner case that + happens to work right now may be broken by a call to die("BUG"). + (merge b1ef400eec jk/no-looking-at-dotgit-outside-repo-final later to maint). + + * A few commands that recently learned the "--recurse-submodule" + option misbehaved when started from a subdirectory of the + superproject. + (merge b2dfeb7c00 bw/recurse-submodules-relative-fix later to maint). + + * FreeBSD implementation of getcwd(3) behaved differently when an + intermediate directory is unreadable/unsearchable depending on the + length of the buffer provided, which our strbuf_getcwd() was not + aware of. strbuf_getcwd() has been taught to cope with it better. + (merge a54e938e5b rs/freebsd-getcwd-workaround later to maint). + + * A recent update to "rebase -i" stopped running hooks for the "git + commit" command during "reword" action, which has been fixed. + + * Removing an entry from a notes tree and then looking another note + entry from the resulting tree using the internal notes API + functions did not work as expected. No in-tree users of the API + has such access pattern, but it still is worth fixing. + + * "git receive-pack" could have been forced to die by attempting + allocate an unreasonably large amount of memory with a crafted push + certificate; this has been fixed. + (merge f2214dede9 bc/push-cert-receive-fix later to maint). + + * Update error handling for codepath that deals with corrupt loose + objects. + (merge 51054177b3 jk/loose-object-info-report-error later to maint). + + * "git diff --submodule=diff" learned to work better in a project + with a submodule that in turn has its own submodules. + (merge 17b254cda6 sb/show-diff-for-submodule-in-diff-fix later to maint). + + * Update the build dependency so that an update to /usr/bin/perl + etc. result in recomputation of perl.mak file. + (merge c59c4939c2 ab/regen-perl-mak-with-different-perl later to maint). + + * "git push --recurse-submodules --push-option=<string>" learned to + propagate the push option recursively down to pushes in submodules. + + * If a patch e-mail had its first paragraph after an in-body header + indented (even after a blank line after the in-body header line), + the indented line was mistook as a continuation of the in-body + header. This has been fixed. + (merge fd1062e52e lt/mailinfo-in-body-header-continuation later to maint). + + * Clean up fallouts from recent tightening of the set-up sequence, + where Git barfs when repository information is accessed without + first ensuring that it was started in a repository. + (merge bccb22cbb1 jk/no-looking-at-dotgit-outside-repo later to maint). + + * "git p4" used "name-rev HEAD" when it wants to learn what branch is + checked out; it should use "symbolic-ref HEAD". + (merge eff451101d ld/p4-current-branch-fix later to maint). + + * "http.proxy" set to an empty string is used to disable the usage of + proxy. We broke this early last year. + (merge ae51d91105 sr/http-proxy-configuration-fix later to maint). + + * $GIT_DIR may in some cases be normalized with all symlinks resolved + while "gitdir" path expansion in the pattern does not receive the + same treatment, leading to incorrect mismatch. This has been fixed. + + * "git submodule" script does not work well with strange pathnames. + Protect it from a path with slashes in them, at least. + + * "git fetch-pack" was not prepared to accept ERR packet that the + upload-pack can send with a human-readable error message. It + showed the packet contents with ERR prefix, so there was no data + loss, but it was redundant to say "ERR" in an error message. + (merge 8e2c7bef03 jt/fetch-pack-error-reporting later to maint). + + * "ls-files --recurse-submodules" did not quite work well in a + project with nested submodules. + + * gethostname(2) may not NUL terminate the buffer if hostname does + not fit; unfortunately there is no easy way to see if our buffer + was too small, but at least this will make sure we will not end up + using garbage past the end of the buffer. + (merge 5781a9a270 dt/xgethostname-nul-termination later to maint). + + * A recent update broke "git add -p ../foo" from a subdirectory. + + * While handy, "git_path()" is a dangerous function to use as a + callsite that uses it safely one day can be broken by changes + to other code that calls it. Reduction of its use continues. + (merge 16d2676c9e jk/war-on-git-path later to maint). + + * The split-index code configuration code used an unsafe git_path() + function without copying its result out. + + * Many stale HTTP(s) links have been updated in our documentation. + (merge 613416f0be jk/update-links-in-docs later to maint). + + * "git-shell" rejects a request to serve a repository whose name + begins with a dash, which makes it no longer possible to get it + confused into spawning service programs like "git-upload-pack" with + an option like "--help", which in turn would spawn an interactive + pager, instead of working with the repository user asked to access + (i.e. the one whose name is "--help"). * Other minor doc, test and build updates and code cleanups. - (merge b803ae4427 ps/docs-diffcore later to maint). - (merge bcd886d897 ew/markdown-url-in-readme later to maint). - (merge b2d593a779 rj/remove-unused-mktemp later to maint). - (merge 3255e512a8 jk/ewah-use-right-type-in-sizeof later to maint). - (merge dfa3ad3238 rs/blame-code-cleanup later to maint). + (merge df2a6e38b7 jk/pager-in-use later to maint). + (merge 75ec4a6cb0 ab/branch-list-doc later to maint). + (merge 3e5b36c637 sg/skip-prefix-in-prettify-refname later to maint). + (merge 2c5e2865cc jk/fast-import-cleanup later to maint). + (merge 4473060bc2 ab/test-readme-updates later to maint). + (merge 48a96972fd ab/doc-submitting later to maint). + (merge f5c2bc2b96 jk/make-coccicheck-detect-errors later to maint). + (merge c105f563d1 cc/untracked later to maint). + (merge 8668976b53 jc/unused-symbols later to maint). + (merge fba275dc93 jc/bs-t-is-not-a-tab-for-sed later to maint). + (merge be6ed145de mm/ls-files-s-doc later to maint). + (merge 60b091c679 qp/bisect-docfix later to maint). + (merge 47242cd103 ah/diff-files-ours-theirs-doc later to maint). + (merge 35ad44cbd8 sb/submodule-rm-absorb later to maint). + (merge 0301f1fd92 va/i18n-perl-scripts later to maint). + (merge 733e064d98 vn/revision-shorthand-for-side-branch-log later to maint). + (merge 85999743e7 tb/doc-eol-normalization later to maint). + (merge 0747fb49fd jk/loose-object-fsck later to maint). + (merge d8f4481c4f jk/quarantine-received-objects later to maint). + (merge 7ba1ceef95 xy/format-patch-base later to maint). + (merge fa1912c89a rs/misc-cppcheck-fixes later to maint). + (merge f17d642d3b ab/push-cas-doc-n-test later to maint). + (merge 61e282425a ss/gitmodules-ignore-doc later to maint). + (merge 8d3047cd5b ss/submodule-shallow-doc later to maint). + (merge 1f9e18b772 jk/prio-queue-avoid-swap-with-self later to maint). + (merge 627fde1025 jk/submodule-init-segv-fix later to maint). + (merge d395745d81 rg/doc-pull-typofix later to maint). + (merge 01e60a9a22 rg/doc-submittingpatches-wordfix later to maint). + (merge 501d3cd7b8 sr/hooks-cwd-doc later to maint). diff --git a/Documentation/RelNotes/2.13.1.txt b/Documentation/RelNotes/2.13.1.txt new file mode 100644 index 0000000000..ed7cd976d9 --- /dev/null +++ b/Documentation/RelNotes/2.13.1.txt @@ -0,0 +1,114 @@ +Git v2.13.1 Release Notes +========================= + +Fixes since v2.13 +----------------- + + * The Web interface to gmane news archive is long gone, even though + the articles are still accessible via NTTP. Replace the links with + ones to public-inbox.org. Because their message identification is + based on the actual message-id, it is likely that it will be easier + to migrate away from it if/when necessary. + + * Update tests to pass under GETTEXT_POISON (a mechanism to ensure + that output strings that should not be translated are not + translated by mistake), and tell TravisCI to run them. + + * Setting "log.decorate=false" in the configuration file did not take + effect in v2.13, which has been corrected. + + * An earlier update to test 7400 needed to be skipped on CYGWIN. + + * Git sometimes gives an advice in a rhetorical question that does + not require an answer, which can confuse new users and non native + speakers. Attempt to rephrase them. + + * "git read-tree -m" (no tree-ish) gave a nonsense suggestion "use + --empty if you want to clear the index". With "-m", such a request + will still fail anyway, as you'd need to name at least one tree-ish + to be merged. + + * The codepath in "git am" that is used when running "git rebase" + leaked memory held for the log message of the commits being rebased. + + * "pack-objects" can stream a slice of an existing packfile out when + the pack bitmap can tell that the reachable objects are all needed + in the output, without inspecting individual objects. This + strategy however would not work well when "--local" and other + options are in use, and need to be disabled. + + * Clarify documentation for include.path and includeIf.<condition>.path + configuration variables. + + * Tag objects, which are not reachable from any ref, that point at + missing objects were mishandled by "git gc" and friends (they + should silently be ignored instead) + + * A few http:// links that are redirected to https:// in the + documentation have been updated to https:// links. + + * Make sure our tests would pass when the sources are checked out + with "platform native" line ending convention by default on + Windows. Some "text" files out tests use and the test scripts + themselves that are meant to be run with /bin/sh, ought to be + checked out with eol=LF even on Windows. + + * Fix memory leaks pointed out by Coverity (and people). + + * The receive-pack program now makes sure that the push certificate + records the same set of push options used for pushing. + + * "git cherry-pick" and other uses of the sequencer machinery + mishandled a trailer block whose last line is an incomplete line. + This has been fixed so that an additional sign-off etc. are added + after completing the existing incomplete line. + + * The shell completion script (in contrib/) learned "git stash" has + a new "push" subcommand. + + * Travis CI gained a task to format the documentation with both + AsciiDoc and AsciiDoctor. + + * Update the C style recommendation for notes for translators, as + recent versions of gettext tools can work with our style of + multi-line comments. + + * "git clone --config var=val" is a way to populate the + per-repository configuration file of the new repository, but it did + not work well when val is an empty string. This has been fixed. + + * A few codepaths in "checkout" and "am" working on an unborn branch + tried to access an uninitialized piece of memory. + + * "git for-each-ref --format=..." with %(HEAD) in the format used to + resolve the HEAD symref as many times as it had processed refs, + which was wasteful, and "git branch" shared the same problem. + + * "git interpret-trailers", when used as GIT_EDITOR for "git commit + -v", looked for and appended to a trailer block at the very end, + i.e. at the end of the "diff" output. The command has been + corrected to pay attention to the cut-mark line "commit -v" adds to + the buffer---the real trailer block should appear just before it. + + * A test allowed both "git push" and "git receive-pack" on the other + end write their traces into the same file. This is OK on platforms + that allows atomically appending to a file opened with O_APPEND, + but on other platforms led to a mangled output, causing + intermittent test failures. This has been fixed by disabling + traces from "receive-pack" in the test. + + * "foo\bar\baz" in "git fetch foo\bar\baz", even though there is no + slashes in it, cannot be a nickname for a remote on Windows, as + that is likely to be a pathname on a local filesystem. + + * The "collision detecting" SHA-1 implementation shipped with 2.13 + was quite broken on some big-endian platforms and/or platforms that + do not like unaligned fetches. Update to the upstream code which + has already fixed these issues. + + * "git am -h" triggered a BUG(). + + * The interaction of "url.*.insteadOf" and custom URL scheme's + whitelisting is now documented better. + +Also contains various documentation updates and code clean-ups. diff --git a/Documentation/RelNotes/2.13.2.txt b/Documentation/RelNotes/2.13.2.txt new file mode 100644 index 0000000000..8c2b20071e --- /dev/null +++ b/Documentation/RelNotes/2.13.2.txt @@ -0,0 +1,54 @@ +Git v2.13.2 Release Notes +========================= + +Fixes since v2.13.1 +------------------- + + * The "collision detecting" SHA-1 implementation shipped with 2.13.1 + was still broken on some platforms. Update to the upstream code + again to take their fix. + + * "git checkout --recurse-submodules" did not quite work with a + submodule that itself has submodules. + + * Introduce the BUG() macro to improve die("BUG: ..."). + + * The "run-command" API implementation has been made more robust + against dead-locking in a threaded environment. + + * A recent update to t5545-push-options.sh started skipping all the + tests in the script when a web server testing is disabled or + unavailable, not just the ones that require a web server. Non HTTP + tests have been salvaged to always run in this script. + + * "git clean -d" used to clean directories that has ignored files, + even though the command should not lose ignored ones without "-x". + "git status --ignored" did not list ignored and untracked files + without "-uall". These have been corrected. + + * The timestamp of the index file is now taken after the file is + closed, to help Windows, on which a stale timestamp is reported by + fstat() on a file that is opened for writing and data was written + but not yet closed. + + * "git pull --rebase --autostash" didn't auto-stash when the local history + fast-forwards to the upstream. + + * "git describe --contains" penalized light-weight tags so much that + they were almost never considered. Instead, give them about the + same chance to be considered as an annotated tag that is the same + age as the underlying commit would. + + * The result from "git diff" that compares two blobs, e.g. "git diff + $commit1:$path $commit2:$path", used to be shown with the full + object name as given on the command line, but it is more natural to + use the $path in the output and use it to look up .gitattributes. + + * A flaky test has been corrected. + + * Help contributors that visit us at GitHub. + + * "git stash push <pathspec>" did not work from a subdirectory at all. + Bugfix for a topic in v2.13 + +Also contains various documentation updates and code clean-ups. diff --git a/Documentation/RelNotes/2.13.3.txt b/Documentation/RelNotes/2.13.3.txt new file mode 100644 index 0000000000..5d76ad5310 --- /dev/null +++ b/Documentation/RelNotes/2.13.3.txt @@ -0,0 +1,62 @@ +Git v2.13.3 Release Notes +========================= + +Fixes since v2.13.2 +------------------- + + * The "collision detecting" SHA-1 implementation shipped with 2.13.2 + was still broken on some platforms. Update to the upstream code + again to take their fix. + + * The 'diff-highlight' program (in contrib/) has been restructured + for easier reuse by an external project 'diff-so-fancy'. + + * "git mergetool" learned to work around a wrapper MacOS X adds + around underlying meld. + + * An example in documentation that does not work in multi worktree + configuration has been corrected. + + * The pretty-format specifiers like '%h', '%t', etc. had an + optimization that no longer works correctly. In preparation/hope + of getting it correctly implemented, first discard the optimization + that is broken. + + * The code to pick up and execute command alias definition from the + configuration used to switch to the top of the working tree and + then come back when the expanded alias was executed, which was + unnecessarilyl complex. Attempt to simplify the logic by using the + early-config mechanism that does not chdir around. + + * "git add -p" were updated in 2.12 timeframe to cope with custom + core.commentchar but the implementation was buggy and a + metacharacter like $ and * did not work. + + * Fix a recent regression to "git rebase -i" and add tests that would + have caught it and others. + + * An unaligned 32-bit access in pack-bitmap code ahs been corrected. + + * Tighten error checks for invalid "git apply" input. + + * The split index code did not honor core.sharedrepository setting + correctly. + + * The Makefile rule in contrib/subtree for building documentation + learned to honour USE_ASCIIDOCTOR just like the main documentation + set does. + + * A few tests that tried to verify the contents of push certificates + did not use 'git rev-parse' to formulate the line to look for in + the certificate correctly. + + * After "git branch --move" of the currently checked out branch, the + code to walk the reflog of HEAD via "log -g" and friends + incorrectly stopped at the reflog entry that records the renaming + of the branch. + + * The rewrite of "git branch --list" using for-each-ref's internals + that happened in v2.13 regressed its handling of color.branch.local; + this has been fixed. + +Also contains various documentation updates and code clean-ups. diff --git a/Documentation/RelNotes/2.13.4.txt b/Documentation/RelNotes/2.13.4.txt new file mode 100644 index 0000000000..9a9f8f9599 --- /dev/null +++ b/Documentation/RelNotes/2.13.4.txt @@ -0,0 +1,28 @@ +Git v2.13.4 Release Notes +========================= + +Fixes since v2.13.3 +------------------- + + * Update the character width tables. + + * A recent update broke an alias that contained an uppercase letter, + which has been fixed. + + * On Cygwin, similar to Windows, "git push //server/share/repository" + ought to mean a repository on a network share that can be accessed + locally, but this did not work correctly due to stripping the double + slashes at the beginning. + + * The progress meter did not give a useful output when we haven't had + 0.5 seconds to measure the throughput during the interval. Instead + show the overall throughput rate at the end, which is a much more + useful number. + + * We run an early part of "git gc" that deals with refs before + daemonising (and not under lock) even when running a background + auto-gc, which caused multiple gc processes attempting to run the + early part at the same time. This is now prevented by running the + early part also under the GC lock. + +Also contains a handful of small code and documentation clean-ups. diff --git a/Documentation/RelNotes/2.13.5.txt b/Documentation/RelNotes/2.13.5.txt new file mode 100644 index 0000000000..6949fcda78 --- /dev/null +++ b/Documentation/RelNotes/2.13.5.txt @@ -0,0 +1,4 @@ +Git v2.13.5 Release Notes +========================= + +This release forward-ports the fix for "ssh://..." URL from Git v2.7.6 diff --git a/Documentation/RelNotes/2.13.6.txt b/Documentation/RelNotes/2.13.6.txt new file mode 100644 index 0000000000..afcae9c808 --- /dev/null +++ b/Documentation/RelNotes/2.13.6.txt @@ -0,0 +1,17 @@ +Git v2.13.6 Release Notes +========================= + +Fixes since v2.13.5 +------------------- + + * "git cvsserver" no longer is invoked by "git daemon" by default, + as it is old and largely unmaintained. + + * Various Perl scripts did not use safe_pipe_capture() instead of + backticks, leaving them susceptible to end-user input. They have + been corrected. + +Credits go to joernchen <joernchen@phenoelit.de> for finding the +unsafe constructs in "git cvsserver", and to Jeff King at GitHub for +finding and fixing instances of the same issue in other scripts. + diff --git a/Documentation/RelNotes/2.13.7.txt b/Documentation/RelNotes/2.13.7.txt new file mode 100644 index 0000000000..09fc01406c --- /dev/null +++ b/Documentation/RelNotes/2.13.7.txt @@ -0,0 +1,20 @@ +Git v2.13.7 Release Notes +========================= + +Fixes since v2.13.6 +------------------- + + * Submodule "names" come from the untrusted .gitmodules file, but we + blindly append them to $GIT_DIR/modules to create our on-disk repo + paths. This means you can do bad things by putting "../" into the + name. We now enforce some rules for submodule names which will cause + Git to ignore these malicious names (CVE-2018-11235). + + Credit for finding this vulnerability and the proof of concept from + which the test script was adapted goes to Etienne Stalmans. + + * It was possible to trick the code that sanity-checks paths on NTFS + into reading random piece of memory (CVE-2018-11233). + +Credit for fixing for these bugs goes to Jeff King, Johannes +Schindelin and others. diff --git a/Documentation/RelNotes/2.14.0.txt b/Documentation/RelNotes/2.14.0.txt new file mode 100644 index 0000000000..4246c68ff5 --- /dev/null +++ b/Documentation/RelNotes/2.14.0.txt @@ -0,0 +1,517 @@ +Git 2.14 Release Notes +====================== + +Backward compatibility notes and other notable changes. + + * Use of an empty string as a pathspec element that is used for + 'everything matches' is still warned and Git asks users to use a + more explicit '.' for that instead. The hope is that existing + users will not mind this change, and eventually the warning can be + turned into a hard error, upgrading the deprecation into removal of + this (mis)feature. That is not scheduled to happen in the upcoming + release (yet). + + * Git now avoids blindly falling back to ".git" when the setup + sequence said we are _not_ in Git repository. A corner case that + happens to work right now may be broken by a call to die("BUG"). + We've tried hard to locate such cases and fixed them, but there + might still be cases that need to be addressed--bug reports are + greatly appreciated. + + * The experiment to improve the hunk-boundary selection of textual + diff output has finished, and the "indent heuristics" has now + become the default. + + * Git can now be built with PCRE v2 instead of v1 of the PCRE + library. Replace USE_LIBPCRE=YesPlease with USE_LIBPCRE2=YesPlease + in existing build scripts to build against the new version. As the + upstream PCRE maintainer has abandoned v1 maintenance for all but + the most critical bug fixes, use of v2 is recommended. + + +Updates since v2.13 +------------------- + +UI, Workflows & Features + + * The colors in which "git status --short --branch" showed the names + of the current branch and its remote-tracking branch are now + configurable. + + * "git clone" learned the "--no-tags" option not to fetch all tags + initially, and also set up the tagopt not to follow any tags in + subsequent fetches. + + * "git archive --format=zip" learned to use zip64 extension when + necessary to go beyond the 4GB limit. + + * "git reset" learned "--recurse-submodules" option. + + * "git diff --submodule=diff" now recurses into nested submodules. + + * "git repack" learned to accept the --threads=<n> option and pass it + to pack-objects. + + * "git send-email" learned to run sendemail-validate hook to inspect + and reject a message before sending it out. + + * There is no good reason why "git fetch $there $sha1" should fail + when the $sha1 names an object at the tip of an advertised ref, + even when the other side hasn't enabled allowTipSHA1InWant. + + * The "[includeIf "gitdir:$dir"] path=..." mechanism introduced in + 2.13.0 would canonicalize the path of the gitdir being matched, + and did not match e.g. "gitdir:~/work/*" against a repo in + "~/work/main" if "~/work" was a symlink to "/mnt/storage/work". + Now we match both the resolved canonical path and what "pwd" would + show. The include will happen if either one matches. + + * The "indent" heuristics is now the default in "diff". The + diff.indentHeuristic configuration variable can be set to "false" + for those who do not want it. + + * Many commands learned to pay attention to submodule.recurse + configuration. + + * The convention for a command line is to follow "git cmdname + --options" with revisions followed by an optional "--" + disambiguator and then finally pathspecs. When "--" is not there, + we make sure early ones are all interpretable as revs (and do not + look like paths) and later ones are the other way around. A + pathspec with "magic" (e.g. ":/p/a/t/h" that matches p/a/t/h from + the top-level of the working tree, no matter what subdirectory you + are working from) are conservatively judged as "not a path", which + required disambiguation more often. The command line parser + learned to say "it's a pathspec" a bit more often when the syntax + looks like so. + + * Update "perl-compatible regular expression" support to enable JIT + and also allow linking with the newer PCRE v2 library. + + * "filter-branch" learned a pseudo filter "--setup" that can be used + to define common functions/variables that can be used by other + filters. + + * Using "git add d/i/r" when d/i/r is the top of the working tree of + a separate repository would create a gitlink in the index, which + would appear as a not-quite-initialized submodule to others. We + learned to give warnings when this happens. + + * "git status" learned to optionally give how many stash entries there + are in its output. + + * "git status" has long shown essentially the same message as "git + commit"; the message it gives while preparing for the root commit, + i.e. "Initial commit", was hard to understand for some new users. + Now it says "No commits yet" to stress more on the current status + (rather than the commit the user is preparing for, which is more in + line with the focus of "git commit"). + + * "git send-email" now has --batch-size and --relogin-delay options + which can be used to overcome limitations on SMTP servers that + restrict on how many of e-mails can be sent in a single session. + + * An old message shown in the commit log template was removed, as it + has outlived its usefulness. + + * "git pull --rebase --recurse-submodules" learns to rebase the + branch in the submodules to an updated base. + + * "git log" learned -P as a synonym for --perl-regexp, "git grep" + already had such a synonym. + + * "git log" didn't understand --regexp-ignore-case when combined with + --perl-regexp. This has been fixed. + +Performance, Internal Implementation, Development Support etc. + + * The default packed-git limit value has been raised on larger + platforms to save "git fetch" from a (recoverable) failure while + "gc" is running in parallel. + + * Code to update the cache-tree has been tightened so that we won't + accidentally write out any 0{40} entry in the tree object. + + * Attempt to allow us notice "fishy" situation where we fail to + remove the temporary directory used during the test. + + * Travis CI gained a task to format the documentation with both + AsciiDoc and AsciiDoctor. + + * Some platforms have ulong that is smaller than time_t, and our + historical use of ulong for timestamp would mean they cannot + represent some timestamp that the platform allows. Invent a + separate and dedicated timestamp_t (so that we can distingiuish + timestamps and a vanilla ulongs, which along is already a good + move), and then declare uintmax_t is the type to be used as the + timestamp_t. + + * We can trigger Windows auto-build tester (credits: Dscho & + Microsoft) from our existing Travis CI tester now. + + * Conversion from uchar[20] to struct object_id continues. + + * Simplify parse_pathspec() codepath and stop it from looking at the + default in-core index. + + * Add perf-test for wildmatch. + + * Code from "conversion using external process" codepath has been + extracted to a separate sub-process.[ch] module. + + * When "git checkout", "git merge", etc. manipulates the in-core + index, various pieces of information in the index extensions are + discarded from the original state, as it is usually not the case + that they are kept up-to-date and in-sync with the operation on the + main index. The untracked cache extension is copied across these + operations now, which would speed up "git status" (as long as the + cache is properly invalidated). + + * The internal implementation of "git grep" has seen some clean-up. + + * Update the C style recommendation for notes for translators, as + recent versions of gettext tools can work with our style of + multi-line comments. + + * The implementation of "ref" API around the "packed refs" have been + cleaned up, in preparation for further changes. + + * The internal logic used in "git blame" has been libified to make it + easier to use by cgit. + + * Our code often opens a path to an optional file, to work on its + contents when we can successfully open it. We can ignore a failure + to open if such an optional file does not exist, but we do want to + report a failure in opening for other reasons (e.g. we got an I/O + error, or the file is there, but we lack the permission to open). + + The exact errors we need to ignore are ENOENT (obviously) and + ENOTDIR (less obvious). Instead of repeating comparison of errno + with these two constants, introduce a helper function to do so. + + * We often try to open a file for reading whose existence is + optional, and silently ignore errors from open/fopen; report such + errors if they are not due to missing files. + + * When an existing repository is used for t/perf testing, we first + create bit-for-bit copy of it, which may grab a transient state of + the repository and freeze it into the repository used for testing, + which then may cause Git operations to fail. Single out "the index + being locked" case and forcibly drop the lock from the copy. + + * Three instances of the same helper function have been consolidated + to one. + + * "fast-import" uses a default pack chain depth that is consistent + with other parts of the system. + + * A new test to show the interaction between the pattern [^a-z] + (which matches '/') and a slash in a path has been added. The + pattern should not match the slash with "pathmatch", but should + with "wildmatch". + + * The 'diff-highlight' program (in contrib/) has been restructured + for easier reuse by an external project 'diff-so-fancy'. + + * A common pattern to free a piece of memory and assign NULL to the + pointer that used to point at it has been replaced with a new + FREE_AND_NULL() macro. + + * Traditionally, the default die() routine had a code to prevent it + from getting called multiple times, which interacted badly when a + threaded program used it (one downside is that the real error may + be hidden and instead the only error message given to the user may + end up being "die recursion detected", which is not very useful). + + * Introduce a "repository" object to eventually make it easier to + work in multiple repositories (the primary focus is to work with + the superproject and its submodules) in a single process. + + * Optimize "what are the object names already taken in an alternate + object database?" query that is used to derive the length of prefix + an object name is uniquely abbreviated to. + + * The hashmap API has been updated so that data to customize the + behaviour of the comparison function can be specified at the time a + hashmap is initialized. + + * The "collision detecting" SHA-1 implementation shipped with 2.13 is + now integrated into git.git as a submodule (the first submodule to + ship with git.git). Clone git.git with --recurse-submodules to get + it. For now a non-submodule copy of the same code is also shipped + as part of the tree. + + * A recent update made it easier to use "-fsanitize=" option while + compiling but supported only one sanitize option. Allow more than + one to be combined, joined with a comma, like "make SANITIZE=foo,bar". + + * Use "p4 -G" to make "p4 changes" output more Python-friendly + to parse. + + * We started using "%" PRItime, imitating "%" PRIuMAX and friends, as + a way to format the internal timestamp value, but this does not + play well with gettext(1) i18n framework, and causes "make pot" + that is run by the l10n coordinator to create a broken po/git.pot + file. This is a possible workaround for that problem. + + * It turns out that Cygwin also needs the fopen() wrapper that + returns failure when a directory is opened for reading. + +Also contains various documentation updates and code clean-ups. + + +Fixes since v2.13 +----------------- + +Unless otherwise noted, all the fixes since v2.13 in the maintenance +track are contained in this release (see the maintenance releases' +notes for details). + + * "git gc" did not interact well with "git worktree"-managed + per-worktree refs. + + * "git cherry-pick" and other uses of the sequencer machinery + mishandled a trailer block whose last line is an incomplete line. + This has been fixed so that an additional sign-off etc. are added + after completing the existing incomplete line. + + * The codepath in "git am" that is used when running "git rebase" + leaked memory held for the log message of the commits being rebased. + + * "git clone --config var=val" is a way to populate the + per-repository configuration file of the new repository, but it did + not work well when val is an empty string. This has been fixed. + + * Setting "log.decorate=false" in the configuration file did not take + effect in v2.13, which has been corrected. + + * A few codepaths in "checkout" and "am" working on an unborn branch + tried to access an uninitialized piece of memory. + + * The Web interface to gmane news archive is long gone, even though + the articles are still accessible via NTTP. Replace the links with + ones to public-inbox.org. Because their message identification is + based on the actual message-id, it is likely that it will be easier + to migrate away from it if/when necessary. + + * The receive-pack program now makes sure that the push certificate + records the same set of push options used for pushing. + + * Tests have been updated to pass under GETTEXT_POISON (a mechanism + to ensure that output strings that should not be translated are + not translated by mistake), and TravisCI is told to run them. + + * "git checkout --recurse-submodules" did not quite work with a + submodule that itself has submodules. + + * "pack-objects" can stream a slice of an existing packfile out when + the pack bitmap can tell that the reachable objects are all needed + in the output, without inspecting individual objects. This + strategy however would not work well when "--local" and other + options are in use, and need to be disabled. + + * Fix memory leaks pointed out by Coverity (and people). + + * "git read-tree -m" (no tree-ish) gave a nonsense suggestion "use + --empty if you want to clear the index". With "-m", such a request + will still fail anyway, as you'd need to name at least one tree-ish + to be merged. + + * Make sure our tests would pass when the sources are checked out + with "platform native" line ending convention by default on + Windows. Some "text" files out tests use and the test scripts + themselves that are meant to be run with /bin/sh, ought to be + checked out with eol=LF even on Windows. + + * Introduce the BUG() macro to improve die("BUG: ..."). + + * Clarify documentation for include.path and includeIf.<condition>.path + configuration variables. + + * Git sometimes gives an advice in a rhetorical question that does + not require an answer, which can confuse new users and non native + speakers. Attempt to rephrase them. + + * A few http:// links that are redirected to https:// in the + documentation have been updated to https:// links. + + * "git for-each-ref --format=..." with %(HEAD) in the format used to + resolve the HEAD symref as many times as it had processed refs, + which was wasteful, and "git branch" shared the same problem. + + * Regression fix to topic recently merged to 'master'. + + * The shell completion script (in contrib/) learned "git stash" has + a new "push" subcommand. + + * "git interpret-trailers", when used as GIT_EDITOR for "git commit + -v", looked for and appended to a trailer block at the very end, + i.e. at the end of the "diff" output. The command has been + corrected to pay attention to the cut-mark line "commit -v" adds to + the buffer---the real trailer block should appear just before it. + + * A test allowed both "git push" and "git receive-pack" on the other + end write their traces into the same file. This is OK on platforms + that allows atomically appending to a file opened with O_APPEND, + but on other platforms led to a mangled output, causing + intermittent test failures. This has been fixed by disabling + traces from "receive-pack" in the test. + + * Tag objects, which are not reachable from any ref, that point at + missing objects were mishandled by "git gc" and friends (they + should silently be ignored instead) + + * "git describe --contains" penalized light-weight tags so much that + they were almost never considered. Instead, give them about the + same chance to be considered as an annotated tag that is the same + age as the underlying commit would. + + * The "run-command" API implementation has been made more robust + against dead-locking in a threaded environment. + + * A recent update to t5545-push-options.sh started skipping all the + tests in the script when a web server testing is disabled or + unavailable, not just the ones that require a web server. Non HTTP + tests have been salvaged to always run in this script. + + * "git send-email" now uses Net::SMTP::SSL, which is obsolete, only + when needed. Recent versions of Net::SMTP can do TLS natively. + + * "foo\bar\baz" in "git fetch foo\bar\baz", even though there is no + slashes in it, cannot be a nickname for a remote on Windows, as + that is likely to be a pathname on a local filesystem. + + * "git clean -d" used to clean directories that has ignored files, + even though the command should not lose ignored ones without "-x". + "git status --ignored" did not list ignored and untracked files + without "-uall". These have been corrected. + + * The result from "git diff" that compares two blobs, e.g. "git diff + $commit1:$path $commit2:$path", used to be shown with the full + object name as given on the command line, but it is more natural to + use the $path in the output and use it to look up .gitattributes. + + * The "collision detecting" SHA-1 implementation shipped with 2.13 + was quite broken on some big-endian platforms and/or platforms that + do not like unaligned fetches. Update to the upstream code which + has already fixed these issues. + + * "git am -h" triggered a BUG(). + + * The interaction of "url.*.insteadOf" and custom URL scheme's + whitelisting is now documented better. + + * The timestamp of the index file is now taken after the file is + closed, to help Windows, on which a stale timestamp is reported by + fstat() on a file that is opened for writing and data was written + but not yet closed. + + * "git pull --rebase --autostash" didn't auto-stash when the local history + fast-forwards to the upstream. + + * A flaky test has been corrected. + + * "git $cmd -h" for builtin commands calls the implementation of the + command (i.e. cmd_$cmd() function) without doing any repository + set-up, and the commands that expect RUN_SETUP is done by the Git + potty needs to be prepared to show the help text without barfing. + (merge d691551192 jk/consistent-h later to maint). + + * Help contributors that visit us at GitHub. + + * "git stash push <pathspec>" did not work from a subdirectory at all. + Bugfix for a topic in v2.13 + + * As there is no portable way to pass timezone information to + strftime, some output format from "git log" and friends are + impossible to produce. Teach our own strbuf_addftime to replace %z + and %Z with caller-supplied values to help working around this. + (merge 6eced3ec5e rs/strbuf-addftime-zZ later to maint). + + * "git mergetool" learned to work around a wrapper MacOS X adds + around underlying meld. + + * An example in documentation that does not work in multi worktree + configuration has been corrected. + + * The pretty-format specifiers like '%h', '%t', etc. had an + optimization that no longer works correctly. In preparation/hope + of getting it correctly implemented, first discard the optimization + that is broken. + + * The code to pick up and execute command alias definition from the + configuration used to switch to the top of the working tree and + then come back when the expanded alias was executed, which was + unnecessarilyl complex. Attempt to simplify the logic by using the + early-config mechanism that does not chdir around. + + * Fix configuration codepath to pay proper attention to commondir + that is used in multi-worktree situation, and isolate config API + into its own header file. + (merge dc8441fdb4 bw/config-h later to maint). + + * "git add -p" were updated in 2.12 timeframe to cope with custom + core.commentchar but the implementation was buggy and a + metacharacter like $ and * did not work. + + * A recent regression in "git rebase -i" has been fixed and tests + that would have caught it and others have been added. + + * An unaligned 32-bit access in pack-bitmap code has been corrected. + + * Tighten error checks for invalid "git apply" input. + + * The split index code did not honor core.sharedRepository setting + correctly. + + * The Makefile rule in contrib/subtree for building documentation + learned to honour USE_ASCIIDOCTOR just like the main documentation + set does. + + * Code clean-up to fix possible buffer over-reading. + + * A few tests that tried to verify the contents of push certificates + did not use 'git rev-parse' to formulate the line to look for in + the certificate correctly. + + * Update the character width tables. + + * After "git branch --move" of the currently checked out branch, the + code to walk the reflog of HEAD via "log -g" and friends + incorrectly stopped at the reflog entry that records the renaming + of the branch. + + * The rewrite of "git branch --list" using for-each-ref's internals + that happened in v2.13 regressed its handling of color.branch.local; + this has been fixed. + + * The build procedure has been improved to allow building and testing + Git with address sanitizer more easily. + (merge 425ca6710b jk/build-with-asan later to maint). + + * On Cygwin, similar to Windows, "git push //server/share/repository" + ought to mean a repository on a network share that can be accessed + locally, but this did not work correctly due to stripping the double + slashes at the beginning. + + * The progress meter did not give a useful output when we haven't had + 0.5 seconds to measure the throughput during the interval. Instead + show the overall throughput rate at the end, which is a much more + useful number. + + * Code clean-up, that makes us in sync with Debian by one patch. + + * We run an early part of "git gc" that deals with refs before + daemonising (and not under lock) even when running a background + auto-gc, which caused multiple gc processes attempting to run the + early part at the same time. This is now prevented by running the + early part also under the GC lock. + + * A recent update broke an alias that contained an uppercase letter. + + * Other minor doc, test and build updates and code cleanups. + (merge 5053313562 rs/urlmatch-cleanup later to maint). + (merge 42c78a216e rs/use-div-round-up later to maint). + (merge 5e8d2729ae rs/wt-status-cleanup later to maint). + (merge bc9b7e207f as/diff-options-grammofix later to maint). + (merge ac05222b31 ah/patch-id-doc later to maint). diff --git a/Documentation/RelNotes/2.14.1.txt b/Documentation/RelNotes/2.14.1.txt new file mode 100644 index 0000000000..9403340f7f --- /dev/null +++ b/Documentation/RelNotes/2.14.1.txt @@ -0,0 +1,4 @@ +Git v2.14.1 Release Notes +========================= + +This release forward-ports the fix for "ssh://..." URL from Git v2.7.6 diff --git a/Documentation/RelNotes/2.14.2.txt b/Documentation/RelNotes/2.14.2.txt new file mode 100644 index 0000000000..bec9186ade --- /dev/null +++ b/Documentation/RelNotes/2.14.2.txt @@ -0,0 +1,105 @@ +Git v2.14.2 Release Notes +========================= + +Fixes since v2.14.1 +------------------- + + * Because recent Git for Windows do come with a real msgfmt, the + build procedure for git-gui has been updated to use it instead of a + hand-rolled substitute. + + * "%C(color name)" in the pretty print format always produced ANSI + color escape codes, which was an early design mistake. They now + honor the configuration (e.g. "color.ui = never") and also tty-ness + of the output medium. + + * The http.{sslkey,sslCert} configuration variables are to be + interpreted as a pathname that honors "~[username]/" prefix, but + weren't, which has been fixed. + + * Numerous bugs in walking of reflogs via "log -g" and friends have + been fixed. + + * "git commit" when seeing an totally empty message said "you did not + edit the message", which is clearly wrong. The message has been + corrected. + + * When a directory is not readable, "gitweb" fails to build the + project list. Work this around by skipping such a directory. + + * A recently added test for the "credential-cache" helper revealed + that EOF detection done around the time the connection to the cache + daemon is torn down were flaky. This was fixed by reacting to + ECONNRESET and behaving as if we got an EOF. + + * Some versions of GnuPG fail to kill gpg-agent it auto-spawned + and such a left-over agent can interfere with a test. Work it + around by attempting to kill one before starting a new test. + + * "git log --tag=no-such-tag" showed log starting from HEAD, which + has been fixed---it now shows nothing. + + * The "tag.pager" configuration variable was useless for those who + actually create tag objects, as it interfered with the use of an + editor. A new mechanism has been introduced for commands to enable + pager depending on what operation is being carried out to fix this, + and then "git tag -l" is made to run pager by default. + + * "git push --recurse-submodules $there HEAD:$target" was not + propagated down to the submodules, but now it is. + + * Commands like "git rebase" accepted the --rerere-autoupdate option + from the command line, but did not always use it. This has been + fixed. + + * "git clone --recurse-submodules --quiet" did not pass the quiet + option down to submodules. + + * "git am -s" has been taught that some input may end with a trailer + block that is not Signed-off-by: and it should refrain from adding + an extra blank line before adding a new sign-off in such a case. + + * "git svn" used with "--localtime" option did not compute the tz + offset for the timestamp in question and instead always used the + current time, which has been corrected. + + * Memory leaks in a few error codepaths have been plugged. + + * bash 4.4 or newer gave a warning on NUL byte in command + substitution done in "git stash"; this has been squelched. + + * "git grep -L" and "git grep --quiet -L" reported different exit + codes; this has been corrected. + + * When handshake with a subprocess filter notices that the process + asked for an unknown capability, Git did not report what program + the offending subprocess was running. This has been corrected. + + * "git apply" that is used as a better "patch -p1" failed to apply a + taken from a file with CRLF line endings to a file with CRLF line + endings. The root cause was because it misused convert_to_git() + that tried to do "safe-crlf" processing by looking at the index + entry at the same path, which is a nonsense---in that mode, "apply" + is not working on the data in (or derived from) the index at all. + This has been fixed. + + * Killing "git merge --edit" before the editor returns control left + the repository in a state with MERGE_MSG but without MERGE_HEAD, + which incorrectly tells the subsequent "git commit" that there was + a squash merge in progress. This has been fixed. + + * "git archive" did not work well with pathspecs and the + export-ignore attribute. + + * "git cvsserver" no longer is invoked by "git daemon" by default, + as it is old and largely unmaintained. + + * Various Perl scripts did not use safe_pipe_capture() instead of + backticks, leaving them susceptible to end-user input. They have + been corrected. + +Also contains various documentation updates and code clean-ups. + +Credits go to joernchen <joernchen@phenoelit.de> for finding the +unsafe constructs in "git cvsserver", and to Jeff King at GitHub for +finding and fixing instances of the same issue in other scripts. diff --git a/Documentation/RelNotes/2.14.3.txt b/Documentation/RelNotes/2.14.3.txt new file mode 100644 index 0000000000..977c9e857c --- /dev/null +++ b/Documentation/RelNotes/2.14.3.txt @@ -0,0 +1,99 @@ +Git v2.14.3 Release Notes +========================= + +Fixes since v2.14.2 +------------------- + + * A helper function to read a single whole line into strbuf + mistakenly triggered OOM error at EOF under certain conditions, + which has been fixed. + + * In addition to "cc: <a@dd.re.ss> # cruft", "cc: a@dd.re.ss # cruft" + was taught to "git send-email" as a valid way to tell it that it + needs to also send a carbon copy to <a@dd.re.ss> in the trailer + section. + + * Fix regression to "gitk --bisect" by a recent update. + + * Unlike "git commit-tree < file", "git commit-tree -F file" did not + pass the contents of the file verbatim and instead completed an + incomplete line at the end, if exists. The latter has been updated + to match the behaviour of the former. + + * "git archive", especially when used with pathspec, stored an empty + directory in its output, even though Git itself never does so. + This has been fixed. + + * API error-proofing which happens to also squelch warnings from GCC. + + * "git gc" tries to avoid running two instances at the same time by + reading and writing pid/host from and to a lock file; it used to + use an incorrect fscanf() format when reading, which has been + corrected. + + * The test linter has been taught that we do not like "echo -e". + + * Code cmp.std.c nitpick. + + * "git describe --match" learned to take multiple patterns in v2.13 + series, but the feature ignored the patterns after the first one + and did not work at all. This has been fixed. + + * "git cat-file --textconv" started segfaulting recently, which + has been corrected. + + * The built-in pattern to detect the "function header" for HTML did + not match <H1>..<H6> elements without any attributes, which has + been fixed. + + * "git mailinfo" was loose in decoding quoted printable and produced + garbage when the two letters after the equal sign are not + hexadecimal. This has been fixed. + + * The documentation for '-X<option>' for merges was misleadingly + written to suggest that "-s theirs" exists, which is not the case. + + * Spell the name of our system as "Git" in the output from + request-pull script. + + * Fixes for a handful memory access issues identified by valgrind. + + * Backports a moral equivalent of 2015 fix to the poll emulation from + the upstream gnulib to fix occasional breakages on HPE NonStop. + + * In the "--format=..." option of the "git for-each-ref" command (and + its friends, i.e. the listing mode of "git branch/tag"), "%(atom:)" + (e.g. "%(refname:)", "%(body:)" used to error out. Instead, treat + them as if the colon and an empty string that follows it were not + there. + + * Users with "color.ui = always" in their configuration were broken + by a recent change that made plumbing commands to pay attention to + them as the patch created internally by "git add -p" were colored + (heh) and made unusable. This has been fixed. + + * "git branch -M a b" while on a branch that is completely unrelated + to either branch a or branch b misbehaved when multiple worktree + was in use. This has been fixed. + + * "git fast-export" with -M/-C option issued "copy" instruction on a + path that is simultaneously modified, which was incorrect. + + * The checkpoint command "git fast-import" did not flush updates to + refs and marks unless at least one object was created since the + last checkpoint, which has been corrected, as these things can + happen without any new object getting created. + + * The scripts to drive TravisCI has been reorganized and then an + optimization to avoid spending cycles on a branch whose tip is + tagged has been implemented. + + * "git fetch <there> <src>:<dst>" allows an object name on the <src> + side when the other side accepts such a request since Git v2.5, but + the documentation was left stale. + + * A regression in 2.11 that made the code to read the list of + alternate object stores overrun the end of the string has been + fixed. + +Also contains various documentation updates and code clean-ups. diff --git a/Documentation/RelNotes/2.14.4.txt b/Documentation/RelNotes/2.14.4.txt new file mode 100644 index 0000000000..97755a89d9 --- /dev/null +++ b/Documentation/RelNotes/2.14.4.txt @@ -0,0 +1,5 @@ +Git v2.14.4 Release Notes +========================= + +This release is to forward-port the fixes made in the v2.13.7 version +of Git. See its release notes for details. diff --git a/Documentation/RelNotes/2.14.5.txt b/Documentation/RelNotes/2.14.5.txt new file mode 100644 index 0000000000..130645fb29 --- /dev/null +++ b/Documentation/RelNotes/2.14.5.txt @@ -0,0 +1,16 @@ +Git v2.14.5 Release Notes +========================= + +This release is to address the recently reported CVE-2018-17456. + +Fixes since v2.14.4 +------------------- + + * Submodules' "URL"s come from the untrusted .gitmodules file, but + we blindly gave it to "git clone" to clone submodules when "git + clone --recurse-submodules" was used to clone a project that has + such a submodule. The code has been hardened to reject such + malformed URLs (e.g. one that begins with a dash). + +Credit for finding and fixing this vulnerability goes to joernchen +and Jeff King, respectively. diff --git a/Documentation/RelNotes/2.15.0.txt b/Documentation/RelNotes/2.15.0.txt new file mode 100644 index 0000000000..cdd761bcc2 --- /dev/null +++ b/Documentation/RelNotes/2.15.0.txt @@ -0,0 +1,508 @@ +Git 2.15 Release Notes +====================== + +Backward compatibility notes and other notable changes. + + * Use of an empty string as a pathspec element that is used for + 'everything matches' is still warned and Git asks users to use a + more explicit '.' for that instead. The hope is that existing + users will not mind this change, and eventually the warning can be + turned into a hard error, upgrading the deprecation into removal of + this (mis)feature. That is now scheduled to happen in Git v2.16, + the next major release after this one. + + * Git now avoids blindly falling back to ".git" when the setup + sequence said we are _not_ in Git repository. A corner case that + happens to work right now may be broken by a call to BUG(). + We've tried hard to locate such cases and fixed them, but there + might still be cases that need to be addressed--bug reports are + greatly appreciated. + + * "branch --set-upstream" that has been deprecated in Git 1.8 has + finally been retired. + + +Updates since v2.14 +------------------- + +UI, Workflows & Features + + * An example that is now obsolete has been removed from a sample hook, + and an old example in it that added a sign-off manually has been + improved to use the interpret-trailers command. + + * The advice message given when "git rebase" stops for conflicting + changes has been improved. + + * The "rerere-train" script (in contrib/) learned the "--overwrite" + option to allow overwriting existing recorded resolutions. + + * "git contacts" (in contrib/) now lists the address on the + "Reported-by:" trailer to its output, in addition to those on + S-o-b: and other trailers, to make it easier to notify (and thank) + the original bug reporter. + + * "git rebase", especially when it is run by mistake and ends up + trying to replay many changes, spent long time in silence. The + command has been taught to show progress report when it spends + long time preparing these many changes to replay (which would give + the user a chance to abort with ^C). + + * "git merge" learned a "--signoff" option to add the Signed-off-by: + trailer with the committer's name. + + * "git diff" learned to optionally paint new lines that are the same + as deleted lines elsewhere differently from genuinely new lines. + + * "git interpret-trailers" learned to take the trailer specifications + from the command line that overrides the configured values. + + * "git interpret-trailers" has been taught a "--parse" and a few + other options to make it easier for scripts to grab existing + trailer lines from a commit log message. + + * The "--format=%(trailers)" option "git log" and its friends take + learned to take the 'unfold' and 'only' modifiers to normalize its + output, e.g. "git log --format=%(trailers:only,unfold)". + + * "gitweb" shows a link to visit the 'raw' contents of blobs in the + history overview page. + + * "[gc] rerereResolved = 5.days" used to be invalid, as the variable + is defined to take an integer counting the number of days. It now + is allowed. + + * The code to acquire a lock on a reference (e.g. while accepting a + push from a client) used to immediately fail when the reference is + already locked---now it waits for a very short while and retries, + which can make it succeed if the lock holder was holding it during + a read-only operation. + + * "branch --set-upstream" that has been deprecated in Git 1.8 has + finally been retired. + + * The codepath to call external process filter for smudge/clean + operation learned to show the progress meter. + + * "git rev-parse" learned "--is-shallow-repository", that is to be + used in a way similar to existing "--is-bare-repository" and + friends. + + * "git describe --match <pattern>" has been taught to play well with + the "--all" option. + + * "git branch" learned "-c/-C" to create a new branch by copying an + existing one. + + * Some commands (most notably "git status") makes an opportunistic + update when performing a read-only operation to help optimize later + operations in the same repository. The new "--no-optional-locks" + option can be passed to Git to disable them. + + * "git for-each-ref --format=..." learned a new format element, + %(trailers), to show only the commit log trailer part of the log + message. + + +Performance, Internal Implementation, Development Support etc. + + * Conversion from uchar[20] to struct object_id continues. + + * Start using selected c99 constructs in small, stable and + essential part of the system to catch people who care about + older compilers that do not grok them. + + * The filter-process interface learned to allow a process with long + latency give a "delayed" response. + + * Many uses of comparison callback function the hashmap API uses + cast the callback function type when registering it to + hashmap_init(), which defeats the compile time type checking when + the callback interface changes (e.g. gaining more parameters). + The callback implementations have been updated to take "void *" + pointers and cast them to the type they expect instead. + + * Because recent Git for Windows do come with a real msgfmt, the + build procedure for git-gui has been updated to use it instead of a + hand-rolled substitute. + + * "git grep --recurse-submodules" has been reworked to give a more + consistent output across submodule boundary (and do its thing + without having to fork a separate process). + + * A helper function to read a single whole line into strbuf + mistakenly triggered OOM error at EOF under certain conditions, + which has been fixed. + + * The "ref-store" code reorganization continues. + + * "git commit" used to discard the index and re-read from the filesystem + just in case the pre-commit hook has updated it in the middle; this + has been optimized out when we know we do not run the pre-commit hook. + (merge 680ee550d7 kw/commit-keep-index-when-pre-commit-is-not-run later to maint). + + * Updates to the HTTP layer we made recently unconditionally used + features of libCurl without checking the existence of them, causing + compilation errors, which has been fixed. Also migrate the code to + check feature macros, not version numbers, to cope better with + libCurl that vendor ships with backported features. + + * The API to start showing progress meter after a short delay has + been simplified. + (merge 8aade107dd jc/simplify-progress later to maint). + + * Code clean-up to avoid mixing values read from the .gitmodules file + and values read from the .git/config file. + + * We used to spend more than necessary cycles allocating and freeing + piece of memory while writing each index entry out. This has been + optimized. + + * Platforms that ship with a separate sha1 with collision detection + library can link to it instead of using the copy we ship as part of + our source tree. + + * Code around "notes" have been cleaned up. + (merge 3964281524 mh/notes-cleanup later to maint). + + * The long-standing rule that an in-core lockfile instance, once it + is used, must not be freed, has been lifted and the lockfile and + tempfile APIs have been updated to reduce the chance of programming + errors. + + * Our hashmap implementation in hashmap.[ch] is not thread-safe when + adding a new item needs to expand the hashtable by rehashing; add + an API to disable the automatic rehashing to work it around. + + * Many of our programs consider that it is OK to release dynamic + storage that is used throughout the life of the program by simply + exiting, but this makes it harder to leak detection tools to avoid + reporting false positives. Plug many existing leaks and introduce + a mechanism for developers to mark that the region of memory + pointed by a pointer is not lost/leaking to help these tools. + + * As "git commit" to conclude a conflicted "git merge" honors the + commit-msg hook, "git merge" that records a merge commit that + cleanly auto-merges should, but it didn't. + + * The codepath for "git merge-recursive" has been cleaned up. + + * Many leaks of strbuf have been fixed. + + * "git imap-send" has our own implementation of the protocol and also + can use more recent libCurl with the imap protocol support. Update + the latter so that it can use the credential subsystem, and then + make it the default option to use, so that we can eventually + deprecate and remove the former. + + * "make style" runs git-clang-format to help developers by pointing + out coding style issues. + + * A test to demonstrate "git mv" failing to adjust nested submodules + has been added. + (merge c514167df2 hv/mv-nested-submodules-test later to maint). + + * On Cygwin, "ulimit -s" does not report failure but it does not work + at all, which causes an unexpected success of some tests that + expect failures under a limited stack situation. This has been + fixed. + + * Many codepaths have been updated to squelch -Wimplicit-fallthrough + warnings from Gcc 7 (which is a good code hygiene). + + * Add a helper for DLL loading in anticipation for its need in a + future topic RSN. + + * "git status --ignored", when noticing that a directory without any + tracked path is ignored, still enumerated all the ignored paths in + the directory, which is unnecessary. The codepath has been + optimized to avoid this overhead. + + * The final batch to "git rebase -i" updates to move more code from + the shell script to C has been merged. + + * Operations that do not touch (majority of) packed refs have been + optimized by making accesses to packed-refs file lazy; we no longer + pre-parse everything, and an access to a single ref in the + packed-refs does not touch majority of irrelevant refs, either. + + * Add comment to clarify that the style file is meant to be used with + clang-5 and the rules are still work in progress. + + * Many variables that points at a region of memory that will live + throughout the life of the program have been marked with UNLEAK + marker to help the leak checkers concentrate on real leaks.. + + * Plans for weaning us off of SHA-1 has been documented. + + * A new "oidmap" API has been introduced and oidset API has been + rewritten to use it. + + +Also contains various documentation updates and code clean-ups. + + +Fixes since v2.14 +----------------- + + * "%C(color name)" in the pretty print format always produced ANSI + color escape codes, which was an early design mistake. They now + honor the configuration (e.g. "color.ui = never") and also tty-ness + of the output medium. + + * The http.{sslkey,sslCert} configuration variables are to be + interpreted as a pathname that honors "~[username]/" prefix, but + weren't, which has been fixed. + + * Numerous bugs in walking of reflogs via "log -g" and friends have + been fixed. + + * "git commit" when seeing an totally empty message said "you did not + edit the message", which is clearly wrong. The message has been + corrected. + + * When a directory is not readable, "gitweb" fails to build the + project list. Work this around by skipping such a directory. + + * Some versions of GnuPG fails to kill gpg-agent it auto-spawned + and such a left-over agent can interfere with a test. Work it + around by attempting to kill one before starting a new test. + + * A recently added test for the "credential-cache" helper revealed + that EOF detection done around the time the connection to the cache + daemon is torn down were flaky. This was fixed by reacting to + ECONNRESET and behaving as if we got an EOF. + + * "git log --tag=no-such-tag" showed log starting from HEAD, which + has been fixed---it now shows nothing. + + * The "tag.pager" configuration variable was useless for those who + actually create tag objects, as it interfered with the use of an + editor. A new mechanism has been introduced for commands to enable + pager depending on what operation is being carried out to fix this, + and then "git tag -l" is made to run pager by default. + + * "git push --recurse-submodules $there HEAD:$target" was not + propagated down to the submodules, but now it is. + + * Commands like "git rebase" accepted the --rerere-autoupdate option + from the command line, but did not always use it. This has been + fixed. + + * "git clone --recurse-submodules --quiet" did not pass the quiet + option down to submodules. + + * Test portability fix for OBSD. + + * Portability fix for OBSD. + + * "git am -s" has been taught that some input may end with a trailer + block that is not Signed-off-by: and it should refrain from adding + an extra blank line before adding a new sign-off in such a case. + + * "git svn" used with "--localtime" option did not compute the tz + offset for the timestamp in question and instead always used the + current time, which has been corrected. + + * Memory leak in an error codepath has been plugged. + + * "git stash -u" used the contents of the committed version of the + ".gitignore" file to decide which paths are ignored, even when the + file has local changes. The command has been taught to instead use + the locally modified contents. + + * bash 4.4 or newer gave a warning on NUL byte in command + substitution done in "git stash"; this has been squelched. + + * "git grep -L" and "git grep --quiet -L" reported different exit + codes; this has been corrected. + + * When handshake with a subprocess filter notices that the process + asked for an unknown capability, Git did not report what program + the offending subprocess was running. This has been corrected. + + * "git apply" that is used as a better "patch -p1" failed to apply a + taken from a file with CRLF line endings to a file with CRLF line + endings. The root cause was because it misused convert_to_git() + that tried to do "safe-crlf" processing by looking at the index + entry at the same path, which is a nonsense---in that mode, "apply" + is not working on the data in (or derived from) the index at all. + This has been fixed. + + * Killing "git merge --edit" before the editor returns control left + the repository in a state with MERGE_MSG but without MERGE_HEAD, + which incorrectly tells the subsequent "git commit" that there was + a squash merge in progress. This has been fixed. + + * "git archive" did not work well with pathspecs and the + export-ignore attribute. + + * In addition to "cc: <a@dd.re.ss> # cruft", "cc: a@dd.re.ss # cruft" + was taught to "git send-email" as a valid way to tell it that it + needs to also send a carbon copy to <a@dd.re.ss> in the trailer + section. + + * "git branch -M a b" while on a branch that is completely unrelated + to either branch a or branch b misbehaved when multiple worktree + was in use. This has been fixed. + (merge 31824d180d nd/worktree-kill-parse-ref later to maint). + + * "git gc" and friends when multiple worktrees are used off of a + single repository did not consider the index and per-worktree refs + of other worktrees as the root for reachability traversal, making + objects that are in use only in other worktrees to be subject to + garbage collection. + + * A regression to "gitk --bisect" by a recent update has been fixed. + + * "git -c submodule.recurse=yes pull" did not work as if the + "--recurse-submodules" option was given from the command line. + This has been corrected. + + * Unlike "git commit-tree < file", "git commit-tree -F file" did not + pass the contents of the file verbatim and instead completed an + incomplete line at the end, if exists. The latter has been updated + to match the behaviour of the former. + + * Many codepaths did not diagnose write failures correctly when disks + go full, due to their misuse of write_in_full() helper function, + which have been corrected. + (merge f48ecd38cb jk/write-in-full-fix later to maint). + + * "git help co" now says "co is aliased to ...", not "git co is". + (merge b3a8076e0d ks/help-alias-label later to maint). + + * "git archive", especially when used with pathspec, stored an empty + directory in its output, even though Git itself never does so. + This has been fixed. + + * API error-proofing which happens to also squelch warnings from GCC. + + * The explanation of the cut-line in the commit log editor has been + slightly tweaked. + (merge 8c4b1a3593 ks/commit-do-not-touch-cut-line later to maint). + + * "git gc" tries to avoid running two instances at the same time by + reading and writing pid/host from and to a lock file; it used to + use an incorrect fscanf() format when reading, which has been + corrected. + + * The scripts to drive TravisCI has been reorganized and then an + optimization to avoid spending cycles on a branch whose tip is + tagged has been implemented. + (merge 8376eb4a8f ls/travis-scriptify later to maint). + + * The test linter has been taught that we do not like "echo -e". + + * Code cmp.std.c nitpick. + + * A regression fix for 2.11 that made the code to read the list of + alternate object stores overrun the end of the string. + (merge f0f7bebef7 jk/info-alternates-fix later to maint). + + * "git describe --match" learned to take multiple patterns in v2.13 + series, but the feature ignored the patterns after the first one + and did not work at all. This has been fixed. + + * "git filter-branch" cannot reproduce a history with a tag without + the tagger field, which only ancient versions of Git allowed to be + created. This has been corrected. + (merge b2c1ca6b4b ic/fix-filter-branch-to-handle-tag-without-tagger later to maint). + + * "git cat-file --textconv" started segfaulting recently, which + has been corrected. + + * The built-in pattern to detect the "function header" for HTML did + not match <H1>..<H6> elements without any attributes, which has + been fixed. + + * "git mailinfo" was loose in decoding quoted printable and produced + garbage when the two letters after the equal sign are not + hexadecimal. This has been fixed. + + * The machinery to create xdelta used in pack files received the + sizes of the data in size_t, but lost the higher bits of them by + storing them in "unsigned int" during the computation, which is + fixed. + + * The delta format used in the packfile cannot reference data at + offset larger than what can be expressed in 4-byte, but the + generator for the data failed to make sure the offset does not + overflow. This has been corrected. + + * The documentation for '-X<option>' for merges was misleadingly + written to suggest that "-s theirs" exists, which is not the case. + + * "git fast-export" with -M/-C option issued "copy" instruction on a + path that is simultaneously modified, which was incorrect. + (merge b3e8ca89cf jt/fast-export-copy-modify-fix later to maint). + + * Many codepaths have been updated to squelch -Wsign-compare + warnings. + (merge 071bcaab64 rj/no-sign-compare later to maint). + + * Memory leaks in various codepaths have been plugged. + (merge 4d01a7fa65 ma/leakplugs later to maint). + + * Recent versions of "git rev-parse --parseopt" did not parse the + option specification that does not have the optional flags (*=?!) + correctly, which has been corrected. + (merge a6304fa4c2 bc/rev-parse-parseopt-fix later to maint). + + * The checkpoint command "git fast-import" did not flush updates to + refs and marks unless at least one object was created since the + last checkpoint, which has been corrected, as these things can + happen without any new object getting created. + (merge 30e215a65c er/fast-import-dump-refs-on-checkpoint later to maint). + + * Spell the name of our system as "Git" in the output from + request-pull script. + + * Fixes for a handful memory access issues identified by valgrind. + + * Backports a moral equivalent of 2015 fix to the poll() emulation + from the upstream gnulib to fix occasional breakages on HPE NonStop. + + * Users with "color.ui = always" in their configuration were broken + by a recent change that made plumbing commands to pay attention to + them as the patch created internally by "git add -p" were colored + (heh) and made unusable. This has been fixed by reverting the + offending change. + + * In the "--format=..." option of the "git for-each-ref" command (and + its friends, i.e. the listing mode of "git branch/tag"), "%(atom:)" + (e.g. "%(refname:)", "%(body:)" used to error out. Instead, treat + them as if the colon and an empty string that follows it were not + there. + + * An ancient bug that made Git misbehave with creation/renaming of + refs has been fixed. + + * "git fetch <there> <src>:<dst>" allows an object name on the <src> + side when the other side accepts such a request since Git v2.5, but + the documentation was left stale. + (merge 83558a412a jc/fetch-refspec-doc-update later to maint). + + * Update the documentation for "git filter-branch" so that the filter + options are listed in the same order as they are applied, as + described in an earlier part of the doc. + (merge 07c4984508 dg/filter-branch-filter-order-doc later to maint). + + * A possible oom error is now caught as a fatal error, instead of + continuing and dereferencing NULL. + (merge 55d7d15847 ao/path-use-xmalloc later to maint). + + * Other minor doc, test and build updates and code cleanups. + (merge f094b89a4d ma/parse-maybe-bool later to maint). + (merge 6cdf8a7929 ma/ts-cleanups later to maint). + (merge 7560f547e6 ma/up-to-date later to maint). + (merge 0db3dc75f3 rs/apply-epoch later to maint). + (merge 276d0e35c0 ma/split-symref-update-fix later to maint). + (merge f777623514 ks/branch-tweak-error-message-for-extra-args later to maint). + (merge 33f3c683ec ks/verify-filename-non-option-error-message-tweak later to maint). + (merge 7cbbf9d6a2 ls/filter-process-delayed later to maint). + (merge 488aa65c8f wk/merge-options-gpg-sign-doc later to maint). + (merge e61cb19a27 jc/branch-force-doc-readability-fix later to maint). + (merge 32fceba3fd np/config-path-doc later to maint). + (merge e38c681fb7 sb/rev-parse-show-superproject-root later to maint). + (merge 4f851dc883 sg/rev-list-doc-reorder-fix later to maint). diff --git a/Documentation/RelNotes/2.15.1.txt b/Documentation/RelNotes/2.15.1.txt new file mode 100644 index 0000000000..ec06704e63 --- /dev/null +++ b/Documentation/RelNotes/2.15.1.txt @@ -0,0 +1,88 @@ +Git v2.15.1 Release Notes +========================= + +Fixes since v2.15 +----------------- + + * TravisCI build updates. + + * "auto" as a value for the columnar output configuration ought to + judge "is the output consumed by humans?" with the same criteria as + "auto" for coloured output configuration, i.e. either the standard + output stream is going to tty, or a pager is in use. We forgot the + latter, which has been fixed. + + * The experimental "color moved lines differently in diff output" + feature was buggy around "ignore whitespace changes" edges, which + has been corrected. + + * Instead of using custom line comparison and hashing functions to + implement "moved lines" coloring in the diff output, use the pair + of these functions from lower-layer xdiff/ code. + + * Some codepaths did not check for errors when asking what branch the + HEAD points at, which have been fixed. + + * "git commit", after making a commit, did not check for errors when + asking on what branch it made the commit, which has been corrected. + + * "git status --ignored -u" did not stop at a working tree of a + separate project that is embedded in an ignored directory and + listed files in that other project, instead of just showing the + directory itself as ignored. + + * A broken access to object databases in recent update to "git grep + --recurse-submodules" has been fixed. + + * A recent regression in "git rebase -i" that broke execution of git + commands from subdirectories via "exec" instruction has been fixed. + + * "git check-ref-format --branch @{-1}" bit a "BUG()" when run + outside a repository for obvious reasons; clarify the documentation + and make sure we do not even try to expand the at-mark magic in + such a case, but still call the validation logic for branch names. + + * Command line completion (in contrib/) update. + + * Description of blame.{showroot,blankboundary,showemail,date} + configuration variables have been added to "git config --help". + + * After an error from lstat(), diff_populate_filespec() function + sometimes still went ahead and used invalid data in struct stat, + which has been fixed. + + * UNC paths are also relevant in Cygwin builds and they are now + tested just like Mingw builds. + + * Correct start-up sequence so that a repository could be placed + immediately under the root directory again (which was broken at + around Git 2.13). + + * The credential helper for libsecret (in contrib/) has been improved + to allow possibly prompting the end user to unlock secrets that are + currently locked (otherwise the secrets may not be loaded). + + * Updates from GfW project. + + * "git rebase -i" recently started misbehaving when a submodule that + is configured with 'submodule.<name>.ignore' is dirty; this has + been corrected. + + * Some error messages did not quote filenames shown in it, which have + been fixed. + + * Building with NO_LIBPCRE1_JIT did not disable it, which has been fixed. + + * We used to add an empty alternate object database to the system + that does not help anything; it has been corrected. + + * Error checking in "git imap-send" for empty response has been + improved. + + * An ancient bug in "git apply --ignore-space-change" codepath has + been fixed. + + * There was a recent semantic mismerge in the codepath to write out a + section of a configuration section, which has been corrected. + +Also contains various documentation updates and code clean-ups. diff --git a/Documentation/RelNotes/2.15.2.txt b/Documentation/RelNotes/2.15.2.txt new file mode 100644 index 0000000000..b480e56b68 --- /dev/null +++ b/Documentation/RelNotes/2.15.2.txt @@ -0,0 +1,50 @@ +Git v2.15.2 Release Notes +========================= + +Fixes since v2.15.1 +------------------- + + * Recent update to the refs infrastructure implementation started + rewriting packed-refs file more often than before; this has been + optimized again for most trivial cases. + + * The SubmittingPatches document has been converted to produce an + HTML version via AsciiDoc/Asciidoctor. + + * Contrary to the documentation, "git pull -4/-6 other-args" did not + ask the underlying "git fetch" to go over IPv4/IPv6, which has been + corrected. + + * When "git rebase" prepared an mailbox of changes and fed it to "git + am" to replay them, it was confused when a stray "From " happened + to be in the log message of one of the replayed changes. This has + been corrected. + + * Command line completion (in contrib/) has been taught about the + "--copy" option of "git branch". + + * "git apply --inaccurate-eof" when used with "--ignore-space-change" + triggered an internal sanity check, which has been fixed. + + * The sequencer machinery (used by "git cherry-pick A..B", and "git + rebase -i", among other things) would have lost a commit if stopped + due to an unlockable index file, which has been fixed. + + * The three-way merge performed by "git cherry-pick" was confused + when a new submodule was added in the meantime, which has been + fixed (or "papered over"). + + * "git notes" sent its error message to its standard output stream, + which was corrected. + + * A few scripts (both in production and tests) incorrectly redirected + their error output. These have been corrected. + + * Clarify and enhance documentation for "merge-base --fork-point", as + it was clear what it computed but not why/what for. + + * This release also contains the fixes made in the v2.13.7 version of + Git. See its release notes for details. + + +Also contains various documentation updates and code clean-ups. diff --git a/Documentation/RelNotes/2.15.3.txt b/Documentation/RelNotes/2.15.3.txt new file mode 100644 index 0000000000..fd2e6f8df7 --- /dev/null +++ b/Documentation/RelNotes/2.15.3.txt @@ -0,0 +1,6 @@ +Git v2.15.3 Release Notes +========================= + +This release merges up the fixes that appear in v2.14.5 to address +the recently reported CVE-2018-17456; see the release notes for that +version for details. diff --git a/Documentation/RelNotes/2.16.0.txt b/Documentation/RelNotes/2.16.0.txt new file mode 100644 index 0000000000..0c81c5915f --- /dev/null +++ b/Documentation/RelNotes/2.16.0.txt @@ -0,0 +1,482 @@ +Git 2.16 Release Notes +====================== + +Backward compatibility notes and other notable changes. + + * Use of an empty string as a pathspec element that is used for + 'everything matches' is now an error. + + +Updates since v2.15 +------------------- + +UI, Workflows & Features + + * An empty string as a pathspec element that means "everything" + i.e. 'git add ""', is now illegal. We started this by first + deprecating and warning a pathspec that has such an element in + 2.11 (Nov 2016). + + * A hook script that is set unexecutable is simply ignored. Git + notifies when such a file is ignored, unless the message is + squelched via advice.ignoredHook configuration. + + * "git pull" has been taught to accept "--[no-]signoff" option and + pass it down to "git merge". + + * The "--push-option=<string>" option to "git push" now defaults to a + list of strings configured via push.pushOption variable. + + * "gitweb" checks if a directory is searchable with Perl's "-x" + operator, which can be enhanced by using "filetest 'access'" + pragma, which now we do. + + * "git stash save" has been deprecated in favour of "git stash push". + + * The set of paths output from "git status --ignored" was tied + closely with its "--untracked=<mode>" option, but now it can be + controlled more flexibly. Most notably, a directory that is + ignored because it is listed to be ignored in the ignore/exclude + mechanism can be handled differently from a directory that ends up + to be ignored only because all files in it are ignored. + + * The remote-helper for talking to MediaWiki has been updated to + truncate an overlong pagename so that ".mw" suffix can still be + added. + + * The remote-helper for talking to MediaWiki has been updated to + work with mediawiki namespaces. + + * The "--format=..." option "git for-each-ref" takes learned to show + the name of the 'remote' repository and the ref at the remote side + that is affected for 'upstream' and 'push' via "%(push:remotename)" + and friends. + + * Doc and message updates to teach users "bisect view" is a synonym + for "bisect visualize". + + * "git bisect run" that did not specify any command to run used to go + ahead and treated all commits to be tested as 'good'. This has + been corrected by making the command error out. + + * The SubmittingPatches document has been converted to produce an + HTML version via AsciiDoc/Asciidoctor. + + * We learned to optionally talk to a file system monitor via new + fsmonitor extension to speed up "git status" and other operations + that need to see which paths have been modified. Currently we only + support "watchman". See File System Monitor section of + git-update-index(1) for more detail. + + * The "diff" family of commands learned to ignore differences in + carriage return at the end of line. + + * Places that know about "sendemail.to", like documentation and shell + completion (in contrib/) have been taught about "sendemail.tocmd", + too. + + * "git add --renormalize ." is a new and safer way to record the fact + that you are correcting the end-of-line convention and other + "convert_to_git()" glitches in the in-repository data. + + * "git branch" and "git checkout -b" are now forbidden from creating + a branch whose name is "HEAD". + + * "git branch --list" learned to show its output through the pager by + default when the output is going to a terminal, which is controlled + by the pager.branch configuration variable. This is similar to a + recent change to "git tag --list". + + * "git grep -W", "git diff -W" and their friends learned a heuristic + to extend a pre-context beyond the line that matches the "function + pattern" (aka "diff.*.xfuncname") to include a comment block, if + exists, that immediately precedes it. + + * "git config --expiry-date gc.reflogexpire" can read "2.weeks" from + the configuration and report it as a timestamp, just like "--int" + would read "1k" and report 1024, to help consumption by scripts. + + * The shell completion (in contrib/) learned that "git pull" can take + the "--autostash" option. + + * The tagnames "git log --decorate" uses to annotate the commits can + now be limited to subset of available refs with the two additional + options, --decorate-refs[-exclude]=<pattern>. + + * "git grep" compiled with libpcre2 sometimes triggered a segfault, + which is being fixed. + + * "git send-email" tries to see if the sendmail program is available + in /usr/lib and /usr/sbin; extend the list of locations to be + checked to also include directories on $PATH. + + * "git diff" learned, "--anchored", a variant of the "--patience" + algorithm, to which the user can specify which 'unique' line to be + used as anchoring points. + + * The way "git worktree add" determines what branch to create from + where and checkout in the new worktree has been updated a bit. + + * Ancient part of codebase still shows dots after an abbreviated + object name just to show that it is not a full object name, but + these ellipses are confusing to people who newly discovered Git + who are used to seeing abbreviated object names and find them + confusing with the range syntax. + + * With a configuration variable rebase.abbreviateCommands set, + "git rebase -i" produces the todo list with a single-letter + command names. + + * "git worktree add" learned to run the post-checkout hook, just like + "git checkout" does, after the initial checkout. + + * "git svn" has been updated to strip CRs in the commit messages, as + recent versions of Subversion rejects them. + + * "git imap-send" did not correctly quote the folder name when + making a request to the server, which has been corrected. + + * Error messages from "git rebase" have been somewhat cleaned up. + + * Git has been taught to support an https:// URL used for http.proxy + when using recent versions of libcurl. + + * "git merge" learned to pay attention to merge.verifySignatures + configuration variable and pretend as if '--verify-signatures' + option was given from the command line. + + * "git describe" was taught to dig trees deeper to find a + <commit-ish>:<path> that refers to a given blob object. + + +Performance, Internal Implementation, Development Support etc. + + * An earlier update made it possible to use an on-stack in-core + lockfile structure (as opposed to having to deliberately leak an + on-heap one). Many codepaths have been updated to take advantage + of this new facility. + + * Calling cmd_foo() as if it is a general purpose helper function is + a no-no. Correct two instances of such to set an example. + + * We try to see if somebody runs our test suite with a shell that + does not support "local" like bash/dash does. + + * An early part of piece-by-piece rewrite of "git bisect" in C. + + * GSoC to piece-by-piece rewrite "git submodule" in C. + + * Optimize the code to find shortest unique prefix of object names. + + * Pathspec-limited revision traversal was taught not to keep finding + unneeded differences once it knows two trees are different inside + given pathspec. + + * Conversion from uchar[20] to struct object_id continues. + + * Code cleanup. + + * A single-word "unsigned flags" in the diff options is being split + into a structure with many bitfields. + + * TravisCI build updates. + + * Parts of a test to drive the long-running content filter interface + has been split into its own module, hopefully to eventually become + reusable. + + * Drop (perhaps overly cautious) sanity check before using the index + read from the filesystem at runtime. + + * The build procedure has been taught to avoid some unnecessary + instability in the build products. + + * A new mechanism to upgrade the wire protocol in place is proposed + and demonstrated that it works with the older versions of Git + without harming them. + + * An infrastructure to define what hash function is used in Git is + introduced, and an effort to plumb that throughout various + codepaths has been started. + + * The code to iterate over loose object files got optimized. + + * An internal function that was left for backward compatibility has + been removed, as there is no remaining callers. + + * Historically, the diff machinery for rename detection had a + hardcoded limit of 32k paths; this is being lifted to allow users + trade cycles with a (possibly) easier to read result. + + * The tracing infrastructure has been optimized for cases where no + tracing is requested. + + * In preparation for implementing narrow/partial clone, the object + walking machinery has been taught a way to tell it to "filter" some + objects from enumeration. + + * A few structures and variables that are implementation details of + the decorate API have been renamed and then the API got documented + better. + + * Assorted updates for TravisCI integration. + (merge 4f26366679 sg/travis-fixes later to maint). + + * Introduce a helper to simplify code to parse a common pattern that + expects either "--key" or "--key=<something>". + + * "git version --build-options" learned to report the host CPU and + the exact commit object name the binary was built from. + +Also contains various documentation updates and code clean-ups. + + +Fixes since v2.15 +----------------- + + * "auto" as a value for the columnar output configuration ought to + judge "is the output consumed by humans?" with the same criteria as + "auto" for coloured output configuration, i.e. either the standard + output stream is going to tty, or a pager is in use. We forgot the + latter, which has been fixed. + + * The experimental "color moved lines differently in diff output" + feature was buggy around "ignore whitespace changes" edges, which + has been corrected. + + * Instead of using custom line comparison and hashing functions to + implement "moved lines" coloring in the diff output, use the pair + of these functions from lower-layer xdiff/ code. + + * Some codepaths did not check for errors when asking what branch the + HEAD points at, which have been fixed. + + * "git commit", after making a commit, did not check for errors when + asking on what branch it made the commit, which has been corrected. + + * "git status --ignored -u" did not stop at a working tree of a + separate project that is embedded in an ignored directory and + listed files in that other project, instead of just showing the + directory itself as ignored. + + * A broken access to object databases in recent update to "git grep + --recurse-submodules" has been fixed. + + * A recent regression in "git rebase -i" that broke execution of git + commands from subdirectories via "exec" instruction has been fixed. + + * A (possibly flakey) test fix. + + * "git check-ref-format --branch @{-1}" bit a "BUG()" when run + outside a repository for obvious reasons; clarify the documentation + and make sure we do not even try to expand the at-mark magic in + such a case, but still call the validation logic for branch names. + + * "git fetch --recurse-submodules" now knows that submodules can be + moved around in the superproject in addition to getting updated, + and finds the ones that need to be fetched accordingly. + + * Command line completion (in contrib/) update. + + * Description of blame.{showroot,blankboundary,showemail,date} + configuration variables have been added to "git config --help". + + * After an error from lstat(), diff_populate_filespec() function + sometimes still went ahead and used invalid data in struct stat, + which has been fixed. + + * UNC paths are also relevant in Cygwin builds and they are now + tested just like Mingw builds. + + * Correct start-up sequence so that a repository could be placed + immediately under the root directory again (which was broken at + around Git 2.13). + + * The credential helper for libsecret (in contrib/) has been improved + to allow possibly prompting the end user to unlock secrets that are + currently locked (otherwise the secrets may not be loaded). + + * MinGW updates. + + * Error checking in "git imap-send" for empty response has been + improved. + + * Recent update to the refs infrastructure implementation started + rewriting packed-refs file more often than before; this has been + optimized again for most trivial cases. + + * Some error messages did not quote filenames shown in it, which have + been fixed. + + * "git rebase -i" recently started misbehaving when a submodule that + is configured with 'submodule.<name>.ignore' is dirty; this has + been corrected. + + * Building with NO_LIBPCRE1_JIT did not disable it, which has been fixed. + + * We used to add an empty alternate object database to the system + that does not help anything; it has been corrected. + + * Doc update around use of "format-patch --subject-prefix" etc. + + * A fix for an ancient bug in "git apply --ignore-space-change" codepath. + + * Clarify and enhance documentation for "merge-base --fork-point", as + it was clear what it computed but not why/what for. + + * A few scripts (both in production and tests) incorrectly redirected + their error output. These have been corrected. + + * "git notes" sent its error message to its standard output stream, + which was corrected. + + * The three-way merge performed by "git cherry-pick" was confused + when a new submodule was added in the meantime, which has been + fixed (or "papered over"). + + * The sequencer machinery (used by "git cherry-pick A..B", and "git + rebase -i", among other things) would have lost a commit if stopped + due to an unlockable index file, which has been fixed. + + * "git apply --inaccurate-eof" when used with "--ignore-space-change" + triggered an internal sanity check, which has been fixed. + + * Command line completion (in contrib/) has been taught about the + "--copy" option of "git branch". + + * When "git rebase" prepared a mailbox of changes and fed it to "git + am" to replay them, it was confused when a stray "From " happened + to be in the log message of one of the replayed changes. This has + been corrected. + + * There was a recent semantic mismerge in the codepath to write out a + section of a configuration section, which has been corrected. + + * Mentions of "git-rebase" and "git-am" (dashed form) still remained + in end-user visible strings emitted by the "git rebase" command; + they have been corrected. + + * Contrary to the documentation, "git pull -4/-6 other-args" did not + ask the underlying "git fetch" to go over IPv4/IPv6, which has been + corrected. + + * "git checkout --recursive" may overwrite and rewind the history of + the branch that happens to be checked out in submodule + repositories, which might not be desirable. Detach the HEAD but + still allow the recursive checkout to succeed in such a case. + (merge 57f22bf997 sb/submodule-recursive-checkout-detach-head later to maint). + + * "git branch --set-upstream" has been deprecated and (sort of) + removed, as "--set-upstream-to" is the preferred one these days. + The documentation still had "--set-upstream" listed on its + synopsis section, which has been corrected. + (merge a060f3d3d8 tz/branch-doc-remove-set-upstream later to maint). + + * Internally we use 0{40} as a placeholder object name to signal the + codepath that there is no such object (e.g. the fast-forward check + while "git fetch" stores a new remote-tracking ref says "we know + there is no 'old' thing pointed at by the ref, as we are creating + it anew" by passing 0{40} for the 'old' side), and expect that a + codepath to locate an in-core object to return NULL as a sign that + the object does not exist. A look-up for an object that does not + exist however is quite costly with a repository with large number + of packfiles. This access pattern has been optimized. + (merge 87b5e236a1 jk/fewer-pack-rescan later to maint). + + * In addition to "git stash -m message", the command learned to + accept "git stash -mmessage" form. + (merge 5675473fcb ph/stash-save-m-option-fix later to maint). + + * @{-N} in "git checkout @{-N}" may refer to a detached HEAD state, + but the documentation was not clear about it, which has been fixed. + (merge 75ce149575 ks/doc-checkout-previous later to maint). + + * A regression in the progress eye-candy was fixed. + (merge 9c5951cacf jk/progress-delay-fix later to maint). + + * The code internal to the recursive merge strategy was not fully + prepared to see a path that is renamed to try overwriting another + path that is only different in case on case insensitive systems. + This does not matter in the current code, but will start to matter + once the rename detection logic starts taking hints from nearby + paths moving to some directory and moves a new path along with them. + (merge 4cba2b0108 en/merge-recursive-icase-removal later to maint). + + * An v2.12-era regression in pathspec match logic, which made it look + into submodule tree even when it is not desired, has been fixed. + (merge eef3df5a93 bw/pathspec-match-submodule-boundary later to maint). + + * Amending commits in git-gui broke the author name that is non-ascii + due to incorrect enconding conversion. + + * Recent update to the submodule configuration code broke "diff-tree" + by accidentally stopping to read from the index upfront. + (merge fd66bcc31f bw/submodule-config-cleanup later to maint). + + * Git shows a message to tell the user that it is waiting for the + user to finish editing when spawning an editor, in case the editor + opens to a hidden window or somewhere obscure and the user gets + lost. + (merge abfb04d0c7 ls/editor-waiting-message later to maint). + + * The "safe crlf" check incorrectly triggered for contents that does + not use CRLF as line endings, which has been corrected. + (merge 649f1f0948 tb/check-crlf-for-safe-crlf later to maint). + + * "git clone --shared" to borrow from a (secondary) worktree did not + work, even though "git clone --local" did. Both are now accepted. + (merge b3b05971c1 es/clone-shared-worktree later to maint). + + * The build procedure now allows not just the repositories but also + the refs to be used to take pre-formatted manpages and html + documents to install. + (merge 65289e9dcd rb/quick-install-doc later to maint). + + * Update the shell prompt script (in contrib/) to strip trailing CR + from strings read from various "state" files. + (merge 041fe8fc83 ra/prompt-eread-fix later to maint). + + * "git merge -s recursive" did not correctly abort when the index is + dirty, if the merged tree happened to be the same as the current + HEAD, which has been fixed. + + * Bytes with high-bit set were encoded incorrectly and made + credential helper fail. + (merge 4c267f2ae3 jd/fix-strbuf-add-urlencode-bytes later to maint). + + * "git rebase -p -X<option>" did not propagate the option properly + down to underlying merge strategy backend. + (merge dd6fb0053c js/fix-merge-arg-quoting-in-rebase-p later to maint). + + * "git merge -s recursive" did not correctly abort when the index is + dirty, if the merged tree happened to be the same as the current + HEAD, which has been fixed. + (merge f309e8e768 ew/empty-merge-with-dirty-index-maint later to maint). + + * Other minor doc, test and build updates and code cleanups. + (merge 1a1fc2d5b5 rd/man-prune-progress later to maint). + (merge 0ba014035a rd/man-reflog-add-n later to maint). + (merge e54b63359f rd/doc-notes-prune-fix later to maint). + (merge ff4c9b413a sp/doc-info-attributes later to maint). + (merge 7db2cbf4f1 jc/receive-pack-hook-doc later to maint). + (merge 5a0526264b tg/t-readme-updates later to maint). + (merge 5e83cca0b8 jk/no-optional-locks later to maint). + (merge 826c778f7c js/hashmap-update-sample later to maint). + (merge 176b2d328c sg/setup-doc-update later to maint). + (merge 1b09073514 rs/am-builtin-leakfix later to maint). + (merge addcf6cfde rs/fmt-merge-msg-string-leak-fix later to maint). + (merge c3ff8f6c14 rs/strbuf-read-once-reset-length later to maint). + (merge 6b0eb884f9 db/doc-workflows-neuter-the-maintainer later to maint). + (merge 8c87bdfb21 jk/cvsimport-quoting later to maint). + (merge 176cb979fe rs/fmt-merge-msg-leakfix later to maint). + (merge 5a03360e73 tb/delimit-pretty-trailers-args-with-comma later to maint). + (merge d0e6326026 ot/pretty later to maint). + (merge 44103f4197 sb/test-helper-excludes later to maint). + (merge 170078693f jt/transport-no-more-rsync later to maint). + (merge c07b3adff1 bw/path-doc later to maint). + (merge bf9d7df950 tz/lib-git-svn-svnserve-tests later to maint). + (merge dec366c9a8 sr/http-sslverify-config-doc later to maint). + (merge 3f824e91c8 jk/test-suite-tracing later to maint). + (merge 1feb061701 db/doc-config-section-names-with-bs later to maint). + (merge 74dea0e13c jh/memihash-opt later to maint). + (merge 2e9fdc795c ma/bisect-leakfix later to maint). diff --git a/Documentation/RelNotes/2.16.1.txt b/Documentation/RelNotes/2.16.1.txt new file mode 100644 index 0000000000..66e64361fd --- /dev/null +++ b/Documentation/RelNotes/2.16.1.txt @@ -0,0 +1,11 @@ +Git v2.16.1 Release Notes +========================= + +Fixes since v2.16 +----------------- + + * "git clone" segfaulted when cloning a project that happens to + track two paths that differ only in case on a case insensitive + filesystem. + +Does not contain any other documentation updates or code clean-ups. diff --git a/Documentation/RelNotes/2.16.2.txt b/Documentation/RelNotes/2.16.2.txt new file mode 100644 index 0000000000..a216466d3d --- /dev/null +++ b/Documentation/RelNotes/2.16.2.txt @@ -0,0 +1,30 @@ +Git v2.16.2 Release Notes +========================= + +Fixes since v2.16.1 +------------------- + + * An old regression in "git describe --all $annotated_tag^0" has been + fixed. + + * "git svn dcommit" did not take into account the fact that a + svn+ssh:// URL with a username@ (typically used for pushing) refers + to the same SVN repository without the username@ and failed when + svn.pushmergeinfo option is set. + + * "git merge -Xours/-Xtheirs" learned to use our/their version when + resolving a conflicting updates to a symbolic link. + + * "git clone $there $here" is allowed even when here directory exists + as long as it is an empty directory, but the command incorrectly + removed it upon a failure of the operation. + + * "git stash -- <pathspec>" incorrectly blew away untracked files in + the directory that matched the pathspec, which has been corrected. + + * "git add -p" was taught to ignore local changes to submodules as + they do not interfere with the partial addition of regular changes + anyway. + + +Also contains various documentation updates and code clean-ups. diff --git a/Documentation/RelNotes/2.16.3.txt b/Documentation/RelNotes/2.16.3.txt new file mode 100644 index 0000000000..64a0bcb0d2 --- /dev/null +++ b/Documentation/RelNotes/2.16.3.txt @@ -0,0 +1,49 @@ +Git v2.16.3 Release Notes +========================= + +Fixes since v2.16.2 +------------------- + + * "git status" after moving a path in the working tree (hence making + it appear "removed") and then adding with the -N option (hence + making that appear "added") detected it as a rename, but did not + report the old and new pathnames correctly. + + * "git commit --fixup" did not allow "-m<message>" option to be used + at the same time; allow it to annotate resulting commit with more + text. + + * When resetting the working tree files recursively, the working tree + of submodules are now also reset to match. + + * Fix for a commented-out code to adjust it to a rather old API change + around object ID. + + * When there are too many changed paths, "git diff" showed a warning + message but in the middle of a line. + + * The http tracing code, often used to debug connection issues, + learned to redact potentially sensitive information from its output + so that it can be more safely sharable. + + * Crash fix for a corner case where an error codepath tried to unlock + what it did not acquire lock on. + + * The split-index mode had a few corner case bugs fixed. + + * Assorted fixes to "git daemon". + + * Completion of "git merge -s<strategy>" (in contrib/) did not work + well in non-C locale. + + * Workaround for segfault with more recent versions of SVN. + + * Recently introduced leaks in fsck have been plugged. + + * Travis CI integration now builds the executable in 'script' phase + to follow the established practice, rather than during + 'before_script' phase. This allows the CI categorize the failures + better ('failed' is project's fault, 'errored' is build + environment's). + +Also contains various documentation updates and code clean-ups. diff --git a/Documentation/RelNotes/2.16.4.txt b/Documentation/RelNotes/2.16.4.txt new file mode 100644 index 0000000000..6be538ba30 --- /dev/null +++ b/Documentation/RelNotes/2.16.4.txt @@ -0,0 +1,5 @@ +Git v2.16.4 Release Notes +========================= + +This release is to forward-port the fixes made in the v2.13.7 version +of Git. See its release notes for details. diff --git a/Documentation/RelNotes/2.16.5.txt b/Documentation/RelNotes/2.16.5.txt new file mode 100644 index 0000000000..cb8ee02a9a --- /dev/null +++ b/Documentation/RelNotes/2.16.5.txt @@ -0,0 +1,6 @@ +Git v2.16.5 Release Notes +========================= + +This release merges up the fixes that appear in v2.14.5 to address +the recently reported CVE-2018-17456; see the release notes for that +version for details. diff --git a/Documentation/RelNotes/2.17.0.txt b/Documentation/RelNotes/2.17.0.txt new file mode 100644 index 0000000000..c2cf891f71 --- /dev/null +++ b/Documentation/RelNotes/2.17.0.txt @@ -0,0 +1,398 @@ +Git 2.17 Release Notes +====================== + +Updates since v2.16 +------------------- + +UI, Workflows & Features + + * "diff" family of commands learned "--find-object=<object-id>" option + to limit the findings to changes that involve the named object. + + * "git format-patch" learned to give 72-cols to diffstat, which is + consistent with other line length limits the subcommand uses for + its output meant for e-mails. + + * The log from "git daemon" can be redirected with a new option; one + relevant use case is to send the log to standard error (instead of + syslog) when running it from inetd. + + * "git rebase" learned to take "--allow-empty-message" option. + + * "git am" has learned the "--quit" option, in addition to the + existing "--abort" option; having the pair mirrors a few other + commands like "rebase" and "cherry-pick". + + * "git worktree add" learned to run the post-checkout hook, just like + "git clone" runs it upon the initial checkout. + + * "git tag" learned an explicit "--edit" option that allows the + message given via "-m" and "-F" to be further edited. + + * "git fetch --prune-tags" may be used as a handy short-hand for + getting rid of stale tags that are locally held. + + * The new "--show-current-patch" option gives an end-user facing way + to get the diff being applied when "git rebase" (and "git am") + stops with a conflict. + + * "git add -p" used to offer "/" (look for a matching hunk) as a + choice, even there was only one hunk, which has been corrected. + Also the single-key help is now given only for keys that are + enabled (e.g. help for '/' won't be shown when there is only one + hunk). + + * Since Git 1.7.9, "git merge" defaulted to --no-ff (i.e. even when + the side branch being merged is a descendant of the current commit, + create a merge commit instead of fast-forwarding) when merging a + tag object. This was appropriate default for integrators who pull + signed tags from their downstream contributors, but caused an + unnecessary merges when used by downstream contributors who + habitually "catch up" their topic branches with tagged releases + from the upstream. Update "git merge" to default to --no-ff only + when merging a tag object that does *not* sit at its usual place in + refs/tags/ hierarchy, and allow fast-forwarding otherwise, to + mitigate the problem. + + * "git status" can spend a lot of cycles to compute the relation + between the current branch and its upstream, which can now be + disabled with "--no-ahead-behind" option. + + * "git diff" and friends learned funcname patterns for Go language + source files. + + * "git send-email" learned "--reply-to=<address>" option. + + * Funcname pattern used for C# now recognizes "async" keyword. + + * In a way similar to how "git tag" learned to honor the pager + setting only in the list mode, "git config" learned to ignore the + pager setting when it is used for setting values (i.e. when the + purpose of the operation is not to "show"). + + +Performance, Internal Implementation, Development Support etc. + + * More perf tests for threaded grep + + * "perf" test output can be sent to codespeed server. + + * The build procedure for perl/ part has been greatly simplified by + weaning ourselves off of MakeMaker. + + * Perl 5.8 or greater has been required since Git 1.7.4 released in + 2010, but we continued to assume some core modules may not exist and + used a conditional "eval { require <<module>> }"; we no longer do + this. Some platforms (Fedora/RedHat/CentOS, for example) ship Perl + without all core modules by default (e.g. Digest::MD5, File::Temp, + File::Spec, Net::Domain, Net::SMTP). Users on such platforms may + need to install these additional modules. + + * As a convenience, we install copies of Perl modules we require which + are not part of the core Perl distribution (e.g. Error and + Mail::Address). Users and packagers whose operating system provides + these modules can set NO_PERL_CPAN_FALLBACKS to avoid installing the + bundled modules. + + * In preparation for implementing narrow/partial clone, the machinery + for checking object connectivity used by gc and fsck has been + taught that a missing object is OK when it is referenced by a + packfile specially marked as coming from trusted repository that + promises to make them available on-demand and lazily. + + * The machinery to clone & fetch, which in turn involves packing and + unpacking objects, has been told how to omit certain objects using + the filtering mechanism introduced by another topic. It now knows + to mark the resulting pack as a promisor pack to tolerate missing + objects, laying foundation for "narrow" clones. + + * The first step to getting rid of mru API and using the + doubly-linked list API directly instead. + + * Retire mru API as it does not give enough abstraction over + underlying list API to be worth it. + + * Rewrite two more "git submodule" subcommands in C. + + * The tracing machinery learned to report tweaking of environment + variables as well. + + * Update Coccinelle rules to catch and optimize strbuf_addf(&buf, "%s", str) + + * Prevent "clang-format" from breaking line after function return type. + + * The sequencer infrastructure is shared across "git cherry-pick", + "git rebase -i", etc., and has always spawned "git commit" when it + needs to create a commit. It has been taught to do so internally, + when able, by reusing the codepath "git commit" itself uses, which + gives performance boost for a few tens of percents in some sample + scenarios. + + * Push the submodule version of collision-detecting SHA-1 hash + implementation a bit harder on builders. + + * Avoid mmapping small files while using packed refs (especially ones + with zero size, which would cause later munmap() to fail). + + * Conversion from uchar[20] to struct object_id continues. + + * More tests for wildmatch functions. + + * The code to binary search starting from a fan-out table (which is + how the packfile is indexed with object names) has been refactored + into a reusable helper. + + * We now avoid using identifiers that clash with C++ keywords. Even + though it is not a goal to compile Git with C++ compilers, changes + like this help use of code analysis tools that targets C++ on our + codebase. + + * The executable is now built in 'script' phase in Travis CI integration, + to follow the established practice, rather than during 'before_script' + phase. This allows the CI categorize the failures better ('failed' + is project's fault, 'errored' is build environment's). + (merge 3c93b82920 sg/travis-build-during-script-phase later to maint). + + * Writing out the index file when the only thing that changed in it + is the untracked cache information is often wasteful, and this has + been optimized out. + + * Various pieces of Perl code we have have been cleaned up. + + * Internal API clean-up to allow write_locked_index() optionally skip + writing the in-core index when it is not modified. + + +Also contains various documentation updates and code clean-ups. + + +Fixes since v2.16 +----------------- + + * An old regression in "git describe --all $annotated_tag^0" has been + fixed. + + * "git status" after moving a path in the working tree (hence making + it appear "removed") and then adding with the -N option (hence + making that appear "added") detected it as a rename, but did not + report the old and new pathnames correctly. + + * "git svn dcommit" did not take into account the fact that a + svn+ssh:// URL with a username@ (typically used for pushing) refers + to the same SVN repository without the username@ and failed when + svn.pushmergeinfo option is set. + + * API clean-up around revision traversal. + + * "git merge -Xours/-Xtheirs" learned to use our/their version when + resolving a conflicting updates to a symbolic link. + + * "git clone $there $here" is allowed even when here directory exists + as long as it is an empty directory, but the command incorrectly + removed it upon a failure of the operation. + + * "git commit --fixup" did not allow "-m<message>" option to be used + at the same time; allow it to annotate resulting commit with more + text. + + * When resetting the working tree files recursively, the working tree + of submodules are now also reset to match. + + * "git stash -- <pathspec>" incorrectly blew away untracked files in + the directory that matched the pathspec, which has been corrected. + + * Instead of maintaining home-grown email address parsing code, ship + a copy of reasonably recent Mail::Address to be used as a fallback + in 'git send-email' when the platform lacks it. + (merge d60be8acab mm/send-email-fallback-to-local-mail-address later to maint). + + * "git add -p" was taught to ignore local changes to submodules as + they do not interfere with the partial addition of regular changes + anyway. + + * Avoid showing a warning message in the middle of a line of "git + diff" output. + (merge 4e056c989f nd/diff-flush-before-warning later to maint). + + * The http tracing code, often used to debug connection issues, + learned to redact potentially sensitive information from its output + so that it can be more safely sharable. + (merge 8ba18e6fa4 jt/http-redact-cookies later to maint). + + * Crash fix for a corner case where an error codepath tried to unlock + what it did not acquire lock on. + (merge 81fcb698e0 mr/packed-ref-store-fix later to maint). + + * The split-index mode had a few corner case bugs fixed. + (merge ae59a4e44f tg/split-index-fixes later to maint). + + * Assorted fixes to "git daemon". + (merge ed15e58efe jk/daemon-fixes later to maint). + + * Completion of "git merge -s<strategy>" (in contrib/) did not work + well in non-C locale. + (merge 7cc763aaa3 nd/list-merge-strategy later to maint). + + * Workaround for segfault with more recent versions of SVN. + (merge 7f6f75e97a ew/svn-branch-segfault-fix later to maint). + + * Plug recently introduced leaks in fsck. + (merge ba3a08ca0e jt/fsck-code-cleanup later to maint). + + * "git pull --rebase" did not pass verbosity setting down when + recursing into a submodule. + (merge a56771a668 sb/pull-rebase-submodule later to maint). + + * The way "git reset --hard" reports the commit the updated HEAD + points at is made consistent with the way how the commit title is + generated by the other parts of the system. This matters when the + title is spread across physically multiple lines. + (merge 1cf823fb68 tg/reset-hard-show-head-with-pretty later to maint). + + * Test fixes. + (merge 63b1a175ee sg/test-i18ngrep later to maint). + + * Some bugs around "untracked cache" feature have been fixed. This + will notice corrupt data in the untracked cache left by old and + buggy code and issue a warning---the index can be fixed by clearing + the untracked cache from it. + (merge 0cacebf099 nd/fix-untracked-cache-invalidation later to maint). + (merge 7bf0be7501 ab/untracked-cache-invalidation-docs later to maint). + + * "git blame HEAD COPYING" in a bare repository failed to run, while + "git blame HEAD -- COPYING" run just fine. This has been corrected. + + * "git add" files in the same directory, but spelling the directory + path in different cases on case insensitive filesystem, corrupted + the name hash data structure and led to unexpected results. This + has been corrected. + (merge c95525e90d bp/name-hash-dirname-fix later to maint). + + * "git rebase -p" mangled log messages of a merge commit, which is + now fixed. + (merge ed5144d7eb js/fix-merge-arg-quoting-in-rebase-p later to maint). + + * Some low level protocol codepath could crash when they get an + unexpected flush packet, which is now fixed. + (merge bb1356dc64 js/packet-read-line-check-null later to maint). + + * "git check-ignore" with multiple paths got confused when one is a + file and the other is a directory, which has been fixed. + (merge d60771e930 rs/check-ignore-multi later to maint). + + * "git describe $garbage" stopped giving any errors when the garbage + happens to be a string with 40 hexadecimal letters. + (merge a8e7a2bf0f sb/describe-blob later to maint). + + * Code to unquote single-quoted string (used in the parser for + configuration files, etc.) did not diagnose bogus input correctly + and produced bogus results instead. + (merge ddbbf8eb25 jk/sq-dequote-on-bogus-input later to maint). + + * Many places in "git apply" knew that "/dev/null" that signals + "there is no such file on this side of the diff" can be followed by + whitespace and garbage when parsing a patch, except for one, which + made an otherwise valid patch (e.g. ones from subversion) rejected. + (merge e454ad4bec tk/apply-dev-null-verify-name-fix later to maint). + + * We no longer create any *.spec file, so "make clean" should not + remove it. + (merge 4321bdcabb tz/do-not-clean-spec-file later to maint). + + * "git push" over http transport did not unquote the push-options + correctly. + (merge 90dce21eb0 jk/push-options-via-transport-fix later to maint). + + * "git send-email" learned to complain when the batch-size option is + not defined when the relogin-delay option is, since these two are + mutually required. + (merge 9caa70697b xz/send-email-batch-size later to maint). + + * Y2k20 fix ;-) for our perl scripts. + (merge a40e06ee33 bw/perl-timegm-timelocal-fix later to maint). + + * Threaded "git grep" has been optimized to avoid allocation in code + section that is covered under a mutex. + (merge 38ef24dccf rv/grep-cleanup later to maint). + + * "git subtree" script (in contrib/) scripted around "git log", whose + output got affected by end-user configuration like log.showsignature + (merge 8841b5222c sg/subtree-signed-commits later to maint). + + * While finding unique object name abbreviation, the code may + accidentally have read beyond the end of the array of object names + in a pack. + (merge 21abed500c ds/find-unique-abbrev-optim later to maint). + + * Micro optimization in revision traversal code. + (merge ebbed3ba04 ds/mark-parents-uninteresting-optim later to maint). + + * "git commit" used to run "gc --auto" near the end, which was lost + when the command was reimplemented in C by mistake. + (merge 095c741edd ab/gc-auto-in-commit later to maint). + + * Allow running a couple of tests with "sh -x". + (merge c20bf94abc sg/cvs-tests-with-x later to maint). + + * The codepath to replace an existing entry in the index had a bug in + updating the name hash structure, which has been fixed. + (merge 0e267b7a24 bp/refresh-cache-ent-rehash-fix later to maint). + + * The transfer.fsckobjects configuration tells "git fetch" to + validate the data and connected-ness of objects in the received + pack; the code to perform this check has been taught about the + narrow clone's convention that missing objects that are reachable + from objects in a pack that came from a promisor remote is OK. + + * There was an unused file-scope static variable left in http.c when + building for versions of libCURL that is older than 7.19.4, which + has been fixed. + (merge b8fd6008ec rj/http-code-cleanup later to maint). + + * Shell script portability fix. + (merge 206a6ae013 ml/filter-branch-portability-fix later to maint). + + * Other minor doc, test and build updates and code cleanups. + (merge e2a5a028c7 bw/oidmap-autoinit later to maint). + (merge ec3b4b06f8 cl/t9001-cleanup later to maint). + (merge e1b3f3dd38 ks/submodule-doc-updates later to maint). + (merge fbac558a9b rs/describe-unique-abbrev later to maint). + (merge 8462ff43e4 tb/crlf-conv-flags later to maint). + (merge 7d68bb0766 rb/hashmap-h-compilation-fix later to maint). + (merge 3449847168 cc/sha1-file-name later to maint). + (merge ad622a256f ds/use-get-be64 later to maint). + (merge f919ffebed sg/cocci-move-array later to maint). + (merge 4e801463c7 jc/mailinfo-cleanup-fix later to maint). + (merge ef5b3a6c5e nd/shared-index-fix later to maint). + (merge 9f5258cbb8 tz/doc-show-defaults-to-head later to maint). + (merge b780e4407d jc/worktree-add-short-help later to maint). + (merge ae239fc8e5 rs/cocci-strbuf-addf-to-addstr later to maint). + (merge 2e22a85e5c nd/ignore-glob-doc-update later to maint). + (merge 3738031581 jk/gettext-poison later to maint). + (merge 54360a1956 rj/sparse-updates later to maint). + (merge 12e31a6b12 sg/doc-test-must-fail-args later to maint). + (merge 760f1ad101 bc/doc-interpret-trailers-grammofix later to maint). + (merge 4ccf461f56 bp/fsmonitor later to maint). + (merge a6119f82b1 jk/test-hashmap-updates later to maint). + (merge 5aea9fe6cc rd/typofix later to maint). + (merge e4e5da2796 sb/status-doc-fix later to maint). + (merge 7976e901c8 gs/test-unset-xdg-cache-home later to maint). + (merge d023df1ee6 tg/worktree-create-tracking later to maint). + (merge 4cbe92fd41 sm/mv-dry-run-update later to maint). + (merge 75e5e9c3f7 sb/color-h-cleanup later to maint). + (merge 2708ef4af6 sg/t6300-modernize later to maint). + (merge d88e92d4e0 bw/doc-submodule-recurse-config-with-clone later to maint). + (merge f74bbc8dd2 jk/cached-commit-buffer later to maint). + (merge 1316416903 ms/non-ascii-ticks later to maint). + (merge 878056005e rs/strbuf-read-file-or-whine later to maint). + (merge 79f0ba1547 jk/strbuf-read-file-close-error later to maint). + (merge edfb8ba068 ot/ref-filter-cleanup later to maint). + (merge 11395a3b4b jc/test-must-be-empty later to maint). + (merge 768b9d6db7 mk/doc-pretty-fill later to maint). + (merge 2caa7b8d27 ab/man-sec-list later to maint). + (merge 40c17eb184 ks/t3200-typofix later to maint). + (merge bd9958c358 dp/merge-strategy-doc-fix later to maint). + (merge 9ee0540a40 js/ming-strftime later to maint). + (merge 1775e990f7 tz/complete-tag-delete-tagname later to maint). + (merge 00a4b03501 rj/warning-uninitialized-fix later to maint). + (merge b635ed97a0 jk/attributes-path-doc later to maint). diff --git a/Documentation/RelNotes/2.17.1.txt b/Documentation/RelNotes/2.17.1.txt new file mode 100644 index 0000000000..e01384fe8e --- /dev/null +++ b/Documentation/RelNotes/2.17.1.txt @@ -0,0 +1,16 @@ +Git v2.17.1 Release Notes +========================= + +Fixes since v2.17 +----------------- + + * This release contains the same fixes made in the v2.13.7 version of + Git, covering CVE-2018-11233 and 11235, and forward-ported to + v2.14.4, v2.15.2 and v2.16.4 releases. See release notes to + v2.13.7 for details. + + * In addition to the above fixes, this release has support on the + server side to reject pushes to repositories that attempt to create + such problematic .gitmodules file etc. as tracked contents, to help + hosting sites protect their customers by preventing malicious + contents from spreading. diff --git a/Documentation/RelNotes/2.17.2.txt b/Documentation/RelNotes/2.17.2.txt new file mode 100644 index 0000000000..ef021be870 --- /dev/null +++ b/Documentation/RelNotes/2.17.2.txt @@ -0,0 +1,12 @@ +Git v2.17.2 Release Notes +========================= + +This release merges up the fixes that appear in v2.14.5 to address +the recently reported CVE-2018-17456; see the release notes for that +version for details. + +In addition, this release also teaches "fsck" and the server side +logic to reject pushes to repositories that attempt to create such a +problematic ".gitmodules" file as tracked contents, to help hosting +sites protect their customers by preventing malicious contents from +spreading. diff --git a/Documentation/RelNotes/2.18.0.txt b/Documentation/RelNotes/2.18.0.txt new file mode 100644 index 0000000000..3ea280cf68 --- /dev/null +++ b/Documentation/RelNotes/2.18.0.txt @@ -0,0 +1,583 @@ +Git 2.18 Release Notes +====================== + +Updates since v2.17 +------------------- + +UI, Workflows & Features + + * Rename detection logic that is used in "merge" and "cherry-pick" has + learned to guess when all of x/a, x/b and x/c have moved to z/a, + z/b and z/c, it is likely that x/d added in the meantime would also + want to move to z/d by taking the hint that the entire directory + 'x' moved to 'z'. A bug causing dirty files involved in a rename + to be overwritten during merge has also been fixed as part of this + work. Incidentally, this also avoids updating a file in the + working tree after a (non-trivial) merge whose result matches what + our side originally had. + + * "git filter-branch" learned to use a different exit code to allow + the callers to tell the case where there was no new commits to + rewrite from other error cases. + + * When built with more recent cURL, GIT_SSL_VERSION can now specify + "tlsv1.3" as its value. + + * "git gui" learned that "~/.ssh/id_ecdsa.pub" and + "~/.ssh/id_ed25519.pub" are also possible SSH key files. + (merge 2e2f0288ef bb/git-gui-ssh-key-files later to maint). + + * "git gui" performs commit upon CTRL/CMD+ENTER but the + CTRL/CMD+KP_ENTER (i.e. enter key on the numpad) did not have the + same key binding. It now does. + (merge 28a1d94a06 bp/git-gui-bind-kp-enter later to maint). + + * "git gui" has been taught to work with old versions of tk (like + 8.5.7) that do not support "ttk::style theme use" as a way to query + the current theme. + (merge 4891961105 cb/git-gui-ttk-style later to maint). + + * "git rebase" has learned to honor "--signoff" option when using + backends other than "am" (but not "--preserve-merges"). + + * "git branch --list" during an interrupted "rebase -i" now lets + users distinguish the case where a detached HEAD is being rebased + and a normal branch is being rebased. + + * "git mergetools" learned talking to guiffy. + + * The scripts in contrib/emacs/ have outlived their usefulness and + have been replaced with a stub that errors out and tells the user + there are replacements. + + * The new "working-tree-encoding" attribute can ask Git to convert the + contents to the specified encoding when checking out to the working + tree (and the other way around when checking in). + + * The "git config" command uses separate options e.g. "--int", + "--bool", etc. to specify what type the caller wants the value to + be interpreted as. A new "--type=<typename>" option has been + introduced, which would make it cleaner to define new types. + + * "git config --get" learned the "--default" option, to help the + calling script. Building on top of the above changes, the + "git config" learns "--type=color" type. Taken together, you can + do things like "git config --get foo.color --default blue" and get + the ANSI color sequence for the color given to foo.color variable, + or "blue" if the variable does not exist. + + * "git ls-remote" learned an option to allow sorting its output based + on the refnames being shown. + + * The command line completion (in contrib/) has been taught that "git + stash save" has been deprecated ("git stash push" is the preferred + spelling in the new world) and does not offer it as a possible + completion candidate when "git stash push" can be. + + * "git gc --prune=nonsense" spent long time repacking and then + silently failed when underlying "git prune --expire=nonsense" + failed to parse its command line. This has been corrected. + + * Error messages from "git push" can be painted for more visibility. + + * "git http-fetch" (deprecated) had an optional and experimental + "feature" to fetch only commits and/or trees, which nobody used. + This has been removed. + + * The functionality of "$GIT_DIR/info/grafts" has been superseded by + the "refs/replace/" mechanism for some time now, but the internal + code had support for it in many places, which has been cleaned up + in order to drop support of the "grafts" mechanism. + + * "git worktree add" learned to check out an existing branch. + + * "git --no-pager cmd" did not have short-and-sweet single letter + option. Now it does as "-P". + (merge 7213c28818 js/no-pager-shorthand later to maint). + + * "git rebase" learned "--rebase-merges" to transplant the whole + topology of commit graph elsewhere. + + * "git status" learned to pay attention to UI related diff + configuration variables such as diff.renames. + + * The command line completion mechanism (in contrib/) learned to load + custom completion file for "git $command" where $command is a + custom "git-$command" that the end user has on the $PATH when using + newer version of bash-completion. + + * "git send-email" can sometimes offer confirmation dialog "Send this + email?" with choices 'Yes', 'No', 'Quit', and 'All'. A new action + 'Edit' has been added to this dialog's choice. + + * With merge.renames configuration set to false, the recursive merge + strategy can be told not to spend cycles trying to find renamed + paths and merge them accordingly. + + * "git status" learned to honor a new status.renames configuration to + skip rename detection, which could be useful for those who want to + do so without disabling the default rename detection done by the + "git diff" command. + + * Command line completion (in contrib/) learned to complete pathnames + for various commands better. + + * "git blame" learns to unhighlight uninteresting metadata from the + originating commit on lines that are the same as the previous one, + and also paint lines in different colors depending on the age of + the commit. + + * Transfer protocol v2 learned to support the partial clone. + + * When a short hexadecimal string is used to name an object but there + are multiple objects that share the string as the prefix of their + names, the code lists these ambiguous candidates in a help message. + These object names are now sorted according to their types for + easier eyeballing. + + * "git fetch $there $refspec" that talks over protocol v2 can take + advantage of server-side ref filtering; the code has been extended + so that this mechanism triggers also when fetching with configured + refspec. + + * Our HTTP client code used to advertise that we accept gzip encoding + from the other side; instead, just let cURL library to advertise + and negotiate the best one. + + * "git p4" learned to "unshelve" shelved commit from P4. + (merge 123f631761 ld/p4-unshelve later to maint). + + +Performance, Internal Implementation, Development Support etc. + + * A "git fetch" from a repository with insane number of refs into a + repository that is already up-to-date still wasted too many cycles + making many lstat(2) calls to see if these objects at the tips + exist as loose objects locally. These lstat(2) calls are optimized + away by enumerating all loose objects beforehand. + It is unknown if the new strategy negatively affects existing use + cases, fetching into a repository with many loose objects from a + repository with small number of refs. + + * Git can be built to use either v1 or v2 of the PCRE library, and so + far, the build-time configuration USE_LIBPCRE=YesPlease instructed + the build procedure to use v1, but now it means v2. USE_LIBPCRE1 + and USE_LIBPCRE2 can be used to explicitly choose which version to + use, as before. + + * The build procedure learned to optionally use symbolic links + (instead of hardlinks and copies) to install "git-foo" for built-in + commands, whose binaries are all identical. + + * Conversion from uchar[20] to struct object_id continues. + + * The way "git worktree prune" worked internally has been simplified, + by assuming how "git worktree move" moves an existing worktree to a + different place. + + * Code clean-up for the "repository" abstraction. + (merge 00a3da2a13 nd/remove-ignore-env-field later to maint). + + * Code to find the length to uniquely abbreviate object names based + on packfile content, which is a relatively recent addtion, has been + optimized to use the same fan-out table. + + * The mechanism to use parse-options API to automate the command line + completion continues to get extended and polished. + + * Copies of old scripted Porcelain commands in contrib/examples/ have + been removed. + + * Some tests that rely on the exact hardcoded values of object names + have been updated in preparation for hash function migration. + + * Perf-test update. + + * Test helper update. + + * The effort continues to refactor the internal global data structure + to make it possible to open multiple repositories, work with and + then close them, + + * Small test-helper programs have been consolidated into a single + binary. + + * API clean-up around ref-filter code. + + * Shell completion (in contrib) that gives list of paths have been + optimized somewhat. + + * The index file is updated to record the fsmonitor section after a + full scan was made, to avoid wasting the effort that has already + spent. + + * Performance measuring framework in t/perf learned to help bisecting + performance regressions. + + * Some multi-word source filenames are being renamed to separate + words with dashes instead of underscores. + + * An reusable "memory pool" implementation has been extracted from + fast-import.c, which in turn has become the first user of the + mem-pool API. + + * A build-time option has been added to allow Git to be told to refer + to its associated files relative to the main binary, in the same + way that has been possible on Windows for quite some time, for + Linux, BSDs and Darwin. + + * Precompute and store information necessary for ancestry traversal + in a separate file to optimize graph walking. + + * The effort to pass the repository in-core structure throughout the + API continues. This round deals with the code that implements the + refs/replace/ mechanism. + + * The build procedure "make DEVELOPER=YesPlease" learned to enable a + bit more warning options depending on the compiler used to help + developers more. There also is "make DEVOPTS=tokens" knob + available now, for those who want to help fixing warnings we + usually ignore, for example. + + * A new version of the transport protocol is being worked on. + + * The code to interface to GPG has been restructured somewhat to make + it cleaner to integrate with other types of signature systems later. + + * The code has been taught to use the duplicated information stored + in the commit-graph file to learn the tree object name for a commit + to avoid opening and parsing the commit object when it makes sense + to do so. + + * "git gc" in a large repository takes a lot of time as it considers + to repack all objects into one pack by default. The command has + been taught to pretend as if the largest existing packfile is + marked with ".keep" so that it is left untouched while objects in + other packs and loose ones are repacked. + + * The transport protocol v2 is getting updated further. + + * The codepath around object-info API has been taught to take the + repository object (which in turn tells the API which object store + the objects are to be located). + + * "git pack-objects" needs to allocate tons of "struct object_entry" + while doing its work, and shrinking its size helps the performance + quite a bit. + + * The implementation of "git rebase -i --root" has been updated to use + the sequencer machinery more. + + * Developer support update, by using BUG() macro instead of die() to + mark codepaths that should not happen more clearly. + + * Developer support. Use newer GCC on one of the builds done at + TravisCI.org to get more warnings and errors diagnosed. + + * Conversion from uchar[20] to struct object_id continues. + + * By code restructuring of submodule merge in merge-recursive, + informational messages from the codepath are now given using the + same mechanism as other output, and honor the merge.verbosity + configuration. The code also learned to give a few new messages + when a submodule three-way merge resolves cleanly when one side + records a descendant of the commit chosen by the other side. + + * Avoid unchecked snprintf() to make future code auditing easier. + (merge ac4896f007 jk/snprintf-truncation later to maint). + + * Many tests hardcode the raw object names, which would change once + we migrate away from SHA-1. While some of them must test against + exact object names, most of them do not have to use hardcoded + constants in the test. The latter kind of tests have been updated + to test the moral equivalent of the original without hardcoding the + actual object names. + + * The list of commands with their various attributes were spread + across a few places in the build procedure, but it now is getting a + bit more consolidated to allow more automation. + + * Quite a many tests assumed that newly created refs are made as + loose refs using the files backend, which have been updated to use + proper plumbing like rev-parse and update-ref, to avoid breakage + once we start using different ref backends. + + +Also contains various documentation updates and code clean-ups. + + +Fixes since v2.17 +----------------- + + * "git shortlog cruft" aborted with a BUG message when run outside a + Git repository. The command has been taught to complain about + extra and unwanted arguments on its command line instead in such a + case. + (merge 4aa0161e83 ma/shortlog-revparse later to maint). + + * "git stash push -u -- <pathspec>" gave an unnecessary and confusing + error message when there was no tracked files that match the + <pathspec>, which has been fixed. + (merge 353278687e tg/stash-untracked-with-pathspec-fix later to maint). + + * "git tag --contains no-such-commit" gave a full list of options + after giving an error message. + (merge 3bb0923f06 ps/contains-id-error-message later to maint). + + * "diff-highlight" filter (in contrib/) learned to understand "git log + --graph" output better. + (merge 4551fbba14 jk/diff-highlight-graph-fix later to maint). + + * when refs that do not point at committish are given, "git + filter-branch" gave a misleading error messages. This has been + corrected. + (merge f78ab355e7 yk/filter-branch-non-committish-refs later to maint). + + * "git submodule status" misbehaved on a submodule that has been + removed from the working tree. + (merge 74b6bda32f rs/status-with-removed-submodule later to maint). + + * When credential helper exits very quickly without reading its + input, it used to cause Git to die with SIGPIPE, which has been + fixed. + (merge a0d51e8d0e eb/cred-helper-ignore-sigpipe later to maint). + + * "git rebase --keep-empty" still removed an empty commit if the + other side contained an empty commit (due to the "does an + equivalent patch exist already?" check), which has been corrected. + (merge 3d946165e1 pw/rebase-keep-empty-fixes later to maint). + + * Some codepaths, including the refs API, get and keep relative + paths, that go out of sync when the process does chdir(2). The + chdir-notify API is introduced to let these codepaths adjust these + cached paths to the new current directory. + (merge fb9c2d2703 jk/relative-directory-fix later to maint). + + * "cd sub/dir && git commit ../path" ought to record the changes to + the file "sub/path", but this regressed long time ago. + (merge 86238e07ef bw/commit-partial-from-subdirectory-fix later to maint). + + * Recent introduction of "--log-destination" option to "git daemon" + did not work well when the daemon was run under "--inetd" mode. + (merge e67d906d73 lw/daemon-log-destination later to maint). + + * Small fix to the autoconf build procedure. + (merge 249482daf0 es/fread-reads-dir-autoconf-fix later to maint). + + * Fix an unexploitable (because the oversized contents are not under + attacker's control) buffer overflow. + (merge d8579accfa bp/fsmonitor-bufsize-fix later to maint). + + * Recent simplification of build procedure forgot a bit of tweak to + the build procedure of contrib/mw-to-git/ + (merge d8698987f3 ab/simplify-perl-makefile later to maint). + + * Moving a submodule that itself has submodule in it with "git mv" + forgot to make necessary adjustment to the nested sub-submodules; + now the codepath learned to recurse into the submodules. + + * "git config --unset a.b", when "a.b" is the last variable in an + otherwise empty section "a", left an empty section "a" behind, and + worse yet, a subsequent "git config a.c value" did not reuse that + empty shell and instead created a new one. These have been + (partially) corrected. + (merge c71d8bb38a js/empty-config-section-fix later to maint). + + * "git worktree remove" learned that "-f" is a shorthand for + "--force" option, just like for "git worktree add". + (merge d228eea514 sb/worktree-remove-opt-force later to maint). + + * The completion script (in contrib/) learned to clear cached list of + command line options upon dot-sourcing it again in a more efficient + way. + (merge 94408dc71c sg/completion-clear-cached later to maint). + + * "git svn" had a minor thinko/typo which has been fixed. + (merge 51db271587 ab/git-svn-get-record-typofix later to maint). + + * During a "rebase -i" session, the code could give older timestamp + to commits created by later "pick" than an earlier "reword", which + has been corrected. + (merge 12f7babd6b js/ident-date-fix later to maint). + + * "git submodule status" did not check the symbolic revision name it + computed for the submodule HEAD is not the NULL, and threw it at + printf routines, which has been corrected. + (merge 0b5e2ea7cf nd/submodule-status-fix later to maint). + + * When fed input that already has In-Reply-To: and/or References: + headers and told to add the same information, "git send-email" + added these headers separately, instead of appending to an existing + one, which is a violation of the RFC. This has been corrected. + (merge 256be1d3f0 sa/send-email-dedup-some-headers later to maint). + + * "git fast-export" had a regression in v2.15.0 era where it skipped + some merge commits in certain cases, which has been corrected. + (merge be011bbe00 ma/fast-export-skip-merge-fix later to maint). + + * The code did not propagate the terminal width to subprocesses via + COLUMNS environment variable, which it now does. This caused + trouble to "git column" helper subprocess when "git tag --column=row" + tried to list the existing tags on a display with non-default width. + (merge b5d5a567fb nd/term-columns later to maint). + + * We learned that our source files with ".pl" and ".py" extensions + are Perl and Python files respectively and changes to them are + better viewed as such with appropriate diff drivers. + (merge 7818b619e2 ab/perl-python-attrs later to maint). + + * "git rebase -i" sometimes left intermediate "# This is a + combination of N commits" message meant for the human consumption + inside an editor in the final result in certain corner cases, which + has been fixed. + (merge 15ef69314d js/rebase-i-clean-msg-after-fixup-continue later to maint). + + * A test to see if the filesystem normalizes UTF-8 filename has been + updated to check what we need to know in a more direct way, i.e. a + path created in NFC form can be accessed with NFD form (or vice + versa) to cope with APFS as well as HFS. + (merge 742ae10e35 tb/test-apfs-utf8-normalization later to maint). + + * "git format-patch --cover --attach" created a broken MIME multipart + message for the cover letter, which has been fixed by keeping the + cover letter as plain text file. + (merge 50cd54ef4e bc/format-patch-cover-no-attach later to maint). + + * The split-index feature had a long-standing and dormant bug in + certain use of the in-core merge machinery, which has been fixed. + (merge 7db118303a en/unpack-trees-split-index-fix later to maint). + + * Asciidoctor gives a reasonable imitation for AsciiDoc, but does not + render illustration in a literal block correctly when indented with + HT by default. The problem is fixed by forcing 8-space tabs. + (merge 379805051d bc/asciidoctor-tab-width later to maint). + + * Code clean-up to adjust to a more recent lockfile API convention that + allows lockfile instances kept on the stack. + (merge 0fa5a2ed8d ma/lockfile-cleanup later to maint). + + * the_repository->index is not a allocated piece of memory but + repo_clear() indiscriminately attempted to free(3) it, which has + been corrected. + (merge 74373b5f10 nd/repo-clear-keep-the-index later to maint). + + * Code clean-up to avoid non-standard-conformant pointer arithmetic. + (merge c112084af9 rs/no-null-ptr-arith-in-fast-export later to maint). + + * Code clean-up to turn history traversal more robust in a + semi-corrupt repository. + (merge 8702b30fd7 jk/unavailable-can-be-missing later to maint). + + * "git update-ref A B" is supposed to ensure that ref A does not yet + exist when B is a NULL OID, but this check was not done correctly + for pseudo-refs outside refs/ hierarchy, e.g. MERGE_HEAD. + + * "git submodule update" and "git submodule add" supported the + "--reference" option to borrow objects from a neighbouring local + repository like "git clone" does, but lacked the more recent + invention "--dissociate". Also "git submodule add" has been taught + to take the "--progress" option. + (merge a0ef29341a cf/submodule-progress-dissociate later to maint). + + * Update credential-netrc helper (in contrib/) to allow customizing + the GPG used to decrypt the encrypted .netrc file. + (merge 786ef50a23 lm/credential-netrc later to maint). + + * "git submodule update" attempts two different kinds of "git fetch" + against the upstream repository to grab a commit bound at the + submodule's path, but it incorrectly gave up if the first kind + (i.e. a normal fetch) failed, making the second "last resort" one + (i.e. fetching an exact commit object by object name) ineffective. + This has been corrected. + (merge e30d833671 sb/submodule-update-try-harder later to maint). + + * Error behaviour of "git grep" when it cannot read the index was + inconsistent with other commands that uses the index, which has + been corrected to error out early. + (merge b2aa84c789 sb/grep-die-on-unreadable-index later to maint). + + * We used to call regfree() after regcomp() failed in some codepaths, + which have been corrected. + (merge 17154b1576 ma/regex-no-regfree-after-comp-fail later to maint). + + * The import-tars script (in contrib/) has been taught to handle + tarballs with overly long paths that use PAX extended headers. + (merge 12ecea46e3 pa/import-tars-long-names later to maint). + + * "git rev-parse Y..." etc. misbehaved when given endpoints were + not committishes. + (merge 0ed556d38f en/rev-parse-invalid-range later to maint). + + * "git pull --recurse-submodules --rebase", when the submodule + repository's history did not have anything common between ours and + the upstream's, failed to execute. We need to fetch from them to + continue even in such a case. + (merge 4d36f88be7 jt/submodule-pull-recurse-rebase later to maint). + + * "git remote update" can take both a single remote nickname and a + nickname for remote groups, but only one of them was documented. + (merge a97447a42a nd/remote-update-doc later to maint). + + * "index-pack --strict" has been taught to make sure that it runs the + final object integrity checks after making the freshly indexed + packfile available to itself. + (merge 3737746120 jk/index-pack-maint later to maint). + + * Make zlib inflate codepath more robust against versions of zlib + that clobber unused portion of outbuf. + (merge b611396e97 jl/zlib-restore-nul-termination later to maint). + + * Fix old merge glitch in Documentation during v2.13-rc0 era. + (merge 28cb06020b mw/doc-merge-enumfix later to maint). + + * The code to read compressed bitmap was not careful to avoid reading + past the end of the file, which has been corrected. + (merge 1140bf01ec jk/ewah-bounds-check later to maint). + + * "make NO_ICONV=NoThanks" did not override NEEDS_LIBICONV + (i.e. linkage of -lintl, -liconv, etc. that are platform-specific + tweaks), which has been corrected. + (merge fdb1fbbc7d es/make-no-iconv later to maint). + + * Other minor doc, test and build updates and code cleanups. + (merge 248f66ed8e nd/trace-with-env later to maint). + (merge 14ced5562c ys/bisect-object-id-missing-conversion-fix later to maint). + (merge 5988eb631a ab/doc-hash-brokenness later to maint). + (merge a4d4e32a70 pk/test-avoid-pipe-hiding-exit-status later to maint). + (merge 05e293c1ac jk/flockfile-stdio later to maint). + (merge e9184b0789 jk/t5561-missing-curl later to maint). + (merge b1801b85a3 nd/worktree-move later to maint). + (merge bbd374dd20 ak/bisect-doc-typofix later to maint). + (merge 4855f06fb3 mn/send-email-credential-doc later to maint). + (merge 8523b1e355 en/doc-typoes later to maint). + (merge 43b44ccfe7 js/t5404-path-fix later to maint). + (merge decf711fc1 ps/test-chmtime-get later to maint). + (merge 22d11a6e8e es/worktree-docs later to maint). + (merge 92a5dbbc22 tg/use-git-contacts later to maint). + (merge adc887221f tq/t1510 later to maint). + (merge bed21a8ad6 sg/doc-gc-quote-mismatch-fix later to maint). + (merge 73364e4f10 tz/doc-git-urls-reference later to maint). + (merge cd1e606bad bc/mailmap-self later to maint). + (merge f7997e3682 ao/config-api-doc later to maint). + (merge ee930754d8 jk/apply-p-doc later to maint). + (merge 011b648646 nd/pack-format-doc later to maint). + (merge 87a6bb701a sg/t5310-jgit-bitmap-test later to maint). + (merge f6b82970aa sg/t5516-fixes later to maint). + (merge 4362da078e sg/t7005-spaces-in-filenames-cleanup later to maint). + (merge 7d0ee47c11 js/test-unset-prereq later to maint). + (merge 5356a3c354 ah/misc-doc-updates later to maint). + (merge 92c4a7a129 nd/completion-aliasfiletype-typofix later to maint). + (merge 58bd77b66a nd/pack-unreachable-objects-doc later to maint). + (merge 4ed79d5203 sg/t6500-no-redirect-of-stdin later to maint). + (merge 17b8a2d6cd jk/config-blob-sans-repo later to maint). + (merge 590551ca2c rd/tag-doc-lightweight later to maint). + (merge 44f560fc16 rd/init-typo later to maint). + (merge f156a0934a rd/p4-doc-markup-env later to maint). + (merge 2a00502b14 tg/doc-sec-list later to maint). + (merge 47cc91310a jk/submodule-fsck-loose-fixup later to maint). + (merge efde7b725c rd/comment-typofix-in-sha1-file later to maint). + (merge 7eedad15df rd/diff-options-typofix later to maint). + (merge 58ebd936cc km/doc-workflows-typofix later to maint). + (merge 30aa96cdf8 rd/doc-remote-tracking-with-hyphen later to maint). + (merge cf317877e3 ks/branch-set-upstream later to maint). + (merge 8de19d6be8 sg/t7406-chain-fix later to maint). diff --git a/Documentation/RelNotes/2.18.1.txt b/Documentation/RelNotes/2.18.1.txt new file mode 100644 index 0000000000..2098cdd776 --- /dev/null +++ b/Documentation/RelNotes/2.18.1.txt @@ -0,0 +1,6 @@ +Git v2.18.1 Release Notes +========================= + +This release merges up the fixes that appear in v2.14.5 and in +v2.17.2 to address the recently reported CVE-2018-17456; see the +release notes for those versions for details. diff --git a/Documentation/RelNotes/2.19.0.txt b/Documentation/RelNotes/2.19.0.txt new file mode 100644 index 0000000000..a06ccf6e2a --- /dev/null +++ b/Documentation/RelNotes/2.19.0.txt @@ -0,0 +1,615 @@ +Git 2.19 Release Notes +====================== + +Updates since v2.18 +------------------- + +UI, Workflows & Features + + * "git diff" compares the index and the working tree. For paths + added with intent-to-add bit, the command shows the full contents + of them as added, but the paths themselves were not marked as new + files. They are now shown as new by default. + + "git apply" learned the "--intent-to-add" option so that an + otherwise working-tree-only application of a patch will add new + paths to the index marked with the "intent-to-add" bit. + + * "git grep" learned the "--column" option that gives not just the + line number but the column number of the hit. + + * The "-l" option in "git branch -l" is an unfortunate short-hand for + "--create-reflog", but many users, both old and new, somehow expect + it to be something else, perhaps "--list". This step warns when "-l" + is used as a short-hand for "--create-reflog" and warns about the + future repurposing of the it when it is used. + + * The userdiff pattern for .php has been updated. + + * The content-transfer-encoding of the message "git send-email" sends + out by default was 8bit, which can cause trouble when there is an + overlong line to bust RFC 5322/2822 limit. A new option 'auto' to + automatically switch to quoted-printable when there is such a line + in the payload has been introduced and is made the default. + + * "git checkout" and "git worktree add" learned to honor + checkout.defaultRemote when auto-vivifying a local branch out of a + remote tracking branch in a repository with multiple remotes that + have tracking branches that share the same names. + (merge 8d7b558bae ab/checkout-default-remote later to maint). + + * "git grep" learned the "--only-matching" option. + + * "git rebase --rebase-merges" mode now handles octopus merges as + well. + + * Add a server-side knob to skip commits in exponential/fibbonacci + stride in an attempt to cover wider swath of history with a smaller + number of iterations, potentially accepting a larger packfile + transfer, instead of going back one commit a time during common + ancestor discovery during the "git fetch" transaction. + (merge 42cc7485a2 jt/fetch-negotiator-skipping later to maint). + + * A new configuration variable core.usereplacerefs has been added, + primarily to help server installations that want to ignore the + replace mechanism altogether. + + * Teach "git tag -s" etc. a few configuration variables (gpg.format + that can be set to "openpgp" or "x509", and gpg.<format>.program + that is used to specify what program to use to deal with the format) + to allow x.509 certs with CMS via "gpgsm" to be used instead of + openpgp via "gnupg". + + * Many more strings are prepared for l10n. + + * "git p4 submit" learns to ask its own pre-submit hook if it should + continue with submitting. + + * The test performed at the receiving end of "git push" to prevent + bad objects from entering repository can be customized via + receive.fsck.* configuration variables; we now have gained a + counterpart to do the same on the "git fetch" side, with + fetch.fsck.* configuration variables. + + * "git pull --rebase=interactive" learned "i" as a short-hand for + "interactive". + + * "git instaweb" has been adjusted to run better with newer Apache on + RedHat based distros. + + * "git range-diff" is a reimplementation of "git tbdiff" that lets us + compare individual patches in two iterations of a topic. + + * The sideband code learned to optionally paint selected keywords at + the beginning of incoming lines on the receiving end. + + * "git branch --list" learned to take the default sort order from the + 'branch.sort' configuration variable, just like "git tag --list" + pays attention to 'tag.sort'. + + * "git worktree" command learned "--quiet" option to make it less + verbose. + + +Performance, Internal Implementation, Development Support etc. + + * The bulk of "git submodule foreach" has been rewritten in C. + + * The in-core "commit" object had an all-purpose "void *util" field, + which was tricky to use especially in library-ish part of the + code. All of the existing uses of the field has been migrated to a + more dedicated "commit-slab" mechanism and the field is eliminated. + + * A less often used command "git show-index" has been modernized. + (merge fb3010c31f jk/show-index later to maint). + + * The conversion to pass "the_repository" and then "a_repository" + throughout the object access API continues. + + * Continuing with the idea to programatically enumerate various + pieces of data required for command line completion, teach the + codebase to report the list of configuration variables + subcommands care about to help complete them. + + * Separate "rebase -p" codepath out of "rebase -i" implementation to + slim down the latter and make it easier to manage. + + * Make refspec parsing codepath more robust. + + * Some flaky tests have been fixed. + + * Continuing with the idea to programmatically enumerate various + pieces of data required for command line completion, the codebase + has been taught to enumerate options prefixed with "--no-" to + negate them. + + * Build and test procedure for netrc credential helper (in contrib/) + has been updated. + + * Remove unused function definitions and declarations from ewah + bitmap subsystem. + + * Code preparation to make "git p4" closer to be usable with Python 3. + + * Tighten the API to make it harder to misuse in-tree .gitmodules + file, even though it shares the same syntax with configuration + files, to read random configuration items from it. + + * "git fast-import" has been updated to avoid attempting to create + delta against a zero-byte-long string, which is pointless. + + * The codebase has been updated to compile cleanly with -pedantic + option. + (merge 2b647a05d7 bb/pedantic later to maint). + + * The character display width table has been updated to match the + latest Unicode standard. + (merge 570951eea2 bb/unicode-11-width later to maint). + + * test-lint now looks for broken use of "VAR=VAL shell_func" in test + scripts. + + * Conversion from uchar[40] to struct object_id continues. + + * Recent "security fix" to pay attention to contents of ".gitmodules" + while accepting "git push" was a bit overly strict than necessary, + which has been adjusted. + + * "git fsck" learns to make sure the optional commit-graph file is in + a sane state. + + * "git diff --color-moved" feature has further been tweaked. + + * Code restructuring and a small fix to transport protocol v2 during + fetching. + + * Parsing of -L[<N>][,[<M>]] parameters "git blame" and "git log" + take has been tweaked. + + * lookup_commit_reference() and friends have been updated to find + in-core object for a specific in-core repository instance. + + * Various glitches in the heuristics of merge-recursive strategy have + been documented in new tests. + + * "git fetch" learned a new option "--negotiation-tip" to limit the + set of commits it tells the other end as "have", to reduce wasted + bandwidth and cycles, which would be helpful when the receiving + repository has a lot of refs that have little to do with the + history at the remote it is fetching from. + + * For a large tree, the index needs to hold many cache entries + allocated on heap. These cache entries are now allocated out of a + dedicated memory pool to amortize malloc(3) overhead. + + * Tests to cover various conflicting cases have been added for + merge-recursive. + + * Tests to cover conflict cases that involve submodules have been + added for merge-recursive. + + * Look for broken "&&" chains that are hidden in subshell, many of + which have been found and corrected. + + * The singleton commit-graph in-core instance is made per in-core + repository instance. + + * "make DEVELOPER=1 DEVOPTS=pedantic" allows developers to compile + with -pedantic option, which may catch more problematic program + constructs and potential bugs. + + * Preparatory code to later add json output for telemetry data has + been added. + + * Update the way we use Coccinelle to find out-of-style code that + need to be modernised. + + * It is too easy to misuse system API functions such as strcat(); + these selected functions are now forbidden in this codebase and + will cause a compilation failure. + + * Add a script (in contrib/) to help users of VSCode work better with + our codebase. + + * The Travis CI scripts were taught to ship back the test data from + failed tests. + (merge aea8879a6a sg/travis-retrieve-trash-upon-failure later to maint). + + * The parse-options machinery learned to refrain from enclosing + placeholder string inside a "<bra" and "ket>" pair automatically + without PARSE_OPT_LITERAL_ARGHELP. Existing help text for option + arguments that are not formatted correctly have been identified and + fixed. + (merge 5f0df44cd7 rs/parse-opt-lithelp later to maint). + + * Noiseword "extern" has been removed from function decls in the + header files. + + * A few atoms like %(objecttype) and %(objectsize) in the format + specifier of "for-each-ref --format=<format>" can be filled without + getting the full contents of the object, but just with the object + header. These cases have been optimized by calling + oid_object_info() API (instead of reading and inspecting the data). + + * The end result of documentation update has been made to be + inspected more easily to help developers. + + * The API to iterate over all objects learned to optionally list + objects in the order they appear in packfiles, which helps locality + of access if the caller accesses these objects while as objects are + enumerated. + + * Improve built-in facility to catch broken &&-chain in the tests. + + * The more library-ish parts of the codebase learned to work on the + in-core index-state instance that is passed in by their callers, + instead of always working on the singleton "the_index" instance. + + * A test prerequisite defined by various test scripts with slightly + different semantics has been consolidated into a single copy and + made into a lazily defined one. + (merge 6ec633059a wc/make-funnynames-shared-lazy-prereq later to maint). + + * After a partial clone, repeated fetches from promisor remote would + have accumulated many packfiles marked with .promisor bit without + getting them coalesced into fewer packfiles, hurting performance. + "git repack" now learned to repack them. + + * Partially revert the support for multiple hash functions to regain + hash comparison performance; we'd think of a way to do this better + in the next cycle. + + * "git help --config" (which is used in command line completion) + missed the configuration variables not described in the main + config.txt file but are described in another file that is included + by it, which has been corrected. + + * The test linter code has learned that the end of here-doc mark + "EOF" can be quoted in a double-quote pair, not just in a + single-quote pair. + + +Fixes since v2.18 +----------------- + + * "git remote update" can take both a single remote nickname and a + nickname for remote groups, and the completion script (in contrib/) + has been taught about it. + (merge 9cd4382ad5 ls/complete-remote-update-names later to maint). + + * "git fetch --shallow-since=<cutoff>" that specifies the cut-off + point that is newer than the existing history used to end up + grabbing the entire history. Such a request now errors out. + (merge e34de73c56 nd/reject-empty-shallow-request later to maint). + + * Fix for 2.17-era regression around `core.safecrlf`. + (merge 6cb09125be as/safecrlf-quiet-fix later to maint). + + * The recent addition of "partial clone" experimental feature kicked + in when it shouldn't, namely, when there is no partial-clone filter + defined even if extensions.partialclone is set. + (merge cac1137dc4 jh/partial-clone later to maint). + + * "git send-pack --signed" (hence "git push --signed" over the http + transport) did not read user ident from the config mechanism to + determine whom to sign the push certificate as, which has been + corrected. + (merge d067d98887 ms/send-pack-honor-config later to maint). + + * "git fetch-pack --all" used to unnecessarily fail upon seeing an + annotated tag that points at an object other than a commit. + (merge c12c9df527 jk/fetch-all-peeled-fix later to maint). + + * When user edits the patch in "git add -p" and the user's editor is + set to strip trailing whitespaces indiscriminately, an empty line + that is unchanged in the patch would become completely empty + (instead of a line with a sole SP on it). The code introduced in + Git 2.17 timeframe failed to parse such a patch, but now it learned + to notice the situation and cope with it. + (merge f4d35a6b49 pw/add-p-recount later to maint). + + * The code to try seeing if a fetch is necessary in a submodule + during a fetch with --recurse-submodules got confused when the path + to the submodule was changed in the range of commits in the + superproject, sometimes showing "(null)". This has been corrected. + + * Bugfix for "rebase -i" corner case regression. + (merge a9279c6785 pw/rebase-i-keep-reword-after-conflict later to maint). + + * Recently added "--base" option to "git format-patch" command did + not correctly generate prereq patch ids. + (merge 15b76c1fb3 xy/format-patch-prereq-patch-id-fix later to maint). + + * POSIX portability fix in Makefile to fix a glitch introduced a few + releases ago. + (merge 6600054e9b dj/runtime-prefix later to maint). + + * "git filter-branch" when used with the "--state-branch" option + still attempted to rewrite the commits whose filtered result is + known from the previous attempt (which is recorded on the state + branch); the command has been corrected not to waste cycles doing + so. + (merge 709cfe848a mb/filter-branch-optim later to maint). + + * Clarify that setting core.ignoreCase to deviate from reality would + not turn a case-incapable filesystem into a case-capable one. + (merge 48294b512a ms/core-icase-doc later to maint). + + * "fsck.skipList" did not prevent a blob object listed there from + being inspected for is contents (e.g. we recently started to + inspect the contents of ".gitmodules" for certain malicious + patterns), which has been corrected. + (merge fb16287719 rj/submodule-fsck-skip later to maint). + + * "git checkout --recurse-submodules another-branch" did not report + in which submodule it failed to update the working tree, which + resulted in an unhelpful error message. + (merge ba95d4e4bd sb/submodule-move-head-error-msg later to maint). + + * "git rebase" behaved slightly differently depending on which one of + the three backends gets used; this has been documented and an + effort to make them more uniform has begun. + (merge b00bf1c9a8 en/rebase-consistency later to maint). + + * The "--ignore-case" option of "git for-each-ref" (and its friends) + did not work correctly, which has been fixed. + (merge e674eb2528 jk/for-each-ref-icase later to maint). + + * "git fetch" failed to correctly validate the set of objects it + received when making a shallow history deeper, which has been + corrected. + (merge cf1e7c0770 jt/connectivity-check-after-unshallow later to maint). + + * Partial clone support of "git clone" has been updated to correctly + validate the objects it receives from the other side. The server + side has been corrected to send objects that are directly + requested, even if they may match the filtering criteria (e.g. when + doing a "lazy blob" partial clone). + (merge a7e67c11b8 jt/partial-clone-fsck-connectivity later to maint). + + * Handling of an empty range by "git cherry-pick" was inconsistent + depending on how the range ended up to be empty, which has been + corrected. + (merge c5e358d073 jk/empty-pick-fix later to maint). + + * "git reset --merge" (hence "git merge ---abort") and "git reset --hard" + had trouble working correctly in a sparsely checked out working + tree after a conflict, which has been corrected. + (merge b33fdfc34c mk/merge-in-sparse-checkout later to maint). + + * Correct a broken use of "VAR=VAL shell_func" in a test. + (merge 650161a277 jc/t3404-one-shot-export-fix later to maint). + + * "git rev-parse ':/substring'" did not consider the history leading + only to HEAD when looking for a commit with the given substring, + when the HEAD is detached. This has been fixed. + (merge 6b3351e799 wc/find-commit-with-pattern-on-detached-head later to maint). + + * Build doc update for Windows. + (merge ede8d89bb1 nd/command-list later to maint). + + * core.commentchar is now honored when preparing the list of commits + to replay in "rebase -i". + + * "git pull --rebase" on a corrupt HEAD caused a segfault. In + general we substitute an empty tree object when running the in-core + equivalent of the diff-index command, and the codepath has been + corrected to do so as well to fix this issue. + (merge 3506dc9445 jk/has-uncommitted-changes-fix later to maint). + + * httpd tests saw occasional breakage due to the way its access log + gets inspected by the tests, which has been updated to make them + less flaky. + (merge e8b3b2e275 sg/httpd-test-unflake later to maint). + + * Tests to cover more D/F conflict cases have been added for + merge-recursive. + + * "git gc --auto" opens file descriptors for the packfiles before + spawning "git repack/prune", which would upset Windows that does + not want a process to work on a file that is open by another + process. The issue has been worked around. + (merge 12e73a3ce4 kg/gc-auto-windows-workaround later to maint). + + * The recursive merge strategy did not properly ensure there was no + change between HEAD and the index before performing its operation, + which has been corrected. + (merge 55f39cf755 en/dirty-merge-fixes later to maint). + + * "git rebase" started exporting GIT_DIR environment variable and + exposing it to hook scripts when part of it got rewritten in C. + Instead of matching the old scripted Porcelains' behaviour, + compensate by also exporting GIT_WORK_TREE environment as well to + lessen the damage. This can harm existing hooks that want to + operate on different repository, but the current behaviour is + already broken for them anyway. + (merge ab5e67d751 bc/sequencer-export-work-tree-as-well later to maint). + + * "git send-email" when using in a batched mode that limits the + number of messages sent in a single SMTP session lost the contents + of the variable used to choose between tls/ssl, unable to send the + second and later batches, which has been fixed. + (merge 636f3d7ac5 jm/send-email-tls-auth-on-batch later to maint). + + * The lazy clone support had a few places where missing but promised + objects were not correctly tolerated, which have been fixed. + + * One of the "diff --color-moved" mode "dimmed_zebra" that was named + in an unusual way has been deprecated and replaced by + "dimmed-zebra". + (merge e3f2f5f9cd es/diff-color-moved-fix later to maint). + + * The wire-protocol v2 relies on the client to send "ref prefixes" to + limit the bandwidth spent on the initial ref advertisement. "git + clone" when learned to speak v2 forgot to do so, which has been + corrected. + (merge 402c47d939 bw/clone-ref-prefixes later to maint). + + * "git diff --histogram" had a bad memory usage pattern, which has + been rearranged to reduce the peak usage. + (merge 79cb2ebb92 sb/histogram-less-memory later to maint). + + * Code clean-up to use size_t/ssize_t when they are the right type. + (merge 7726d360b5 jk/size-t later to maint). + + * The wire-protocol v2 relies on the client to send "ref prefixes" to + limit the bandwidth spent on the initial ref advertisement. "git + fetch $remote branch:branch" that asks tags that point into the + history leading to the "branch" automatically followed sent to + narrow prefix and broke the tag following, which has been fixed. + (merge 2b554353a5 jt/tag-following-with-proto-v2-fix later to maint). + + * When the sparse checkout feature is in use, "git cherry-pick" and + other mergy operations lost the skip_worktree bit when a path that + is excluded from checkout requires content level merge, which is + resolved as the same as the HEAD version, without materializing the + merge result in the working tree, which made the path appear as + deleted. This has been corrected by preserving the skip_worktree + bit (and not materializing the file in the working tree). + (merge 2b75fb601c en/merge-recursive-skip-fix later to maint). + + * The "author-script" file "git rebase -i" creates got broken when + we started to move the command away from shell script, which is + getting fixed now. + (merge 5522bbac20 es/rebase-i-author-script-fix later to maint). + + * The automatic tree-matching in "git merge -s subtree" was broken 5 + years ago and nobody has noticed since then, which is now fixed. + (merge 2ec4150713 jk/merge-subtree-heuristics later to maint). + + * "git fetch $there refs/heads/s" ought to fetch the tip of the + branch 's', but when "refs/heads/refs/heads/s", i.e. a branch whose + name is "refs/heads/s" exists at the same time, fetched that one + instead by mistake. This has been corrected to honor the usual + disambiguation rules for abbreviated refnames. + (merge 60650a48c0 jt/refspec-dwim-precedence-fix later to maint). + + * Futureproofing a helper function that can easily be misused. + (merge 65bb21e77e es/want-color-fd-defensive later to maint). + + * The http-backend (used for smart-http transport) used to slurp the + whole input until EOF, without paying attention to CONTENT_LENGTH + that is supplied in the environment and instead expecting the Web + server to close the input stream. This has been fixed. + (merge eebfe40962 mk/http-backend-content-length later to maint). + + * "git merge --abort" etc. did not clean things up properly when + there were conflicted entries in the index in certain order that + are involved in D/F conflicts. This has been corrected. + (merge ad3762042a en/abort-df-conflict-fixes later to maint). + + * "git diff --indent-heuristic" had a bad corner case performance. + (merge 301ef85401 sb/indent-heuristic-optim later to maint). + + * The "--exec" option to "git rebase --rebase-merges" placed the exec + commands at wrong places, which has been corrected. + + * "git verify-tag" and "git verify-commit" have been taught to use + the exit status of underlying "gpg --verify" to signal bad or + untrusted signature they found. + (merge 4e5dc9ca17 jc/gpg-status later to maint). + + * "git mergetool" stopped and gave an extra prompt to continue after + the last path has been handled, which did not make much sense. + (merge d651a54b8a ng/mergetool-lose-final-prompt later to maint). + + * Among the three codepaths we use O_APPEND to open a file for + appending, one used for writing GIT_TRACE output requires O_APPEND + implementation that behaves sensibly when multiple processes are + writing to the same file. POSIX emulation used in the Windows port + has been updated to improve in this area. + (merge d641097589 js/mingw-o-append later to maint). + + * "git pull --rebase -v" in a repository with a submodule barfed as + an intermediate process did not understand what "-v(erbose)" flag + meant, which has been fixed. + (merge e84c3cf3dc sb/pull-rebase-submodule later to maint). + + * Recent update to "git config" broke updating variable in a + subsection, which has been corrected. + (merge bff7df7a87 sb/config-write-fix later to maint). + + * When "git rebase -i" is told to squash two or more commits into + one, it labeled the log message for each commit with its number. + It correctly called the first one "1st commit", but the next one + was "commit #1", which was off-by-one. This has been corrected. + (merge dd2e36ebac pw/rebase-i-squash-number-fix later to maint). + + * "git rebase -i", when a 'merge <branch>' insn in its todo list + fails, segfaulted, which has been (minimally) corrected. + (merge bc9238bb09 pw/rebase-i-merge-segv-fix later to maint). + + * "git cherry-pick --quit" failed to remove CHERRY_PICK_HEAD even + though we won't be in a cherry-pick session after it returns, which + has been corrected. + (merge 3e7dd99208 nd/cherry-pick-quit-fix later to maint). + + * In a recent update in 2.18 era, "git pack-objects" started + producing a larger than necessary packfiles by missing + opportunities to use large deltas. This has been corrected. + + * The meaning of the possible values the "core.checkStat" + configuration variable can take were not adequately documented, + which has been fixed. + (merge 9bf5d4c4e2 nd/config-core-checkstat-doc later to maint). + + * Recent "git rebase -i" update started to write bogusly formatted + author-script, with a matching broken reading code. These are + fixed. + + * Recent addition of "directory rename" heuristics to the + merge-recursive backend makes the command susceptible to false + positives and false negatives. In the context of "git am -3", + which does not know about surrounding unmodified paths and thus + cannot inform the merge machinery about the full trees involved, + this risk is particularly severe. As such, the heuristic is + disabled for "git am -3" to keep the machinery "more stupid but + predictable". + + * "git merge-base" in 2.19-rc1 has performance regression when the + (experimental) commit-graph feature is in use, which has been + mitigated. + + * Code cleanup, docfix, build fix, etc. + (merge aee9be2ebe sg/update-ref-stdin-cleanup later to maint). + (merge 037714252f jc/clean-after-sanity-tests later to maint). + (merge 5b26c3c941 en/merge-recursive-cleanup later to maint). + (merge 0dcbc0392e bw/config-refer-to-gitsubmodules-doc later to maint). + (merge bb4d000e87 bw/protocol-v2 later to maint). + (merge 928f0ab4ba vs/typofixes later to maint). + (merge d7f590be84 en/rebase-i-microfixes later to maint). + (merge 81d395cc85 js/rebase-recreate-merge later to maint). + (merge 51d1863168 tz/exclude-doc-smallfixes later to maint). + (merge a9aa3c0927 ds/commit-graph later to maint). + (merge 5cf8e06474 js/enhanced-version-info later to maint). + (merge 6aaded5509 tb/config-default later to maint). + (merge 022d2ac1f3 sb/blame-color later to maint). + (merge 5a06a20e0c bp/test-drop-caches-for-windows later to maint). + (merge dd61cc1c2e jk/ui-color-always-to-auto later to maint). + (merge 1e83b9bfdd sb/trailers-docfix later to maint). + (merge ab29f1b329 sg/fast-import-dump-refs-on-checkpoint-fix later to maint). + (merge 6a8ad880f0 jn/subtree-test-fixes later to maint). + (merge ffbd51cc60 nd/pack-objects-threading-doc later to maint). + (merge e9dac7be60 es/mw-to-git-chain-fix later to maint). + (merge fe583c6c7a rs/remote-mv-leakfix later to maint). + (merge 69885ab015 en/t3031-title-fix later to maint). + (merge 8578037bed nd/config-blame-sort later to maint). + (merge 8ad169c4ba hn/config-in-code-comment later to maint). + (merge b7446fcfdf ar/t4150-am-scissors-test-fix later to maint). + (merge a8132410ee js/typofixes later to maint). + (merge 388d0ff6e5 en/update-index-doc later to maint). + (merge e05aa688dd jc/update-index-doc later to maint). + (merge 10c600172c sg/t5310-empty-input-fix later to maint). + (merge 5641eb9465 jh/partial-clone-doc later to maint). + (merge 2711b1ad5e ab/submodule-relative-url-tests later to maint). + (merge ce528de023 ab/unconditional-free-and-null later to maint). + (merge bbc072f5d8 rs/opt-updates later to maint). + (merge 69d846f053 jk/use-compat-util-in-test-tool later to maint). + (merge 1820703045 js/larger-timestamps later to maint). + (merge c8b35b95e1 sg/t4051-fix later to maint). + (merge 30612cb670 sg/t0020-conversion-fix later to maint). + (merge 15da753709 sg/t7501-thinkofix later to maint). + (merge 79b04f9b60 sg/t3903-missing-fix later to maint). + (merge 2745817028 sg/t3420-autostash-fix later to maint). + (merge 7afb0d6777 sg/test-rebase-editor-fix later to maint). + (merge 6c6ce21baa es/freebsd-iconv-portability later to maint). diff --git a/Documentation/RelNotes/2.19.1.txt b/Documentation/RelNotes/2.19.1.txt new file mode 100644 index 0000000000..da7672674e --- /dev/null +++ b/Documentation/RelNotes/2.19.1.txt @@ -0,0 +1,6 @@ +Git v2.19.1 Release Notes +========================= + +This release merges up the fixes that appear in v2.14.5 and in +v2.17.2 to address the recently reported CVE-2018-17456; see the +release notes for those versions for details. diff --git a/Documentation/RelNotes/2.19.2.txt b/Documentation/RelNotes/2.19.2.txt new file mode 100644 index 0000000000..759e6ca957 --- /dev/null +++ b/Documentation/RelNotes/2.19.2.txt @@ -0,0 +1,108 @@ +Git v2.19.2 Release Notes +========================= + +Fixes since v2.19.1 +------------------- + + * "git interpret-trailers" and its underlying machinery had a buggy + code that attempted to ignore patch text after commit log message, + which triggered in various codepaths that will always get the log + message alone and never get such an input. + + * "git rebase -i" did not clear the state files correctly when a run + of "squash/fixup" is aborted and then the user manually amended the + commit instead, which has been corrected. + + * When fsmonitor is in use, after operation on submodules updates + .gitmodules, we lost track of the fact that we did so and relied on + stale fsmonitor data. + + * Fix for a long-standing bug that leaves the index file corrupt when + it shrinks during a partial commit. + + * Further fix for O_APPEND emulation on Windows + + * A corner case bugfix in "git rerere" code. + + * "git add ':(attr:foo)'" is not supported and is supposed to be + rejected while the command line arguments are parsed, but we fail + to reject such a command line upfront. + + * "git rebase" etc. in Git 2.19 fails to abort when given an empty + commit log message as result of editing, which has been corrected. + + * The code to backfill objects in lazily cloned repository did not + work correctly, which has been corrected. + + * Update error messages given by "git remote" and make them consistent. + + * "git update-ref" learned to make both "--no-deref" and "--stdin" + work at the same time. + + * Recently added "range-diff" had a corner-case bug to cause it + segfault, which has been corrected. + + * The recently introduced commit-graph auxiliary data is incompatible + with mechanisms such as replace & grafts that "breaks" immutable + nature of the object reference relationship. Disable optimizations + based on its use (and updating existing commit-graph) when these + incompatible features are in use in the repository. + + * The mailmap file update. + + * The code in "git status" sometimes hit an assertion failure. This + was caused by a structure that was reused without cleaning the data + used for the first run, which has been corrected. + + * A corner-case bugfix. + + * A partial clone that is configured to lazily fetch missing objects + will on-demand issue a "git fetch" request to the originating + repository to fill not-yet-obtained objects. The request has been + optimized for requesting a tree object (and not the leaf blob + objects contained in it) by telling the originating repository that + no blobs are needed. + + * The codepath to support the experimental split-index mode had + remaining "racily clean" issues fixed. + + * "git log --graph" showing an octopus merge sometimes miscounted the + number of display columns it is consuming to show the merge and its + parent commits, which has been corrected. + + * The implementation of run_command() API on the UNIX platforms had a + bug that caused a command not on $PATH to be found in the current + directory. + + * A mutex used in "git pack-objects" were not correctly initialized + and this caused "git repack" to dump core on Windows. + + * Under certain circumstances, "git diff D:/a/b/c D:/a/b/d" on + Windows would strip initial parts from the paths because they + were not recognized as absolute, which has been corrected. + + * The receive.denyCurrentBranch=updateInstead codepath kicked in even + when the push should have been rejected due to other reasons, such + as it does not fast-forward or the update-hook rejects it, which + has been corrected. + + * "git repack" in a shallow clone did not correctly update the + shallow points in the repository, leading to a repository that + does not pass fsck. + + * Operations on promisor objects make sense in the context of only a + small subset of the commands that internally use the revisions + machinery, but the "--exclude-promisor-objects" option were taken + and led to nonsense results by commands like "log", to which it + didn't make much sense. This has been corrected. + + * The "container" mode of TravisCI is going away. Our .travis.yml + file is getting prepared for the transition. + + * Our test scripts can now take the '-V' option as a synonym for the + '--verbose-log' option. + + * A regression in Git 2.12 era made "git fsck" fall into an infinite + loop while processing truncated loose objects. + +Also contains various documentation updates and code clean-ups. diff --git a/Documentation/RelNotes/2.20.0.txt b/Documentation/RelNotes/2.20.0.txt new file mode 100644 index 0000000000..e71fe3dee1 --- /dev/null +++ b/Documentation/RelNotes/2.20.0.txt @@ -0,0 +1,700 @@ +Git 2.20 Release Notes +====================== + +Backward Compatibility Notes +---------------------------- + + * "git branch -l <foo>" used to be a way to ask a reflog to be + created while creating a new branch, but that is no longer the + case. It is a short-hand for "git branch --list <foo>" now. + + * "git push" into refs/tags/* hierarchy is rejected without getting + forced, but "git fetch" (misguidedly) used the "fast forwarding" + rule used for the refs/heads/* hierarchy; this has been corrected, + which means some fetches of tags that did not fail with older + version of Git will fail without "--force" with this version. + + * "git help -a" now gives verbose output (same as "git help -av"). + Those who want the old output may say "git help --no-verbose -a".. + + * "git cpn --help", when "cpn" is an alias to, say, "cherry-pick -n", + reported only the alias expansion of "cpn" in earlier versions of + Git. It now runs "git cherry-pick --help" to show the manual page + of the command, while sending the alias expansion to the standard + error stream. + + * "git send-email" learned to grab address-looking string on any + trailer whose name ends with "-by". This is a backward-incompatible + change. Adding "--suppress-cc=misc-by" on the command line, or + setting sendemail.suppresscc configuration variable to "misc-by", + can be used to disable this behaviour. + + +Updates since v2.19 +------------------- + +UI, Workflows & Features + + * Running "git clone" against a project that contain two files with + pathnames that differ only in cases on a case insensitive + filesystem would result in one of the files lost because the + underlying filesystem is incapable of holding both at the same + time. An attempt is made to detect such a case and warn. + + * "git checkout -b newbranch [HEAD]" should not have to do as much as + checking out a commit different from HEAD. An attempt is made to + optimize this special case. + + * "git rev-list --stdin </dev/null" used to be an error; it now shows + no output without an error. "git rev-list --stdin --default HEAD" + still falls back to the given default when nothing is given on the + standard input. + + * Lift code from GitHub to restrict delta computation so that an + object that exists in one fork is not made into a delta against + another object that does not appear in the same forked repository. + + * "git format-patch" learned new "--interdiff" and "--range-diff" + options to explain the difference between this version and the + previous attempt in the cover letter (or after the three-dashes as + a comment). + + * "git mailinfo" used in "git am" learned to make a best-effort + recovery of a patch corrupted by MUA that sends text/plain with + format=flawed option. + (merge 3aa4d81f88 rs/mailinfo-format-flowed later to maint). + + * The rules used by "git push" and "git fetch" to determine if a ref + can or cannot be updated were inconsistent; specifically, fetching + to update existing tags were allowed even though tags are supposed + to be unmoving anchoring points. "git fetch" was taught to forbid + updates to existing tags without the "--force" option. + + * "git multi-pack-index" learned to detect corruption in the .midx + file it uses, and this feature has been integrated into "git fsck". + + * Generation of (experimental) commit-graph files have so far been + fairly silent, even though it takes noticeable amount of time in a + meaningfully large repository. The users will now see progress + output. + + * The minimum version of Windows supported by Windows port of Git is + now set to Vista. + + * The completion script (in contrib/) learned to complete a handful of + options "git stash list" command takes. + + * The completion script (in contrib/) learned that "git fetch + --multiple" only takes remote names as arguments and no refspecs. + + * "git status" learns to show progress bar when refreshing the index + takes a long time. + (merge ae9af12287 nd/status-refresh-progress later to maint). + + * "git help -a" and "git help -av" give different pieces of + information, and generally the "verbose" version is more friendly + to the new users. "git help -a" by default now uses the more + verbose output (with "--no-verbose", you can go back to the + original). Also "git help -av" now lists aliases and external + commands, which it did not used to. + + * Unlike "grep", "git grep" by default recurses to the whole tree. + The command learned "git grep --recursive" option, so that "git + grep --no-recursive" can serve as a synonym to setting the + max-depth to 0. + + * When pushing into a repository that borrows its objects from an + alternate object store, "git receive-pack" that responds to the + push request on the other side lists the tips of refs in the + alternate to reduce the amount of objects transferred. This + sometimes is detrimental when the number of refs in the alternate + is absurdly large, in which case the bandwidth saved in potentially + fewer objects transferred is wasted in excessively large ref + advertisement. The alternate refs that are advertised are now + configurable with a pair of configuration variables. + + * "git cmd --help" when "cmd" is aliased used to only say "cmd is + aliased to ...". Now it shows that to the standard error stream + and runs "git $cmd --help" where $cmd is the first word of the + alias expansion. + + * The documentation of "git gc" has been updated to mention that it + is no longer limited to "pruning away crufts" but also updates + ancillary files like commit-graph as a part of repository + optimization. + + * "git p4 unshelve" improvements. + + * The logic to select the default user name and e-mail on Windows has + been improved. + (merge 501afcb8b0 js/mingw-default-ident later to maint). + + * The "rev-list --filter" feature learned to exclude all trees via + "tree:0" filter. + + * "git send-email" learned to grab address-looking string on any + trailer whose name ends with "-by"; --suppress-cc=misc-by on the + command line, or setting sendemail.suppresscc configuration + variable to "misc-by", can be used to disable this behaviour. + + * "git mergetool" learned to take the "--[no-]gui" option, just like + "git difftool" does. + + * "git rebase -i" learned a new insn, 'break', that the user can + insert in the to-do list. Upon hitting it, the command returns + control back to the user. + + * New "--pretty=format:" placeholders %GF and %GP that show the GPG + key fingerprints have been invented. + + * On platforms with recent cURL library, http.sslBackend configuration + variable can be used to choose a different SSL backend at runtime. + The Windows port uses this mechanism to switch between OpenSSL and + Secure Channel while talking over the HTTPS protocol. + + * "git send-email" learned to disable SMTP authentication via the + "--smtp-auth=none" option, even when the smtp username is given + (which turns the authentication on by default). + + * A fourth class of configuration files (in addition to the + traditional "system wide", "per user in the $HOME directory" and + "per repository in the $GIT_DIR/config") has been introduced so + that different worktrees that share the same repository (hence the + same $GIT_DIR/config file) can use different customization. + + * A pattern with '**' that does not have a slash on either side used + to be an invalid one, but the code now treats such double-asterisks + the same way as two normal asterisks that happen to be adjacent to + each other. + (merge e5bbe09e88 nd/wildmatch-double-asterisk later to maint). + + * The "--no-patch" option, which can be used to get a high-level + overview without the actual line-by-line patch difference shown, of + the "range-diff" command was earlier broken, which has been + corrected. + + * The recently merged "rebase in C" has an escape hatch to use the + scripted version when necessary, but it hasn't been documented, + which has been corrected. + + +Performance, Internal Implementation, Development Support etc. + + * Developer builds now use -Wunused-function compilation option. + + * One of our CI tests to run with "unusual/experimental/random" + settings now also uses commit-graph and midx. + + * When there are too many packfiles in a repository (which is not + recommended), looking up an object in these would require + consulting many pack .idx files; a new mechanism to have a single + file that consolidates all of these .idx files is introduced. + + * "git submodule update" is getting rewritten piece-by-piece into C. + + * The code for computing history reachability has been shuffled, + obtained a bunch of new tests to cover them, and then being + improved. + + * The unpack_trees() API used in checking out a branch and merging + walks one or more trees along with the index. When the cache-tree + in the index tells us that we are walking a tree whose flattened + contents is known (i.e. matches a span in the index), as linearly + scanning a span in the index is much more efficient than having to + open tree objects recursively and listing their entries, the walk + can be optimized, which has been done. + + * When creating a thin pack, which allows objects to be made into a + delta against another object that is not in the resulting pack but + is known to be present on the receiving end, the code learned to + take advantage of the reachability bitmap; this allows the server + to send a delta against a base beyond the "boundary" commit. + + * spatch transformation to replace boolean uses of !hashcmp() to + newly introduced oideq() is added, and applied, to regain + performance lost due to support of multiple hash algorithms. + + * Fix a bug in which the same path could be registered under multiple + worktree entries if the path was missing (for instance, was removed + manually). Also, as a convenience, expand the number of cases in + which --force is applicable. + + * Split Documentation/config.txt for easier maintenance. + (merge 6014363f0b nd/config-split later to maint). + + * Test helper binaries clean-up. + (merge c9a1f4161f nd/test-tool later to maint). + + * Various tests have been updated to make it easier to swap the + hash function used for object identification. + (merge ae0c89d41b bc/hash-independent-tests later to maint). + + * Update fsck.skipList implementation and documentation. + (merge 371a655074 ab/fsck-skiplist later to maint). + + * An alias that expands to another alias has so far been forbidden, + but now it is allowed to create such an alias. + + * Various test scripts have been updated for style and also correct + handling of exit status of various commands. + + * "gc --auto" ended up calling exit(-1) upon error, which has been + corrected to use exit(1). Also the error reporting behaviour when + daemonized has been updated to exit with zero status when stopping + due to a previously discovered error (which implies there is no + point running gc to improve the situation); we used to exit with + failure in such a case. + + * Various codepaths in the core-ish part learned to work on an + arbitrary in-core index structure, not necessarily the default + instance "the_index". + (merge b3c7eef9b0 nd/the-index later to maint). + + * Code clean-up in the internal machinery used by "git status" and + "git commit --dry-run". + (merge 73ba5d78b4 ss/wt-status-committable later to maint). + + * Some environment variables that control the runtime options of Git + used during tests are getting renamed for consistency. + (merge 4231d1ba99 bp/rename-test-env-var later to maint). + + * A pair of new extensions to the index file have been introduced. + They allow the index file to be read in parallel for performance. + + * The oidset API was built on top of the oidmap API which in turn is + on the hashmap API. Replace the implementation to build on top of + the khash API and gain performance. + + * Over some transports, fetching objects with an exact commit object + name can be done without first seeing the ref advertisements. The + code has been optimized to exploit this. + + * In a partial clone that will lazily be hydrated from the + originating repository, we generally want to avoid "does this + object exist (locally)?" on objects that we deliberately omitted + when we created the clone. The cache-tree codepath (which is used + to write a tree object out of the index) however insisted that the + object exists, even for paths that are outside of the partial + checkout area. The code has been updated to avoid such a check. + + * To help developers, an EditorConfig file that attempts to follow + the project convention has been added. + (merge b548d698a0 bc/editorconfig later to maint). + + * The result of coverage test can be combined with "git blame" to + check the test coverage of code introduced recently with a new + 'coverage-diff' tool (in contrib/). + (merge 783faedd65 ds/coverage-diff later to maint). + + * An experiment to fuzz test a few areas, hopefully we can gain more + coverage to various areas. + + * More codepaths are moving away from hardcoded hash sizes. + + * The way the Windows port figures out the current directory has been + improved. + + * The way DLLs are loaded on the Windows port has been improved. + + * Some tests have been reorganized and renamed; "ls t/" now gives a + better overview of what is tested for these scripts than before. + + * "git rebase" and "git rebase -i" have been reimplemented in C. + + * Windows port learned to use nano-second resolution file timestamps. + + * The overly large Documentation/config.txt file have been split into + million little pieces. This potentially allows each individual piece + to be included into the manual page of the command it affects more easily. + + * Replace three string-list instances used as look-up tables in "git + fetch" with hashmaps. + + * Unify code to read the author-script used in "git am" and the + commands that use the sequencer machinery, e.g. "git rebase -i". + + * In preparation to the day when we can deprecate and remove the + "rebase -p", make sure we can skip and later remove tests for + it. + + * The history traversal used to implement the tag-following has been + optimized by introducing a new helper. + + * The helper function to refresh the cached stat information in the + in-core index has learned to perform the lstat() part of the + operation in parallel on multi-core platforms. + + * The code to traverse objects for reachability, used to decide what + objects are unreferenced and expendable, have been taught to also + consider per-worktree refs of other worktrees as starting points to + prevent data loss. + + * "git add" needs to internally run "diff-files" equivalent, and the + codepath learned the same optimization as "diff-files" has to run + lstat(2) in parallel to find which paths have been updated in the + working tree. + + * The procedure to install dependencies before testing at Travis CI + is getting revamped for both simplicity and flexibility, taking + advantage of the recent move to the vm-based environment. + + * The support for format-patch (and send-email) by the command-line + completion script (in contrib/) has been simplified a bit. + + * The revision walker machinery learned to take advantage of the + commit generation numbers stored in the commit-graph file. + + * The codebase has been cleaned up to reduce "#ifndef NO_PTHREADS". + + * The way -lcurl library gets linked has been simplified by taking + advantage of the fact that we can just ask curl-config command how. + + * Various functions have been audited for "-Wunused-parameter" warnings + and bugs in them got fixed. + + * A sanity check for start-up sequence has been added in the config + API codepath. + + * The build procedure to link for fuzzing test has been made + customizable with a new Makefile variable. + + * The way "git rebase" parses and forwards the command line options + meant for underlying "git am" has been revamped, which fixed for + options with parameters that were not passed correctly. + + * Our testing framework uses a special i18n "poisoned localization" + feature to find messages that ought to stay constant but are + incorrectly marked to be translated. This feature has been made + into a runtime option (it used to be a compile-time option). + + * "git push" used to check ambiguities between object-names and + refnames while processing the list of refs' old and new values, + which was unnecessary (as it knew that it is feeding raw object + names). This has been optimized out. + + * The xcurl_off_t() helper function is used to cast size_t to + curl_off_t, but some compilers gave warnings against the code to + ensure the casting is done without wraparound, when size_t is + narrower than curl_off_t. This warning has been squelched. + + * Code preparation to replace ulong vars with size_t vars where + appropriate continues. + + * The "test installed Git" mode of our test suite has been updated to + work better. + + * A coding convention around the Coccinelle semantic patches to have + two classes to ease code migration process has been proposed and + its support has been added to the Makefile. + + * The "container" mode of TravisCI is going away. Our .travis.yml + file is getting prepared for the transition. + (merge 32ee384be8 ss/travis-ci-force-vm-mode later to maint). + + * Our test scripts can now take the '-V' option as a synonym for the + '--verbose-log' option. + (merge a5f52c6dab sg/test-verbose-log later to maint). + + +Fixes since v2.19 +----------------- + + * "git interpret-trailers" and its underlying machinery had a buggy + code that attempted to ignore patch text after commit log message, + which triggered in various codepaths that will always get the log + message alone and never get such an input. + (merge 66e83d9b41 jk/trailer-fixes later to maint). + + * Malformed or crafted data in packstream can make our code attempt + to read or write past the allocated buffer and abort, instead of + reporting an error, which has been fixed. + + * "git rebase -i" did not clear the state files correctly when a run + of "squash/fixup" is aborted and then the user manually amended the + commit instead, which has been corrected. + (merge 10d2f35436 js/rebase-i-autosquash-fix later to maint). + + * When fsmonitor is in use, after operation on submodules updates + .gitmodules, we lost track of the fact that we did so and relied on + stale fsmonitor data. + (merge 43f1180814 bp/mv-submodules-with-fsmonitor later to maint). + + * Fix for a long-standing bug that leaves the index file corrupt when + it shrinks during a partial commit. + (merge 6c003d6ffb jk/reopen-tempfile-truncate later to maint). + + * Further fix for O_APPEND emulation on Windows + (merge eeaf7ddac7 js/mingw-o-append later to maint). + + * A corner case bugfix in "git rerere" code. + (merge ad2bf0d9b4 en/rerere-multi-stage-1-fix later to maint). + + * "git add ':(attr:foo)'" is not supported and is supposed to be + rejected while the command line arguments are parsed, but we fail + to reject such a command line upfront. + (merge 84d938b732 nd/attr-pathspec-fix later to maint). + + * Recent update broke the reachability algorithm when refs (e.g. + tags) that point at objects that are not commit were involved, + which has been fixed. + + * "git rebase" etc. in Git 2.19 fails to abort when given an empty + commit log message as result of editing, which has been corrected. + (merge a3ec9eaf38 en/sequencer-empty-edit-result-aborts later to maint). + + * The code to backfill objects in lazily cloned repository did not + work correctly, which has been corrected. + (merge e68302011c jt/lazy-object-fetch-fix later to maint). + + * Update error messages given by "git remote" and make them consistent. + (merge 5025425dff ms/remote-error-message-update later to maint). + + * "git update-ref" learned to make both "--no-deref" and "--stdin" + work at the same time. + (merge d345e9fbe7 en/update-ref-no-deref-stdin later to maint). + + * Recently added "range-diff" had a corner-case bug to cause it + segfault, which has been corrected. + (merge e467a90c7a tg/range-diff-corner-case-fix later to maint). + + * The recently introduced commit-graph auxiliary data is incompatible + with mechanisms such as replace & grafts that "breaks" immutable + nature of the object reference relationship. Disable optimizations + based on its use (and updating existing commit-graph) when these + incompatible features are in use in the repository. + (merge 829a321569 ds/commit-graph-with-grafts later to maint). + + * The mailmap file update. + (merge 255eb03edf jn/mailmap-update later to maint). + + * The code in "git status" sometimes hit an assertion failure. This + was caused by a structure that was reused without cleaning the data + used for the first run, which has been corrected. + (merge 3e73cc62c0 en/status-multiple-renames-to-the-same-target-fix later to maint). + + * "git fetch $repo $object" in a partial clone did not correctly + fetch the asked-for object that is referenced by an object in + promisor packfile, which has been fixed. + + * A corner-case bugfix. + (merge c5cbb27cb5 sm/show-superproject-while-conflicted later to maint). + + * Various fixes to "diff --color-moved-ws". + + * A partial clone that is configured to lazily fetch missing objects + will on-demand issue a "git fetch" request to the originating + repository to fill not-yet-obtained objects. The request has been + optimized for requesting a tree object (and not the leaf blob + objects contained in it) by telling the originating repository that + no blobs are needed. + (merge 4c7f9567ea jt/non-blob-lazy-fetch later to maint). + + * The codepath to support the experimental split-index mode had + remaining "racily clean" issues fixed. + (merge 4c490f3d32 sg/split-index-racefix later to maint). + + * "git log --graph" showing an octopus merge sometimes miscounted the + number of display columns it is consuming to show the merge and its + parent commits, which has been corrected. + (merge 04005834ed np/log-graph-octopus-fix later to maint). + + * "git range-diff" did not work well when the compared ranges had + changes in submodules and the "--submodule=log" was used. + + * The implementation of run_command() API on the UNIX platforms had a + bug that caused a command not on $PATH to be found in the current + directory. + (merge f67b980771 jk/run-command-notdot later to maint). + + * A mutex used in "git pack-objects" were not correctly initialized + and this caused "git repack" to dump core on Windows. + (merge 34204c8166 js/pack-objects-mutex-init-fix later to maint). + + * Under certain circumstances, "git diff D:/a/b/c D:/a/b/d" on + Windows would strip initial parts from the paths because they + were not recognized as absolute, which has been corrected. + (merge ffd04e92e2 js/diff-notice-has-drive-prefix later to maint). + + * The receive.denyCurrentBranch=updateInstead codepath kicked in even + when the push should have been rejected due to other reasons, such + as it does not fast-forward or the update-hook rejects it, which + has been corrected. + (merge b072a25fad jc/receive-deny-current-branch-fix later to maint). + + * The logic to determine the archive type "git archive" uses did not + correctly kick in for "git archive --remote", which has been + corrected. + + * "git repack" in a shallow clone did not correctly update the + shallow points in the repository, leading to a repository that + does not pass fsck. + (merge 5dcfbf564c js/shallow-and-fetch-prune later to maint). + + * Some codepaths failed to form a proper URL when .gitmodules record + the URL to a submodule repository as relative to the repository of + superproject, which has been corrected. + (merge e0a862fdaf sb/submodule-url-to-absolute later to maint). + + * "git fetch" over protocol v2 into a shallow repository failed to + fetch full history behind a new tip of history that was diverged + before the cut-off point of the history that was previously fetched + shallowly. + + * The command line completion machinery (in contrib/) has been + updated to allow the completion script to tweak the list of options + that are reported by the parse-options machinery correctly. + (merge 276b49ff34 nd/completion-negation later to maint). + + * Operations on promisor objects make sense in the context of only a + small subset of the commands that internally use the revisions + machinery, but the "--exclude-promisor-objects" option were taken + and led to nonsense results by commands like "log", to which it + didn't make much sense. This has been corrected. + (merge 669b1d2aae md/exclude-promisor-objects-fix later to maint). + + * A regression in Git 2.12 era made "git fsck" fall into an infinite + loop while processing truncated loose objects. + (merge 18ad13e5b2 jk/detect-truncated-zlib-input later to maint). + + * "git ls-remote $there foo" was broken by recent update for the + protocol v2 and stopped showing refs that match 'foo' that are not + refs/{heads,tags}/foo, which has been fixed. + (merge 6a139cdd74 jk/proto-v2-ref-prefix-fix later to maint). + + * Additional comment on a tricky piece of code to help developers. + (merge 0afbe3e806 jk/stream-pack-non-delta-clarification later to maint). + + * A couple of tests used to leave the repository in a state that is + deliberately corrupt, which have been corrected. + (merge aa984dbe5e ab/pack-tests-cleanup later to maint). + + * The submodule support has been updated to read from the blob at + HEAD:.gitmodules when the .gitmodules file is missing from the + working tree. + (merge 2b1257e463 ao/submodule-wo-gitmodules-checked-out later to maint). + + * "git fetch" was a bit loose in parsing responses from the other side + when talking over the protocol v2. + + * "git rev-parse --exclude=* --branches --branches" (i.e. first + saying "add only things that do not match '*' out of all branches" + and then adding all branches, without any exclusion this time) + worked as expected, but "--exclude=* --all --all" did not work the + same way, which has been fixed. + (merge 5221048092 ag/rev-parse-all-exclude-fix later to maint). + + * "git send-email --transfer-encoding=..." in recent versions of Git + sometimes produced an empty "Content-Transfer-Encoding:" header, + which has been corrected. + (merge 3c88e46f1a al/send-email-auto-cte-fixup later to maint). + + * The interface into "xdiff" library used to discover the offset and + size of a generated patch hunk by first formatting it into the + textual hunk header "@@ -n,m +k,l @@" and then parsing the numbers + out. A new interface has been introduced to allow callers a more + direct access to them. + (merge 5eade0746e jk/xdiff-interface later to maint). + + * Pathspec matching against a tree object were buggy when negative + pathspec elements were involved, which has been fixed. + (merge b7845cebc0 nd/tree-walk-path-exclusion later to maint). + + * "git merge" and "git pull" that merges into an unborn branch used + to completely ignore "--verify-signatures", which has been + corrected. + (merge 01a31f3bca jk/verify-sig-merge-into-void later to maint). + + * "git rebase --autostash" did not correctly re-attach the HEAD at times. + + * "rev-parse --exclude=<pattern> --branches=<pattern>" etc. did not + quite work, which has been corrected. + (merge 9ab9b5df0e ra/rev-parse-exclude-glob later to maint). + + * When editing a patch in a "git add -i" session, a hunk could be + made to no-op. The "git apply" program used to reject a patch with + such a no-op hunk to catch user mistakes, but it is now updated to + explicitly allow a no-op hunk in an edited patch. + (merge 22cb3835b9 js/apply-recount-allow-noop later to maint). + + * The URL to an MSDN page in a comment has been updated. + (merge 2ef2ae2917 js/mingw-msdn-url later to maint). + + * "git ls-remote --sort=<thing>" can feed an object that is not yet + available into the comparison machinery and segfault, which has + been corrected to check such a request upfront and reject it. + + * When "git bundle" aborts due to an empty commit ranges + (i.e. resulting in an empty pack), it left a file descriptor to an + lockfile open, which resulted in leftover lockfile on Windows where + you cannot remove a file with an open file descriptor. This has + been corrected. + (merge 2c8ee1f53c jk/close-duped-fd-before-unlock-for-bundle later to maint). + + * "git format-patch --stat=<width>" can be used to specify the width + used by the diffstat (shown in the cover letter). + (merge 284aeb7e60 nd/format-patch-cover-letter-stat-width later to maint). + + * The way .git/index and .git/sharedindex* files were initially + created gave these files different perm bits until they were + adjusted for shared repository settings. This was made consistent. + (merge c9d6c78870 cc/shared-index-permbits later to maint). + + * "git rebase --stat" to transplant a piece of history onto a totally + unrelated history were not working before and silently showed wrong + result. With the recent reimplementation in C, it started to instead + die with an error message, as the original logic was not prepared + to cope with this case. This has now been fixed. + + * The advice message to tell the user to migrate an existing graft + file to the replace system when a graft file was read was shown + even when "git replace --convert-graft-file" command, which is the + way the message suggests to use, was running, which made little + sense. + (merge 8821e90a09 ab/replace-graft-with-replace-advice later to maint). + + * "git diff --raw" lost ellipses to adjust the output columns for + some time now, but the documentation still showed them. + + * Code cleanup, docfix, build fix, etc. + (merge 96a7501aad ts/doc-build-manpage-xsl-quietly later to maint). + (merge b9b07efdb2 tg/conflict-marker-size later to maint). + (merge fa0aeea770 sg/doc-trace-appends later to maint). + (merge d64324cb60 tb/void-check-attr later to maint). + (merge c3b9bc94b9 en/double-semicolon-fix later to maint). + (merge 79336116f5 sg/t3701-tighten-trace later to maint). + (merge 801fa63a90 jk/dev-build-format-security later to maint). + (merge 0597dd62ba sb/string-list-remove-unused later to maint). + (merge db2d36fad8 bw/protocol-v2 later to maint). + (merge 456d7cd3a9 sg/split-index-test later to maint). + (merge 7b6057c852 tq/refs-internal-comment-fix later to maint). + (merge 29e8dc50ad tg/t5551-with-curl-7.61.1 later to maint). + (merge 55f6bce2c9 fe/doc-updates later to maint). + (merge 7987d2232d jk/check-everything-connected-is-long-gone later to maint). + (merge 4ba3c9be47 dz/credential-doc-url-matching-rules later to maint). + (merge 4c399442f7 ma/commit-graph-docs later to maint). + (merge fc0503b04e ma/t1400-undebug-test later to maint). + (merge e56b53553a nd/packobjectshook-doc-fix later to maint). + (merge c56170a0c4 ma/mailing-list-address-in-git-help later to maint). + (merge 6e8fc70fce rs/sequencer-oidset-insert-avoids-dups later to maint). + (merge ad0b8f9575 mw/doc-typofixes later to maint). + (merge d9f079ad1a jc/how-to-document-api later to maint). + (merge b1492bf315 ma/t7005-bash-workaround later to maint). + (merge ac1f98a0df du/rev-parse-is-plumbing later to maint). + (merge ca8ed443a5 mm/doc-no-dashed-git later to maint). + (merge ce366a8144 du/get-tar-commit-id-is-plumbing later to maint). + (merge 61018fe9e0 du/cherry-is-plumbing later to maint). + (merge c7e5fe79b9 sb/strbuf-h-update later to maint). + (merge 8d2008196b tq/branch-create-wo-branch-get later to maint). + (merge 2e3c894f4b tq/branch-style-fix later to maint). + (merge c5d844af9c sg/doc-show-branch-typofix later to maint). + (merge 081d91618b ah/doc-updates later to maint). + (merge b84c783882 jc/cocci-preincr later to maint). + (merge 5e495f8122 uk/merge-subtree-doc-update later to maint). + (merge aaaa881822 jk/uploadpack-packobjectshook-fix later to maint). + (merge 3063477445 tb/char-may-be-unsigned later to maint). + (merge 8c64bc9420 sg/test-rebase-editor-fix later to maint). + (merge 71571cd7d6 ma/sequencer-do-reset-saner-loop-termination later to maint). + (merge 9a4cb8781e cb/notes-freeing-always-null-fix later to maint). + (merge 3006f5ee16 ma/reset-doc-rendering-fix later to maint). + (merge 4c2eb06419 sg/daemon-test-signal-fix later to maint). + (merge d27525e519 ss/msvc-strcasecmp later to maint). diff --git a/Documentation/RelNotes/2.20.1.txt b/Documentation/RelNotes/2.20.1.txt new file mode 100644 index 0000000000..dcba888dba --- /dev/null +++ b/Documentation/RelNotes/2.20.1.txt @@ -0,0 +1,20 @@ +Git v2.20.1 Release Notes +========================= + +This release is primarily to fix brown-paper-bag breakages in the +2.20.0 release. + +Fixes since v2.20 +----------------- + + * A few newly added tests were not portable and caused minority + platforms to report false breakages, which have been fixed. + + * Portability fix for a recent update to parse-options API. + + * "git help -a" did not work well when an overly long alias is + defined, which has been corrected. + + * A recent update accidentally squelched an error message when the + run_command API failed to run a missing command, which has been + corrected. diff --git a/Documentation/RelNotes/2.21.0.txt b/Documentation/RelNotes/2.21.0.txt new file mode 100644 index 0000000000..4596d9e01a --- /dev/null +++ b/Documentation/RelNotes/2.21.0.txt @@ -0,0 +1,242 @@ +Git 2.21 Release Notes +====================== + +Backward Compatibility Notes +---------------------------- + + +Updates since v2.20 +------------------- + +UI, Workflows & Features + + * The "http.version" configuration variable can be used with recent + enough cURL library to force the version of HTTP used to talk when + fetching and pushing. + + * Small fixes and features for fast-export and fast-import, mostly on + the fast-export side. + + * "git push $there $src:$dst" rejects when $dst is not a fully + qualified refname and not clear what the end user meant. The + codepath has been taught to give a clearer error message, and also + guess where the push should go by taking the type of the pushed + object into account (e.g. a tag object would want to go under + refs/tags/). + + * "git checkout [<tree-ish>] path..." learned to report the number of + paths that have been checked out of the index or the tree-ish, + which gives it the same degree of noisy-ness as the case in which + the command checks out a branch. + + * "git quiltimport" learned "--keep-non-patch" option. + + * "git worktree remove" and "git worktree move" refused to work when + there is a submodule involved. This has been loosened to ignore + uninitialized submodules. + + * "git cherry-pick -m1" was forbidden when picking a non-merge + commit, even though there _is_ parent number 1 for such a commit. + This was done to avoid mistakes back when "cherry-pick" was about + picking a single commit, but is no longer useful with "cherry-pick" + that can pick a range of commits. Now the "-m$num" option is + allowed when picking any commit, as long as $num names an existing + parent of the commit. + + * Update "git multimail" from the upstream. + + * "git p4" update. + + * The "--format=<placeholder>" option of for-each-ref, branch and tag + learned to show a few more traits of objects that can be learned by + the object_info API. + + * "git rebase -i" learned to re-execute a command given with 'exec' + to run after it failed the last time. + + * "git diff --color-moved-ws" updates. + + * Custom userformat "log --format" learned %S atom that stands for + the tip the traversal reached the commit from, i.e. --source. + + +Performance, Internal Implementation, Development Support etc. + + * Code clean-up with optimization for the codepath that checks + (non-)existence of loose objects. + + * More codepaths become aware of working with in-core repository + instance other than the default "the_repository". + + * The "strncat()" function is now among the banned functions. + + * Portability updates for the HPE NonStop platform. + + * Earlier we added "-Wformat-security" to developer builds, assuming + that "-Wall" (which includes "-Wformat" which in turn is required + to use "-Wformat-security") is always in effect. This is not true + when config.mak.autogen is in use, unfortunately. This has been + fixed by unconditionally adding "-Wall" to developer builds. + + * The loose object cache used to optimize existence look-up has been + updated. + + * Flaky tests can now be repeatedly run under load with the + "--stress" option. + (merge fb7d1e3ac8 sg/stress-test later to maint). + + * Documentation/Makefile is getting prepared for manpage + localization. + + * "git fetch-pack" now can talk the version 2 protocol. + + * sha-256 hash has been added and plumbed through the code to allow + building Git with the "NewHash". + + * Debugging help for http transport. + + * "git fetch --deepen=<more>" has been corrected to work over v2 + protocol. + + * The code to walk tree objects has been taught that we may be + working with object names that are not computed with SHA-1. + + +Fixes since v2.20 +----------------- + + * Updates for corner cases in merge-recursive. + (merge cc4cb0902c en/merge-path-collision later to maint). + + * "git checkout frotz" (without any double-dash) avoids ambiguity by + making sure 'frotz' cannot be interpreted as a revision and as a + path at the same time. This safety has been updated to check also + a unique remote-tracking branch 'frotz' in a remote, when dwimming + to create a local branch 'frotz' out of a remote-tracking branch + 'frotz' from a remote. + (merge be4908f103 nd/checkout-dwim-fix later to maint). + + * Refspecs configured with "git -c var=val clone" did not propagate + to the resulting repository, which has been corrected. + (merge 7eae4a3ac4 sg/clone-initial-fetch-configuration later to maint). + + * A properly configured username/email is required under + user.useConfigOnly in order to create commits; now "git stash" + (even though it creates commit objects to represent stash entries) + command is exempt from the requirement. + (merge 3bc2111fc2 sd/stash-wo-user-name later to maint). + + * The http-backend CGI process did not correctly clean up the child + processes it spawns to run upload-pack etc. when it dies itself, + which has been corrected. + (merge 02818a98d7 mk/http-backend-kill-children-before-exit later to maint). + + * "git rev-list --exclude-promisor-objects" had to take an object + that does not exist locally (and is lazily available) from the + command line without barfing, but the code dereferenced NULL. + (merge 4cf67869b2 md/list-lazy-objects-fix later to maint). + + * The traversal over tree objects has learned to honor + ":(attr:label)" pathspec match, which has been implemented only for + enumerating paths on the filesystem. + (merge 5a0b97b34c nd/attr-pathspec-in-tree-walk later to maint). + + * BSD port updates. + (merge 4e3ecbd439 cb/openbsd-allows-reading-directory later to maint). + (merge b6bdc2a0f5 cb/t5004-empty-tar-archive-fix later to maint). + (merge 82cbc8cde2 cb/test-lint-cp-a later to maint). + + * Lines that begin with a certain keyword that come over the wire, as + well as lines that consist only of one of these keywords, ought to + be painted in color for easier eyeballing, but the latter was + broken ever since the feature was introduced in 2.19, which has + been corrected. + (merge 1f67290450 hn/highlight-sideband-keywords later to maint). + + * "git log -G<regex>" looked for a hunk in the "git log -p" patch + output that contained a string that matches the given pattern. + Optimize this code to ignore binary files, which by default will + not show any hunk that would match any pattern (unless textconv or + the --text option is in effect, that is). + (merge e0e7cb8080 tb/log-G-binary later to maint). + + * "git submodule update" ought to use a single job unless asked, but + by mistake used multiple jobs, which has been fixed. + (merge e3a9d1aca9 sb/submodule-fetchjobs-default-to-one later to maint). + + * "git stripspace" should be usable outside a git repository, but + under the "-s" or "-c" mode, it didn't. + (merge 957da75802 jn/stripspace-wo-repository later to maint). + + * Some of the documentation pages formatted incorrectly with + Asciidoctor, which have been fixed. + (merge b62eb1d2f4 ma/asciidoctor later to maint). + + * The core.worktree setting in a submodule repository should not be + pointing at a directory when the submodule loses its working tree + (e.g. getting deinit'ed), but the code did not properly maintain + this invariant. + + * With zsh, "git cmd path<TAB>" was completed to "git cmd path name" + when the completed path has a special character like SP in it, + without any attempt to keep "path name" a single filename. This + has been fixed to complete it to "git cmd path\ name" just like + Bash completion does. + + * The test suite tried to see if it is run under bash, but the check + itself failed under some other implementations of shell (notably + under NetBSD). This has been corrected. + (merge 54ea72f09c sg/test-bash-version-fix later to maint). + + * "git gc" and "git repack" did not close the open packfiles that + they found unneeded before removing them, which didn't work on a + platform incapable of removing an open file. This has been + corrected. + (merge 5bdece0d70 js/gc-repack-close-before-remove later to maint). + + * The code to drive GIT_EXTERNAL_DIFF command relied on the string + returned from getenv() to be non-volatile, which is not true, that + has been corrected. + (merge 6776a84dae kg/external-diff-save-env later to maint). + + * There were many places the code relied on the string returned from + getenv() to be non-volatile, which is not true, that have been + corrected. + (merge 0da0e9268b jk/save-getenv-result later to maint). + + * The v2 upload-pack protocol implementation failed to honor + hidden-ref configuration, which has been corrected. + (merge e20b4192a3 jk/proto-v2-hidden-refs-fix later to maint). + + * "git fetch --recurse-submodules" may not fetch the necessary commit + that is bound to the superproject, which is getting corrected. + (merge be76c21282 sb/submodule-recursive-fetch-gets-the-tip later to maint). + + * "git rebase" internally runs "checkout" to switch between branches, + and the command used to call the post-checkout hook, but the + reimplementation stopped doing so, which is getting fixed. + + * "git add -e" got confused when the change it wants to let the user + edit is smaller than the previous change that was left over in a + temporary file. + (merge fa6f225e01 js/add-e-clear-patch-before-stating later to maint). + + * Code cleanup, docfix, build fix, etc. + (merge 89ba9a79ae hb/t0061-dot-in-path-fix later to maint). + (merge d173e799ea sb/diff-color-moved-config-option-fixup later to maint). + (merge a8f5a59067 en/directory-renames-nothanks-doc-update later to maint). + (merge ec36c42a63 nd/indentation-fix later to maint). + (merge f116ee21cd do/gitweb-strict-export-conf-doc later to maint). + (merge 112ea42663 fd/gitweb-snapshot-conf-doc-fix later to maint). + (merge 1cadad6f65 tb/use-common-win32-pathfuncs-on-cygwin later to maint). + (merge 57e9dcaa65 km/rebase-doc-typofix later to maint). + (merge b8b4cb27e6 ds/gc-doc-typofix later to maint). + (merge 3b3357626e nd/style-opening-brace later to maint). + (merge b4583d5595 es/doc-worktree-guessremote-config later to maint). + (merge cce99cd8c6 ds/commit-graph-assert-missing-parents later to maint). + (merge 0650614982 cy/completion-typofix later to maint). + (merge 6881925ef5 rs/sha1-file-close-mapped-file-on-error later to maint). + (merge bd8d6f0def en/show-ref-doc-fix later to maint). + (merge 1747125e2c cc/parial-clone-doc-typofix later to maint). + (merge e01378753d cc/fetch-error-message-fix later to maint). + (merge 54e8c11215 jk/remote-insteadof-cleanup later to maint). diff --git a/Documentation/RelNotes/2.4.12.txt b/Documentation/RelNotes/2.4.12.txt new file mode 100644 index 0000000000..7d15f94725 --- /dev/null +++ b/Documentation/RelNotes/2.4.12.txt @@ -0,0 +1,12 @@ +Git v2.4.12 Release Notes +========================= + +Fixes since v2.4.11 +------------------- + + * "git-shell" rejects a request to serve a repository whose name + begins with a dash, which makes it no longer possible to get it + confused into spawning service programs like "git-upload-pack" with + an option like "--help", which in turn would spawn an interactive + pager, instead of working with the repository user asked to access + (i.e. the one whose name is "--help"). diff --git a/Documentation/RelNotes/2.5.6.txt b/Documentation/RelNotes/2.5.6.txt new file mode 100644 index 0000000000..9cd025bb1c --- /dev/null +++ b/Documentation/RelNotes/2.5.6.txt @@ -0,0 +1,12 @@ +Git v2.5.6 Release Notes +======================== + +Fixes since v2.5.5 +------------------ + + * "git-shell" rejects a request to serve a repository whose name + begins with a dash, which makes it no longer possible to get it + confused into spawning service programs like "git-upload-pack" with + an option like "--help", which in turn would spawn an interactive + pager, instead of working with the repository user asked to access + (i.e. the one whose name is "--help"). diff --git a/Documentation/RelNotes/2.6.7.txt b/Documentation/RelNotes/2.6.7.txt new file mode 100644 index 0000000000..1335de49a6 --- /dev/null +++ b/Documentation/RelNotes/2.6.7.txt @@ -0,0 +1,12 @@ +Git v2.6.7 Release Notes +======================== + +Fixes since v2.6.6 +------------------ + + * "git-shell" rejects a request to serve a repository whose name + begins with a dash, which makes it no longer possible to get it + confused into spawning service programs like "git-upload-pack" with + an option like "--help", which in turn would spawn an interactive + pager, instead of working with the repository user asked to access + (i.e. the one whose name is "--help"). diff --git a/Documentation/RelNotes/2.7.5.txt b/Documentation/RelNotes/2.7.5.txt new file mode 100644 index 0000000000..83559ce3b2 --- /dev/null +++ b/Documentation/RelNotes/2.7.5.txt @@ -0,0 +1,14 @@ +Git v2.7.5 Release Notes +======================== + +Fixes since v2.7.4 +------------------ + + * "git-shell" rejects a request to serve a repository whose name + begins with a dash, which makes it no longer possible to get it + confused into spawning service programs like "git-upload-pack" with + an option like "--help", which in turn would spawn an interactive + pager, instead of working with the repository user asked to access + (i.e. the one whose name is "--help"). + +Also contains a few fixes backported from later development tracks. diff --git a/Documentation/RelNotes/2.7.6.txt b/Documentation/RelNotes/2.7.6.txt new file mode 100644 index 0000000000..4c6d1dcd4a --- /dev/null +++ b/Documentation/RelNotes/2.7.6.txt @@ -0,0 +1,25 @@ +Git v2.7.6 Release Notes +======================== + +Fixes since v2.7.5 +------------------ + + * A "ssh://..." URL can result in a "ssh" command line with a + hostname that begins with a dash "-", which would cause the "ssh" + command to instead (mis)treat it as an option. This is now + prevented by forbidding such a hostname (which will not be + necessary in the real world). + + * Similarly, when GIT_PROXY_COMMAND is configured, the command is + run with host and port that are parsed out from "ssh://..." URL; + a poorly written GIT_PROXY_COMMAND could be tricked into treating + a string that begins with a dash "-". This is now prevented by + forbidding such a hostname and port number (again, which will not + be necessary in the real world). + + * In the same spirit, a repository name that begins with a dash "-" + is also forbidden now. + +Credits go to Brian Neel at GitLab, Joern Schneeweisz of Recurity +Labs and Jeff King at GitHub. + diff --git a/Documentation/RelNotes/2.8.5.txt b/Documentation/RelNotes/2.8.5.txt new file mode 100644 index 0000000000..7bd179fa12 --- /dev/null +++ b/Documentation/RelNotes/2.8.5.txt @@ -0,0 +1,12 @@ +Git v2.8.5 Release Notes +======================== + +Fixes since v2.8.4 +------------------ + + * "git-shell" rejects a request to serve a repository whose name + begins with a dash, which makes it no longer possible to get it + confused into spawning service programs like "git-upload-pack" with + an option like "--help", which in turn would spawn an interactive + pager, instead of working with the repository user asked to access + (i.e. the one whose name is "--help"). diff --git a/Documentation/RelNotes/2.8.6.txt b/Documentation/RelNotes/2.8.6.txt new file mode 100644 index 0000000000..d8db55d920 --- /dev/null +++ b/Documentation/RelNotes/2.8.6.txt @@ -0,0 +1,4 @@ +Git v2.8.6 Release Notes +======================== + +This release forward-ports the fix for "ssh://..." URL from Git v2.7.6 diff --git a/Documentation/RelNotes/2.9.4.txt b/Documentation/RelNotes/2.9.4.txt index 01e864278b..9768293831 100644 --- a/Documentation/RelNotes/2.9.4.txt +++ b/Documentation/RelNotes/2.9.4.txt @@ -80,4 +80,11 @@ Fixes since v2.9.3 the file descriptor still open. Open tempfile with O_CLOEXEC flag to avoid this (on Windows, this is mapped to O_NOINHERIT). + * "git-shell" rejects a request to serve a repository whose name + begins with a dash, which makes it no longer possible to get it + confused into spawning service programs like "git-upload-pack" with + an option like "--help", which in turn would spawn an interactive + pager, instead of working with the repository user asked to access + (i.e. the one whose name is "--help"). + Also contains minor documentation updates and code clean-ups. diff --git a/Documentation/RelNotes/2.9.5.txt b/Documentation/RelNotes/2.9.5.txt new file mode 100644 index 0000000000..668313ae55 --- /dev/null +++ b/Documentation/RelNotes/2.9.5.txt @@ -0,0 +1,4 @@ +Git v2.9.5 Release Notes +======================== + +This release forward-ports the fix for "ssh://..." URL from Git v2.7.6 |