summaryrefslogtreecommitdiff
path: root/Documentation
AgeCommit message (Collapse)AuthorFilesLines
2022-03-21setup_git_directory(): add an owner check for the top-level directoryLibravatar Johannes Schindelin2-0/+23
It poses a security risk to search for a git directory outside of the directories owned by the current user. For example, it is common e.g. in computer pools of educational institutes to have a "scratch" space: a mounted disk with plenty of space that is regularly swiped where any authenticated user can create a directory to do their work. Merely navigating to such a space with a Git-enabled `PS1` when there is a maliciously-crafted `/scratch/.git/` can lead to a compromised account. The same holds true in multi-user setups running Windows, as `C:\` is writable to every authenticated user by default. To plug this vulnerability, we stop Git from accepting top-level directories owned by someone other than the current user. We avoid looking at the ownership of each and every directories between the current and the top-level one (if there are any between) to avoid introducing a performance bottleneck. This new default behavior is obviously incompatible with the concept of shared repositories, where we expect the top-level directory to be owned by only one of its legitimate users. To re-enable that use case, we add support for adding exceptions from the new default behavior via the config setting `safe.directory`. The `safe.directory` config setting is only respected in the system and global configs, not from repository configs or via the command-line, and can have multiple values to allow for multiple shared repositories. We are particularly careful to provide a helpful message to any user trying to use a shared repository. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2021-02-12Git 2.30.2Libravatar Johannes Schindelin1-0/+8
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2021-02-12Sync with 2.29.3Libravatar Johannes Schindelin13-0/+97
* maint-2.29: Git 2.29.3 Git 2.28.1 Git 2.27.1 Git 2.26.3 Git 2.25.5 Git 2.24.4 Git 2.23.4 Git 2.22.5 Git 2.21.4 Git 2.20.5 Git 2.19.6 Git 2.18.5 Git 2.17.6 unpack_trees(): start with a fresh lstat cache run-command: invalidate lstat cache after a command finished checkout: fix bug that makes checkout follow symlinks in leading path
2021-02-12Git 2.29.3Libravatar Johannes Schindelin1-0/+8
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2021-02-12Sync with 2.28.1Libravatar Johannes Schindelin12-0/+89
* maint-2.28: Git 2.28.1 Git 2.27.1 Git 2.26.3 Git 2.25.5 Git 2.24.4 Git 2.23.4 Git 2.22.5 Git 2.21.4 Git 2.20.5 Git 2.19.6 Git 2.18.5 Git 2.17.6 unpack_trees(): start with a fresh lstat cache run-command: invalidate lstat cache after a command finished checkout: fix bug that makes checkout follow symlinks in leading path
2021-02-12Git 2.28.1Libravatar Johannes Schindelin1-0/+7
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2021-02-12Sync with 2.27.1Libravatar Johannes Schindelin11-0/+82
* maint-2.27: Git 2.27.1 Git 2.26.3 Git 2.25.5 Git 2.24.4 Git 2.23.4 Git 2.22.5 Git 2.21.4 Git 2.20.5 Git 2.19.6 Git 2.18.5 Git 2.17.6 unpack_trees(): start with a fresh lstat cache run-command: invalidate lstat cache after a command finished checkout: fix bug that makes checkout follow symlinks in leading path
2021-02-12Git 2.27.1Libravatar Johannes Schindelin1-0/+7
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2021-02-12Sync with 2.26.3Libravatar Johannes Schindelin10-0/+75
* maint-2.26: Git 2.26.3 Git 2.25.5 Git 2.24.4 Git 2.23.4 Git 2.22.5 Git 2.21.4 Git 2.20.5 Git 2.19.6 Git 2.18.5 Git 2.17.6 unpack_trees(): start with a fresh lstat cache run-command: invalidate lstat cache after a command finished checkout: fix bug that makes checkout follow symlinks in leading path
2021-02-12Git 2.26.3Libravatar Johannes Schindelin1-0/+7
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2021-02-12Sync with 2.25.5Libravatar Johannes Schindelin9-0/+68
* maint-2.25: Git 2.25.5 Git 2.24.4 Git 2.23.4 Git 2.22.5 Git 2.21.4 Git 2.20.5 Git 2.19.6 Git 2.18.5 Git 2.17.6 unpack_trees(): start with a fresh lstat cache run-command: invalidate lstat cache after a command finished checkout: fix bug that makes checkout follow symlinks in leading path
2021-02-12Git 2.25.5Libravatar Johannes Schindelin1-0/+7
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2021-02-12Sync with 2.24.4Libravatar Johannes Schindelin8-0/+61
* maint-2.24: Git 2.24.4 Git 2.23.4 Git 2.22.5 Git 2.21.4 Git 2.20.5 Git 2.19.6 Git 2.18.5 Git 2.17.6 unpack_trees(): start with a fresh lstat cache run-command: invalidate lstat cache after a command finished checkout: fix bug that makes checkout follow symlinks in leading path
2021-02-12Git 2.24.4Libravatar Johannes Schindelin1-0/+7
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2021-02-12Sync with 2.23.4Libravatar Johannes Schindelin7-0/+54
* maint-2.23: Git 2.23.4 Git 2.22.5 Git 2.21.4 Git 2.20.5 Git 2.19.6 Git 2.18.5 Git 2.17.6 unpack_trees(): start with a fresh lstat cache run-command: invalidate lstat cache after a command finished checkout: fix bug that makes checkout follow symlinks in leading path
2021-02-12Git 2.23.4Libravatar Johannes Schindelin1-0/+7
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2021-02-12Sync with 2.22.5Libravatar Johannes Schindelin6-0/+47
* maint-2.22: Git 2.22.5 Git 2.21.4 Git 2.20.5 Git 2.19.6 Git 2.18.5 Git 2.17.6 unpack_trees(): start with a fresh lstat cache run-command: invalidate lstat cache after a command finished checkout: fix bug that makes checkout follow symlinks in leading path
2021-02-12Git 2.22.5Libravatar Johannes Schindelin1-0/+7
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2021-02-12Sync with 2.21.4Libravatar Johannes Schindelin5-0/+40
* maint-2.21: Git 2.21.4 Git 2.20.5 Git 2.19.6 Git 2.18.5 Git 2.17.6 unpack_trees(): start with a fresh lstat cache run-command: invalidate lstat cache after a command finished checkout: fix bug that makes checkout follow symlinks in leading path
2021-02-12Git 2.21.4Libravatar Johannes Schindelin1-0/+6
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2021-02-12Sync with 2.20.5Libravatar Johannes Schindelin4-0/+34
* maint-2.20: Git 2.20.5 Git 2.19.6 Git 2.18.5 Git 2.17.6 unpack_trees(): start with a fresh lstat cache run-command: invalidate lstat cache after a command finished checkout: fix bug that makes checkout follow symlinks in leading path
2021-02-12Git 2.20.5Libravatar Johannes Schindelin1-0/+6
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2021-02-12Sync with 2.19.6Libravatar Johannes Schindelin3-0/+28
* maint-2.19: Git 2.19.6 Git 2.18.5 Git 2.17.6 unpack_trees(): start with a fresh lstat cache run-command: invalidate lstat cache after a command finished checkout: fix bug that makes checkout follow symlinks in leading path
2021-02-12Git 2.19.6Libravatar Johannes Schindelin1-0/+6
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2021-02-12Sync with 2.18.5Libravatar Johannes Schindelin2-0/+22
* maint-2.18: Git 2.18.5 Git 2.17.6 unpack_trees(): start with a fresh lstat cache run-command: invalidate lstat cache after a command finished checkout: fix bug that makes checkout follow symlinks in leading path
2021-02-12Git 2.18.5Libravatar Johannes Schindelin1-0/+6
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2021-02-12Sync with 2.17.6Libravatar Johannes Schindelin1-0/+16
* maint-2.17: Git 2.17.6 unpack_trees(): start with a fresh lstat cache run-command: invalidate lstat cache after a command finished checkout: fix bug that makes checkout follow symlinks in leading path
2021-02-12Git 2.17.6Libravatar Johannes Schindelin1-0/+16
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2021-02-08Git 2.30.1Libravatar Junio C Hamano1-0/+8
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2021-02-08Merge branch 'ma/doc-pack-format-varint-for-sizes' into maintLibravatar Junio C Hamano1-1/+16
Doc update. * ma/doc-pack-format-varint-for-sizes: pack-format.txt: document sizes at start of delta data
2021-02-05Prepare for 2.30.1Libravatar Junio C Hamano1-0/+47
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2021-02-05Merge branch 'jt/packfile-as-uri-doc' into maintLibravatar Junio C Hamano1-2/+5
Doc fix for packfile URI feature. * jt/packfile-as-uri-doc: Doc: clarify contents of packfile sent as URI
2021-02-05Merge branch 'ab/fsck-doc-fix' into maintLibravatar Junio C Hamano1-8/+0
Documentation for "git fsck" lost stale bits that has become incorrect. * ab/fsck-doc-fix: fsck doc: remove ancient out-of-date diagnostics
2021-02-05Merge branch 'tb/local-clone-race-doc' into maintLibravatar Junio C Hamano1-0/+4
Doc update. * tb/local-clone-race-doc: Documentation/git-clone.txt: document race with --local
2021-02-05Merge branch 'bc/doc-status-short' into maintLibravatar Junio C Hamano1-8/+20
Doc update. * bc/doc-status-short: docs: rephrase and clarify the git status --short format
2021-02-05Merge branch 'ug/doc-lose-dircache' into maintLibravatar Junio C Hamano2-6/+4
Doc update. * ug/doc-lose-dircache: doc: remove "directory cache" from man pages
2021-02-05Merge branch 'vv/send-email-with-less-secure-apps-access' into maintLibravatar Junio C Hamano1-1/+5
Doc update. * vv/send-email-with-less-secure-apps-access: git-send-email.txt: mention less secure app access with Gmail
2021-02-05Merge branch 'jc/sign-off' into maintLibravatar Junio C Hamano1-1/+1
Doc update. * jc/sign-off: SubmittingPatches: tighten wording on "sign-off" procedure
2021-02-05Merge branch 'pb/doc-modules-git-work-tree-typofix' into maintLibravatar Junio C Hamano1-15/+15
Doc fix. * pb/doc-modules-git-work-tree-typofix: gitmodules.txt: fix 'GIT_WORK_TREE' variable name
2021-01-20fsck doc: remove ancient out-of-date diagnosticsLibravatar Ævar Arnfjörð Bjarmason1-8/+0
Remove diagnostics that haven't been emitted by "fsck" or its predecessors for around 15 years. This documentation was added in c64b9b88605 (Reference documentation for the core git commands., 2005-05-05), but was out-of-date quickly after that. Notes on individual diagnostics: - "expect dangling commits": Added in bcee6fd8e71 (Make 'fsck' able to[...], 2005-04-13), documented in c64b9b88605. Not emitted since 1024932f019 (fsck-cache: walk the 'refs' directory[...], 2005-05-18). - "missing sha1 directory": Added in 20222118ae4 (Add first cut at "fsck-cache"[...], 2005-04-08), documented in c64b9b88605. Not emitted since 230f13225df (Create object subdirectories on demand, 2005-10-08). Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Reviewed-by: Taylor Blau <me@ttaylorr.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2021-01-20Doc: clarify contents of packfile sent as URILibravatar Jonathan Tan1-2/+5
Clarify that, when the packfile-uri feature is used, the client should not assume that the extra packfiles downloaded would only contain a single blob, but support packfiles containing multiple objects of all types. Signed-off-by: Jonathan Tan <jonathantanmy@google.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2021-01-11Documentation/git-clone.txt: document race with --localLibravatar Taylor Blau1-0/+4
When running 'git clone --local', the operation may fail if another process is modifying the source repository. Document that this race condition is known to hopefully help anyone who may run into it. Suggested-by: Junio C Hamano <gitster@pobox.com> Signed-off-by: Taylor Blau <me@ttaylorr.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2021-01-11docs: rephrase and clarify the git status --short formatLibravatar brian m. carlson1-8/+20
The table describing the porcelain format in git-status(1) is helpful, but it's not completely clear what the three sections mean, even to some contributors. As a result, users are unable to find how to detect common cases like merge conflicts programmatically. Let's improve this situation by rephrasing to be more explicit about what each of the sections in the table means, to tell users in plain language which cases are occurring, and to describe what "unmerged" means. Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2021-01-09doc: remove "directory cache" from man pagesLibravatar Utku Gultopu2-6/+4
"directory cache" (or "directory cache index", "cache") are obsolete terms which have been superseded by "index". Keeping them in the documentation may be a source of confusion. This commit replaces them with the current term, "index", on man pages. Signed-off-by: Utku Gultopu <ugultopu@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2021-01-07git-send-email.txt: mention less secure app access with GmailLibravatar Vasyl Vavrychuk1-1/+5
Google may have changed Gmail security and now less secure app access needs to be explicitly enabled if two-factor authentication is not in place, otherwise send-email fails with: 5.7.8 Username and Password not accepted. Learn more at 5.7.8 https://support.google.com/mail/?p=BadCredentials Document steps required to make this work. Signed-off-by: Vasyl Vavrychuk <vvavrychuk@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> [dl: Clean up commit message and incorporate suggestions into patch.] Signed-off-by: Denton Liu <liu.denton@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2021-01-07SubmittingPatches: tighten wording on "sign-off" procedureLibravatar Junio C Hamano1-1/+1
The text says "if you can certify DCO then you add a Signed-off-by trailer". But it does not say anything about people who cannot or do not want to certify. A natural reading may be that if you do not certify, you must not add the trailer, but it shouldn't hurt to be overly explicit. Signed-off-by: Junio C Hamano <gitster@pobox.com>
2021-01-04pack-format.txt: document sizes at start of delta dataLibravatar Martin Ågren1-1/+16
We document the delta data as a set of instructions, but forget to document the two sizes that precede those instructions: the size of the base object and the size of the object to be reconstructed. Fix this omission. Rather than cramming all the details about the encoding into the running text, introduce a separate section detailing our "size encoding" and refer to it. Reported-by: Ross Light <ross@zombiezen.com> Signed-off-by: Martin Ågren <martin.agren@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2021-01-04gitmodules.txt: fix 'GIT_WORK_TREE' variable nameLibravatar Philippe Blain1-15/+15
'gitmodules.txt' is a guide about the '.gitmodules' file that describes submodule properties, and that file must exist at the root of the repository. This was clarified in e5b5c1d2cf (Document clarification: gitmodules, gitattributes, 2008-08-31). However, that commit mistakenly uses the non-existing environment variable 'GIT_WORK_DIR' to refer to the root of the repository. Fix that by using the correct variable, 'GIT_WORK_TREE'. Take the opportunity to modernize and improve the formatting of that guide, and fix a grammar mistake. Signed-off-by: Philippe Blain <levraiphilippeblain@gmail.com> Acked-by: Martin Ågren <martin.agren@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2021-01-04doc: fix some typosLibravatar Thomas Ackermann6-7/+7
Signed-off-by: Thomas Ackermann <th.acker@arcor.de> Acked-by: Martin Ågren <martin.agren@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2020-12-27Git 2.30Libravatar Junio C Hamano1-11/+8
Signed-off-by: Junio C Hamano <gitster@pobox.com>