Fixes since v2.9.1
------------------
* A fix merged to v2.9.1 had a few tests that are not meant to be
run on platforms without 64-bit long, which caused unnecessary
test failures on them because we didn't detect the platform and
skip them. These tests are now skipped on platforms that they
are not applicable to.
Fixes since v2.9
----------------
* When "git daemon" is run without --[init-]timeout specified, a
connection from a client that silently goes offline can hang around
for a long time, wasting resources. The socket-level KEEPALIVE has
been enabled to allow the OS to notice such failed connections.
* The commands in `git log` family take %C(auto) in a custom format
string. This unconditionally turned the color on, ignoring
--no-color or with --color=auto when the output is not connected to
a tty; this was corrected to make the format truly behave as
"auto".
* "git rev-list --count" whose walk-length is limited with "-n"
option did not work well with the counting optimized to look at the
bitmap index.
* "git show -W" (extend hunks to cover the entire function, delimited
by lines that match the "funcname" pattern) used to show the entire
file when a change added an entire function at the end of the file,
which has been fixed.
* The documentation set has been updated so that literal commands,
configuration variables and environment variables are consistently
typeset in fixed-width font and bold in manpages.
* "git svn propset" subcommand that was added in 2.3 days is
documented now.
* The documentation tries to consistently spell "GPG"; when
referring to the specific program name, "gpg" is used.
* "git reflog" stopped upon seeing an entry that denotes a branch
creation event (aka "unborn"), which made it appear as if the
reflog was truncated.
* The git-prompt scriptlet (in contrib/) was not friendly with those
who uses "set -u", which has been fixed.
* A codepath that used alloca(3) to place an unbounded amount of data
on the stack has been updated to avoid doing so.
* "git update-index --add --chmod=+x file" may be usable as an escape
hatch, but not a friendly thing to force for people who do need to
use it regularly. "git add --chmod=+x file" can be used instead.
* Build improvements for gnome-keyring (in contrib/)
* "git status" used to say "working directory" when it meant "working
tree".
* Comments about misbehaving FreeBSD shells have been clarified with
the version number (9.x and before are broken, newer ones are OK).
* "git cherry-pick A" worked on an unborn branch, but "git
cherry-pick A..B" didn't.
* "git add -i/-p" learned to honor diff.compactionHeuristic
experimental knob, so that the user can work on the same hunk split
as "git diff" output.
* "log --graph --format=" learned that "%>|(N)" specifies the width
relative to the terminal's left edge, not relative to the area to
draw text that is to the right of the ancestry-graph section. It
also now accepts negative N that means the column limit is relative
to the right border.
* The ownership rule for the piece of memory that hold references to
be fetched in "git fetch" was screwy, which has been cleaned up.
* "git bisect" makes an internal call to "git diff-tree" when
bisection finds the culprit, but this call did not initialize the
data structure to pass to the diff-tree API correctly.
* Formats of the various data (and how to validate them) where we use
GPG signature have been documented.
* Fix an unintended regression in v2.9 that breaks "clone --depth"
that recurses down to submodules by forcing the submodules to also
be cloned shallowly, which many server instances that host upstream
of the submodules are not prepared for.
* Fix unnecessarily waste in the idiomatic use of ': ${VAR=default}'
to set the default value, without enclosing it in double quotes.
* Some platform-specific code had non-ANSI strict declarations of C
functions that do not take any parameters, which has been
corrected.
* The internal code used to show local timezone offset is not
prepared to handle timestamps beyond year 2100, and gave a
bogus offset value to the caller. Use a more benign looking
+0000 instead and let "git log" going in such a case, instead
of aborting.
* One among four invocations of readlink(1) in our test suite has
been rewritten so that the test can run on systems without the
command (others are in valgrind test framework and t9802).
* t/perf needs /usr/bin/time with GNU extension; the invocation of it
is updated to "gtime" on Darwin.
* A bug, which caused "git p4" while running under verbose mode to
report paths that are omitted due to branch prefix incorrectly, has
been fixed; the command said "Ignoring file outside of prefix" for
paths that are _inside_.
* The top level documentation "git help git" still pointed at the
documentation set hosted at now-defunct google-code repository.
Update it to point to https://git.github.io/htmldocs/git.html
instead.
Also contains minor documentation updates and code clean-ups.
* The experimental untracked-cache feature were buggy when paths with
a few levels of subdirectories are involved.
* Recent versions of scripted "git am" has a performance regression
in "git am --skip" codepath, which no longer exists in the
built-in version on the 'master' front. Fix the regression in
the last scripted version that appear in 2.5.x maintenance track
and older.
Also contains typofixes, documentation updates and trivial code
clean-ups.
UI, Workflows & Features
* The bash completion script (in contrib/) learned a few options that
"git revert" takes.
* Whitespace breakages in deleted and context lines can also be
painted in the output of "git diff" and friends with the new
--ws-error-highlight option.
* List of commands shown by "git help" are grouped along the workflow
elements to help early learners.
* "git p4" now detects the filetype (e.g. binary) correctly even when
the files are opened exclusively.
* git p4 attempts to better handle branches in Perforce.
* "git p4" learned "--changes-block-size <n>" to read the changes in
chunks from Perforce, instead of making one call to "p4 changes"
that may trigger "too many rows scanned" error from Perforce.
* More workaround for Perforce's row number limit in "git p4".
* Unlike "$EDITOR" and "$GIT_EDITOR" that can hold the path to the
command and initial options (e.g. "/path/to/emacs -nw"), 'git p4'
did not let the shell interpolate the contents of the environment
variable that name the editor "$P4EDITOR" (and "$EDITOR", too).
This release makes it in line with the rest of Git, as well as with
Perforce.
* A new short-hand <branch>@{push} denotes the remote-tracking branch
that tracks the branch at the remote the <branch> would be pushed
to.
* "git show-branch --topics HEAD" (with no other arguments) did not
do anything interesting. Instead, contrast the given revision
against all the local branches by default.
* A replacement for contrib/workdir/git-new-workdir that does not
rely on symbolic links and make sharing of objects and refs safer
by making the borrowee and borrowers aware of each other.
Consider this as still an experimental feature; its UI is still
likely to change.
* Tweak the sample "store" backend of the credential helper to honor
XDG configuration file locations when specified.
* A heuristic we use to catch mistyped paths on the command line
"git <cmd> <revs> <pathspec>" is to make sure that all the non-rev
parameters in the later part of the command line are names of the
files in the working tree, but that means "git grep $str -- \*.c"
must always be disambiguated with "--", because nobody sane will
create a file whose name literally is asterisk-dot-see. Loosen the
heuristic to declare that with a wildcard string the user likely
meant to give us a pathspec.
* "git merge FETCH_HEAD" learned that the previous "git fetch" could
be to create an Octopus merge, i.e. recording multiple branches
that are not marked as "not-for-merge"; this allows us to lose an
old style invocation "git merge <msg> HEAD $commits..." in the
implementation of "git pull" script; the old style syntax can now
be deprecated (but not removed yet).
* Filter scripts were run with SIGPIPE disabled on the Git side,
expecting that they may not read what Git feeds them to filter.
We however treated a filter that does not read its input fully
before exiting as an error. We no longer do and ignore EPIPE
when writing to feed the filter scripts.
This changes semantics, but arguably in a good way. If a filter
can produce its output without fully consuming its input using
whatever magic, we now let it do so, instead of diagnosing it
as a programming error.
* Instead of dying immediately upon failing to obtain a lock, the
locking (of refs etc) retries after a short while with backoff.
* Introduce http.<url>.SSLCipherList configuration variable to tweak
the list of cipher suite to be used with libcURL when talking with
https:// sites.
* "git subtree" script (in contrib/) used "echo -n" to produce
progress messages in a non-portable way.
* "git subtree" script (in contrib/) does not have --squash option
when pushing, but the documentation and help text pretended as if
it did.
* The Git subcommand completion (in contrib/) no longer lists credential
helpers among candidates; they are not something the end user would
invoke interactively.
* The index file can be taught with "update-index --untracked-cache"
to optionally remember already seen untracked files, in order to
speed up "git status" in a working tree with tons of cruft.
* "git mergetool" learned to drive WinMerge as a backend.
* "git upload-pack" that serves "git fetch" can be told to serve
commits that are not at the tip of any ref, as long as they are
reachable from a ref, with uploadpack.allowReachableSHA1InWant
configuration variable.
{perl>=5.16.6,p5-ExtUtils-ParseXS>=3.15}:../../devel/p5-ExtUtils-ParseXS
since pkgsrc enforces the newest perl version anyway, so they
should always pick perl, but sometimes (pkg_add) don't due to the
design of the {,} syntax.
No effective change for the above reason.
Ok joerg
Changelog:
Git v2.4.5 Release Notes
========================
Fixes since v2.4.4
------------------
* The setup code used to die when core.bare and core.worktree are set
inconsistently, even for commands that do not need working tree.
* There was a dead code that used to handle "git pull --tags" and
show special-cased error message, which was made irrelevant when
the semantics of the option changed back in Git 1.9 days.
* "color.diff.plain" was a misnomer; give it 'color.diff.context' as
a more logical synonym.
* The configuration reader/writer uses mmap(2) interface to access
the files; when we find a directory, it barfed with "Out of memory?".
* Recent "git prune" traverses young unreachable objects to safekeep
old objects in the reachability chain from them, which sometimes
showed unnecessary error messages that are alarming.
* "git rebase -i" fired post-rewrite hook when it shouldn't (namely,
when it was told to stop sequencing with 'exec' insn).
Also contains typofixes, documentation updates and trivial code
clean-ups.
Git v2.4.4 Release Notes
========================
Fixes since v2.4.3
------------------
* l10n updates for German.
* An earlier leakfix to bitmap testing code was incomplete.
* "git clean pathspec..." tried to lstat(2) and complain even for
paths outside the given pathspec.
* Communication between the HTTP server and http_backend process can
lead to a dead-lock when relaying a large ref negotiation request.
Diagnose the situation better, and mitigate it by reading such a
request first into core (to a reasonable limit).
* The clean/smudge interface did not work well when filtering an
empty contents (failed and then passed the empty input through).
It can be argued that a filter that produces anything but empty for
an empty input is nonsense, but if the user wants to do strange
things, then why not?
* Make "git stash something --help" error out, so that users can
safely say "git stash drop --help".
* Clarify that "log --raw" and "log --format=raw" are unrelated
concepts.
* Catch a programmer mistake to feed a pointer not an array to
ARRAY_SIZE() macro, by using a couple of GCC extensions.
Also contains typofixes, documentation updates and trivial code
clean-ups.
------------------
* Commands that take pathspecs on the command line misbehaved when
the pathspec is given as an absolute pathname (which is a
practice not particularly encouraged) that points at a symbolic
link in the working tree.
* An earlier fix to the shell prompt script (in contrib/) for using
the PROMPT_COMMAND interface did not correctly check if the extra
code path needs to trigger, causing the branch name not to appear
when 'promptvars' option is disabled in bash or PROMPT_SUBST is
unset in zsh.
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
* "git p4" dealing with changes in binary files were broken by a
change in 1.9 release.
* The shell prompt script (in contrib/), when using the PROMPT_COMMAND
interface, used an unsafe construct when showing the branch name in
$PS1.
* "git rebase" used a POSIX shell construct FreeBSD /bin/sh does not
work well with.
* Some more Unicode codepoints defined in Unicode 6.3 as having
zero width have been taught to our display column counting logic.
* Some tests used shell constructs that did not work well on
FreeBSD.
* "git diff -- ':(icase)makefile'" was unnecessarily rejected at the
command line parser.
* "git cat-file --batch-check=ok" did not check the existence of
the named object.
* "git am --abort" sometimes complained about not being able to write
a tree with an 0{40} object in it.
* Two processes creating loose objects at the same time could have
failed unnecessarily when the name of their new objects started
with the same byte value, due to a race condition.
Also contains typofixes, documentation updates and trivial code clean-ups
* Some old versions of bash do not grok some constructs like
'printf -v varname' which the prompt and completion code started
to use recently. The completion and prompt scripts have been
adjusted to work better with these old versions of bash.
* In FreeBSD's and NetBSD's "sh", a return in a dot script in a
function returns from the function, not only in the dot script,
breaking "git rebase" on these platforms (regression introduced
in 1.8.4-rc1).
* "git rebase -i" and other scripted commands were feeding a
random, data dependant error message to 'echo' and expecting it
to come out literally.
* Setting the "submodule.<name>.path" variable to the empty
"true" caused the configuration parser to segfault.
* Output from "git log --full-diff -- <pathspec>" looked strange
because comparison was done with the previous ancestor that
touched the specified <pathspec>, causing the patches for paths
outside the pathspec to show more than the single commit has
changed.
* The auto-tag-following code in "git fetch" tries to reuse the
same transport twice when the serving end does not cooperate and
does not give tags that point to commits that are asked for as
part of the primary transfer. Unfortunately, Git-aware transport
helper interface is not designed to be used more than once, hence
this did not work over smart-http transfer. Fixed.
* Send a large request to read(2)/write(2) as a smaller but still
reasonably large chunks, which would improve the latency when the
operation needs to be killed and incidentally works around broken
64-bit systems that cannot take a 2GB write or read in one go.
* A ".mailmap" file that ends with an incomplete line, when read
from a blob, was not handled properly.
* The recent "short-cut clone connectivity check" topic broke a
shallow repository when a fetch operation tries to auto-follow
tags.
* When send-email comes up with an error message to die with upon
failure to start an SSL session, it tried to read the error
string from a wrong place.
* A call to xread() was used without a loop to cope with short
read in the codepath to stream large blobs to a pack.
* On platforms with fgetc() and friends defined as macros, the
configuration parser did not compile.
* New versions of MediaWiki introduced a new API for returning
more than 500 results in response to a query, which would cause
the MediaWiki remote helper to go into an infinite loop.
* Subversion's serf access method (the only one available in
Subversion 1.8) for http and https URLs in skelta mode tells its
caller to open multiple files at a time, which made "git svn
fetch" complain that "Temp file with moniker 'svn_delta' already
in use" instead of fetching.
Also contains a handful of trivial code clean-ups, documentation
updates, updates to the test suite, etc.
* When $HOME is misconfigured to point at an unreadable directory, we
used to complain and die. The check has been loosened.
* Handling of negative exclude pattern for directories "!dir" was
broken in the update to v1.8.3.
Also contains a handful of trivial code clean-ups, documentation
updates, updates to the test suite, etc.
I'm not particularly paying attention to gitweb. (This package
doesn't need a lot of attention, as it's automatically updated with
git, and stable upstream.)
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package
Like last time, where this caused no complaints.
---------------------
* When "git am" is fed an input that has multiple "Content-type: ..."
header, it did not grok charset= attribute correctly.
* Even during a conflicted merge, "git blame $path" always meant to
blame uncommitted changes to the "working tree" version; make it
more useful by showing cleanly merged parts as coming from the other
branch that is being merged.
* "git blame MAKEFILE" run in a history that has "Makefile" but not
"MAKEFILE" should say "No such file MAKEFILE in HEAD", but got
confused on a case insensitive filesystem and failed to do so.
* "git fetch --all", when passed "--no-tags", did not honor the
"--no-tags" option while fetching from individual remotes (the same
issue existed with "--tags", but combination "--all --tags" makes
much less sense than "--all --no-tags").
* "git log/diff/format-patch --stat" showed the "N line(s) added"
comment in user's locale and caused careless submitters to send
patches with such a line in them to projects whose project language
is not their language, mildly irritating others. Localization to
the line has been disabled for now.
* "git log --all-match --grep=A --grep=B" ought to show commits that
mention both A and B, but when these three options are used with
--author or --committer, it showed commits that mention either A or
B (or both) instead.
* The subcommand to remove the definition of a remote in "git remote"
was named "rm" even though all other subcommands were spelled out.
Introduce "git remote remove" to remove confusion, and keep "rm" as
a backward compatible synonym.
Also contains a handful of documentation updates.
* "git p4" (in contrib/) submit the changes to a wrong place when the
"--use-client-spec" option is set.
* The config.mak.autogen generated by optional autoconf support tried
to link the binary with -lintl even when libintl.h is missing from
the system.
* When the filter driver exits before reading the content before the
main git process writes the contents to be filtered to the pipe to
it, the latter could be killed with SIGPIPE instead of ignoring
such an event as an error.
* "git add --refresh <pathspec>" used to warn about unmerged paths
outside the given pathspec.
* The bulk check-in codepath in "git add" streamed contents that
needs smudge/clean filters without running them, instead of punting
and delegating to the codepath to run filters after slurping
everything to core.
* "git branch --with $that" assumed incorrectly that the user will never
ask the question with nonsense value in $that.
* "git bundle create" produced a corrupt bundle file upon seeing
commits with excessively long subject line.
* When a remote helper exits before reading the blank line from the
main git process to signal the end of commands, the latter could be
killed with SIGPIPE. Instead we should ignore such event as a
non-error.
* The commit log template given with "git merge --edit" did not have
a short instructive text like what "git commit" gives.
* "git rev-list --verify-objects -q" omitted the extra verification
it needs to do over "git rev-list --objects -q" by mistake.
* "gitweb" used to drop warnings in the log file when "heads" view is
accessed in a repository whose HEAD does not point at a valid
branch.
* An invalid regular expression pattern given by an end user made
"gitweb" to return garbled response.
commit 3017ed62f47ce14a959e2d315c434d4980cf4243
Author: Jakub Narebski <jnareb@gmail.com>
Date: Wed Dec 15 00:34:01 2010 +0100
gitweb: Introduce esc_attr to escape attributes of HTML elements
It is needed only to escape attributes of handcrafted HTML elements,
and not those generated using CGI.pm subroutines / methods for HTML
generation.
While at it, add esc_url and esc_html where needed, and prefer to use
CGI.pm HTML generating methods than handcrafted HTML code. Most of
those are probably unnecessary (could be exploited only by person with
write access to gitweb config, or at least access to the repository).
This fixes CVE-2010-3906
Reported-by: Emanuele Gentili <e.gentili@tigersecurity.it>
Helped-by: John 'Warthog9' Hawley <warthog9@kernel.org>
Helped-by: Jonathan Nieder <jrnieder@gmail.com>
Signed-off-by: Jakub Narebski <jnareb@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
and lesser changes:
3017ed6 gitweb: Introduce esc_attr to escape attributes of HTML elements
d48b284 perl: bump the required Perl version to 5.8 from 5.6.[21]
d8a9480 gitweb: Don't die_error in git_tag after already printing headers
22e5e58 Typos in code comments, an error message, documentation
497d9c3 gitweb: clarify search results page when no matching commit found
0b45010 gitweb: Fix typo in run() subroutine
7f425db gitweb: allow configurations that change with each request
61bf126 gitweb: move highlight config out of guess_file_syntax()
109988f gitweb: fix esc_url
869d588 gitweb: Move evaluate_gitweb_config out of run_request
7064994 gitweb/Makefile: fix typo in gitweb.min.css rule
5ed2ec1 gitweb: Return or exit after done serving request
ad709ea gitweb: Fix typo in hash key name in %opts in git_header_html
45aa989 gitweb: Run in FastCGI mode if gitweb script has .fcgi extension
18d0532 gitweb: Move static files into seperate subdirectory
04794fd gitweb: Use @diff_opts while using format-patch
a0446e7 gitweb: Add support for FastCGI, using CGI::Fast
c2394fe gitweb: Put all per-connection code in run() subroutine
592ea41 gitweb: Refactor syntax highlighting support
b331fe5 gitweb: Syntax highlighting support
152d943 gitweb: Create install target for gitweb in Makefile
8515392 gitweb: Improve installation instructions in gitweb/INSTALL
ee1d8ee gitweb: Silence 'Variable VAR may be unavailable' warnings
efb2d0c gitweb: Move generating page title to separate subroutine
7a59745 gitweb: Add custom error handler using die_error
c42b00c gitweb: Use nonlocal jump instead of 'exit' in die_error
377bee3 gitweb: href(..., -path_info => 0|1)
8de096b gitweb: simplify gitweb.min.* generation and clean-up rules
e391859 gitweb: update INSTALL to use shorter make target
a8ab675 gitweb: add documentation to INSTALL regarding gitweb.js
bb4bbf7 Gitweb: add autoconfigure support for minifiers
0e6ce21 Gitweb: add support for minifying gitweb.css
890a13a Sync with 1.7.0.4
7a49c25 gitweb: git_get_project_config requires only $git_dir, not also $projec
9be3614 gitweb: Fix project-specific feature override behavior
964ad92 gitweb multiple project roots documentation
1df4876 gitweb: Protect escaping functions against calling on undef
453541f gitweb: esc_html (short) error message in die_error
e6e592d gitweb: Die if there are parsing errors in config file
57017b3 gitweb: Simplify (and fix) chop_str
aa14013 gitweb: Add optional extra parameter to die_error, for extended explanaion
1ee4b4e gitweb: add a "string" variant of print_sort_th
0cf207f gitweb: add a "string" variant of print_local_time
24d4afc gitweb: Check that $site_header etc. are defined before using them
62331ef gitweb: Makefile improvements
b62a1a9 gitweb: Load checking
b2c2e4c gitweb.js: Workaround for IE8 bug
because the git package doesn't need that. Depend on scmgit-base
instead of scmgit because I can't see how this requires the man pages
to be installed.
Drop dependency on apache because this ought to work with other
web servers.
Take maintainership, but only because it's not maintained.
Stop lying and drop maintainership of these packages. I have not
maintained them for a very long time already, so leave room for
fresh blood to take over them.
gitweb provides an easy to use and full-fledged web interface to
your Git repositories. It allows users to browse the contents of
all served projects, including the ability to inspect individual
files and their history for any of the available branches.
