For full changes, please refer CHANGESLOG.md file.
* libgit2 v0.24.6 and libgit2 v0.25.1, January 9th, 2017
Includes two fixes, one performs extra sanitization for some edge cases in
the Git Smart Protocol which can lead to attempting to parse outside of the
buffer.
The second fix affects the certificate check callback. It provides a valid
parameter to indicate whether the native cryptographic library considered
the certificate to be correct. This parameter is always 1/true before these
releases leading to a possible MITM.
This does not affect you if you do not use the custom certificate callback
or if you do not take this value into account. This does affect you if you
use pygit2 or git2go regardless of whether you specify a certificate check
callback.
pkgsrc changes:
- re-enable libssh2 support
- ensure pkgsrc curl and http-parser are picked up and enabled
Upstream changes:
2f2575c Updating http parser to accept a `+` in the schema
ff8e3f0 Handle git+ssh:// and ssh+git:// protocols support
fa8b1a8 Adding spec coverage for ssh+git and git+ssh protocols
429155d Updating change to http_parser to reflect PR for nodejs/http-parser
e44f658 Removing #define for SSH_PREFIX_COUNT and using ARRAY_SIZE instead
b8dc15f Adding test cases that actually test the functionality of the new transport
4a93a7f Tabs
8ec3d88 Avoid subtraction overflow in git_indexer_commit
e3862c9 Buffer sideband packet data
cdded63 Remove duplicated calls to git_mwindow_close
eb09ead odb: improved not found error messages
9ee498e Only buffer if necessary.
4ebf745 mwindow: free unused windows if we fail to mmap
ffb1f41 describe: handle error code returned by git_pqueue_insert
e39ad74 config_file: handle missing quotation marks in section header
0370dae Check for __CLANG_INTTYPES_H
faf823d tests: transport: fix memory leaks with registering transports
fa4b93a backport git_oid__cpy_prefix
d0780b8 object: avoid call of memset with ouf of bounds pointer
e114bba index: assert required OID are non-NULL
1a16e8b pack-objects: fix memory leak on overflow
d96c063 submodule: avoid passing NULL pointers to strncmp
851c51a diff_tform: fix potential NULL pointer access
0b357e2 coverity: report errors when uploading tarball
8d3ee96 refdb_fs: fail if refcache returns NULL pointer
dd78d7d blame_git: handle error returned by `git_commit_parent`
f17ed63 blame: handle error when resoling HEAD in normalize_options
18c4ae7 filebuf: handle write error in `lock_file`
89e7604 config_cache: check return value of `git_config__lookup_entry`
c1ec732 Setup better defaults for OpenSSL ciphers
4e91020 Start error string with lower case character
cdde081 Use general cl_git_fail because the error is generic
f587f38 CMake: do not overwrite but only append to CMAKE_C_FLAGS_DEBUG
9a668ab Option "LIBGIT2_PREFIX" to set the CMAKE's TARGET_PROPERTIES PREFIX
d8fcafb Split the page size from the mmap alignment
e97d2d7 commit: fix extraction of single-line signatures
a1cf264 win32: free thread-local data on thread exit
c86a65b config: don't special-case multivars that don't exist yet
3ec0f2e xdiff/xprepare: use the XDF_DIFF_ALG() macro to access flag bits
56da07c xdiff/xprepare: fix a memory leak
fe1f477 Add a no-op size_t typedef for the doc parser
ab062a3 tests: fix core/stream test when built with openssl off
3e2e824 refs: provide a more general error message for dwim
ba52879 reset: use real ids for the tests
b6130fe refs::create: strict object creation on by default
e8d5df9 config: show we write a spurious duplicated section header
a13c1ec config: don't write section header if we're in it
21d8832 config::write::repeated: init our buffer
1778908 ignore: don't use realpath to canonicalize path
26f2cef tree: re-use the id and filename in the odb object
13ebf7b tree: store the entries in a growable array
af753ab tree: drop the now-unnecessary entries vector
1d59c85 status: update test to include valid OID
5cc7a5c tests: skip the unreadable file tests as root
2c1bc36 Plug a few leaks
6a35e74 leaks: fix some leaks in the tests
ccfacb8 leaks: call `xdl_free_classifier`
8edadbf index::racy: force racy entry
v0.24
-------
### Changes or improvements
* Custom filters can now be registered with wildcard attributes, for
example `filter=*`. Consumers should examine the attributes parameter
of the `check` function for details.
* Symlinks are now followed when locking a file, which can be
necessary when multiple worktrees share a base repository.
* You can now set your own user-agent to be sent for HTTP requests by
using the `GIT_OPT_SET_USER_AGENT` with `git_libgit2_opts()`.
* You can set custom HTTP header fields to be sent along with requests
by passing them in the fetch and push options.
* Tree objects are now assumed to be sorted. If a tree is not
correctly formed, it will give bad results. This is the git approach
and cuts a significant amount of time when reading the trees.
* Filter registration is now protected against concurrent
registration.
* Filenames which are not valid on Windows in an index no longer cause
to fail to parse it on that OS.
* Rebases can now be performed purely in-memory, without touching the
repository's workdir.
* When adding objects to the index, or when creating new tree or commit
objects, the inputs are validated to ensure that the dependent objects
exist and are of the correct type. This object validation can be
disabled with the GIT_OPT_ENABLE_STRICT_OBJECT_CREATION option.
* The WinHTTP transport's handling of bad credentials now behaves like
the others, asking for credentials again.
### API additions
* `git_config_lock()` has been added, which allow for
transactional/atomic complex updates to the configuration, removing
the opportunity for concurrent operations and not committing any
changes until the unlock.
* `git_diff_options` added a new callback `progress_cb` to report on the
progress of the diff as files are being compared. The documentation of
the existing callback `notify_cb` was updated to reflect that it only
gets called when new deltas are added to the diff.
* `git_fetch_options` and `git_push_options` have gained a `custom_headers`
field to set the extra HTTP header fields to send.
* `git_stream_register_tls()` lets you register a callback to be used
as the constructor for a TLS stream instead of the libgit2 built-in
one.
* `git_commit_header_field()` allows you to look up a specific header
field in a commit.
* `git_commit_extract_signature()` extracts the signature from a
commit and gives you both the signature and the signed data so you
can verify it.
### API removals
* No APIs were removed in this version.
### Breaking API changes
* The `git_merge_tree_flag_t` is now `git_merge_flag_t`. Subsequently,
its members are no longer prefixed with `GIT_MERGE_TREE_FLAG` but are
now prefixed with `GIT_MERGE_FLAG`, and the `tree_flags` field of the
`git_merge_options` structure is now named `flags`.
* The `git_merge_file_flags_t` enum is now `git_merge_file_flag_t` for
consistency with other enum type names.
* `git_cert` descendent types now have a proper `parent` member
* It is the responsibility of the refdb backend to decide what to do
with the reflog on ref deletion. The file-based backend must delete
it, a database-backed one may wish to archive it.
* `git_config_backend` has gained two entries. `lock` and `unlock`
with which to implement the transactional/atomic semantics for the
configuration backend.
* `git_index_add` and `git_index_conflict_add()` will now use the case
as provided by the caller on case insensitive systems. Previous
versions would keep the case as it existed in the index. This does
not affect the higher-level `git_index_add_bypath` or
`git_index_add_frombuffer` functions.
* The `notify_payload` field of `git_diff_options` was renamed to `payload`
to reflect that it's also the payload for the new progress callback.
* The `git_config_level_t` enum has gained a higher-priority value
`GIT_CONFIG_LEVEL_PROGRAMDATA` which represent a rough Windows equivalent
to the system level configuration.
* `git_rebase_init()` not also takes a merge options.
* The index no longer performs locking itself. This is not something
users of the library should have been relying on as it's not part of
the concurrency guarantees.
Issues found with existing distfiles:
distfiles/eclipse-sourceBuild-srcIncluded-3.0.1.zip
distfiles/fortran-utils-1.1.tar.gz
distfiles/ivykis-0.39.tar.gz
distfiles/enum-1.11.tar.gz
distfiles/pvs-3.2-libraries.tgz
distfiles/pvs-3.2-linux.tgz
distfiles/pvs-3.2-solaris.tgz
distfiles/pvs-3.2-system.tgz
No changes made to these distinfo files.
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
Simplify Github distfile handling.
Backport a futimes fix from upstream master, fixes build on SunOS.
Changes since 0.23.2:
- blame: guard xdiff calls for large files
- diff: don't feed large files to xdiff
- merge_file: treat large files as binary
- xdiff: convert size variables to size_t
- GITERR_CHECK_ALLOC_ADDn: multi-arg adders
libgit2 v0.22.2 Maintenance Release
@carlosmn carlosmn released this on 25 Mar
12 commits to maint/v0.22 since this release
The following fixes have been backported to this maintenance release.
All users of the library are encouraged to update.
1f25fe9 checkout: report correct invalid path
8633dd9 win32: further cleanups for 8.3 disabling
93be89c win32: cleanup 8.3 disabled tests
728a013 Fix test failures when 8.3 is disabled
1f726d0 git: make sure to close the network stream
3e163b6 checkout: free last created directory
3440c20 Initialize refs vector in git_remote_update_tips().
dcf6c0c Lower case the include directive of windows header
1dd5e28 http: do not try to use the cert callback on unencrypted streams
dd243fe indexer: set an error message on duplicate objects in pack
3a1dc42 Put back the number of expected references to 6 from the test repo
cf688ff Fixed active refspecs not reset by git_remote_upload()
7a5682f http: enforce the credential types
f008aeb branch: do capture the error code
283f31a git_branch_delete() should ignore errors from non-existing reflogs
aa409d5 Fix Mac build without OpenSSL
d884d1c Fix race in git_packfile_unpack.
277d647 Reinit `reader` pointer after reading included config file
3bdcea8 Check rebase options version on public entry points
7d8e4e3 mkdir: respect the root path
69455bc stat: don't remove trailing '/' from root on win32
7aee248 repo: ensure we can create repo at filesystem root
aa926fb Fix branch creation when branch name matches namespace of previously deleted branch
31ea8db Clarified git_repository_is_empty() documentation
ed64a1b Add libssh2's library and include directories.
5c3e01d Ensure the diff hunk callback is specified before trying to dereference it
fe61bb6 Ensure git_index_entry is not NULL before trying to free it
ae0cfac openssl: Add all required includes for AF_INET6 and in6_addr.
4738a33 Fixed git_repository_set_bare() not setting "core.bare" correctly
d0db408 Make sure sys/repository.h includes the required headers
eefe2e8 Fixed typo in git_repository_reinit_filesystem() documentation
8693335 Make binary detection work similar to vanilla git
d95c949 Include ws2tcpip.h in order to get in6_addr
e1314dd Include openssl headers last
09c2477 Fixed error when including git2/include/sys/stream.h
bd0a551 pathspec: do not try to dereference NULL
1ce9ea3 checkout tests: cleanup realpath impl on Win32
f9df7b6 checkout tests: emulate p_realpath poorly on Win32
8d65523 checkout: remove files before writing new ones
b295294 checkout: drop newline in error message
99367df checkout tests: nasty symlinks
9f1c873 checkout: don't recreate previous directory
1ca7fa9 git_path_join_unrooted: return base len
bd0e881 checkout: introduce git_checkout_perfdata
Downloads
libgit2 v0.21.5 Maintenance Release
@ethomson ethomson released this on 17 Jan
The following (critical) fixes have been backported to this maintenance release.
All users of the library are encouraged to update.
af769f4 checkout: introduce git_checkout_perfdata
fc478d2 git_path_join_unrooted: return base len
629a579 checkout: don't recreate previous directory
dd3c53f checkout tests: nasty symlinks
186177a checkout: drop newline in error message
7268a5a checkout: remove files before writing new ones
e517b62 checkout tests: emulate p_realpath poorly on Win32
9a8753d checkout tests: cleanup realpath impl on Win32
8433078 Introduce test for checkout case-changing rename
d853fb9 Always checkout with case sensitive iterator
libgit2 is a portable, pure C implementation of the Git core methods provided as
a re-entrant linkable library with a solid API, allowing you to write native
speed custom Git applications in any language which supports C bindings.
