| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
If someone wants to use as a filter a sparse file that is in the
repository, something like "--filter=sparse:oid=<ref>:<path>"
already works.
So 'sparse:path' is only interesting if the sparse file is not in
the repository. In this case though the current implementation has
a big security issue, as it makes it possible to ask the server to
read any file, like for example /etc/password, and to explore the
filesystem, as well as individual lines of files.
If someone is interested in using a sparse file that is not in the
repository as a filter, then at the minimum a config option, such
as "uploadpack.sparsePathFilter", should be implemented first to
restrict the directory from which the files specified by
'sparse:path' can be read.
For now though, let's just disable 'sparse:path' filters.
Helped-by: Matthew DeVore <matvore@google.com>
Helped-by: Jeff Hostetler <git@jeffhostetler.com>
Signed-off-by: Christian Couder <chriscool@tuxfamily.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
|
|
Signed-off-by: Junio C Hamano <gitster@pobox.com>
|
|
The "--dir-diff" mode of "git difftool" is not useful in "--no-index"
mode; they are now explicitly marked as mutually incompatible.
* js/difftool-no-index:
difftool --no-index: error out on --dir-diff (and don't crash)
|
|
The codepath to parse :<path> that obtains the object name for an
indexed object has been made more robust.
* jk/get-oid-indexed-object-name:
get_oid: handle NULL repo->index
|
|
Code clean-up.
* jc/set-packet-header-signature-fix:
pkt-line: drop 'const'-ness of a param to set_packet_header()
|
|
Code clean-up.
* cb/http-push-null-in-message-fix:
http-push: prevent format overflow warning with gcc >= 9
|
|
Doc update.
* js/stash-in-c-use-builtin-doc:
stash: document stash.useBuiltin
|
|
A prerequiste check in the test suite to see if a working jgit is
available was made more robust.
* tz/test-lib-check-working-jgit:
test-lib: try harder to ensure a working jgit
|
|
Code clean-up.
* js/parseopt-unknown-cb-returns-an-enum:
parse-options: adjust `parse_opt_unknown_cb()`s declared return type
|
|
Update collision-detecting SHA-1 code to build properly on HP-UX.
* ab/sha1dc:
sha1dc: update from upstream
|
|
"git status" did not know that the "label" instruction in the
todo-list "rebase -i -r" uses should not be shown as a hex object
name.
* js/rebase-i-label-shown-in-status-fix:
status: fix display of rebase -ir's `label` command
|
|
Developer support update.
* es/check-non-portable-pre-5.10:
check-non-portable-shell: support Perl versions older than 5.10
|
|
Doc update.
* ds/trace2-document-env-vars:
trace2: add variable description to git.txt
|
|
The fsmonitor interface got out of sync after the in-core index
file gets discarded, which has been corrected.
* js/fsmonitor-refresh-after-discarding-index:
fsmonitor: force a refresh after the index was discarded
fsmonitor: demonstrate that it is not refreshed after discard_index()
|
|
A stale in-code comment has been updated.
* cm/notes-comment-fix:
notes: correct documentation of format_display_notes()
|
|
Code cleanup.
* tt/no-ipv6-fallback-for-winxp:
mingw: remove obsolete IPv6-related code
|
|
An additional test for MinGW
* js/t5580-unc-alternate-test:
t5580: verify that alternates can be UNC paths
|
|
"git cvsexportcommit" running on msys did not expect cvsnt showed
"cvs status" output with CRLF line endings.
* ds/cvsexportcommit-force-text:
cvsexportcommit: force crlf translation
|
|
To run tests for Git SVN, our scripts for CI used to install the
git-svn package (in the hope that it would bring in the right
dependencies). This has been updated to install the more direct
dependency, namely, libsvn-perl.
* sg/ci-libsvn-perl:
ci: install 'libsvn-perl' instead of 'git-svn'
|
|
Avoid patterns to pipe output from a git command to feed another
command in tests.
* bl/t4253-exit-code-from-format-patch:
t4253-am-keep-cr-dos: avoid using pipes
|
|
The code to generate the multi-pack idx file was not prepared to
see too many packfiles and ran out of open file descriptor, which
has been corrected.
* ds/midx-too-many-packs:
midx: add packs to packed_git linked list
midx: pass a repository pointer
|
|
On a filesystem like HFS+, the names of the refs stored as filesystem
entities may become different from what the end-user expects, just
like files in the working tree get "renamed". Work around the
mismatch by paying attention to the core.precomposeUnicode
configuration.
* en/unicode-in-refnames:
Honor core.precomposeUnicode in more places
|
|
Update "git difftool" and "git mergetool" so that the combinations
of {diff,merge}.{tool,guitool} configuration variables serve as
fallback settings of each other in a sensible order.
* dl/difftool-mergetool:
difftool: fallback on merge.guitool
difftool: make --gui, --tool and --extcmd mutually exclusive
mergetool: fallback to tool when guitool unavailable
mergetool--lib: create gui_mode function
mergetool: use get_merge_tool function
t7610: add mergetool --gui tests
t7610: unsuppress output
|
|
A pair of private functions in http.c that had names similar to
fread/fwrite did not return the number of elements, which was found
to be confusing.
* mh/http-fread-api-fix:
Make fread/fwrite-like functions in http.c more like fread/fwrite.
|
|
Future-proof a test against an update to MSYS2 runtime v3.x series.
* js/t6500-use-windows-pid-on-mingw:
t6500(mingw): use the Windows PID of the shell
|
|
Allow tests that involve httpd to be run under leak sanitizer, just
like we can already do so under address sanitizer.
* jk/apache-lsan:
t/lib-httpd: pass LSAN_OPTIONS through apache
|
|
Attempt to use an abbreviated option in "git clone --recurs" is
responded by a request to disambiguate between --recursive and
--recurse-submodules, which is bad because these two are synonyms.
The parse-options API has been extended to define such synonyms
more easily and not produce an unnecessary failure.
* nd/parse-options-aliases:
parse-options: don't emit "ambiguous option" for aliases
|
|
"git branch new A...B" and "git checkout -b new A...B" have been
taught that in their contexts, the notation A...B means "the merge
base between these two commits", just like "git checkout A...B"
detaches HEAD at that commit.
* dl/branch-from-3dot-merge-base:
branch: make create_branch accept a merge base rev
t2018: cleanup in current test
|
|
Leakfix.
* js/commit-graph-parse-leakfix:
commit-graph: fix memory leak
|
|
Optionally "make coccicheck" can feed multiple source files to
spatch, gaining performance while spending more memory.
* jk/cocci-batch:
coccicheck: make batch size of 0 mean "unlimited"
coccicheck: optionally batch spatch invocations
|
|
Performance test framework has been broken and measured the version
of Git that happens to be on $PATH, not the specified one to
measure, for a while, which has been corrected.
* ab/perf-installed-fix:
perf-lib.sh: forbid the use of GIT_TEST_INSTALLED
perf tests: add "bindir" prefix to git tree test results
perf-lib.sh: remove GIT_TEST_INSTALLED from perf-lib.sh
perf-lib.sh: make "./run <revisions>" use the correct gits
perf aggregate: remove GIT_TEST_INSTALLED from --codespeed
perf README: correct docs for 3c8f12c96c regression
|
|
Allow DEP and ASLR for Windows build to for security hardening.
* id/windows-dep-aslr:
mingw: enable DEP and ASLR
mingw: do not let ld strip relocations
|
|
Typofix.
* ab/trace2-typofix:
trace2: fix up a missing "leave" entry point
|
|
Typofix.
* nd/submodule-helper-incomplete-line-fix:
submodule--helper: add a missing \n
|
|
Portability fix for a diff-highlight tool (in contrib/).
* cw/diff-highlight:
diff-highlight: use correct /dev/null for UNIX and Windows
|
|
Typofix.
* dl/warn-tagging-a-tag:
tag: fix typo in nested tagging hint
|
|
The function's definition has a paramter of type "int" qualified as
"const". The fact that the incoming parameter is used as read-only
in the fuction is an implementation detail that the callers should
not have to be told in the prototype declaring it (and "const" there
has no effect, as C passes parameters by value).
The prototype defined for the function in pkt-line.h lacked the
matching "const" for this reason, but apparently some compilers
(e.g. MS Visual C 2017) complain about the parameter type mismatch.
Let's squelch it by removing the "const" that is pointless in the
definition of a small and trivial function like this, which would
not help optimizing compilers nor reading humans that much.
Noticed-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Helped-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
|
|
The JGIT prereq uses `type jgit` to determine whether jgit is present.
While this is usually sufficient, it won't help if the jgit found is
badly broken. This wastes time running tests which fail due to no fault
of our own.
Use `jgit --version` instead, to guard against cases where jgit is
present on the system, but will fail to run, e.g. because of some JRE
issue, or missing Java dependencies. Checking that it gets far enough
to process the '--version' argument isn't perfect, but seems to be good
enough in practice. It's also consistent with how we detect some other
dependencies, see e.g. the CURL and UNZIP prerequisites.
Signed-off-by: Todd Zullinger <tmz@pobox.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
|
|
When get_oid() and its helpers see an index name like ":.gitmodules",
they try to load the index on demand, like:
if (repo->index->cache)
repo_read_index(repo);
However, that misses the case when "repo->index" itself is NULL; we'll
segfault in the conditional.
This never happens with the_repository; there we always point its index
field to &the_index. But a submodule repository may have a NULL index
field until somebody calls repo_read_index().
This bug is triggered by t7411, but it was hard to notice because it's
in an expect_failure block. That test was added by 2b1257e463 (t/helper:
add test-submodule-nested-repo-config, 2018-10-25). Back then we had no
easy way to access the .gitmodules blob of a submodule repo, so we
expected (and got) an error message to that effect. Later, d9b8b8f896
(submodule-config.c: use repo_get_oid for reading .gitmodules,
2019-04-16) started looking in the correct repo, which is when we
started triggering the segfault.
With this fix, the test starts passing (once we clean it up as its
comment instructs).
Note that as far as I know, this bug could not be triggered outside of
the test suite. It requires resolving an index name in a submodule, and
all of the code paths (aside from test-tool) which do that either load
the index themselves, or always pass the_repository.
Ultimately it comes from 3a7a698e93 (sha1-name.c: remove implicit
dependency on the_index, 2019-01-12), which replaced a check of
"the_index.cache" with "repo->index->cache". So even if there is another
way to trigger it, it wouldn't affect any versions before then.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
|
|
In function 'finish_request',
inlined from 'process_response' at http-push.c:248:2:
http-push.c:587:4: warning: '%s' directive argument is null [-Wformat-overflow=]
587 | fprintf(stderr, "Unable to get pack file %s\n%s",
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
588 | request->url, curl_errorstr);
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
request->url is needed for the error message if there was a failure
during fetch but was being cleared unnecessarily earlier.
note that the leak is prevented by calling release_request unconditionally
at the end.
Signed-off-by: Carlo Marcelo Arenas Belón <carenas@gmail.com>
Suggested-by: Eric Sunshine <sunshine@sunshineco.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
|
|
The stash.useBuiltin variable introduced in 90a462725e ("stash:
optionally use the scripted version again", 2019-02-25) was turned on by
default, but had no documentation.
Let's document it so that users who run into any stability issues with
the C rewrite know there's an escape hatch, and spell out that the
user should please report the bug when they have to turn off the
built-in stash.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
|
|
Update sha1dc from the latest version by the upstream
maintainer[1]. See 07a20f569b ("Makefile: fix unaligned loads in
sha1dc with UBSan", 2019-03-12) for the last update.
This fixes an issue where HP-UX IA64 was wrongly detected as a
Little-endian instead of a Big-endian system, see [2] and [3].
1. https://github.com/cr-marcstevens/sha1collisiondetection/commit/855827c583bc30645ba427885caa40c5b81764d2
2. https://public-inbox.org/git/603989bd-f86d-c61d-c6f5-fb6748a65ba9@siemens.com/
3. https://github.com/cr-marcstevens/sha1collisiondetection/pull/50
Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
|
|
In f41179f16ba2 (parse-options: avoid magic return codes, 2019-01-27),
the signature of the low-level parse-opt callback function was changed
to return an `enum`.
And while the implementations were changed, one declaration was left
unchanged, still claiming to return `int`.
This can potentially lead to problems, as compilers are free to choose
any integral type for an `enum` as long as it can represent all declared
values.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
|
|
Signed-off-by: Junio C Hamano <gitster@pobox.com>
|
|
A few embarrassing bugfixes.
* jh/trace2:
trace2: fix up a missing "leave" entry point
trace2: fix incorrect function pointer check
|
|
Workaround for standard-compliant but less-than-useful behaviour of
access(2) for the root user.
* cc/access-on-aix-workaround:
git-compat-util: work around for access(X_OK) under root
|
|
"git chery-pick" (and "revert" that shares the same runtime engine)
that deals with multiple commits got confused when the final step
gets stopped with a conflict and the user concluded the sequence
with "git commit". Attempt to fix it by cleaning up the state
files used by these commands in such a situation.
* pw/clean-sequencer-state-upon-final-commit:
fix cherry-pick/revert status after commit
commit/reset: try to clean up sequencer state
|
|
The internal implementation of "git rebase -i" has been updated to
avoid forking a separate "rebase--interactive" process.
* pw/rebase-i-internal:
rebase -i: run without forking rebase--interactive
rebase: use a common action enum
rebase -i: use struct rebase_options in do_interactive_rebase()
rebase -i: use struct rebase_options to parse args
rebase -i: use struct object_id for squash_onto
rebase -i: use struct commit when parsing options
rebase -i: remove duplication
rebase -i: combine rebase--interactive.c with rebase.c
rebase: use OPT_RERERE_AUTOUPDATE()
rebase: rename write_basic_state()
rebase: don't translate trace strings
sequencer: always discard index after checkout
|
|
The script to aggregate perf result unconditionally depended on
libjson-perl even though it did not have to, which has been
corrected.
* jk/perf-aggregate-wo-libjson:
t/perf: depend on perl JSON only when using --codespeed
|
|
Docfix.
* dl/rev-tilde-doc-clarify:
revisions.txt: remove ambibuity between <rev>:<path> and :<path>
revisions.txt: mention <rev>~ form
revisions.txt: mark optional rev arguments with []
revisions.txt: change "rev" to "<rev>"
|
Christian Couder
Junio C Hamano
Todd Zullinger
Jeff King
Carlo Marcelo Arenas Belón
Johannes Schindelin
Ævar Arnfjörð Bjarmason