summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2019-12-05Merge branch 'js/rebase-r-safer-label'Libravatar Junio C Hamano2-27/+51
A label used in the todo list that are generated by "git rebase --rebase-merges" is used as a part of a refname; the logic to come up with the label has been tightened to avoid names that cannot be used as such. * js/rebase-r-safer-label: rebase -r: let `label` generate safer labels rebase-merges: move labels' whitespace mangling into `label_oid()`
2019-12-05Merge branch 'ep/guard-kset-tar-headers'Libravatar Junio C Hamano2-0/+9
Code clean-up. * ep/guard-kset-tar-headers: kset.h, tar.h: add missing header guard to prevent multiple inclusion
2019-12-01The second batchLibravatar Junio C Hamano1-0/+87
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2019-12-01Merge branch 'jk/gitweb-anti-xss'Libravatar Junio C Hamano3-20/+25
Some codepaths in "gitweb" that forgot to escape URLs generated based on end-user input have been corrected. * jk/gitweb-anti-xss: gitweb: escape URLs generated by href() t/gitweb-lib.sh: set $REQUEST_URI t/gitweb-lib.sh: drop confusing quotes t9502: pass along all arguments in xss helper
2019-12-01Merge branch 'ar/install-doc-update-cmds-needing-the-shell'Libravatar Junio C Hamano1-2/+2
Doc update. * ar/install-doc-update-cmds-needing-the-shell: INSTALL: use existing shell scripts as example
2019-12-01Merge branch 'ma/t7004'Libravatar Junio C Hamano1-3/+3
Test fix. * ma/t7004: t7004: check existence of correct tag
2019-12-01Merge branch 'js/complete-svn-recursive'Libravatar Junio C Hamano1-0/+1
The completion script (in contrib/) has been taught that "git svn" supports the "--recursive" option. * js/complete-svn-recursive: completion: tab-complete "git svn --recursive"
2019-12-01Merge branch 'jk/send-pack-remote-failure'Libravatar Junio C Hamano1-4/+4
Error handling after "git push" finishes sending the packdata and waits for the response to the remote side has been improved. * jk/send-pack-remote-failure: send-pack: check remote ref status on pack-objects failure
2019-12-01Merge branch 'jc/fsmonitor-sanity-fix'Libravatar Junio C Hamano1-2/+4
Remove an incorrect BUG() that should not trigger. * jc/fsmonitor-sanity-fix: fsmonitor: do not compare bitmap size with size of split index
2019-12-01Merge branch 'sg/skip-skipped-prereq'Libravatar Junio C Hamano1-6/+6
Test update to avoid wasted cycles. * sg/skip-skipped-prereq: test-lib: don't check prereqs of test cases that won't be run anyway
2019-12-01Merge branch 'ds/test-read-graph'Libravatar Junio C Hamano8-82/+58
Dev support for commit-graph feature. * ds/test-read-graph: test-tool: use 'read-graph' helper
2019-12-01Merge branch 'rs/use-copy-array-in-mingw-shell-command-preparation'Libravatar Junio C Hamano1-1/+1
Code cleanup. * rs/use-copy-array-in-mingw-shell-command-preparation: mingw: use COPY_ARRAY for copying array
2019-12-01Merge branch 'rs/parse-options-dup-null-fix'Libravatar Junio C Hamano1-1/+2
Code cleanup. * rs/parse-options-dup-null-fix: parse-options: avoid arithmetic on pointer that's potentially NULL
2019-12-01Merge branch 'jt/fetch-remove-lazy-fetch-plugging'Libravatar Junio C Hamano6-25/+108
"git fetch" codepath had a big "do not lazily fetch missing objects when I ask if something exists" switch. This has been corrected by marking the "does this thing exist?" calls with "if not please do not lazily fetch it" flag. * jt/fetch-remove-lazy-fetch-plugging: promisor-remote: remove fetch_if_missing=0 clone: remove fetch_if_missing=0 fetch: remove fetch_if_missing=0
2019-12-01Merge branch 'jk/optim-in-pack-idx-conversion'Libravatar Junio C Hamano3-6/+19
Code clean-up. * jk/optim-in-pack-idx-conversion: pack-objects: avoid pointless oe_map_new_pack() calls
2019-12-01Merge branch 'dl/complete-rebase-onto'Libravatar Junio C Hamano1-0/+4
The completion script (in contrib/) learned that the "--onto" option of "git rebase" can take its argument as the value of the option. * dl/complete-rebase-onto: completion: learn to complete `git rebase --onto=`
2019-12-01Merge branch 'tg/stash-refresh-index'Libravatar Junio C Hamano2-5/+9
Recent update to "git stash pop" made the command empty the index when run with the "--quiet" option, which has been corrected. * tg/stash-refresh-index: stash: make sure we have a valid index before writing it
2019-12-01Merge branch 'nn/doc-rebase-merges'Libravatar Junio C Hamano1-2/+2
Doc update. * nn/doc-rebase-merges: doc: improve readability of --rebase-merges in git-rebase
2019-12-01Merge branch 'dd/sequencer-utf8'Libravatar Junio C Hamano7-9/+193
Handling of commit objects that use non UTF-8 encoding during "rebase -i" has been improved. * dd/sequencer-utf8: sequencer: reencode commit message for am/rebase --show-current-patch sequencer: reencode old merge-commit message sequencer: reencode squashing commit's message sequencer: reencode revert/cherry-pick's todo list sequencer: reencode to utf-8 before arrange rebase's todo list t3900: demonstrate git-rebase problem with multi encoding configure.ac: define ICONV_OMITS_BOM if necessary t0028: eliminate non-standard usage of printf
2019-12-01Merge branch 'jk/remove-sha1-to-hex'Libravatar Junio C Hamano4-47/+5
Code clean-up. * jk/remove-sha1-to-hex: hex: drop sha1_to_hex() hex: drop sha1_to_hex_r()
2019-12-01Merge branch 'dj/typofix-merge-strat'Libravatar Junio C Hamano1-1/+1
Typofix. * dj/typofix-merge-strat: merge-strategies: fix typo "reflected to" to "reflected in"
2019-12-01Merge branch 'rj/bundle-ui-updates'Libravatar Junio C Hamano4-53/+211
"git bundle" has been taught to use the parse options API. "git bundle verify" learned "--quiet" and "git bundle create" learned options to control the progress output. * rj/bundle-ui-updates: bundle-verify: add --quiet bundle-create: progress output control bundle: framework for options before bundle file
2019-12-01Merge branch 'rs/skip-iprefix'Libravatar Junio C Hamano2-19/+12
Code simplification. * rs/skip-iprefix: convert: use skip_iprefix() in validate_encoding() utf8: use skip_iprefix() in same_utf_encoding()
2019-12-01Merge branch 'ln/userdiff-elixir'Libravatar Junio C Hamano13-0/+78
The patterns to detect function boundary for Elixir language has been added. * ln/userdiff-elixir: userdiff: add Elixir to supported userdiff languages
2019-12-01Merge branch 'py/shortlog-list-options-for-log'Libravatar Junio C Hamano2-1/+13
Documentation pages for "git shortlog" now lists commit limiting options explicitly. * py/shortlog-list-options-for-log: git-shortlog.txt: include commit limiting options
2019-12-01Merge branch 'en/doc-typofix'Libravatar Junio C Hamano141-214/+214
Docfix. * en/doc-typofix: Fix spelling errors in no-longer-updated-from-upstream modules multimail: fix a few simple spelling errors sha1dc: fix trivial comment spelling error Fix spelling errors in test commands Fix spelling errors in messages shown to users Fix spelling errors in names of tests Fix spelling errors in comments of testcases Fix spelling errors in code comments Fix spelling errors in documentation outside of Documentation/ Documentation: fix a bunch of typos, both old and new
2019-12-01Merge branch 'ns/test-desc-typofix'Libravatar Junio C Hamano1-2/+2
Typofix. * ns/test-desc-typofix: t: fix typo in test descriptions
2019-12-01Merge branch 'en/t6024-style'Libravatar Junio C Hamano1-63/+67
Test updates. * en/t6024-style: t6024: modernize style
2019-12-01Merge branch 'en/misc-doc-fixes'Libravatar Junio C Hamano3-5/+5
Misc doc fixes. * en/misc-doc-fixes: name-hash.c: remove duplicate word in comment hashmap: fix documentation misuses of -> versus . git-filter-branch.txt: correct argument name typo
2019-12-01Merge branch 'js/fetch-multi-lockfix'Libravatar Junio C Hamano2-2/+12
Fetching from multiple remotes into the same repository in parallel had a bad interaction with the recent change to (optionally) update the commit-graph after a fetch job finishes, as these parallel fetches compete with each other. Which has been corrected. * js/fetch-multi-lockfix: fetch: avoid locking issues between fetch.jobs/fetch.writeCommitGraph fetch: add the command-line option `--write-commit-graph`
2019-12-01Merge branch 'rs/trace2-dots'Libravatar Junio C Hamano1-15/+2
Code cleanup. * rs/trace2-dots: trace2: add dots directly to strbuf in perf_fmt_prepare()
2019-12-01Merge branch 'kw/fsmonitor-watchman-fix'Libravatar Junio C Hamano2-18/+8
The watchman integration for fsmonitor was racy, which has been corrected to be more conservative. * kw/fsmonitor-watchman-fix: fsmonitor: fix watchman integration
2019-12-01Merge branch 'cb/curl-use-xmalloc'Libravatar Junio C Hamano1-10/+8
HTTP transport had possible allocator/deallocator mismatch, which has been corrected. * cb/curl-use-xmalloc: remote-curl: unbreak http.extraHeader with custom allocators
2019-12-01Merge branch 'rt/fetch-message-fix'Libravatar Junio C Hamano1-1/+1
A small message update. * rt/fetch-message-fix: fetch.c: fix typo in a warning message
2019-12-01Merge branch 'es/myfirstcontrib-updates'Libravatar Junio C Hamano1-3/+50
Doc updates. * es/myfirstcontrib-updates: myfirstcontrib: hint to find gitgitgadget allower myfirstcontrib: add dependency installation step myfirstcontrib: add 'psuh' to command-list.txt
2019-12-01Merge branch 'hw/config-doc-in-header'Libravatar Junio C Hamano2-319/+335
Follow recent push to move API docs from Documentation/ to header files and update config.h * hw/config-doc-in-header: config: move documentation to config.h
2019-12-01Merge branch 'dl/doc-diff-no-index-implies-exit-code'Libravatar Junio C Hamano1-1/+1
Doc update. * dl/doc-diff-no-index-implies-exit-code: git-diff.txt: document return code of `--no-index`
2019-12-01Merge branch 'js/vreportf-wo-buffering'Libravatar Junio C Hamano1-4/+16
Messages from die() etc. can be mixed up from multiple processes without even line buffering on Windows, which has been worked around. * js/vreportf-wo-buffering: vreportf(): avoid relying on stdio buffering
2019-12-01Merge branch 'pb/no-recursive-reset-hard-in-worktree-add'Libravatar Junio C Hamano2-1/+25
"git worktree add" internally calls "reset --hard" that should not descend into submodules, even when submodule.recurse configuration is set, but it was affected. This has been corrected. * pb/no-recursive-reset-hard-in-worktree-add: worktree: teach "add" to ignore submodule.recurse config
2019-12-01Merge branch 'pb/help-list-gitsubmodules-among-guides'Libravatar Junio C Hamano2-1/+2
Help update. * pb/help-list-gitsubmodules-among-guides: help: add gitsubmodules to the list of guides
2019-12-01Merge branch 'sg/blame-indent-heuristics-is-now-the-default'Libravatar Junio C Hamano1-8/+0
Message update. * sg/blame-indent-heuristics-is-now-the-default: builtin/blame.c: remove '--indent-heuristic' from usage string
2019-12-01Merge branch 'mr/clone-dir-exists-to-path-exists'Libravatar Junio C Hamano1-4/+4
Code cleanup. * mr/clone-dir-exists-to-path-exists: clone: rename static function `dir_exists()`.
2019-12-01Merge branch 'ma/bisect-doc-sample-update'Libravatar Junio C Hamano1-1/+1
"git merge --no-commit" needs "--no-ff" if you do not want to move HEAD, which has been corrected in the manual page for "git bisect". * ma/bisect-doc-sample-update: Documentation/git-bisect.txt: add --no-ff to merge command
2019-12-01Merge branch 'js/git-path-head-dot-lock-fix'Libravatar Junio C Hamano3-8/+18
"git rev-parse --git-path HEAD.lock" did not give the right path when run in a secondary worktree. * js/git-path-head-dot-lock-fix: git_path(): handle `.lock` files correctly t1400: wrap setup code in test case
2019-12-01Merge branch 'jc/log-graph-simplify'Libravatar Junio C Hamano6-326/+659
The implementation of "git log --graph" got refactored and then its output got simplified. * jc/log-graph-simplify: t4215: use helper function to check output graph: fix coloring of octopus dashes graph: flatten edges that fuse with their right neighbor graph: smooth appearance of collapsing edges on commit lines graph: rename `new_mapping` to `old_mapping` graph: commit and post-merge lines for left-skewed merges graph: tidy up display of left-skewed merges graph: example of graph output that can be simplified graph: extract logic for moving to GRAPH_PRE_COMMIT state graph: remove `mapping_idx` and `graph_update_width()` graph: reduce duplication in `graph_insert_into_new_columns()` graph: reuse `find_new_column_by_commit()` graph: handle line padding in `graph_next_line()` graph: automatically track display width of graph lines
2019-12-01Merge branch 'jk/cleanup-object-parsing-and-fsck'Libravatar Junio C Hamano9-302/+312
Crufty code and logic accumulated over time around the object parsing and low-level object access used in "git fsck" have been cleaned up. * jk/cleanup-object-parsing-and-fsck: (23 commits) fsck: accept an oid instead of a "struct tree" for fsck_tree() fsck: accept an oid instead of a "struct commit" for fsck_commit() fsck: accept an oid instead of a "struct tag" for fsck_tag() fsck: rename vague "oid" local variables fsck: don't require an object struct in verify_headers() fsck: don't require an object struct for fsck_ident() fsck: drop blob struct from fsck_finish() fsck: accept an oid instead of a "struct blob" for fsck_blob() fsck: don't require an object struct for report() fsck: only require an oid for skiplist functions fsck: only provide oid/type in fsck_error callback fsck: don't require object structs for display functions fsck: use oids rather than objects for object_name API fsck_describe_object(): build on our get_object_name() primitive fsck: unify object-name code fsck: require an actual buffer for non-blobs fsck: stop checking tag->tagged fsck: stop checking commit->parent counts fsck: stop checking commit->tree value commit, tag: don't set parsed bit for parse failures ...
2019-11-18rebase -r: let `label` generate safer labelsLibravatar Matthew Rogers2-1/+25
The `label` todo command in interactive rebases creates temporary refs in the `refs/rewritten/` namespace. These refs are stored as loose refs, i.e. as files in `.git/refs/rewritten/`, therefore they have to conform with file name limitations on the current filesystem in addition to the accepted ref format. This poses a problem in particular on NTFS/FAT, where e.g. the colon, double-quote and pipe characters are disallowed as part of a file name. Let's safeguard against this by replacing not only white-space characters by dashes, but all non-alpha-numeric ones. However, we exempt non-ASCII UTF-8 characters from that, as it should be quite possible to reflect branch names such as `↯↯↯` in refs/file names. Signed-off-by: Matthew Rogers <mattr94@gmail.com> Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2019-11-18rebase-merges: move labels' whitespace mangling into `label_oid()`Libravatar Johannes Schindelin1-28/+28
One of the trickier aspects of the design of `git rebase --rebase-merges` is the way labels are generated for the initial todo list: those labels are supposed to be intuitive and first and foremost unique. To that end, `label_oid()` appends a unique suffix when necessary. Those labels not only need to be unique, but they also need to be valid refs. To make sure of that, `make_script_with_merges()` replaces whitespace by dashes. That would appear to be the wrong layer for that sanitizing step, though: all callers of `label_oid()` should get that same benefit. Even if it does not make a difference currently (the only called of `label_oid()` that passes a label that might need to be sanitized _is_ `make_script_with_merges()`), let's move the responsibility for sanitizing labels into the `label_oid()` function. This commit is best viewed with `-w` because it unfortunately needs to change the indentation of a large block of code in `label_oid()`. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2019-11-18gitweb: escape URLs generated by href()Libravatar Jeff King2-15/+19
There's a cross-site scripting problem in gitweb, where it will print URLs generated by its href() helper without further quoting. This allows an attacker to point a victim to a specially crafted gitweb URL and inject arbitrary HTML into the resulting page (which the victim sees as coming from gitweb). The base of the URL comes from evaluate_uri(), which pulls the value of $REQUEST_URI via the CGI module. It tries to strip off $PATH_INFO, but fails to do so in some cases (including ones that contain special characters, like "+"). Most of the uses of the URL end up being passed to "$cgi->a(-href = href())", which will get quoted properly by the CGI module. But in a few places, we output them ourselves as part of manually-generated HTML, and whatever was in the original URL will appear unquoted in the output. Given that all of the nearby variables placed into this manual HTML _are_ quoted, it seems like the authors assumed that these URLs would not need quoting. So it's possible that the bug is actually in evaluate_uri(), which should be doing a more careful job of stripping $PATH_INFO. There's some discussion in a comment in that function, as well as the commit message in 81d3fe9f48 (gitweb: fix wrong base URL when non-root DirectoryIndex, 2009-02-15). But I'm not sure I understand it. Regardless, it's a good idea to quote these values at the point of insertion into the HTML output: 1. Even if there is a bug in evaluate_uri(), this would give us belt-and-suspenders protection. 2. evaluate_uri() is only handling the base. Some generated URLs will also mention arbitrary refs or filenames in the repositories, and these should be quoted anyway. 3. It should never _hurt_ to quote (and that's what all of the $cgi->a() calls are doing already). So there may be further work here, but this patch at least prevents the XSS vulnerability, and shouldn't make anything worse. The test here covers the calls in print_feed_meta(), but I manually audited every call to href() to see how its output was used, and quoted appropriately. Most of them are esc_attr(), as they're used in tag attributes, but I used esc_html() when the URLs were printed bare. The distinction is largely academic, as one is implemented as a wrapper for the other. Reported-by: NAKAYAMA DAISUKE <nakyamad@icloud.com> Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2019-11-18t/gitweb-lib.sh: set $REQUEST_URILibravatar Jeff King1-1/+2
In a real webserver's CGI call, gitweb.cgi would typically see $REQUEST_URI set. This variable does impact how we display our URL in the resulting page, so let's try to make our test as realistic as possible (we can just use the $PATH_INFO our caller passed in, if any). This doesn't change the outcome of any tests, but it will help us add some new tests in a future patch. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>