kmx git

Commit	Date	Message
93a9044f	2020-01-31T08:49:34	fetchhead: strip credentials from remote URL If fetching from an anonymous remote via its URL, then the URL gets written into the FETCH_HEAD reference. This is mainly done to give valuable context to some commands, like for example git-merge(1), which will put the URL into the generated MERGE_MSG. As a result, what gets written into FETCH_HEAD may become public in some cases. This is especially important considering that URLs may contain credentials, e.g. when cloning 'https://foo:bar@example.com/repo' we persist the complete URL into FETCH_HEAD and put it without any kind of sanitization into the MERGE_MSG. This is obviously bad, as your login data has now just leaked as soon as you do git-push(1). When writing the URL into FETCH_HEAD, upstream git does strip credentials first. Let's do the same by trying to parse the remote URL as a "real" URL, removing any credentials and then re-formatting the URL. In case this fails, e.g. when it's a file path or not a valid URL, we just fall back to using the URL as-is without any sanitization. Add tests to verify our behaviour.
e54343a4	2019-06-29T09:17:32	fileops: rename to "futils.h" to match function signatures Our file utils functions all have a "futils" prefix, e.g. `git_futils_touch`. One would thus naturally guess that their definitions and implementation would live in files "futils.h" and "futils.c", respectively, but in fact they live in "fileops.h". Rename the files to match expectations.
f673e232	2018-12-27T13:47:34	git_error: use new names in internal APIs and usage Move to the `git_error` name in the internal API for error-related functions.
ecf4f33a	2018-02-08T11:14:48	Convert usage of `git_buf_free` to new `git_buf_dispose`
6c55fbf3	2018-04-06T10:39:16	transports: local: fix assert when fetching into repo with symrefs When fetching into a repository which has symbolic references via the "local" transport we run into an assert. The assert is being triggered while we negotiate the packfile between the two repositories. When hiding known revisions from the packbuilder revwalk, we unconditionally hide all references of the local refdb. In case one of these references is a symbolic reference, though, this means we're trying to hide a `NULL` OID, which triggers the assert. Fix the issue by only hiding OID references from the revwalk. Add a test to catch this issue in the future.
c081f0d0	2017-12-26T17:50:59	fetch: go over FETCH_HEAD just once when counting the prefixes in test
c0bfda87	2016-12-02T17:36:04	fetch: add a failing test for FETCH_HEAD with multiple fetch refspecs
1e64a446	2016-12-02T16:09:21	fetch: expand fetchhead test to cover providing multiple refspecs
8f0d5cde	2016-12-29T12:55:49	tests: update error message checking
24fa21f3	2015-06-26T18:59:53	index, iterator, fetchhead: plug leaks
23aa7c90	2015-06-25T13:40:38	remote: insert refspecs with no rhs in FETCH_HEAD When a refspec contains no rhs and thus won't cause an explicit update, we skip all the logic, but that means that we don't update FETCH_HEAD with it, which is what the implicit rhs is. Add another bit of logic which puts those remote heads in the list of updates so we put them into FETCH_HEAD.
22261344	2015-04-22T04:38:08	remote: remove url and pushurl from the save logic As a first step in removing the repository-saving logic, don't allow chaning the url or push url from a remote object, but change the configuration on the configuration immediately.
8f0104ec	2015-04-21T22:10:36	Remove the callbacks struct from the remote Having the setting be different from calling its actions was not a great idea and made for the sake of the wrong convenience. Instead of that, accept either fetch options, push options or the callbacks when dealing with the remote. The fetch options are currently only the callbacks, but more options will be moved from setters and getters on the remote to the options. This does mean passing the same struct along the different functions but the typical use-case will only call git_remote_fetch() or git_remote_push() and so won't notice much difference.
659cf202	2015-01-07T12:23:05	Remove the signature from ref-modifying functions The signature for the reflog is not something which changes dynamically. Almost all uses will be NULL, since we want for the repository's default identity to be used, making it noise. In order to allow for changing the identity, we instead provide git_repository_set_ident() and git_repository_ident() which allow a user to override the choice of signature.
209425ce	2014-11-08T13:25:51	remote: rename _load() to _lookup() This brings it in line with the rest of the lookup functions.
3f894205	2014-06-06T15:01:45	remote: allow overriding the refspecs for download and fetch With opportunistic ref updates, git has introduced the concept of having base refspecs and refspecs that are active for a particular fetch. Let's start by letting the user override the refspecs for download.
d908351a	2014-09-05T22:31:53	When auto follow tags, FETCH_HEAD should list only newly followed tags
0cee70eb	2014-07-01T14:09:01	Introduce cl_assert_equal_oid
bdc82e1c	2014-04-24T14:08:29	fetchhead: deal with quotes in branch names The current FETCH_HEAD parsing code assumes that a quote must end the branch name. Git however allows for quotes as part of a branch name, which causes us to consider the FETCH_HEAD file as invalid. Instead of searching for a single quote char, search for a quote char followed by SP, which is not a valid part of a ref name.
6f6be8fe	2014-04-02T18:14:02	remote: write tests for cloning from an empty repo Cloning from an empty repo must set master's upstream to origin's master, even if neither of them exist. Fetching from a non-empty origin must then mark the master branch for-merge. This currently fails.
17820381	2013-11-14T14:05:52	Rename tests-clar to tests

93a9044f

2020-01-31T08:49:34

fetchhead: strip credentials from remote URL If fetching from an anonymous remote via its URL, then the URL gets written into the FETCH_HEAD reference. This is mainly done to give valuable context to some commands, like for example git-merge(1), which will put the URL into the generated MERGE_MSG. As a result, what gets written into FETCH_HEAD may become public in some cases. This is especially important considering that URLs may contain credentials, e.g. when cloning 'https://foo:bar@example.com/repo' we persist the complete URL into FETCH_HEAD and put it without any kind of sanitization into the MERGE_MSG. This is obviously bad, as your login data has now just leaked as soon as you do git-push(1). When writing the URL into FETCH_HEAD, upstream git does strip credentials first. Let's do the same by trying to parse the remote URL as a "real" URL, removing any credentials and then re-formatting the URL. In case this fails, e.g. when it's a file path or not a valid URL, we just fall back to using the URL as-is without any sanitization. Add tests to verify our behaviour.

e54343a4

2019-06-29T09:17:32

fileops: rename to "futils.h" to match function signatures Our file utils functions all have a "futils" prefix, e.g. `git_futils_touch`. One would thus naturally guess that their definitions and implementation would live in files "futils.h" and "futils.c", respectively, but in fact they live in "fileops.h". Rename the files to match expectations.

f673e232

2018-12-27T13:47:34

git_error: use new names in internal APIs and usage Move to the `git_error` name in the internal API for error-related functions.

ecf4f33a

2018-02-08T11:14:48

Convert usage of `git_buf_free` to new `git_buf_dispose`

6c55fbf3

2018-04-06T10:39:16

transports: local: fix assert when fetching into repo with symrefs When fetching into a repository which has symbolic references via the "local" transport we run into an assert. The assert is being triggered while we negotiate the packfile between the two repositories. When hiding known revisions from the packbuilder revwalk, we unconditionally hide all references of the local refdb. In case one of these references is a symbolic reference, though, this means we're trying to hide a `NULL` OID, which triggers the assert. Fix the issue by only hiding OID references from the revwalk. Add a test to catch this issue in the future.

c081f0d0

2017-12-26T17:50:59

fetch: go over FETCH_HEAD just once when counting the prefixes in test

c0bfda87

2016-12-02T17:36:04

fetch: add a failing test for FETCH_HEAD with multiple fetch refspecs

1e64a446

2016-12-02T16:09:21

fetch: expand fetchhead test to cover providing multiple refspecs

8f0d5cde

2016-12-29T12:55:49

tests: update error message checking

24fa21f3

2015-06-26T18:59:53

index, iterator, fetchhead: plug leaks

23aa7c90

2015-06-25T13:40:38

remote: insert refspecs with no rhs in FETCH_HEAD When a refspec contains no rhs and thus won't cause an explicit update, we skip all the logic, but that means that we don't update FETCH_HEAD with it, which is what the implicit rhs is. Add another bit of logic which puts those remote heads in the list of updates so we put them into FETCH_HEAD.

22261344

2015-04-22T04:38:08

remote: remove url and pushurl from the save logic As a first step in removing the repository-saving logic, don't allow chaning the url or push url from a remote object, but change the configuration on the configuration immediately.

8f0104ec

2015-04-21T22:10:36

Remove the callbacks struct from the remote Having the setting be different from calling its actions was not a great idea and made for the sake of the wrong convenience. Instead of that, accept either fetch options, push options or the callbacks when dealing with the remote. The fetch options are currently only the callbacks, but more options will be moved from setters and getters on the remote to the options. This does mean passing the same struct along the different functions but the typical use-case will only call git_remote_fetch() or git_remote_push() and so won't notice much difference.

659cf202

2015-01-07T12:23:05

Remove the signature from ref-modifying functions The signature for the reflog is not something which changes dynamically. Almost all uses will be NULL, since we want for the repository's default identity to be used, making it noise. In order to allow for changing the identity, we instead provide git_repository_set_ident() and git_repository_ident() which allow a user to override the choice of signature.

209425ce

2014-11-08T13:25:51

remote: rename _load() to _lookup() This brings it in line with the rest of the lookup functions.

3f894205

2014-06-06T15:01:45

remote: allow overriding the refspecs for download and fetch With opportunistic ref updates, git has introduced the concept of having base refspecs *and* refspecs that are active for a particular fetch. Let's start by letting the user override the refspecs for download.

d908351a

2014-09-05T22:31:53

When auto follow tags, FETCH_HEAD should list only newly followed tags

0cee70eb

2014-07-01T14:09:01

Introduce cl_assert_equal_oid

bdc82e1c

2014-04-24T14:08:29

fetchhead: deal with quotes in branch names The current FETCH_HEAD parsing code assumes that a quote must end the branch name. Git however allows for quotes as part of a branch name, which causes us to consider the FETCH_HEAD file as invalid. Instead of searching for a single quote char, search for a quote char followed by SP, which is not a valid part of a ref name.

6f6be8fe

2014-04-02T18:14:02

remote: write tests for cloning from an empty repo Cloning from an empty repo must set master's upstream to origin's master, even if neither of them exist. Fetching from a non-empty origin must then mark the master branch for-merge. This currently fails.

17820381

2013-11-14T14:05:52

Rename tests-clar to tests

thodg/libgit2/tests/fetchhead

tests/fetchhead

Log