| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: git-credential-libsecret | Distribution: openSUSE Tumbleweed |
| Version: 2.46.0 | Vendor: openSUSE |
| Release: 1.1 | Build date: Tue Jul 30 02:07:55 2024 |
| Group: Development/Tools/Version Control | Build host: reproducible |
| Size: 67640 | Source RPM: git-2.46.0-1.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: https://git-scm.com/ | |
| Summary: Git credential backend using libsecret to access keyring | |
A Git credential backend which uses libsecret API to acces keyrings such as kwallet or GNOME keyring.
GPL-2.0-only
* Tue Jul 30 2024 Marcus Rueckert <mrueckert@suse.de>
- update to 2.46.0
UI, Workflows & Features
* The "--rfc" option of "git format-patch" learned to take an
optional string value to be used in place of "RFC" to tweak the
"[PATCH]" on the subject header.
* The credential helper protocol, together with the HTTP layer, have
been enhanced to support authentication schemes different from
username & password pair, like Bearer and NTLM.
* Command line completion script (in contrib/) learned to complete
"git symbolic-ref" a bit better (you need to enable plumbing
commands to be completed with GIT_COMPLETION_SHOW_ALL_COMMANDS).
* When the user responds to a prompt given by "git add -p" with an
unsupported command, list of available commands were given, which
was too much if the user knew what they wanted to type but merely
made a typo. Now the user gets a much shorter error message.
* The color parsing code learned to handle 12-bit RGB colors, spelled
as "#RGB" (in addition to "#RRGGBB" that is already supported).
* The operation mode options (like "--get") the "git config" command
uses have been deprecated and replaced with subcommands (like "git
config get").
* "git tag" learned the "--trailer" option to futz with the trailers
in the same way as "git commit" does.
* A new global "--no-advice" option can be used to disable all advice
messages, which is meant to be used only in scripts.
* Updates to symbolic refs can now be made as a part of ref
transaction.
* The trailer API has been reshuffled a bit.
* Terminology to call various ref-like things are getting
straightened out.
* The command line completion script (in contrib/) has been adjusted
to the recent update to "git config" that adopted subcommand based
UI.
* The knobs to tweak how reftable files are written have been made
available as configuration variables.
* When "git push" notices that the commit at the tip of the ref on
the other side it is about to overwrite does not exist locally, it
used to first try fetching it if the local repository is a partial
clone. The command has been taught not to do so and immediately
fail instead.
* The promisor.quiet configuration knob can be set to true to make
lazy fetching from promisor remotes silent.
* The inter/range-diff output has been moved to the end of the patch
when format-patch adds it to a single patch, instead of writing it
before the patch text, to be consistent with what is done for a
cover letter for a multi-patch series.
* A new command has been added to migrate a repository that uses the
files backend for its ref storage to use the reftable backend, with
limitations.
* "git diff --exit-code --ext-diff" learned to take the exit status
of the external diff driver into account when deciding the exit
status of the overall "git diff" invocation when configured to do
so.
* "git update-ref --stdin" learned to handle transactional updates of
symbolic-refs.
* "git format-patch --interdiff" for multi-patch series learned to
turn on cover letters automatically (unless told never to enable
cover letter with "--no-cover-letter" and such).
* The "--heads" option of "ls-remote" and "show-ref" has been been
deprecated; "--branches" replaces "--heads".
* For over a year, setting add.interactive.useBuiltin configuration
variable did nothing but giving a "this does not do anything"
warning. The warning has been removed.
* The http transport can now be told to send request with
authentication material without first getting a 401 response.
* A handful of entries are added to the GitFAQ document.
* "git var GIT_SHELL_PATH" should report the path to the shell used
to spawn external commands, but it didn't do so on Windows, which
has been corrected.
Performance, Internal Implementation, Development Support etc.
* Advertise "git contacts", a tool for newcomers to find people to
ask review for their patches, a bit more in our developer
documentation.
* In addition to building the objects needed, try to link the objects
that are used in fuzzer tests, to make sure at least they build
without bitrot, in Linux CI runs.
* Code to write out reftable has seen some optimization and
simplification.
* Tests to ensure interoperability between reftable written by jgit
and our code have been added and enabled in CI.
* The singleton index_state instance "the_index" has been eliminated
by always instantiating "the_repository" and replacing references
to "the_index" with references to its .index member.
* Git-GUI has a new maintainer, Johannes Sixt.
* The "test-tool" has been taught to run testsuite tests in parallel,
bypassing the need to use the "prove" tool.
* The "whitespace check" task that was enabled for GitHub Actions CI
has been ported to GitLab CI.
* The refs API lost functions that implicitly assumes to work on the
primary ref_store by forcing the callers to pass a ref_store as an
argument.
* Code clean-up to reduce inter-function communication inside
builtin/config.c done via the use of global variables.
* The pack bitmap code saw some clean-up to prepare for a follow-up topic.
* Preliminary code clean-up for "git send-email".
* The default "creation-factor" used by "git format-patch" has been
raised to make it more aggressively find matching commits.
* Before discovering the repository details, We used to assume SHA-1
as the "default" hash function, which has been corrected. Hopefully
this will smoke out codepaths that rely on such an unwarranted
assumptions.
* The project decision making policy has been documented.
* The strcmp-offset tests have been rewritten using the unit test
framework.
* "git add -p" learned to complain when an answer with more than one
letter is given to a prompt that expects a single letter answer.
* The alias-expanded command lines are logged to the trace output.
* A new test was added to ensure git commands that are designed to
run outside repositories do work.
* A few tests in reftable library have been rewritten using the
unit test framework.
* A pair of test helpers that essentially are unit tests on hash
algorithms have been rewritten using the unit-tests framework.
* A test helper that essentially is unit tests on the "decorate"
logic has been rewritten using the unit-tests framework.
* Many memory leaks in the sparse-checkout code paths have been
plugged.
* "make check-docs" noticed problems and reported to its output but
failed to signal its findings with its exit status, which has been
corrected.
* Building with "-Werror -Wwrite-strings" is now supported.
* To help developers, the build procedure now allows builders to use
CFLAGS_APPEND to specify additional CFLAGS.
* "oidtree" tests were rewritten to use the unit test framework.
* The structure of the document that records longer-term project
decisions to deprecate/remove/update various behaviour has been
outlined.
* The pseudo-merge reachability bitmap to help more efficient storage
of the reachability bitmap in a repository with too many refs has
been added.
* When "git merge" sees that the index cannot be refreshed (e.g. due
to another process doing the same in the background), it died but
after writing MERGE_HEAD etc. files, which was useless for the
purpose to recover from the failure.
* The output from "git cat-file --batch-check" and "--batch-command
(info)" should not be unbuffered, for which some tests have been
added.
* A CPP macro USE_THE_REPOSITORY_VARIABLE is introduced to help
transition the codebase to rely less on the availability of the
singleton the_repository instance.
* "git version --build-options" reports the version information of
OpenSSL and other libraries (if used) in the build.
* Memory ownership rules for the in-core representation of
remote.*.url configuration values have been straightened out, which
resulted in a few leak fixes and code clarification.
* When bundleURI interface fetches multiple bundles, Git failed to
take full advantage of all bundles and ended up slurping duplicated
objects, which has been corrected.
* The code to deal with modified paths that are out-of-cone in a
sparsely checked out working tree has been optimized.
* An existing test of oidmap API has been rewritten with the
unit-test framework.
* The "ort" merge backend saw one bugfix for a crash that happens
when inner merge gets killed, and assorted code clean-ups.
* A new warning message is issued when a command has to expand a
sparse index to handle working tree cruft that are outside of the
sparse checkout.
* The test framework learned to take the test body not as a single
string but as a here-document.
* "git push '' HEAD:there" used to hit a BUG(); it has been corrected
to die with "fatal: bad repository ''".
* What happens when http.cookieFile gets the special value "" has
been clarified in the documentation.
Fixes
* "git rebase --signoff" used to forget that it needs to add a
sign-off to the resulting commit when told to continue after a
conflict stops its operation.
* The procedure to build multi-pack-index got confused by the
replace-refs mechanism, which has been corrected by disabling the
latter.
* The "-k" and "--rfc" options of "format-patch" will now error out
when used together, as one tells us not to add anything to the
title of the commit, and the other one tells us to add "RFC" in
addition to "PATCH".
* "git stash -S" did not handle binary files correctly, which has
been corrected.
* A scheduled "git maintenance" job is expected to work on all
repositories it knows about, but it stopped at the first one that
errored out. Now it keeps going.
* zsh can pretend to be a normal shell pretty well except for some
glitches that we tickle in some of our scripts. Work them around
so that "vimdiff" and our test suite works well enough with it.
* Command line completion support for zsh (in contrib/) has been
updated to stop exposing internal state to end-user shell
interaction.
* Tests that try to corrupt in-repository files in chunked format did
not work well on macOS due to its broken "mv", which has been
worked around.
* The maximum size of attribute files is enforced more consistently.
* Unbreak CI jobs so that we do not attempt to use Python 2 that has
been removed from the platform.
* Git 2.43 started using the tree of HEAD as the source of attributes
in a bare repository, which has severe performance implications.
For now, revert the change, without ripping out a more explicit
support for the attr.tree configuration variable.
* The "--exit-code" option of "git diff" command learned to work with
the "--ext-diff" option.
* Windows CI running in GitHub Actions started complaining about the
order of arguments given to calloc(); the imported regex code uses
the wrong order almost consistently, which has been corrected.
* Expose "name conflict" error when a ref creation fails due to D/F
conflict in the ref namespace, to improve an error message given by
"git fetch".
(merge 9339fca23e it/refs-name-conflict later to maint).
* The SubmittingPatches document now refers folks to manpages
translation project.
* The documentation for "git diff --name-only" has been clarified
that it is about showing the names in the post-image tree.
* The credential helper that talks with osx keychain learned to avoid
storing back the authentication material it just got received from
the keychain.
(merge e1ab45b2da kn/osxkeychain-skip-idempotent-store later to maint).
* The chainlint script (invoked during "make test") did nothing when
it failed to detect the number of available CPUs. It now falls
back to 1 CPU to avoid the problem.
* Revert overly aggressive "layered defence" that went into 2.45.1
and friends, which broke "git-lfs", "git-annex", and other use
cases, so that we can rebuild necessary counterparts in the open.
* "git init" in an already created directory, when the user
configuration has includeif.onbranch, started to fail recently,
which has been corrected.
* Memory leaks in "git mv" has been plugged.
* The safe.directory configuration knob has been updated to
optionally allow leading path matches.
* An overly large ".gitignore" files are now rejected silently.
* Upon expiration event, the credential subsystem forgot to clear
in-core authentication material other than password (whose support
was added recently), which has been corrected.
* Fix for an embarrassing typo that prevented Python2 tests from running
anywhere.
* Varargs functions that are unannotated as printf-like or execl-like
have been annotated as such.
* "git am" has a safety feature to prevent it from starting a new
session when there already is a session going. It reliably
triggers when a mbox is given on the command line, but it has to
rely on the tty-ness of the standard input. Add an explicit way to
opt out of this safety with a command line option.
(merge 62c71ace44 jk/am-retry later to maint).
* A leak in "git imap-send" that somehow escapes LSan has been
plugged.
* Setting core.abbrev too early before the repository set-up
(typically in "git clone") caused segfault, which as been
corrected.
* When the user adds to "git rebase -i" instruction to "pick" a merge
commit, the error experience is not pleasant. Such an error is now
caught earlier in the process that parses the todo list.
* We forgot to normalize the result of getcwd() to NFC on macOS where
all other paths are normalized, which has been corrected. This still
does not address the case where core.precomposeUnicode configuration
is not defined globally.
* Earlier we stopped using the tree of HEAD as the default source of
attributes in a bare repository, but failed to document it. This
has been corrected.
* "git update-server-info" and "git commit-graph --write" have been
updated to use the tempfile API to avoid leaving cruft after
failing.
* An unused extern declaration for mingw has been removed to prevent
it from causing build failure.
* A helper function shared between two tests had a copy-paste bug,
which has been corrected.
* "git fetch-pack -k -k" without passing "--lock-pack" (which we
never do ourselves) did not work at all, which has been corrected.
* CI job to build minimum fuzzers learned to pass NO_CURL=NoThanks to
the build procedure, as its build environment does not offer, or
the rest of the build needs, anything cURL.
(merge 4e66b5a990 jc/fuzz-sans-curl later to maint).
* "git diff --no-ext-diff" when diff.external is configured ignored
the "--color-moved" option.
(merge 0f4b0d4cf0 rs/diff-color-moved-w-no-ext-diff-fix later to maint).
* "git archive --add-virtual-file=<path>:<contents>" never paid
attention to the --prefix=<prefix> option but the documentation
said it would. The documentation has been corrected.
(merge 72c282098d jc/archive-prefix-with-add-virtual-file later to maint).
* When GIT_PAGER failed to spawn, depending on the code path taken,
we failed immediately (correct) or just spew the payload to the
standard output (incorrect). The code now always fail immediately
when GIT_PAGER fails.
(merge 78f0a5d187 rj/pager-die-upon-exec-failure later to maint).
* date parser updates to be more careful about underflowing epoch
based timestamp.
(merge 9d69789770 db/date-underflow-fix later to maint).
* The Bloom filter used for path limited history traversal was broken
on systems whose "char" is unsigned; update the implementation and
bump the format version to 2.
(merge 9c8a9ec787 tb/path-filter-fix later to maint).
* Typofix.
(merge 231cf7370e as/pathspec-h-typofix later to maint).
* Code clean-up.
(merge 4b837f821e rs/simplify-submodule-helper-super-prefix-invocation later to maint).
* "git describe --dirty --broken" forgot to refresh the index before
seeing if there is any chang, ("git describe --dirty" correctly did
so), which has been corrected.
(merge b8ae42e292 as/describe-broken-refresh-index-fix later to maint).
* Test suite has been taught not to unnecessarily rely on DNS failing
a bogus external name.
(merge 407cdbd271 jk/tests-without-dns later to maint).
* GitWeb update to use committer date consistently in rss/atom feeds.
(merge cf6ead095b am/gitweb-feed-use-committer-date later to maint).
* Custom control structures we invented more recently have been
taught to the clang-format file.
(merge 1457dff9be rs/clang-format-updates later to maint).
* Developer build procedure fix.
(merge df32729866 tb/dev-build-pedantic-fix later to maint).
* "git push" that pushes only deletion gave an unnecessary and
harmless error message when push negotiation is configured, which
has been corrected.
(merge 4d8ee0317f jc/disable-push-nego-for-deletion later to maint).
* Address-looking strings found on the trailer are now placed on the
Cc: list after running through sanitize_address by "git send-email".
(merge c852531f45 cb/send-email-sanitize-trailer-addresses later to maint).
* Tests that use GIT_TEST_SANITIZE_LEAK_LOG feature got their exit
status inverted, which has been corrected.
(merge 8c1d6691bc rj/test-sanitize-leak-log-fix later to maint).
* The http.cookieFile and http.saveCookies configuration variables
have a few values that need to be avoided, which are now ignored
with warning messages.
(merge 4f5822076f jc/http-cookiefile later to maint).
* Repacking a repository with multi-pack index started making stupid
pack selections in Git 2.45, which has been corrected.
(merge 8fb6d11fad ds/midx-write-repack-fix later to maint).
* Fix documentation mark-up regression in 2.45.
(merge 6474da0aa4 ja/doc-markup-updates-fix later to maint).
* Work around asciidoctor's css that renders `monospace` material
in the SYNOPSIS section of manual pages as block elements.
(merge d44ce6ddd5 js/doc-markup-updates-fix later to maint).
* Other code cleanup, docfix, build fix, etc.
(merge 493fdae046 ew/object-convert-leakfix later to maint).
(merge 00f3661a0a ss/doc-eol-attr-fix later to maint).
(merge 428c40da61 ri/doc-show-branch-fix later to maint).
(merge 58696bfcaa jc/where-is-bash-for-ci later to maint).
(merge 616e94ca24 tb/doc-max-tree-depth-fix later to maint).
* Thu Jul 18 2024 Antonio Teixeira <antonio.teixeira@suse.com>
- Add CVE-2024-24577.patch
* CVE-2024-24577: arbitrary code execution due to heap corruption
in git_index_add (boo#1219660)
* Fri May 31 2024 Matej Cepl <mcepl@cepl.eu>
- Compat stub for %python3_fix_shebang_path
* Fri May 31 2024 Marcus Rueckert <mrueckert@suse.de>
- only call the %python3_fix_shebang_path if it is actually
defined. This fixes the build on 15.x
* Fri May 31 2024 Andreas Stieger <andreas.stieger@gmx.de>
- update to 2.45.2:
* Revert "defense in depth" fixes from 2.45.1 broke 'git lfs' and
'git annex'
* Mon May 27 2024 Matej Cepl <mcepl@cepl.eu>
- remove dependency on /usr/bin/python3 using
%python3_fix_shebang_path macro, [bsc#1212476]
* Tue May 14 2024 Andreas Stieger <andreas.stieger@gmx.de>
- update to 2.45.1:
* CVE-2024-32002: recursive clones on case-insensitive
filesystems that support symbolic links are susceptible to case
confusion (boo#1224168)
* CVE-2024-32004: arbitrary code execution during local clones
(boo#1224170)
* CVE-2024-32020: file overwriting vulnerability during local
clones (boo#1224171)
* CVE-2024-32021: git may create hardlinks to arbitrary user-
readable files (boo#1224172)
* CVE-2024-32465: arbitrary code execution during clone operations
(boo#1224173)
* Wed May 01 2024 Andreas Stieger <andreas.stieger@gmx.de>
- update to 2.45.0:
* Improved efficiency managing repositories with many references
("git init --ref-format=reftable")
* "git checkout -p" and friends learned that that "@" is a
synonym for "HEAD"
* cli improvements handling refs
* Expanded a number of commands and options, UI improvements
* status.showUntrackedFiles now accepts "true"
* git-cherry-pick(1) now automatically drops redundant commits
with new --empty option
* The userdiff patterns for C# has been updated.
* Sun Feb 25 2024 Andreas Stieger <andreas.stieger@gmx.de>
- update to 2.44.0:
* "git checkout -B <branch>" now longer allows switching to a
branch that is in use on another worktree. The users need to
use "--ignore-other-worktrees" option.
* Faster server-side rebases with git replay
* Faster pack generation with multi-pack reuse
* rebase auto-squashing now works in non-interactive mode
* pathspec now understands attr, e.g. ':(attr:~binary) for
selecting non-binaries, or builtin_objectmode for selecting
items by file mode or other properties
* Many other cli UI and internal improvements and extensions
* Tue Feb 20 2024 Danilo Spinella <danilo.spinella@suse.com>
- Do not replace apparmor configuration, fixes bsc#1216545
* Thu Feb 15 2024 Andreas Stieger <andreas.stieger@gmx.de>
- update to 2.43.2:
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.2.txt
* Update to a new feature recently added, "git show-ref --exists".
* Rename detection logic ignored the final line of a file if it
is an incomplete line.
* "git diff --no-rename A B" did not disable rename detection but
did not trigger an error from the command line parser.
* "git diff --no-index file1 file2" segfaulted while invoking the
external diff driver, which has been corrected.
* A failed "git tag -s" did not necessarily result in an error
depending on the crypto backend, which has been corrected.
* "git stash" sometimes was silent even when it failed due to
unwritable index file, which has been corrected.
* Recent conversion to allow more than 0/1 in GIT_FLUSH broke the
mechanism by flipping what yes/no means by mistake, which has
been corrected.
* Mon Feb 12 2024 Dirk Müller <dmueller@suse.com>
- update to 2.43.1:
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.1.txt
* Tue Jan 09 2024 Christian Boltz <suse-beta@cboltz.de>
- gitweb AppArmor profile: allow reading etc/gitweb-common.conf
(boo#1218664)
* Mon Jan 08 2024 Christian Boltz <suse-beta@cboltz.de>
- git moved to /usr/libexec/git/git, update AppArmor profile
accordingly (boo#1218588)
* Tue Nov 21 2023 Dirk Müller <dmueller@suse.com>
- update to 2.43.0:
* The "--rfc" option of "git format-patch" used to be a valid way to
override an earlier "--subject-prefix=<something>" on the command
line and replace it with "[RFC PATCH]", but from this release, it
merely prefixes the string "RFC " in front of the given subject
prefix. If you are negatively affected by this change, please use
"--subject-prefix=PATCH --rfc" as a replacement.
* In Git 2.42, "git rev-list --stdin" learned to take non-revisions
(like "--not") from the standard input, but the way such a "--not" was
handled was quite confusing, which has been rethought. The updated
rule is that "--not" given from the command line only affects revs
given from the command line that comes but not revs read from the
standard input, and "--not" read from the standard input affects
revs given from the standard input and not revs given from the
command line.
* A message written in olden time prevented a branch from getting
checked out, saying it is already checked out elsewhere. But these
days, we treat a branch that is being bisected or rebased just like
a branch that is checked out and protect it from getting modified
with the same codepath. The message has been rephrased to say that
the branch is "in use" to avoid confusion.
* Hourly and other schedules of "git maintenance" jobs are randomly
distributed now.
* "git cmd -h" learned to signal which options can be negated by
listing such options like "--[no-]opt".
* The way authentication related data other than passwords (e.g.,
oauth token and password expiration data) are stored in libsecret
keyrings has been rethought.
* Update the libsecret and wincred credential helpers to correctly
match which credential to erase; they erased the wrong entry in
some cases.
* Git GUI updates.
* "git format-patch" learned a new "--description-file" option that
lets cover letter description to be fed; this can be used on
detached HEAD where there is no branch description available, and
also can override the branch description if there is one.
* Use of the "--max-pack-size" option to allow multiple packfiles to
be created is now supported even when we are sending unreachable
objects to cruft packs.
* "git format-patch --rfc --subject-prefix=<foo>" used to ignore the
"--subject-prefix" option and used "[RFC PATCH]"; now we will add
"RFC" prefix to whatever subject prefix is specified.
* "git log --format" has been taught the %(decorate) placeholder for
further customization over what the "--decorate" option offers.
* The default log message created by "git revert", when reverting a
commit that records a revert, has been tweaked, to encourage people
to describe complex "revert of revert of revert" situations better in
their own words.
* The command-line completion support (in contrib/) learned to
complete "git commit --trailer=" for possible trailer keys.
* "git update-index" learned the "--show-index-version" option to
inspect the index format version used by the on-disk index file.
* "git diff" learned the "diff.statNameWidth" configuration variable,
to give the default width for the name part in the "--stat" output.
* "git range-diff --notes=foo" compared "log --notes=foo --notes" of
the two ranges, instead of using just the specified notes tree,
which has been corrected to use only the specified notes tree.
* The command line completion script (in contrib/) can be told to
complete aliases by including ": git <cmd> ;" in the alias to tell
it that the alias should be completed in a similar way to how "git
<cmd>" is completed. The parsing code for the alias has been
loosened to allow ';' without an extra space before it.
* "git for-each-ref" and friends learned to apply mailmap to
authorname and other fields in a more flexible way than using
separate placeholder letters like %a[eElL] every time we want to
come up with small variants.
* "git repack" machinery learned to pay attention to the "--filter="
option.
* "git repack" learned the "--max-cruft-size" option to prevent cruft
packs from growing without bounds.
* "git merge-tree" learned to take strategy backend specific options
via the "-X" option, like "git merge" does.
* "git log" and friends learned the "--dd" option that is a
short-hand for "--diff-merges=first-parent -p".
* The attribute subsystem learned to honor the "attr.tree"
configuration variable that specifies which tree to read the
.gitattributes files from.
* "git merge-file" learns a mode to read three variants of the
contents to be merged from blob objects.
* see https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.0.txt
* Sat Nov 04 2023 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.42.1:
* The usual number of bug fixes, including
* Fix "git diff" exit code handling
* Various fixes to the behavior of "rebase -i" when the command
got interrupted by conflicting changes
* Mon Oct 23 2023 Michal Suchanek <msuchanek@suse.com>
- Add rule for /etc/gitconfig in gitweb.cgi apparmor profile (bsc#1216501).
* Mon Oct 23 2023 Christian Boltz <suse-beta@cboltz.de>
- gitweb.cgi AppArmor profile
- make the profile a named profile
- add local/ include to make custom additions easier
* Fri Sep 22 2023 Michal Suchanek <msuchanek@suse.com>
- Downgrade openssh dependency to recommends (bsc#1215533)
* Wed Aug 23 2023 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.42.0:
* "git pack-refs" learns "--include" and "--exclude" to tweak the ref
hierarchy to be packed using pattern matching.
* 'git worktree add' learned how to create a worktree based on an
orphaned branch with `--orphan`.
* "git pack-objects" learned to invoke a new hook program that
enumerates extra objects to be used as anchoring points to keep
otherwise unreachable objects in cruft packs.
* Add more "git var" for toolsmiths to learn various locations Git is
configured with either via the configuration or hard-coded defaults.
* 'git notes append' was taught '--separator' to specify string to insert
between paragraphs.
* The "git for-each-ref" family of commands learned placeholders
related to GPG signature verification.
* "git diff --no-index" learned to read from named pipes as if they
were regular files, to allow "git diff <(process) <(substitution)"
some shells support.
* Help newbies by suggesting that there are cases where force-pushing
is a valid and sensible thing to update a branch at a remote
repository, rather than reconciling with merge/rebase.
* "git blame --contents=file" has been taught to work in a bare
repository.
* "git branch -f X" to repoint the branch X said that X was "checked
out" in another worktree, even when branch X was not and instead
being bisected or rebased. The message was reworded to say the
branch was "in use".
* Tone down the warning on SHA-256 repositories being an experimental
curiosity. We do not have support for them to interoperate with
traditional SHA-1 repositories, but at this point, we do not plan
to make breaking changes to SHA-256 repositories and there is no
longer need for such a strongly phrased warning.
* "git diff-tree" has been taught to take advantage of the
sparse-index feature.
* The object traversal using reachability bitmap done by
"pack-object" has been tweaked to take advantage of the fact that
using "boundary" commits as representative of all the uninteresting
ones can save quite a lot of object enumeration.
* "git worktree" learned to work better with sparse index feature.
* When the external merge driver is killed by a signal, its output
should not be trusted as a resolution with conflicts that is
proposed by the driver, but the code did.
* The set-up code for the get_revision() API now allows feeding
options like --all and --not in the --stdin mode.
* Move functions that are not about pure string manipulation out of
strbuf.[ch]
* "imap-send" codepaths got cleaned up to get rid of unused
parameters.
* Enumerating refs in the packed-refs file, while excluding refs that
match certain patterns, has been optimized.
* Mark-up unused parameters in the code so that we can eventually
enable -Wunused-parameter by default.
* Instead of inventing a custom counter variables for debugging,
use existing trace2 facility in the fsync customization codepath.
* "git branch --list --format=<format>" and friends are taught
a new "%(describe)" placeholder.
* Clarify how to choose the starting point for a new topic in
developer guidance document.
* The implementation of "get_sha1_hex()" that reads a hexadecimal
string that spells a full object name has been extended to cope
with any hash function used in the repository, but the "sha1" in
its name survived. Rename it to get_hash_hex(), a name that is
more consistent within its friends like get_hash_hex_algop().
* Command line parser fix, and a small parse-options API update.
* bug fixes
* Sat Jun 03 2023 Andreas Stieger <Andreas.Stieger@gmx.de>
- git 2.41.0: This update contains a number of compatible updates,
improvements and extensions to multiple workflows. Some changes
may break backwards compatibility:
* The libsecret credential helper obsoletes direct GNOME keyring
support, which was dropped (git-credential-gnome-keyring)
* "git format-patch" has been taught to ignore end-user
configuration ("diff.noprefix") and always use the standard
prefixes, to avoid breaking the receiving end of the patch
- drop sha256_clone_fix.patch
* Tue Apr 25 2023 Andreas Stieger <Andreas.Stieger@gmx.de>
- git 2.40.1:
* CVE-2023-25652: By feeding specially crafted input to git apply
- -reject, a path outside the working tree can be overwritten
with partially controlled contents (corresponding to the
rejected hunk(s) from the given patch).
* CVE-2023-25815: When Git is compiled with runtime prefix
support and runs without translated messages, it still used
the gettext machinery to display messages, which subsequently
potentially looked for translated messages in unexpected
places. This allowed for malicious placement of crafted
messages.
* CVE-2023-29007: When renaming or deleting a section from a
configuration file, certain malicious configuration values may
be misinterpreted as the beginning of a new configuration
section, leading to arbitrary configuration injection.
* Thu Apr 06 2023 Adam Majer <adam.majer@suse.de>
- sha256_clone_fix.patch: fix cloning of empty sha256 repositories (jsc#PED-3891)
* Mon Mar 13 2023 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.40.0:
* backward incompatible change: The format.attach configuration
variable lacked a way to override a value defined in a
lower-priority configuration file (e.g. the system one) by
redefining it in a higher-priority configuration file. Now,
setting format.attach to an empty string means show the patch
inline in the e-mail message, without using MIME attachment.
* multiple commands and workflows gained additional options,
compatible functionality, or more helpful output
* "grep -P" learned to use Unicode Character Property to grok
character classes when processing \b and \w etc.
* under-the-hood improvements and bug fixes
- The scripted "git add -p/-i" implementation was removed upstream.
The openSUSE package already preferred the C implementation.
* Tue Feb 14 2023 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.39.2:
* CVE-2023-22490: Using a specially-crafted repository, Git can
be tricked into using its local clone optimization even when
using a non-local transport boo#1208027
* CVE-2023-23946: a path outside the working tree can be
overwritten as the user who is running "git apply" boo#1208028
* Tue Jan 17 2023 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.39.1, fixing two security issues that could allow remote
code execution when accessing specially crafted repositories:
* CVE-2022-41903: log format integer overflow boo#1207033
* CVE-2022-23521: gitattributed parsing integer overflow
boo#1207032
* Thu Dec 15 2022 Dirk Müller <dmueller@suse.com>
- switch to pkgconfig(zlib) so that alternative providers can be
used
* Mon Dec 12 2022 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.39.0:
* "git grep" learned to expand the sparse-index more lazily and
on demand in a sparse checkout.
* By default, use of fsmonitor on a repository on networked
filesystem is disabled.
* After checking out a "branch" that is a symbolic-ref that points at
another branch, "git symbolic-ref HEAD" reports the underlying
branch, not the symbolic-ref the user gave checkout as argument.
The command learned the "--no-recurse" option to stop after
dereferencing a symbolic-ref only once.
* "git branch --edit-description @{-1}" is now a way to edit branch
description of the branch you were on before switching to the
current branch.
* "git merge-tree --stdin" is a new way to request a series of merges
and report the merge results.
* "git shortlog" learned to group by the "format" string.
* A new "--include-whitespace" option is added to "git patch-id", and
existing bugs in the internal patch-id logic that did not match
what "git patch-id" produces have been corrected.
* Enable gc.cruftpacks by default for those who opt into
feature.experimental setting.
* "git repack" learns to send cruft objects out of the way into
packfiles outside the repository.
* 'scalar reconfigure -a' is taught to automatically remove
scalar.repo entires which no longer exist.
* Redact headers from cURL's h2h3 module in GIT_CURL_VERBOSE and
others.
* 'git maintenance register' is taught to write configuration to an
arbitrary path, and 'git for-each-repo' is taught to expand tilde
characters in paths.
* When creating new notes, the template used to get a stray empty
newline, which has been removed.
* "git receive-pack" used to use all the local refs as the boundary for
checking connectivity of the data "git push" sent, but now it uses
only the refs that it advertised to the pusher. In a repository with
the .hideRefs configuration, this reduces the resources needed to
perform the check.
* With '--recurse-submodules=on-demand', all submodules are
recursively pushed.
* developer visible fixes
* Mon Dec 12 2022 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.38.2, a general maintenance release:
* Fix unaligned memory access for reads from the index v4
* "git remote rename" failed to rename a remote without fetch
refspec, which has been corrected.
* "git clone" did not like to see the "--bare" and the "--origin"
options used together without a good reason.
* "git fsck" failed to release contents of tree objects already
used from the memory
* "git rebase -i" can mistakenly attempt to apply a fixup to
commit itself, which has been corrected.
* Fix segfault with "git merge-tree" on read-only repositories
* Fix a logic in "mailinfo -b" that miscomputed the length of a
substring, which lead to an out-of-bounds access.
* The codepath to sign learned to report errors when it fails to
read from "ssh-keygen".
* "GIT_EDITOR=: git branch --edit-description" resulted in failure
* "git multi-pack-index repack/expire" used to repack unreachable
cruft into a new pack, which have been corrected.
* The code to clean temporary object directories (used for
quarantine) tried to remove them inside its signal handler
* "git branch --edit-description" on an unborh branch misleadingly
said that no such branch exists
* `git rebase --update-refs` would delete references when all
`update-ref` commands in the sequencer were removed
* Tue Nov 01 2022 Andreas Stieger <andreas.stieger@gmx.de>
- disable tests on s390x (check-chainlint)
* Wed Oct 26 2022 Dirk Müller <dmueller@suse.com>
- update to 2.38.1 (bsc#1204455, CVE-2022-39253, bsc#1204456, CVE-2022-39260):
* CVE-2022-39253:
When relying on the `--local` clone optimization, Git dereferences
symbolic links in the source repository before creating hardlinks
(or copies) of the dereferenced link in the destination repository.
This can lead to surprising behavior where arbitrary files are
present in a repository's `$GIT_DIR` when cloning from a malicious
repository.
Git will no longer dereference symbolic links via the `--local`
clone mechanism, and will instead refuse to clone repositories that
have symbolic links present in the `$GIT_DIR/objects` directory.
Additionally, the value of `protocol.file.allow` is changed to be
"user" by default.
* CVE-2022-39260:
An overly-long command string given to `git shell` can result in
overflow in `split_cmdline()`, leading to arbitrary heap writes and
remote code execution when `git shell` is exposed and the directory
`$HOME/git-shell-commands` exists.
`git shell` is taught to refuse interactive commands that are
longer than 4MiB in size. `split_cmdline()` is hardened to reject
inputs larger than 2GiB.
* Thu Oct 06 2022 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.38.0:
* scalar: a repository management tool for large repositories
* new git rebase --update-refs (global rebase.updateRefs)
to update dependent branches
* merge-tree integrated with the new ort merge strategy
- -write-tree, while --trivial-merge retains the old mode
* bare git repositories can now be stored and distributed
in other git repositories
* Setting the safe.bareRepository configuration to "explicit"
avoids running arbitrary commands from filesystem monitoring
hooks of untrusted git repositories unless --git-dir is set
* git grep: new -m / --max-count options to limit the number
of matches per file
* git ls-files --format is a new option to customize outout
* git cat-file and git show now support mailmap author mapping
* bug fixes and performance improvements
* Thu Sep 22 2022 Dirk Müller <dmueller@suse.com>
- drop python2 requires as git-p4 is documented to work with python3
* Fri Sep 09 2022 Callum Farmer <gmbr3@opensuse.org>
- Remove nogroup requirement: no longer needed
* Fri Sep 02 2022 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.37.3:
* Plug memory leaks in the failure code path in the "merge-ort"
merge strategy backend.
* "vimdiff3" regression has been corrected
* "git fsck" improvements
* Fixes to sparse index compatibility work for "reset" and
"checkout" commands
* Documentation for "git add --renormalize" has been improved
* developer visible fixes
* Mon Aug 15 2022 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.37.2:
* multiple bug fixes, developer visible or handling corner cases
* "git p4" improved non-ASCII support
* Tue Jul 12 2022 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.37.1:
* Rewrite of "git add -i" in C that appeared in Git 2.25 didn't
correctly record a removed file to the index, which is an old
regression but has become widely known because the C version has
become the default in the latest release.
* Fix for CVE-2022-29187 [boo#1201431]:
The safety check that verifies a safe ownership of the Git
worktree is now extended to also cover the ownership of the Git
directory (and the `.git` file, if there is any).
* Mon Jul 11 2022 olaf@aepfle.de
- Usage of sysusers_requires is optional, like during quilt setup
* Sun Jul 10 2022 Callum Farmer <gmbr3@opensuse.org>
- Use the system user's group instead of nogroup
* Fri Jul 08 2022 Petr Vorel <pvorel@suse.cz>
- Add /etc/bash_completion.d/git-prompt: checks for git-prompt.sh and source it
if available. Some users rely on the __git_ps1 function becoming available
when bash-completion is loaded. Continue to load this library at
bash-completion startup for now, to ease the transition to a world order
where the prompt function is requested separately. Inspired by Debian.
* Thu Jul 07 2022 Danilo Spinella <danilo.spinella@suse.com>
- Update git to 2.37.0:
https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.37.0.txt
- git add --interactive is now default upstream, remove suse patch:
* suse-use-builtin-add-interactive.patch
* Wed Jun 15 2022 Antoine Belvire <antoine.belvire@opensuse.org>
- Fix rpmlint errors/warnings about bash/zsh completion locations.
- Remove now obsolete git-zsh-completion-fixes.diff.
- Adjust git-tcsh-completion-fixes.diff.
* Tue May 24 2022 Dominique Leuenberger <dimstar@opensuse.org>
- Do not recommend git-cvs and git-svn by git, but rather have
those two packages supplement the combination of git and their
respective counterparts.
* Fri May 06 2022 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.36.1:
* fix "git submodule update" noisyness without pathspec
* fix "diff-tree --stdin"
* fix "git name-rev" referenging strings after they are freed
* fix "git show <commit1> <commit2>... -- <pathspec>" loosing the
pathspec when showing the second and subsequent commits
* fix "git fast-export -- <pathspec>" loosing the pathspec when
showing the second and subsequent commits
* fix "git format-patch <args> -- <pathspec>" loosing the
pathspec when showing the second and subsequent commits
* Tue Apr 19 2022 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.36.0:
* "git name-rev --stdin" has been deprecated and issues a
warning when used; use "git name-rev --annotate-stdin" instead.
* "git clone --filter=... --recurse-submodules" only makes the
top-level a partial clone, while submodules are fully cloned.
This behaviour is changed to pass the same filter down to the
submodules.
* improvements and extensions to multiple workflows and features
* bug fixes and performance improvements
* Thu Apr 14 2022 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.35.3:
* usability fix-up for CVE-2022-24765 bsc#1198234:
'*' can be used as the value for the `safe.directory` variable
to signal that the user considers that any directory is safe.
* The code that was meant to parse the new `safe.directory`
configuration variable was not checking what configuration
variable was being fed to it
* Wed Apr 13 2022 olaf@aepfle.de
- Require bash in git-daemon because the service file uses it
- Reword git-daemon.service description to get a useful sentence
in journalctl -b
* Tue Apr 12 2022 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.35.2 (CVE-2022-24765, bsc#1198234):
* CVE-2022-24765: git may execute commands defined by other users
from unexpected worktrees
* Thu Mar 10 2022 chris@computersalat.de
- fix deps for SLES 12
* Mon Feb 21 2022 Bjørn Lie <bjorn.lie@gmail.com>
- "Downgrade" git-gui and gitk Recommends to Suggests.
* Sat Jan 29 2022 Andreas Stieger <andreas.stieger@gmx.de>
- update to 2.35.1:
* fix "rebase" and "stash" in a secondary worktree
* Fri Jan 28 2022 Dirk Müller <dmueller@suse.com>
- update to 2.35.0:
* "_" is now treated as any other URL-valid characters in an URL when
matching the per-URL configuration variable names.
* The color palette used by "git grep" has been updated to match that
of GNU grep.
* "git status --porcelain=v2" now show the number of stash entries
with --show-stash like the normal output does.
* "git stash" learned the "--staged" option to stash away what has
been added to the index (and nothing else).
* "git var GIT_DEFAULT_BRANCH" is a way to see what name is used for
the newly created branch if "git init" is run.
* Various operating modes of "git reset" have been made to work
better with the sparse index.
* "git submodule deinit" for a submodule whose .git metadata
directory is embedded in its working tree refused to work, until
the submodule gets converted to use the "absorbed" form where the
metadata directory is stored in superproject, and a gitfile at the
top-level of the working tree of the submodule points at it. The
command is taught to convert such submodules to the absorbed form
as needed.
* The completion script (in contrib/) learns that the "--date"
option of commands from the "git log" family takes "human" and
"auto" as valid values.
* "Zealous diff3" style of merge conflict presentation has been added.
* The "git log --format=%(describe)" placeholder has been extended to
allow passing selected command-line options to the underlying "git
describe" command.
* "default" and "reset" have been added to our color palette.
* The cryptographic signing using ssh keys can specify literal keys
for keytypes whose name do not begin with the "ssh-" prefix by
using the "key::" prefix mechanism (e.g. "key::ecdsa-sha2-nistp256").
* "git fetch" without the "--update-head-ok" option ought to protect
a checked out branch from getting updated, to prevent the working
tree that checks it out to go out of sync. The code was written
before the use of "git worktree" got widespread, and only checked
the branch that was checked out in the current worktree, which has
been updated.
* "git name-rev" has been tweaked to give output that is shorter and
easier to understand.
* "git apply" has been taught to ignore a message without a patch
with the "--allow-empty" option. It also learned to honor the
"--quiet" option given from the command line.
* The "init" and "set" subcommands in "git sparse-checkout" have been
unified for a better user experience and performance.
* Many git commands that deal with working tree files try to remove a
directory that becomes empty (i.e. "git switch" from a branch that
has the directory to another branch that does not would attempt
remove all files in the directory and the directory itself). This
drops users into an unfamiliar situation if the command was run in
a subdirectory that becomes subject to removal due to the command.
The commands have been taught to keep an empty directory if it is
the directory they were started in to avoid surprising users.
* "git am" learns "--empty=(stop|drop|keep)" option to tweak what is
done to a piece of e-mail without a patch in it.
* The default merge message prepared by "git merge" records the name
of the current branch; the name can be overridden with a new option
to allow users to pretend a merge is made on a different branch.
* The way "git p4" shows file sizes in its output has been updated to
use human-readable units.
* "git -c branch.autosetupmerge=inherit branch new old" makes "new"
to have the same upstream as the "old" branch, instead of marking
"old" itself as its upstream.
* Fri Nov 26 2021 Dirk Müller <dmueller@suse.com>
- update to 2.34.1 (bsc#1193722):
* "git grep" looking in a blob that has non-UTF8 payload was
completely broken when linked with certain versions of PCREv2
library in the latest release.
* "git pull" with any strategy when the other side is behind us
should succeed as it is a no-op, but doesn't.
* An earlier change in 2.34.0 caused JGit application (that abused
GIT_EDITOR mechanism when invoking "git config") to get stuck with
a SIGTTOU signal; it has been reverted.
* An earlier change that broke .gitignore matching has been reverted.
* SubmittingPatches document gained a syntactically incorrect mark-up,
which has been corrected.
* Sun Nov 21 2021 Dirk Müller <dmueller@suse.com>
- fix url
* Thu Nov 18 2021 Danilo Spinella <danilo.spinella@suse.com>
- git 2.34.0:
* Release notes:
https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.34.0.txt
* Wed Oct 20 2021 Callum Farmer <gmbr3@opensuse.org>
- Add CONFIG parameter to %sysusers_generate_pre
- Remove unneeded SHELL in git-daemon.conf
- Fix sysusers usage in spec file
- Require nogroup group for %pre (bsc#1192023)
* Wed Oct 13 2021 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.33.1:
* fix "git pull" and "git rebase -r" various corner cases and bugs
* "git commit --fixup" now works with "--edit" again.
* Fix "git send-email" unwanted threading
* Fix output from "git fast-export" anonymization feature
showing an annotated tag incorrectly.
* Fixes for various command output
* fix "git difftool --dir-diff" mishandling symbolic links
* Redact sensitive data in the HTTP trace for HTTP/2 requests
* further bug fixes for various git operations
* Mon Sep 20 2021 Johannes Segitz <jsegitz@suse.com>
- Added hardening to systemd service(s) (bsc#1181400). Modified:
* git-daemon.service
* Sat Aug 21 2021 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.33.0:
* "git send-email" learned the "--sendmail-cmd" command line option
and the "sendemail.sendmailCmd" configuration variable, which is a
more sensible approach than the current way of repurposing the
"smtp-server" that is meant to name the server to instead name the
command to talk to the server.
* The userdiff pattern for C# learned the token "record".
* "git rev-list" learns to omit the "commit <object-name>" header
lines from the output with the `--no-commit-header` option.
* "git worktree add --lock" learned to record why the worktree is
locked with a custom message.
* internal improvements including performance optimizations
* a number of bug fixes
* Sun Jun 06 2021 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.32.0:
* ".gitattributes", ".gitignore", and ".mailmap" files that are
symbolic links are ignored
* "git apply --3way" used to first attempt a straight
application, and only fell back to the 3-way merge algorithm
when the straight application failed. Starting with this
version, the command will first try the 3-way merge algorithm
and only when it fails (either resulting with conflict or the
base versions of blobs are missing), falls back to the usual
patch application.
* "git stash show" can now show the untracked part of the stash
* Improved "git repack" strategy
* http code can now unlock a certificate with a cached password
respectively.
* "git clone --reject-shallow" option fails the clone as soon as
we notice that we are cloning from a shallow repository.
* "gitweb" learned "e-mail privacy" feature
* Multiple improvements to output and configuration options
* Bug fixes and developer visible fixes
* Thu Apr 22 2021 Markéta Machová <mmachova@suse.com>
- Remove deprecated "syslog" option from git-daemon.service (bsc#1185147)
* Fri Apr 09 2021 Frederic Crozat <fcrozat@suse.com>
- Add sysusers file to create git-daemon user.
* Thu Apr 08 2021 Dirk Müller <dmueller@suse.com>
- add suse-use-builtin-add-interactive.patch (jsc#SLE-17838)
- split git-core perl module into git-core, move instaweb
to git-web, and the single remaining perl builtin to git, so
that git-core is perl free
* Sat Mar 27 2021 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.31.1:
* fsmonitor bug fixes
* fix git bisect to take an annotated tag as a good/bad endpoint
* Fix a corner case in "git mv" on case insensitive systems
* Tue Mar 16 2021 Fabian Vogt <fvogt@suse.com>
- Require only openssh-clients where possible (TW, SLE >= 15 SP3)
(boo#1183580)
- Drop rsync requirement, not necessary anymore
* Mon Mar 15 2021 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.31.0:
* Use of "pack-redundant" command is discouraged and will trigger
a warning. The replacement is "repack -d".
* The "--format=%(trailers)" mechanism gets enhanced to make it
easier to design output for machine consumption.
* No longer give message to choose between rebase or merge upon
pull if the history fast-forwards
* The configuration variable 'core.abbrev' can be set to 'no' to
force no abbreviation regardless of the hash algorithm.
* "git rev-parse" can be explicitly told to give output as absolute
or relative path with the `--path-format=(absolute|relative)` option.
* Bash completion (in contrib/) update to make it easier for
end-users to add completion for their custom "git" subcommands.
* "git maintenance" learned to drive scheduled maintenance on
platforms whose native scheduling methods are not 'cron'.
* After expiring a reflog and making a single commit, the reflog for
the branch would record a single entry that knows both @{0} and
@{1}, but we failed to answer "what commit were we on?", i.e. @{1}
* "git bundle" learns "--stdin" option to read its refs from the
standard input. Also, it now does not lose refs whey they point
at the same object.
* "git log" learned a new "--diff-merges=<how>" option.
* "git ls-files" can and does show multiple entries when the index is
unmerged, which is a source for confusion unless -s/-u option is in
use. A new option --deduplicate has been introduced.
* `git worktree list` now annotates worktrees as prunable, shows
locked and prunable attributes in --porcelain mode, and gained
a --verbose option.
* "git clone" tries to locally check out the branch pointed at by
HEAD of the remote repository after it is done, but the protocol
did not convey the information necessary to do so when copying an
empty repository. The protocol v2 learned how to do so.
* There are other ways than ".." for a single token to denote a
"commit range", namely "<rev>^!" and "<rev>^-<n>", but "git
range-diff" did not understand them.
* The "git range-diff" command learned "--(left|right)-only" option
to show only one side of the compared range.
* "git mergetool" feeds three versions (base, local and remote) of
a conflicted path unmodified. The command learned to optionally
prepare these files with unconflicted parts already resolved.
* The .mailmap is documented to be read only from the root level of a
working tree, but a stray file in a bare repository also was read
by accident, which has been corrected.
* "git maintenance" tool learned a new "pack-refs" maintenance task.
* The error message given when a configuration variable that is
expected to have a boolean value has been improved.
* Signed commits and tags now allow verification of objects, whose
two object names (one in SHA-1, the other in SHA-256) are both
signed.
* "git rev-list" command learned "--disk-usage" option.
* "git {diff,log} --{skip,rotate}-to=<path>" allows the user to
discard diff output for early paths or move them to the end of the
output.
* "git difftool" learned "--skip-to=<path>" option to restart an
interrupted session from an arbitrary path.
* "git grep" has been tweaked to be limited to the sparse checkout
paths.
* "git rebase --[no-]fork-point" gained a configuration variable
rebase.forkPoint so that users do not have to keep specifying a
non-default setting.
* many bug fixes
* Tue Mar 09 2021 Andreas Stieger <andreas.stieger@gmx.de>
- git 2.30.2:
* CVE-2021-21300: On case-insensitive file systems with support
for symbolic links, if Git is configured globally to apply
delay-capable clean/smudge filters (such as Git LFS), Git could
be fooled into running remote code during a clone (boo#1183026)
* Wed Feb 10 2021 Markéta Machová <mmachova@suse.com>
- git 2.30.1
* Bugfix release
* "git stash" did not work well in a sparsely checked out working
tree.
* Newline characters in the host and path part of git:// URL are
now forbidden.
/usr/libexec/git/git-credential-libsecret
Generated by rpm2html 1.8.1
Fabrice Bellet, Fri Aug 30 03:38:08 2024