kmx git

Commit	Date	Message
12356076	2018-03-02T12:41:04	worktree: lock reason should be const
8a8ea1db	2018-02-28T18:14:52	Merge pull request #4552 from libgit2/cmn/config-header-common Cast less blindly between configuration objects
e8e490b2	2018-02-28T17:01:47	Merge pull request #4554 from pks-t/pks/curl-init curl: initialize and cleanup global curl state
9cd0c6f1	2018-02-28T16:01:16	config: return an error if config_refresh is called on a snapshot Instead of treating it as a no-op, treat it as a programming error and return the same kind of error as if you called to set or delete variables on a snapshot.
17bef3b8	2018-02-28T15:01:43	Merge pull request #4553 from libgit2/cmn/tree-write-initialise tree: initialize the id we use for testing submodule insertions
fb884c62	2018-02-28T14:59:09	Merge pull request #4555 from libgit2/ethomson/strncmp_stdcall win32: strncmp -> git__strncmp for win32 STDCALL
2022b004	2018-02-28T12:06:59	curl: explicitly initialize and cleanup global curl state Our curl-based streams make use of the easy curl interface. This interface automatically initializes and de-initializes the global curl state by calling out to `curl_global_init` and `curl_global_cleanup`. Thus, all global state will be repeatedly re-initialized when creating multiple curl streams in succession. Despite being inefficient, this is not thread-safe due to `curl_global_init` being not thread-safe itself. Thus a multi-threaded programing handling multiple curl streams at the same time is inherently racy. Fix the issue by globally initializing and cleaning up curl's state.
a33deeb4	2018-02-28T12:20:23	win32: strncmp -> git__strncmp The win32 C library is compiled cdecl, however when configured with `STDCALL=ON`, our functions (and function pointers) will use the stdcall calling convention. You cannot set a `__stdcall` function pointer to a `__cdecl` function, so it's easier to just use our `git__strncmp` instead of sorting that mess out.
a554d588	2018-02-28T12:21:08	tree: initialize the id we use for testing submodule insertions Instead of laving it uninitialized and relying on luck for it to be non-zero, let's give it a dummy hash so we make valgrind happy (in this case the hash comes from `sha1sum </dev/null`.
2424e64c	2018-02-28T12:06:02	config: harden our use of the backend objects a bit When we create an iterator we don't actually know that we have a live config object and we must instead only rely on the header. We fixed it to use this in a previous commit, but this makes it harder to misuse by converting to use the header object in the typecast. We also guard inside the `config_refresh` function against being given a snapshot (although callers right now do check).
1785de4e	2018-02-28T11:46:17	config: move the level field into the header We use it in a few places where we might have a full object or a snapshot so move it to where we can actually access it.
c1524b2e	2018-02-28T11:33:11	config: move the repository to the diskfile header We pass this around and when creating a new iterator we need to read the repository pointer. Put it in a common place so we can reach it regardless of whether we got a full object or a snapshot.
c9d59c61	2018-02-27T12:45:21	Merge pull request #4545 from libgit2/ethomson/checkout_filemode Respect core.filemode in checkout
b4dde78a	2018-02-27T12:43:47	Merge pull request #4550 from libgit2/ethomson/winhttp winhttp: enable TLS 1.2
5ecb6220	2018-02-25T15:46:51	winhttp: enable TLS 1.2 on Windows 7 and earlier Versions of Windows prior to Windows 8 do not enable TLS 1.2 by default, though support may exist. Try to enable TLS 1.2 support explicitly on connections. This request may fail if the operating system does not have TLS 1.2 support - the initial release of Vista lacks TLS 1.2 support (though it is available as a software update) and XP completely lacks TLS 1.2 support. If this request does fail, the HTTP context is still valid, and still maintains the original protocol support. So we ignore the failure from this operation.
934e6a3b	2018-02-27T11:24:30	winhttp: include constants for TLS 1.1/1.2 support For platforms that do not define `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_1` and/or `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_2`.
8c8db980	2018-02-27T10:32:29	mingw: update TLS option flags Include the constants for `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_1` and `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_2` so that they can be used by mingw. This updates both the `deps/winhttp` framework (for classic mingw) and adds the defines for mingw64, which does not use that framework.
7d906370	2018-02-25T23:08:14	Merge pull request #4549 from libgit2/ethomson/travis_libssh travis: use custom libssh2-1-dev package
ca22cb5e	2018-02-25T22:43:12	travis: use custom libssh2-1-dev package To avoid pull requests needing to rebase, keep the libssh2-1-dev package as the development package for libssh2. Reverting to the original Debian package structure.
5a69b120	2018-02-25T19:58:19	Merge pull request #4548 from libgit2/ethomson/travis_libssh travis: use custom libssh2 package
c5eb8b4a	2018-02-25T14:08:51	travis: use custom libssh2 package Use the custom libssh2 package that is a backport of libssh2 1.8.0 to Ubuntu trusty.
c214ba19	2018-02-20T00:35:27	checkout: respect core.filemode when comparing filemodes Fixes #4504
275693e2	2018-02-20T12:45:40	checkout test: ensure workdir mode is simplified Ensure that when examining the working directory for checkout that the mode is correctly simplified. Git only pays attention to whether a file is executable or not. When examining a working directory, we should coalesce modes in the working directory to either `0755` (indicating that a file is executable) or `0644` (indicating that it is not). Test this by giving the file an exotic mode, and ensuring that when checkout out a branch that changes the file's contents, that we do not have a checkout conflict.
ec96db57	2018-02-20T00:32:38	checkout test: add core.filemode checkout tests Add two tests for filemode. The first ensures that `core.filemode=true` is honored: if we have changed the filemode such that a file that _was_ executable (mode 0755) is now executable (mode 0644) and we go to check out a branch that has otherwise changed the contents of the file, then we should raise a checkout conflict for that file. The second ensures that `core.filemode=false` is honored: in the same situation, we set a file that was executable to be non-executable, and check out the branch that changes the contents of the file. However, since `core.filemode` is false, we do not detect the filemode change. We run these tests on both operating systems that obey `core.filemode` (eg, POSIX) and those that have no conception of filemode (eg, Win32). This ensures that `core.filemode` is always honored, as it is a cache of the underlying filesystem's settings. This ensures that we do not make assumptions based on the operating system, and honor the configuration setting even if it were misconfigured.
18d9c847	2018-02-20T00:32:38	testrepo: add new branch Add a new branch to the `testrepo` repository, where the `README` file has changed to executable. This branch enables typechange tests between the new `executable` branch and `master`.
809b0ca6	2018-02-20T22:06:53	Merge pull request #4533 from pks-t/pks/v0.27.0-rc1 v0.27.0-rc1: version bump
23d4a91b	2018-02-16T08:38:44	Update version number to v0.27
0f239682	2018-02-20T16:49:13	CHANGELOG: third batch of updates to the changelog for v0.27.0
ad006d87	2018-02-15T11:13:14	docs: document increasing the version number for releases
894ccf4b	2018-02-20T16:14:54	Merge pull request #4535 from libgit2/ethomson/checkout_typechange_with_index_and_wd checkout: when examining index (instead of workdir), also examine mode
afc5124b	2018-02-20T14:35:17	Merge pull request #4539 from pks-t/pks/diff_renames_with_rewrites diff_tform: fix rename detection with rewrite/delete pair
4e4771dc	2018-02-19T22:10:44	checkout test: further ensure workdir perms are updated When both the index _and_ the working directory has changed permissions on a file permissions on a file - but only the permissions, such that the contents of the file are identical - ensure that `git_checkout` updates the permissions to match the checkout target.
8858a684	2018-02-19T22:09:27	checkout test: ensure workdir perms are updated When the working directory has changed permissions on a file - but only the permissions, such that the contents of the file are identical - ensure that `git_checkout` updates the permissions to match the checkout target.
ce7080a0	2018-02-20T10:38:27	diff_tform: fix rename detection with rewrite/delete pair A rewritten file can either be classified as a modification of its contents or of a delete of the complete file followed by an addition of the new content. This distinction becomes important when we want to detect renames for rewrites. Given a scenario where a file "a" has been deleted and another file "b" has been renamed to "a", this should be detected as a deletion of "a" followed by a rename of "a" -> "b". Thus, splitting of the original rewrite into a delete/add pair is important here. This splitting is represented by a flag we can set at the current delta. While the flag is already being set in case we want to break rewrites, we do not do so in case where the `GIT_DIFF_FIND_RENAMES_FROM_REWRITES` flag is set. This can trigger an assert when we try to match the source and target deltas. Fix the issue by setting the `GIT_DIFF_FLAG__TO_SPLIT` flag at the delta when it is a rename target and `GIT_DIFF_FIND_RENAMES_FROM_REWRITES` is set.
80e77b87	2018-02-20T10:03:48	tests: add rename-rewrite scenarios to "renames" repository Add two more scenarios to the "renames" repository. The first scenario has a major rewrite of a file and a delete of another file, the second scenario has a deletion of a file and rename of another file to the deleted file. Both scenarios will be used in the following commit.
d91da1da	2018-02-20T09:54:58	tests: diff::rename: use defines for commit OIDs While we frequently reuse commit OIDs throughout the file, we do not have any constants to refer to these commits. Make this a bit easier to read by giving the commit OIDs somewhat descriptive names of what kind of commit they refer to.
d7fea1e1	2018-02-18T16:10:33	checkout: take mode into account when comparing index to baseline When checking out a file, we determine whether the baseline (what we expect to be in the working directory) actually matches the contents of the working directory. This is safe behavior to prevent us from overwriting changes in the working directory. We look at the index to optimize this test: if we know that the index matches the working directory, then we can simply look at the index data compared to the baseline. We have historically compared the baseline to the index entry by oid. However, we must also compare the mode of the two items to ensure that they are identical. Otherwise, we will refuse to update the working directory for a mode change.
952cf714	2018-02-19T10:51:29	Merge pull request #4537 from pks-t/pks/tests-filemode-uninitialized-memory tests: index::filemodes: fix use of uninitialized memory
cabe16df	2018-02-19T10:18:59	tests: index::filemodes: fix use of uninitialized memory The new index entry structure was not being initialized to all-zeroes. As that structure is used to add a new entry to the current index, and the hashing algorithm of the index making use of the uninitialized flags to calculate the state, we might miscompute the hash of the entry and add it at the wrong position. Later lookups would then fail. Initialize the structure with `memset` to fix the test breaking on some platforms.
f1ad004c	2018-02-18T22:29:48	Merge pull request #4529 from libgit2/ethomson/index_add_requires_files git_index_add_frombuffer: only accept files/links
574671ba	2018-02-18T10:16:15	Merge pull request #4534 from pks-t/pks/build-warnings Fix build warnings
5f774dbf	2018-02-11T10:14:13	git_index_add_frombuffer: only accept files/links Ensure that the buffer given to `git_index_add_frombuffer` represents a regular blob, an executable blob, or a link. Explicitly reject commit entries (submodules) - it makes little sense to allow users to add a submodule from a string; there's no possible path to success.
92324d84	2018-02-16T11:28:53	util: clean up header includes While "util.h" declares the macro `git__tolower`, which simply resorts to tolower(3P) on Unix-like systems, the <ctype.h> header is only being included in "util.c". Thus, anybody who has included "util.h" without having <ctype.h> included will fail to compile as soon as the macro is in use. Furthermore, we can clean up additional includes in "util.c" and simply replace them with an include for "common.h".
06b8a40f	2018-02-16T11:29:46	Explicitly mark fallthrough cases with comments A lot of compilers nowadays generate warnings when there are cases in a switch statement which implicitly fall through to the next case. To avoid this warning, the last line in the case that is falling through can have a comment matching a regular expression, where one possible comment body would be `/* fall through */`. An alternative to the comment would be an explicit attribute like e.g. `[[clang::fallthrough]` or `__attribute__ ((fallthrough))`. But GCC only introduced support for such an attribute recently with GCC 7. Thus, and also because the fallthrough comment is supported by most compilers, we settle for using comments instead. One shortcoming of that method is that compilers are very strict about that. Most interestingly, that comment _really_ has to be the last line. In case a closing brace follows the comment, the heuristic will fail.
7c6e9175	2018-02-16T11:11:11	index: shut up warning on uninitialized variable Even though the `entry` variable will always be initialized when `read_entry` returns success and even though we never dereference `entry` in case `read_entry` fails, GCC prints a warning about uninitialized use. Just initialize the pointer to `NULL` in order to shut GCC up.
522f3e4b	2018-02-16T10:50:54	CMakeLists: increase strict aliasing level to 3 The strict aliasing rules disallow dereferencing the pointer to a variable of a certain type as another type, which is frequently used e.g. when casting structs to their base type. We currently have the warning level for strict aliasing rules set to `2`, which is described by gcc(1) as being "Aggressive, quick, not too precise." And in fact, we experience quite a lot of warnings when doing a release build due to that. GCC provides multiple levels, where higher levels are more accurate, but also slower due to the additional analysis required. Still, we want to have warning level 3 instead of 2 to avoid the current warnings we have in the Travis CI release builds. As this is the default warning level when no level is passed to `-Wstrict-aliasing`, we can just remove the level and use that default.
84f03b3a	2018-02-16T10:48:55	streams: openssl: fix use of uninitialized variable When verifying the server certificate, we do try to make sure that the hostname actually matches the certificate alternative names. In cases where the host is either an IPv4 or IPv6 address, we have to compare the binary representations of the hostname with the declared IP address of the certificate. We only do that comparison in case we were successfully able to parse the hostname as an IP, which would always result in the memory region being initialized. Still, GCC 6.4.0 was complaining about usage of non-initialized memory. Fix the issue by simply asserting that `addr` needs to be initialized. This shuts up the GCC warning.
b8cb7536	2018-02-15T11:07:29	Merge pull request #4532 from pks-t/pks/release-doc-filename docs: fix typo in "release.md" filename
bb7c672a	2018-02-15T11:06:40	docs: fix typo in "release.md" filename
9d8cbbb1	2018-02-15T11:04:52	Merge pull request #4485 from libgit2/cmn/release-docs docs: add release documentation
a4fb57bc	2018-02-15T10:52:45	Merge pull request #4501 from pks-t/pks/v0.27.0-release-notes CHANGELOG: update for v0.27.0
408b16c1	2018-02-10T08:00:36	Merge pull request #4508 from libgit2/ethomson/user_agent http: standardize user-agent addition
ee6be190	2018-01-31T08:36:19	http: standardize user-agent addition The winhttp and posix http each need to add the user-agent to their requests. Standardize on a single function to include this so that we do not get the version numbers we're sending out of sync. Assemble the complete user agent in `git_http__user_agent`, returning assembled strings. Co-authored-by: Patrick Steinhardt <ps@pks.im>
05c24c44	2018-02-09T18:25:46	Merge pull request #4527 from pks-t/pks/resource-leaks Plug resource leaks
178fda8a	2018-02-09T17:55:18	hash: win32: fix missing comma in `giterr_set`
638c6b8c	2018-02-09T17:32:15	odb_loose: only close file descriptor if it was opened successfully
a43bcd2c	2018-02-09T17:31:50	odb: fix memory leaks due to not freeing hash context
028a2806	2018-02-09T13:56:23	Merge pull request #4509 from libgit2/ethomson/odb_alloc_error odb: error when we can't alloc an object
9985edb5	2018-02-01T06:32:55	hash: set error messages on failure
619f61a8	2018-02-01T06:22:36	odb: error when we can't create object header Return an error to the caller when we can't create an object header for some reason (printf failure) instead of simply asserting.
59d99adc	2018-01-31T09:34:52	odb: check for alloc errors on hardcoded objects It's unlikely that we'll fail to allocate a single byte, but let's check for allocation failures for good measure. Untangle `-1` being a marker of not having found the hardcoded odb object; use that to reflect actual errors.
ef902864	2018-01-31T09:30:51	odb: error when we can't alloc an object At the moment, we're swallowing the allocation failure. We need to return the error to the caller.
7ec7aa4a	2018-02-01T05:54:57	odb: assert on logic errors when writing objects There's no recovery possible if we're so confused or corrupted that we're trying to overwrite our memory. Simply assert.
138e4c2b	2018-02-01T06:35:31	git_odb__hashfd: propagate error on failures
35ed256b	2018-02-01T05:11:05	git_odb__hashobj: provide errors messages on failures Provide error messages on hash failures: assert when given invalid input instead of failing with a user error; provide error messages on program errors.
e39d44d9	2018-02-09T10:12:41	CHANGELOG: update for v0.27.0, second batch
eadb0abb	2018-01-26T12:15:02	CHANGELOG: update for v0.27.0
0fd0bfe4	2018-02-08T22:51:46	Merge pull request #4450 from libgit2/ethomson/odb_loose_readstream Streaming read support for the loose ODB backend
d749822c	2018-02-08T22:50:58	Merge pull request #4491 from libgit2/ethomson/recursive Recursive merge: reverse the order of merge bases
2a11eaf3	2018-02-08T22:48:30	Merge pull request #4521 from pks-t/pks/config-crlf-lines config: handle CRLF-only lines and BOM
ba4faf6e	2018-02-08T17:15:33	buf_text: remove `offset` parameter of BOM detection function The function to detect a BOM takes an offset where it shall look for a BOM. No caller uses that, and searching for the BOM in the middle of a buffer seems to be very unlikely, as a BOM should only ever exist at file start. Remove the parameter, as it has already caused confusion due to its weirdness.
2eea5f1c	2018-02-08T10:27:31	config_parse: fix reading files with BOM The function `skip_bom` is being used to detect and skip BOM marks previously to parsing a configuration file. To do so, it simply uses `git_buf_text_detect_bom`. But since the refactoring to use the parser interface in commit 9e66590bd (config_parse: use common parser interface, 2017-07-21), the BOM detection was actually broken. The issue stems from a misunderstanding of `git_buf_text_detect_bom`. It was assumed that its third parameter limits the length of the character sequence that is to be analyzed, while in fact it was an offset at which we want to detect the BOM. Fix the parameter to be `0` instead of the buffer length, as we always want to check the beginning of the configuration file.
848153f3	2018-02-08T10:02:29	config_parse: handle empty lines with CRLF Currently, the configuration parser will fail reading empty lines with just an CRLF-style line ending. Special-case the '\r' character in order to handle it the same as Unix-style line endings. Add tests to spot this regression in the future.
5340ca77	2018-02-08T09:31:51	config_parse: add comment to clarify logic getting next character Upon each line, the configuration parser tries to get either the first non-whitespace character or the first whitespace character, in case there is no non-whitespace character. The logic handling this looks rather odd and doesn't immediately convey this meaning, so add a comment to clarify what happens.
f7225946	2018-02-07T17:35:57	Merge pull request #4513 from libgit2/ethomson/cmake_fixes CMake: minor fixups
f8a2dda8	2018-02-05T15:21:37	cmake: move ENABLE_WARNINGS to a module
1403c612	2018-01-22T14:44:31	merge: virtual commit should be last argument to merge-base Our virtual commit must be the last argument to merge-base: since our algorithm pushes _both_ parents of the virtual commit, it needs to be the last argument, since merge-base: > Given three commits A, B and C, git merge-base A B C will compute the > merge base between A and a hypothetical commit M We want to calculate the merge base between the actual commit ("two") and the virtual commit ("one") - since one actually pushes its parents to the merge-base calculation, we need to calculate the merge base of "two" and the parents of one.
b8823c2b	2018-01-22T23:56:22	Add failing test case for virtual commit merge base issue
afcaf35e	2018-01-21T16:50:40	merge::trees::recursive: test for virtual base building Virtual base building: ensure that the virtual base is created and revwalked in the same way as git.
b924df1e	2018-01-21T18:05:45	merge: reverse merge bases for recursive merge When the commits being merged have multiple merge bases, reverse the order when creating the virtual merge base. This is for compatibility with git's merge-recursive algorithm, and ensures that we build identical trees. Git does this to try to use older merge bases first. Per 8918b0c: > It seems to be the only sane way to do it: when a two-head merge is > done, and the merge-base and one of the two branches agree, the > merge assumes that the other branch has something new. > > If we start creating virtual commits from newer merge-bases, and go > back to older merge-bases, and then merge with newer commits again, > chances are that a patch is lost, _because_ the merge-base and the > head agree on it. Unlikely, yes, but it happened to me.
ed51feb7	2018-01-21T18:01:20	oidarray: introduce git_oidarray__reverse Provide a simple function to reverse an oidarray.
7bd89502	2018-01-21T16:41:49	Introduce additional criss-cross merge branches
26f5d36d	2018-02-04T10:27:39	Merge pull request #4489 from libgit2/ethomson/conflicts_crlf Conflict markers should match EOL style in conflicting files
fc6e38c2	2018-02-02T18:03:38	cmake: Move IDE source munging to a module Move the odd code that provides a hierarchical display for projects within the IDEs to its own module.
ed298c8e	2018-02-02T18:01:51	cmake: move nanosecond detection to a module Move the nanosecond detection in time structures to its own module.
6416b91f	2018-02-02T17:58:44	cmake: enable policy CMP0042 Enable CMake policy CMP0042, if supported: > CMake 2.8.12 and newer has support for using ``@rpath`` in a target's > install name. This was enabled by setting the target property > ``MACOSX_RPATH``. The ``@rpath`` in an install name is a more > flexible and powerful mechanism than ``@executable_path`` or > ``@loader_path`` for locating shared libraries.
94aa36ef	2018-02-02T17:56:15	cmake: test for CMP0051 instead of version check We can use policy checks to see if a policy exists in cmake, like CMP0051, instead of relying on the version.
8abd514c	2018-02-02T17:37:12	Merge pull request #4499 from pks-t/pks/setuid-config sysdir: do not use environment in setuid case
2553cbe3	2018-02-02T11:33:46	Merge pull request #4512 from libgit2/ethomson/header_guards Consistent header guards
53454b68	2018-02-02T11:31:15	Merge pull request #4510 from pks-t/pks/attr-file-bare-stat attr: avoid stat'ting files for bare repositories
0967459e	2018-01-25T13:11:34	sysdir: do not use environment in setuid case In order to derive the location of some Git directories, we currently use the environment variables $HOME and $XDG_CONFIG_HOME. This might prove to be problematic whenever the binary is run with setuid, that is when the effective user does not equal the real user. In case the environment variables do not get sanitized by the caller, we thus might end up using the real user's configuration when doing stuff as the effective user. The fix is to use the passwd entry's directory instead of $HOME in this situation. As this might break scenarios where the user explicitly sets $HOME to another path, this fix is only applied in case the effective user does not equal the real user.
09df354e	2018-02-01T16:52:43	odb_loose: HEADER_LEN -> MAX_HEADER_LEN `MAX_HEADER_LEN` is a more descriptive constant name.
909a1992	2017-12-31T09:56:30	odb_loose: largefile tests only on 64 bit platforms Only run the large file tests on 64 bit platforms. Even though we support streaming reads on objects, and do not need to fit them in memory, we use `size_t` in various places to reflect the size of an object.
624614b2	2017-12-19T00:43:49	odb_loose: validate length when checking for zlib content When checking to see if a file has zlib deflate content, make sure that we actually have read at least two bytes before examining the array.
27078e58	2017-12-18T23:11:42	odb_loose: test read_header on large blobs Test that we can read_header on large blobs. This should succeed on all platforms since we read only a few bytes into memory to be able to parse the header.
e118231b	2017-12-18T23:11:24	odb_loose: test read_header explicitly
1118ba3e	2017-12-18T23:08:40	odb_loose: `read_header` for packlike loose objects Support `read_header` for "packlike loose objects", which were a temporarily and uncommonly used format loose object format that encodes the header before the zlib deflate data. This will never actually be seen in the wild, but add support for it for completeness and (more importantly) because our corpus of test data has objects in this format, so it's easier to support it than to try to special case it.
4c7a16b7	2017-12-18T15:56:21	odb_loose: read_header should use zstream Make `read_header` use the common zstream implementation. Remove the now unnecessary zlib wrapper in odb_loose.
6155e06b	2017-12-17T18:44:02	zstream: introduce a single chunk reader Introduce `get_output_chunk` that will inflate/deflate all the available input buffer into the output buffer. `get_output` will call `get_output_chunk` in a loop, while other consumers can use it to inflate only a piece of the data.
b1e66bfc	2017-12-17T16:31:35	odb: test loose object streaming

12356076

2018-03-02T12:41:04

worktree: lock reason should be const

8a8ea1db

2018-02-28T18:14:52

Merge pull request #4552 from libgit2/cmn/config-header-common Cast less blindly between configuration objects

e8e490b2

2018-02-28T17:01:47

Merge pull request #4554 from pks-t/pks/curl-init curl: initialize and cleanup global curl state

9cd0c6f1

2018-02-28T16:01:16

config: return an error if config_refresh is called on a snapshot Instead of treating it as a no-op, treat it as a programming error and return the same kind of error as if you called to set or delete variables on a snapshot.

17bef3b8

2018-02-28T15:01:43

Merge pull request #4553 from libgit2/cmn/tree-write-initialise tree: initialize the id we use for testing submodule insertions

fb884c62

2018-02-28T14:59:09

Merge pull request #4555 from libgit2/ethomson/strncmp_stdcall win32: strncmp -> git__strncmp for win32 STDCALL

2022b004

2018-02-28T12:06:59

curl: explicitly initialize and cleanup global curl state Our curl-based streams make use of the easy curl interface. This interface automatically initializes and de-initializes the global curl state by calling out to `curl_global_init` and `curl_global_cleanup`. Thus, all global state will be repeatedly re-initialized when creating multiple curl streams in succession. Despite being inefficient, this is not thread-safe due to `curl_global_init` being not thread-safe itself. Thus a multi-threaded programing handling multiple curl streams at the same time is inherently racy. Fix the issue by globally initializing and cleaning up curl's state.

a33deeb4

2018-02-28T12:20:23

win32: strncmp -> git__strncmp The win32 C library is compiled cdecl, however when configured with `STDCALL=ON`, our functions (and function pointers) will use the stdcall calling convention. You cannot set a `__stdcall` function pointer to a `__cdecl` function, so it's easier to just use our `git__strncmp` instead of sorting that mess out.

a554d588

2018-02-28T12:21:08

tree: initialize the id we use for testing submodule insertions Instead of laving it uninitialized and relying on luck for it to be non-zero, let's give it a dummy hash so we make valgrind happy (in this case the hash comes from `sha1sum </dev/null`.

2424e64c

2018-02-28T12:06:02

config: harden our use of the backend objects a bit When we create an iterator we don't actually know that we have a live config object and we must instead only rely on the header. We fixed it to use this in a previous commit, but this makes it harder to misuse by converting to use the header object in the typecast. We also guard inside the `config_refresh` function against being given a snapshot (although callers right now do check).

1785de4e

2018-02-28T11:46:17

config: move the level field into the header We use it in a few places where we might have a full object or a snapshot so move it to where we can actually access it.

c1524b2e

2018-02-28T11:33:11

config: move the repository to the diskfile header We pass this around and when creating a new iterator we need to read the repository pointer. Put it in a common place so we can reach it regardless of whether we got a full object or a snapshot.

c9d59c61

2018-02-27T12:45:21

Merge pull request #4545 from libgit2/ethomson/checkout_filemode Respect core.filemode in checkout

b4dde78a

2018-02-27T12:43:47

Merge pull request #4550 from libgit2/ethomson/winhttp winhttp: enable TLS 1.2

5ecb6220

2018-02-25T15:46:51

winhttp: enable TLS 1.2 on Windows 7 and earlier Versions of Windows prior to Windows 8 do not enable TLS 1.2 by default, though support may exist. Try to enable TLS 1.2 support explicitly on connections. This request may fail if the operating system does not have TLS 1.2 support - the initial release of Vista lacks TLS 1.2 support (though it is available as a software update) and XP completely lacks TLS 1.2 support. If this request does fail, the HTTP context is still valid, and still maintains the original protocol support. So we ignore the failure from this operation.

934e6a3b

2018-02-27T11:24:30

winhttp: include constants for TLS 1.1/1.2 support For platforms that do not define `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_1` and/or `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_2`.

8c8db980

2018-02-27T10:32:29

mingw: update TLS option flags Include the constants for `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_1` and `WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_2` so that they can be used by mingw. This updates both the `deps/winhttp` framework (for classic mingw) and adds the defines for mingw64, which does not use that framework.

7d906370

2018-02-25T23:08:14

Merge pull request #4549 from libgit2/ethomson/travis_libssh travis: use custom libssh2-1-dev package

ca22cb5e

2018-02-25T22:43:12

travis: use custom libssh2-1-dev package To avoid pull requests needing to rebase, keep the libssh2-1-dev package as the development package for libssh2. Reverting to the original Debian package structure.

5a69b120

2018-02-25T19:58:19

Merge pull request #4548 from libgit2/ethomson/travis_libssh travis: use custom libssh2 package

c5eb8b4a

2018-02-25T14:08:51

travis: use custom libssh2 package Use the custom libssh2 package that is a backport of libssh2 1.8.0 to Ubuntu trusty.

c214ba19

2018-02-20T00:35:27

checkout: respect core.filemode when comparing filemodes Fixes #4504

275693e2

2018-02-20T12:45:40

checkout test: ensure workdir mode is simplified Ensure that when examining the working directory for checkout that the mode is correctly simplified. Git only pays attention to whether a file is executable or not. When examining a working directory, we should coalesce modes in the working directory to either `0755` (indicating that a file is executable) or `0644` (indicating that it is not). Test this by giving the file an exotic mode, and ensuring that when checkout out a branch that changes the file's contents, that we do not have a checkout conflict.

ec96db57

2018-02-20T00:32:38

checkout test: add core.filemode checkout tests Add two tests for filemode. The first ensures that `core.filemode=true` is honored: if we have changed the filemode such that a file that _was_ executable (mode 0755) is now executable (mode 0644) and we go to check out a branch that has otherwise changed the contents of the file, then we should raise a checkout conflict for that file. The second ensures that `core.filemode=false` is honored: in the same situation, we set a file that was executable to be non-executable, and check out the branch that changes the contents of the file. However, since `core.filemode` is false, we do not detect the filemode change. We run these tests on both operating systems that obey `core.filemode` (eg, POSIX) and those that have no conception of filemode (eg, Win32). This ensures that `core.filemode` is always honored, as it is a cache of the underlying filesystem's settings. This ensures that we do not make assumptions based on the operating system, and honor the configuration setting even if it were misconfigured.

18d9c847

2018-02-20T00:32:38

testrepo: add new branch Add a new branch to the `testrepo` repository, where the `README` file has changed to executable. This branch enables typechange tests between the new `executable` branch and `master`.

809b0ca6

2018-02-20T22:06:53

Merge pull request #4533 from pks-t/pks/v0.27.0-rc1 v0.27.0-rc1: version bump

23d4a91b

2018-02-16T08:38:44

Update version number to v0.27

0f239682

2018-02-20T16:49:13

CHANGELOG: third batch of updates to the changelog for v0.27.0

ad006d87

2018-02-15T11:13:14

docs: document increasing the version number for releases

894ccf4b

2018-02-20T16:14:54

Merge pull request #4535 from libgit2/ethomson/checkout_typechange_with_index_and_wd checkout: when examining index (instead of workdir), also examine mode

afc5124b

2018-02-20T14:35:17

Merge pull request #4539 from pks-t/pks/diff_renames_with_rewrites diff_tform: fix rename detection with rewrite/delete pair

4e4771dc

2018-02-19T22:10:44

checkout test: further ensure workdir perms are updated When both the index _and_ the working directory has changed permissions on a file permissions on a file - but only the permissions, such that the contents of the file are identical - ensure that `git_checkout` updates the permissions to match the checkout target.

8858a684

2018-02-19T22:09:27

checkout test: ensure workdir perms are updated When the working directory has changed permissions on a file - but only the permissions, such that the contents of the file are identical - ensure that `git_checkout` updates the permissions to match the checkout target.

ce7080a0

2018-02-20T10:38:27

diff_tform: fix rename detection with rewrite/delete pair A rewritten file can either be classified as a modification of its contents or of a delete of the complete file followed by an addition of the new content. This distinction becomes important when we want to detect renames for rewrites. Given a scenario where a file "a" has been deleted and another file "b" has been renamed to "a", this should be detected as a deletion of "a" followed by a rename of "a" -> "b". Thus, splitting of the original rewrite into a delete/add pair is important here. This splitting is represented by a flag we can set at the current delta. While the flag is already being set in case we want to break rewrites, we do not do so in case where the `GIT_DIFF_FIND_RENAMES_FROM_REWRITES` flag is set. This can trigger an assert when we try to match the source and target deltas. Fix the issue by setting the `GIT_DIFF_FLAG__TO_SPLIT` flag at the delta when it is a rename target and `GIT_DIFF_FIND_RENAMES_FROM_REWRITES` is set.

80e77b87

2018-02-20T10:03:48

tests: add rename-rewrite scenarios to "renames" repository Add two more scenarios to the "renames" repository. The first scenario has a major rewrite of a file and a delete of another file, the second scenario has a deletion of a file and rename of another file to the deleted file. Both scenarios will be used in the following commit.

d91da1da

2018-02-20T09:54:58

tests: diff::rename: use defines for commit OIDs While we frequently reuse commit OIDs throughout the file, we do not have any constants to refer to these commits. Make this a bit easier to read by giving the commit OIDs somewhat descriptive names of what kind of commit they refer to.

d7fea1e1

2018-02-18T16:10:33

checkout: take mode into account when comparing index to baseline When checking out a file, we determine whether the baseline (what we expect to be in the working directory) actually matches the contents of the working directory. This is safe behavior to prevent us from overwriting changes in the working directory. We look at the index to optimize this test: if we know that the index matches the working directory, then we can simply look at the index data compared to the baseline. We have historically compared the baseline to the index entry by oid. However, we must also compare the mode of the two items to ensure that they are identical. Otherwise, we will refuse to update the working directory for a mode change.

952cf714

2018-02-19T10:51:29

Merge pull request #4537 from pks-t/pks/tests-filemode-uninitialized-memory tests: index::filemodes: fix use of uninitialized memory

cabe16df

2018-02-19T10:18:59

tests: index::filemodes: fix use of uninitialized memory The new index entry structure was not being initialized to all-zeroes. As that structure is used to add a new entry to the current index, and the hashing algorithm of the index making use of the uninitialized flags to calculate the state, we might miscompute the hash of the entry and add it at the wrong position. Later lookups would then fail. Initialize the structure with `memset` to fix the test breaking on some platforms.

f1ad004c

2018-02-18T22:29:48

Merge pull request #4529 from libgit2/ethomson/index_add_requires_files git_index_add_frombuffer: only accept files/links

574671ba

2018-02-18T10:16:15

Merge pull request #4534 from pks-t/pks/build-warnings Fix build warnings

5f774dbf

2018-02-11T10:14:13

git_index_add_frombuffer: only accept files/links Ensure that the buffer given to `git_index_add_frombuffer` represents a regular blob, an executable blob, or a link. Explicitly reject commit entries (submodules) - it makes little sense to allow users to add a submodule from a string; there's no possible path to success.

92324d84

2018-02-16T11:28:53

util: clean up header includes While "util.h" declares the macro `git__tolower`, which simply resorts to tolower(3P) on Unix-like systems, the <ctype.h> header is only being included in "util.c". Thus, anybody who has included "util.h" without having <ctype.h> included will fail to compile as soon as the macro is in use. Furthermore, we can clean up additional includes in "util.c" and simply replace them with an include for "common.h".

06b8a40f

2018-02-16T11:29:46

Explicitly mark fallthrough cases with comments A lot of compilers nowadays generate warnings when there are cases in a switch statement which implicitly fall through to the next case. To avoid this warning, the last line in the case that is falling through can have a comment matching a regular expression, where one possible comment body would be `/* fall through */`. An alternative to the comment would be an explicit attribute like e.g. `[[clang::fallthrough]` or `__attribute__ ((fallthrough))`. But GCC only introduced support for such an attribute recently with GCC 7. Thus, and also because the fallthrough comment is supported by most compilers, we settle for using comments instead. One shortcoming of that method is that compilers are very strict about that. Most interestingly, that comment _really_ has to be the last line. In case a closing brace follows the comment, the heuristic will fail.

7c6e9175

2018-02-16T11:11:11

index: shut up warning on uninitialized variable Even though the `entry` variable will always be initialized when `read_entry` returns success and even though we never dereference `entry` in case `read_entry` fails, GCC prints a warning about uninitialized use. Just initialize the pointer to `NULL` in order to shut GCC up.

522f3e4b

2018-02-16T10:50:54

CMakeLists: increase strict aliasing level to 3 The strict aliasing rules disallow dereferencing the pointer to a variable of a certain type as another type, which is frequently used e.g. when casting structs to their base type. We currently have the warning level for strict aliasing rules set to `2`, which is described by gcc(1) as being "Aggressive, quick, not too precise." And in fact, we experience quite a lot of warnings when doing a release build due to that. GCC provides multiple levels, where higher levels are more accurate, but also slower due to the additional analysis required. Still, we want to have warning level 3 instead of 2 to avoid the current warnings we have in the Travis CI release builds. As this is the default warning level when no level is passed to `-Wstrict-aliasing`, we can just remove the level and use that default.

84f03b3a

2018-02-16T10:48:55

streams: openssl: fix use of uninitialized variable When verifying the server certificate, we do try to make sure that the hostname actually matches the certificate alternative names. In cases where the host is either an IPv4 or IPv6 address, we have to compare the binary representations of the hostname with the declared IP address of the certificate. We only do that comparison in case we were successfully able to parse the hostname as an IP, which would always result in the memory region being initialized. Still, GCC 6.4.0 was complaining about usage of non-initialized memory. Fix the issue by simply asserting that `addr` needs to be initialized. This shuts up the GCC warning.

b8cb7536

2018-02-15T11:07:29

Merge pull request #4532 from pks-t/pks/release-doc-filename docs: fix typo in "release.md" filename

bb7c672a

2018-02-15T11:06:40

docs: fix typo in "release.md" filename

9d8cbbb1

2018-02-15T11:04:52

Merge pull request #4485 from libgit2/cmn/release-docs docs: add release documentation

a4fb57bc

2018-02-15T10:52:45

Merge pull request #4501 from pks-t/pks/v0.27.0-release-notes CHANGELOG: update for v0.27.0

408b16c1

2018-02-10T08:00:36

Merge pull request #4508 from libgit2/ethomson/user_agent http: standardize user-agent addition

ee6be190

2018-01-31T08:36:19

http: standardize user-agent addition The winhttp and posix http each need to add the user-agent to their requests. Standardize on a single function to include this so that we do not get the version numbers we're sending out of sync. Assemble the complete user agent in `git_http__user_agent`, returning assembled strings. Co-authored-by: Patrick Steinhardt <ps@pks.im>

05c24c44

2018-02-09T18:25:46

Merge pull request #4527 from pks-t/pks/resource-leaks Plug resource leaks

178fda8a

2018-02-09T17:55:18

hash: win32: fix missing comma in `giterr_set`

638c6b8c

2018-02-09T17:32:15

odb_loose: only close file descriptor if it was opened successfully

a43bcd2c

2018-02-09T17:31:50

odb: fix memory leaks due to not freeing hash context

028a2806

2018-02-09T13:56:23

Merge pull request #4509 from libgit2/ethomson/odb_alloc_error odb: error when we can't alloc an object

9985edb5

2018-02-01T06:32:55

hash: set error messages on failure

619f61a8

2018-02-01T06:22:36

odb: error when we can't create object header Return an error to the caller when we can't create an object header for some reason (printf failure) instead of simply asserting.

59d99adc

2018-01-31T09:34:52

odb: check for alloc errors on hardcoded objects It's unlikely that we'll fail to allocate a single byte, but let's check for allocation failures for good measure. Untangle `-1` being a marker of not having found the hardcoded odb object; use that to reflect actual errors.

ef902864

2018-01-31T09:30:51

odb: error when we can't alloc an object At the moment, we're swallowing the allocation failure. We need to return the error to the caller.

7ec7aa4a

2018-02-01T05:54:57

odb: assert on logic errors when writing objects There's no recovery possible if we're so confused or corrupted that we're trying to overwrite our memory. Simply assert.

138e4c2b

2018-02-01T06:35:31

git_odb__hashfd: propagate error on failures

35ed256b

2018-02-01T05:11:05

git_odb__hashobj: provide errors messages on failures Provide error messages on hash failures: assert when given invalid input instead of failing with a user error; provide error messages on program errors.

e39d44d9

2018-02-09T10:12:41

CHANGELOG: update for v0.27.0, second batch

eadb0abb

2018-01-26T12:15:02

CHANGELOG: update for v0.27.0

0fd0bfe4

2018-02-08T22:51:46

Merge pull request #4450 from libgit2/ethomson/odb_loose_readstream Streaming read support for the loose ODB backend

d749822c

2018-02-08T22:50:58

Merge pull request #4491 from libgit2/ethomson/recursive Recursive merge: reverse the order of merge bases

2a11eaf3

2018-02-08T22:48:30

Merge pull request #4521 from pks-t/pks/config-crlf-lines config: handle CRLF-only lines and BOM

ba4faf6e

2018-02-08T17:15:33

buf_text: remove `offset` parameter of BOM detection function The function to detect a BOM takes an offset where it shall look for a BOM. No caller uses that, and searching for the BOM in the middle of a buffer seems to be very unlikely, as a BOM should only ever exist at file start. Remove the parameter, as it has already caused confusion due to its weirdness.

2eea5f1c

2018-02-08T10:27:31

config_parse: fix reading files with BOM The function `skip_bom` is being used to detect and skip BOM marks previously to parsing a configuration file. To do so, it simply uses `git_buf_text_detect_bom`. But since the refactoring to use the parser interface in commit 9e66590bd (config_parse: use common parser interface, 2017-07-21), the BOM detection was actually broken. The issue stems from a misunderstanding of `git_buf_text_detect_bom`. It was assumed that its third parameter limits the length of the character sequence that is to be analyzed, while in fact it was an offset at which we want to detect the BOM. Fix the parameter to be `0` instead of the buffer length, as we always want to check the beginning of the configuration file.

848153f3

2018-02-08T10:02:29

config_parse: handle empty lines with CRLF Currently, the configuration parser will fail reading empty lines with just an CRLF-style line ending. Special-case the '\r' character in order to handle it the same as Unix-style line endings. Add tests to spot this regression in the future.

5340ca77

2018-02-08T09:31:51

config_parse: add comment to clarify logic getting next character Upon each line, the configuration parser tries to get either the first non-whitespace character or the first whitespace character, in case there is no non-whitespace character. The logic handling this looks rather odd and doesn't immediately convey this meaning, so add a comment to clarify what happens.

f7225946

2018-02-07T17:35:57

Merge pull request #4513 from libgit2/ethomson/cmake_fixes CMake: minor fixups

f8a2dda8

2018-02-05T15:21:37

cmake: move ENABLE_WARNINGS to a module

1403c612

2018-01-22T14:44:31

merge: virtual commit should be last argument to merge-base Our virtual commit must be the last argument to merge-base: since our algorithm pushes _both_ parents of the virtual commit, it needs to be the last argument, since merge-base: > Given three commits A, B and C, git merge-base A B C will compute the > merge base between A and a hypothetical commit M We want to calculate the merge base between the actual commit ("two") and the virtual commit ("one") - since one actually pushes its parents to the merge-base calculation, we need to calculate the merge base of "two" and the parents of one.

b8823c2b

2018-01-22T23:56:22

Add failing test case for virtual commit merge base issue

afcaf35e

2018-01-21T16:50:40

merge::trees::recursive: test for virtual base building Virtual base building: ensure that the virtual base is created and revwalked in the same way as git.

b924df1e

2018-01-21T18:05:45

merge: reverse merge bases for recursive merge When the commits being merged have multiple merge bases, reverse the order when creating the virtual merge base. This is for compatibility with git's merge-recursive algorithm, and ensures that we build identical trees. Git does this to try to use older merge bases first. Per 8918b0c: > It seems to be the only sane way to do it: when a two-head merge is > done, and the merge-base and one of the two branches agree, the > merge assumes that the other branch has something new. > > If we start creating virtual commits from newer merge-bases, and go > back to older merge-bases, and then merge with newer commits again, > chances are that a patch is lost, _because_ the merge-base and the > head agree on it. Unlikely, yes, but it happened to me.

ed51feb7

2018-01-21T18:01:20

oidarray: introduce git_oidarray__reverse Provide a simple function to reverse an oidarray.

7bd89502

2018-01-21T16:41:49

Introduce additional criss-cross merge branches

26f5d36d

2018-02-04T10:27:39

Merge pull request #4489 from libgit2/ethomson/conflicts_crlf Conflict markers should match EOL style in conflicting files

fc6e38c2

2018-02-02T18:03:38

cmake: Move IDE source munging to a module Move the odd code that provides a hierarchical display for projects within the IDEs to its own module.

ed298c8e

2018-02-02T18:01:51

cmake: move nanosecond detection to a module Move the nanosecond detection in time structures to its own module.

6416b91f

2018-02-02T17:58:44

cmake: enable policy CMP0042 Enable CMake policy CMP0042, if supported: > CMake 2.8.12 and newer has support for using ``@rpath`` in a target's > install name. This was enabled by setting the target property > ``MACOSX_RPATH``. The ``@rpath`` in an install name is a more > flexible and powerful mechanism than ``@executable_path`` or > ``@loader_path`` for locating shared libraries.

94aa36ef

2018-02-02T17:56:15

cmake: test for CMP0051 instead of version check We can use policy checks to see if a policy exists in cmake, like CMP0051, instead of relying on the version.

8abd514c

2018-02-02T17:37:12

Merge pull request #4499 from pks-t/pks/setuid-config sysdir: do not use environment in setuid case

2553cbe3

2018-02-02T11:33:46

Merge pull request #4512 from libgit2/ethomson/header_guards Consistent header guards

53454b68

2018-02-02T11:31:15

Merge pull request #4510 from pks-t/pks/attr-file-bare-stat attr: avoid stat'ting files for bare repositories

0967459e

2018-01-25T13:11:34

sysdir: do not use environment in setuid case In order to derive the location of some Git directories, we currently use the environment variables $HOME and $XDG_CONFIG_HOME. This might prove to be problematic whenever the binary is run with setuid, that is when the effective user does not equal the real user. In case the environment variables do not get sanitized by the caller, we thus might end up using the real user's configuration when doing stuff as the effective user. The fix is to use the passwd entry's directory instead of $HOME in this situation. As this might break scenarios where the user explicitly sets $HOME to another path, this fix is only applied in case the effective user does not equal the real user.

09df354e

2018-02-01T16:52:43

odb_loose: HEADER_LEN -> MAX_HEADER_LEN `MAX_HEADER_LEN` is a more descriptive constant name.

909a1992

2017-12-31T09:56:30

odb_loose: largefile tests only on 64 bit platforms Only run the large file tests on 64 bit platforms. Even though we support streaming reads on objects, and do not need to fit them in memory, we use `size_t` in various places to reflect the size of an object.

624614b2

2017-12-19T00:43:49

odb_loose: validate length when checking for zlib content When checking to see if a file has zlib deflate content, make sure that we actually have read at least two bytes before examining the array.

27078e58

2017-12-18T23:11:42

odb_loose: test read_header on large blobs Test that we can read_header on large blobs. This should succeed on all platforms since we read only a few bytes into memory to be able to parse the header.

e118231b

2017-12-18T23:11:24

odb_loose: test read_header explicitly

1118ba3e

2017-12-18T23:08:40

odb_loose: `read_header` for packlike loose objects Support `read_header` for "packlike loose objects", which were a temporarily and uncommonly used format loose object format that encodes the header before the zlib deflate data. This will never actually be seen in the wild, but add support for it for completeness and (more importantly) because our corpus of test data has objects in this format, so it's easier to support it than to try to special case it.

4c7a16b7

2017-12-18T15:56:21

odb_loose: read_header should use zstream Make `read_header` use the common zstream implementation. Remove the now unnecessary zlib wrapper in odb_loose.

6155e06b

2017-12-17T18:44:02

zstream: introduce a single chunk reader Introduce `get_output_chunk` that will inflate/deflate all the available input buffer into the output buffer. `get_output` will call `get_output_chunk` in a loop, while other consumers can use it to inflate only a piece of the data.

b1e66bfc

2017-12-17T16:31:35

odb: test loose object streaming

thodg/libgit2

Log