kmx git

Commit	Date	Message
c9b80c25	2021-08-21T15:28:45	valgrind: suppress leaks in dlopen and newer libraries dlopen sets up some thread-local state that isn't cleaned up by `dlclose`. Additionally, now that we're linking against different versions of libssh2 and OpenSSL, we're seeing different leak signatures.
322c15ee	2020-08-01T18:24:41	Make the pack and mwindow implementations data-race-free This change fixes a packfile heap corruption that can happen when interacting with multiple packfiles concurrently across multiple threads. This is exacerbated by setting a lower mwindow open file limit. This change: * Renames most of the internal methods in pack.c to clearly indicate that they expect to be called with a certain lock held, making reasoning about the state of locks a bit easier. * Splits the `git_pack_file` lock in two: the one in `git_pack_file` only protects the `index_map`. The protection to `git_mwindow_file` is now in that struct. * Explicitly checks for freshness of the `git_pack_file` in `git_packfile_unpack_header`: this allows the mwindow implementation to close files whenever there is enough cache pressure, and `git_packfile_unpack_header` will reopen the packfile if needed. * After a call to `p_munmap()`, the `data` and `len` fields are poisoned with `NULL` to make use-after-frees more evident and crash rather than being open to the possibility of heap corruption. * Adds a test case to prevent this from regressing in the future. Fixes: #5591
4ae41f9c	2020-08-02T16:26:25	Make the odb race-free This change adds all the necessary locking to the odb to avoid races in the backends. Part of: #5592
896b1db4	2020-08-03T07:17:52	Add a ThreadSanitizer build This change adds a ThreadSanitizer CI build rule. It's informative for now because there are still known places where there are races. Part of: #5592
11a62973	2020-08-03T10:01:26	Merge pull request #5569 from lhchavez/ci-sanitizers Add CI support for Memory and UndefinedBehavior Sanitizers
19eb1e4b	2020-06-05T10:07:33	cmake: specify project version We currently do not set up a project version within CMake, meaning that it can't be use by other projects including libgit2 as a sub-project and also not by other tools like IDEs. This commit changes this to always set up a project version, but instead of extracting it from the "version.h" header we now set it up directly. This is mostly to avoid mis-use of the previous `LIBGIT2_VERSION` variables, as we should now always use the `libgit2_VERSION` ones that are set up by CMake if one provides the "VERSION" keyword to the `project()` call. While this is one more moving target we need to adjust on releases, this commit also adjusts our release script to verify that the project version was incremented as expected.
6a917c04	2020-06-28T15:51:43	Add CI support for Memory and UndefinedBehavior Sanitizers This change adds two new build targets: MSan and UBSan. This is because even though OSS-Fuzz is great and adds a lot of coverage, it only does that for the fuzz targets, so the rest of the codebase is not necessarily run with the Sanitizers ever :( So this change makes sure that MSan/UBSan warnings don't make it into the codebase. As part of this change, the Ubuntu focal container is introduced. It builds mbedTLS and libssh2 as debug libraries into /usr/local and as MSan-enabled libraries into /usr/local/msan. This latter part is needed because MSan requires the binary and all its dependent libraries to be built with MSan support so that memory allocations and deallocations are tracked correctly to avoid false positives.
b79f7d38	2020-06-04T09:49:38	release script: fix typo
f1c1458c	2020-05-12T10:55:14	feat: Check the version in package.json
2ae45bc3	2020-01-30T11:40:13	scripts: add script to create releases The current release process is not documented in any way. As a result, it's not obvious how releases should be done at all, like e.g. which locations need adjusting. To fix this, let's introduce a new script that shall from now on be used to do all releases. As input it gets the tree that shall be released, the repository in which to do the release, credentials to authenticate against GitHub and the new version. E.g. executing the following will create a new release v0.32: $ ./script/release.py 0.32.0 --user pks-t --password **** While the password may currently be your usual GitLab password, it's recommended to use a personal access token intead. The script will then perform the following steps: 1. Verify that "include/git2/version.h" matches the new version. 2. Verify that "docs/changelog.md" has a section for that new version. 3. Extract the changelog entries for the current release from "docs/changelog.md". 4. Generate two archives in "tar.gz" and "zip" format via "git archive" from the tree passed by the user. If no tree was passed, we will use "HEAD". 5. Create the GitHub release using the extracted changelog entries as well as tag and name information derived from the version passed by the used. 6. Upload both code archives to that release. This should cover all steps required for a new release and thus ensures that nothing is missing that shouldn't be.
2ad3eb3e	2019-11-24T15:59:26	valgrind: add suppressions for undefined use valgrind will warn that OpenSSL will use undefined data in connect/read when talking to certain other TLS stacks. Thankfully, this only seems to occur when gcc is the compiler, so hopefully valgrind is just misunderstanding an optimization. Regardless, suppress this warning.
6df3ec4a	2019-11-23T21:14:32	valgrind: suppress libssh2_rsa_sha1_sign leaks
7adc32d5	2019-11-23T13:02:29	valgrind: suppress kexinit leaks
5dc1be8d	2019-11-23T11:25:56	valgrind: suppress uninitialized reads in libcrypto libcrypto will read uninitialized memory as entropy. Suppress warnings from this behavior.
56d5b443	2019-09-21T17:55:54	valgrind: suppress memory leaks in libssh2_session_handshake On Ubuntu, the combination of libgcrypt and libssh2 is quite old and known to contain memory leaks. We thus have several functions listed in our suppressions file that are known to leak. Due to a recent update of libssh2 or libgcrypt, there now are new memory leaks caused by libssh2_session_handshake and libssh2_init that cause the CI to fail. Add a new suppression to fix the issue.
d827b11b	2019-06-28T13:20:54	tests: execute leak checker via CTest directly Right now, we have an awful hack in our test CI setup that extracts the test command from CTest's output and then prepends the leak checker. This is dependent on non-machine-parseable output from CMake and also breaks on various ocassions, like for example when we have spaces in the current path or when the path contains backslashes. Both conditions may easily be triggered on Win32 systems, and in fact they do break our Azure Pipelines builds. Remove the awful hack in favour of a new CMake build option "USE_LEAK_CHECKER". If specifying e.g. "-DUSE_LEAK_CHECKER=valgrind", then we will set up all tests to be run under valgrind. Like this, we can again simply execute ctest without needing to rely on evil sourcery.
00c66dfd	2019-01-10T22:43:59	errors: update static analysis tools for giterr Update GITERR and giterr usages in the static code analysis tools to use the new names.
a74f4fb9	2019-01-04T14:04:48	coverity: attempt to model clar's assertions Coverity considers that anything that looks like assert() behaves like it (ie. side-effects would be skipped on a NDEBUG build). As we have a bunch of those in the test suite (128), this would ensure Coverity isn't confused.
24d17562	2018-07-27T16:40:44	ci: remove unused old ci scripts
24b8dd82	2018-07-27T12:31:32	ci: move travis to the new scripts
465f8b51	2018-07-26T15:14:37	ci: move appveyor to new scripts
b00672b9	2018-07-20T19:47:40	ci: enable leak checking on osx
ce798b25	2018-07-04T10:56:56	tests: simplify cmake test configuration Simplify the names for the tests, removing the unnecessary "libgit2-clar" prefix. Make "all" the new default test run, and include the online tests by default (since HTTPS should always be enabled). For the CI tests, create an offline-only test, then the various online tests.
61eaaadf	2018-04-20T23:11:30	travis: enable -Werror in the script instead of using the matrix
149790b9	2018-04-20T23:11:28	scripts: remove extraneous semicolons
4c969618	2018-04-20T23:11:27	scripts: use leaks on macOS
0fb8c1d0	2018-04-20T23:11:25	valgrind: bump num-callers to 50 for fuller stack traces
1f4ada2a	2018-04-20T23:11:23	travis: let cmake perform the build & install step The goal is to let cmake manage the parallelism
573c4089	2018-04-20T23:11:19	valgrind: skip buf::oom test
74b0a432	2018-04-20T23:11:16	travis: split valgrind check in its own script
2f4e7cb0	2018-04-20T23:11:14	travis: split testing from building
86353a72	2018-04-22T14:57:02	Merge pull request #4173 from tiennou/mbedtls mbedTLS support
d906a879	2018-04-17T23:39:54	Merge pull request #4476 from pks-t/pks/backport-script scripts: add backporting script
cb2da47e	2018-03-29T22:14:17	travis: pass -fPIC when configuring mbedtls
10aff3d5	2018-03-29T22:14:15	travis: just grab what we need from mbedtls
262dfcf0	2018-03-29T22:14:05	mbedtls: enable Travis CI tests
0b3d8592	2018-01-12T11:02:19	scripts: add backporting script This adds a simple script for backporting pull requests to older branches. It accepts as parameters a list of pull request numbers which whose commits are to be cherry-picked. The identification of PRs currently happens by using the commit message of the merge of the PR, which should conform to the message "Merge pull request #<PR>". While the heuristic works in practice, we could instead also use the direct references from GitHub via "pull/#<PR>/head". This requires the user to have all these references fetched, though, so we can just use the current heuristic until we experience any issues with that.
5874e151	2017-11-20T13:26:33	tests: create new test target for all SSH-based tests Some tests shall be run against our own SSH server we spin up in Travis. As those need to be run separate from our previous tests which run against git-daemon, we have to do this in a separate step. Instead of bundling all that knowledge in the CI script, move it into the test build instructions by creating a new test target.
54a1bf05	2017-06-07T13:06:53	tests: online::clone: inline creds-test with nonexistent URL Right now, we test our credential callback code twice, once via SSH on localhost and once via a non-existent GitHub repository. While the first URL makes sense to be configurable, it does not make sense to hard-code the non-existing repository, which requires us to call tests multiple times. Instead, we can just inline the URL into another set of tests.
fea60920	2017-06-07T12:48:48	tests: online::clone: construct credential-URL from environment We support two types of passing credentials to the proxy, either via the URL or explicitly by specifying user and password. We test these types by modifying the proxy URL and executing the tests twice, which is in fact unnecessary and requires us to maintain the list of environment variables and test executions across multiple CI infrastructures. To fix the situation, we can just always pass the host, port, user and password to the tests. The tests can then assemble the complete URL either with or without included credentials, allowing us to test both cases in-process.
28c89507	2017-11-06T11:49:46	Merge pull request #4394 from libgit2/cmn/macos-ramdisk travis: put clar's sandbox in a ramdisk on macOS
0b98a66b	2017-11-06T11:16:02	appveyor: build examples By default, CMake will not build our examples directory. As we do not instruct either the MinGW or MSVC builds on AppVeyor to enable building these examples, we cannot verify that those examples at least build on Windows systems. Fix that by passing `-DBUILD_EXAMPLES=ON` to AppVeyor's CMake invocation.
71ba4644	2017-10-31T14:43:28	travis: let's try a 5GB ramdisk
37bb1512	2017-10-31T10:40:24	travis: put clar's sandbox in a ramdisk on macOS The macOS tests are by far the slowest right now. This attempts to remedy the situation somewhat by asking clar to put its test data on a ramdisk.
9dc21efd	2017-10-07T00:10:06	travis: add custom apt sources Move back to Travis's VM infrastructure for efficiency.
366f4136	2017-09-28T17:19:56	travis: keep installing our custom libcurl build The block in the script installs the packages if we're _not_ on Precise. This was dropped in c17c3f8a ("travis: drop support for Ubuntu Precise") in error.
c17c3f8a	2017-09-06T08:04:19	travis: drop support for Ubuntu Precise Ubuntu Precise is end of life since April 2017. At that point in time, Precise was still the main distro on which Travis CI built upon, with the Trusty-based images still being in a beta state. But since June 21st, Trusty has officially moved out of beta and is now the default image for all new builds. Right now, we build on both old and new images to assure we support both. Unfortunately, this leaves us with the highest minimum version for CMake being 2.8.7, as Precise has no greater version in its repositories. And because of this limitation, we cannot actually use object libraries in our build instructions. But considering Precise is end of life and Trusty is now the new default for Travis, we can and should drop support for this old and unmaintained distribution. And so we do.
c582fa4e	2017-07-24T17:53:32	travis: only install custom libcurl on trusty
697583ea	2017-07-24T16:48:04	travis: only kill our own sshd
f031e20b	2017-07-23T03:41:52	travis: build with patched libcurl Ubuntu trusty has a bug in curl when using NTLM credentials in a proxy, dereferencing a null pointer and causing segmentation faults. Use a custom-patched version of libcurl that avoids this issue.
06619904	2017-04-26T13:04:23	travis: cibuild: set up our own sshd server Some tests of ours require to be running against an SSH server. Currently, we simply run against the SSH server provided and started by Travis itself. As our Linux tests run in a sudo-less environment, we have no control over its configuration and startup/shutdown procedure. While this has been no problem until now, it will become a problem as soon as we migrate over to newer Precise images, as the SSH server does not have any host keys set up. Luckily, we can simply set up our own unpriviledged SSH server. This has the benefit of us being able to modify its configuration even in a sudo-less environment. This commit sets up the unpriviledged SSH server on port 2222.
96d02989	2017-06-13T08:09:38	travis: replace use of deprecated homebrew/dupes tap The formulae provided by the homebrew/dupes tap are deprecated since at least April 4, 2017, with formulae having been migrated to homebrew/core. Replace the deprecated reference to "homebrew/dupes/zlib" with only "zlib".
844e85f2	2017-06-12T20:00:21	travis: install openssl explicitly
408a7b77	2017-02-24T17:37:00	appveyor: don't rewrite system mingw Download mingw-w64 into our build directory and execute it there, don't try to overwrite the system's mingw.
18c18e3d	2016-10-31T15:55:46	coverity: check for Coverity token only if necessary When running a Coverity build, we have to provide an authentication token in order to proof that we are actually allowed to run analysis in the name of a certain project. As this token should be secret, it is only set on the main repository, so when we were requested to run the Coverity script on another repository we do error out. But in fact we do also error out if the Coverity analysis should _not_ be run if there is no authentication token provided. Fix the issue by only checking for the authentication token after determining if analysis is indeed requested.
561276ee	2016-10-28T14:48:30	coverity: only analyze the master branch of the main repository We used to only execute Coverity analysis on the 'development' branch before commit 998f001 (Refine build limitation, 2014-01-15), which refined Coverity build limitations. While we do not really use the 'development' branch anymore, it does still make sense to only analyze a single branch, as otherwise Coverity might get confused. Re-establish the restriction such that we only analyze libgit2's 'master' branch. Also fix the message announcing why we do not actually analyze a certain build.
6c4d2d3e	2016-10-28T14:45:55	coverity: fix download URL
ec3f5a9c	2016-08-16T11:02:47	script: cibuild: build examples
db357667	2016-10-05T20:17:06	travis: take the newer ssh-keygen format into account The Mac machines have updated their SSH version and so the ssh-keygen format has changed. Ask it for MD5, which is the one that is output as hex.
94d565b9	2016-10-05T18:52:43	cibuild: set -x This lets us see the details of what we're doing instead of just seeing the output of unknown commands in the build output.
a37624ec	2016-07-24T16:05:17	Merge pull request #3815 from pks-t/pks/coverity-model Coverity user model
0239eff3	2016-07-24T14:51:28	ci: install homebrew's curl on mac
08556e6d	2016-07-22T17:45:03	ci: install homebrew's zlib on mac
4d8fe1cd	2016-06-07T09:20:35	coverity: model functions printing into git_buf The `git_buf` structure seems to be too complicated to correctly grasp for Coverity. As such, add simpler models trying to guide Coverity and remove false positives related to these functions.
956f1e23	2016-06-07T09:17:52	coverity: add user model The static analysis engine coverity allows for user models overriding how it treats functions when analyzing code. Like this, one can greatly reduce the rate of false positives and thus make it easier to spot actual errors. Add a user model that overrides function models for `git_buf_len` and `git_vector_insert`, which together amount for a majority of false positives.
db01724f	2016-03-14T13:42:10	CI: start the proxy before the build so it's ready It takes a bit for the propxy to get ready to accept connections, so start it before the build so we can be reasonably sure that it's going to be ready in time.
2f3f1ee0	2015-09-21T21:40:37	proxy: test proxy support on Travis
4848dd32	2016-03-14T17:45:15	Merge pull request #3647 from pks-t/pks/coverity-fixes-round6 Coverity fixes round 6
b1093e62	2016-03-09T19:01:33	Remove CI support for mingw32 The tests have never run successfully and we do have successful builds of mingw-w64, so remove these CI builds which do not add value.
2615d0d6	2016-03-02T01:50:34	coverity: report errors when uploading tarball Curl by default does not report errors by setting the error code. As the upload can fail through several conditions (e.g. the rate limit, leading to unauthorized access) we should indicate this information in Travis CI. To improve upon the behavior, use `--write-out=%{http_code}` to write out the HTTP code in addition to the received body and return an error if the code does not equal 201.
ba9bb664	2016-03-03T19:21:07	tests: create a ctest target for cred_callback
25205737	2016-03-03T10:08:00	test: make sure we retry the auth callback on all platforms We were missing this test on Windows, which meant we didn't notice that we never fixed the single authentication attempt it tries, nor its wrong return code. Enable this for the unix platforms as well over HTTP. We previously were doing it locally but disabled it on OS X due to issues with its sshd not accepting password authentication.
859ed5dd	2016-02-23T09:54:26	common: introduce GITERR_CHECK_ALLOC_BUF We commonly have to check if a git_buf has been allocated correctly or if we ran out of memory. Introduce a new macro similar to `GITERR_CHECK_ALLOC` which checks if we ran OOM and if so returns an error. Provide a `#nodef` for Coverity to mark the error case as an abort path.
f2a554b4	2016-02-22T14:43:28	coverity: hint git_vector_foreach does not deref NULL contents Coverity does not comprehend the connection between a vector's size and the contents pointer, that is that the vector's pointer is non-NULL when its size is positive. As the vector code should be reasonably well tested and users are expected to not manually modify a vector's contents it seems save to assume that the macros will never dereference a NULL pointer. Fix Coverity warnings by overriding the foreach macros with macros that explicitly aborting when (v)->contents is NULL.
40f6f225	2016-02-15T10:58:52	coverity: hint that string length is at least 2 When checking if a string is prefixed by a drive letter (e.g. "C:") we verify this by inspecting the first and second character of the string. Coverity thinks this is a defect as we do not check the string's length first, but in fact we only check the second character if the first character is part of the alphabet, that is it cannot be '\0'. Fix this by overriding the macro and explicitly checking the string's length.
5981ab1d	2016-02-15T09:41:08	coverity: add nodefs for abort macros Add nodefs for macros that abort the current flow due to errors. This includes macros that trigger on integer overflows and for the version check macro. This aids Coverity as we point out that these paths will cause a fatal error.
50174ab4	2016-02-10T11:06:23	coverity: use https URL for posting build When posting our instrumented build results to Coverity we have to include sensitive information, in particular our authorization token. Currently we use an unencrypted channel to post this information, leading to the token being transferred in plain. Fix this by using a secured connection instead.
8dddea42	2016-02-10T10:59:14	coverity: provide nodef for GITERR_CHECK_ALLOC Coverity currently lists a lot of errors with regard to GITERR_CHECK_ALLOC causing resource leaks. We know this macro is only invoked when we want to abort because we are out of memory. Coverity allows for overriding the default model where we know that certain functions guarantee a desired behavior. The user_nodefs.h is used to override the behavior of macros. Re-define GITERR_CHECK_ALLOC inside of it to specify its abort nature.
a0bdfe32	2015-07-06T18:42:39	travis: don't install CMake on OS X Homebrew will error out because it's already installed.
d41b8ed0	2015-07-06T18:32:31	travis: update the homebrew db We need to make sure we are asking for the current version of packages, or we might get 404s from the download service.
32f538ae	2015-06-27T15:02:53	Remove dependency installation file for travis builds. We're installing dependencies via the APT addon now.
51f87999	2015-06-26T18:05:17	Don't try to start ssh.
6042a050	2015-06-12T12:17:03	travis: fail if we fail the push tests These tests were not being taken into consideration for the failure of the test. They've been failing for a while now, but we hadn't noticed as Travis was reporting the builds successful.
7aa96593	2015-03-17T12:05:07	set PKG_CONFIG_LIBDIR in toolchain-mingw32.cmake
8f426d7d	2014-06-09T11:43:25	Win32: Enable WinHTTP for MinGW
3e329861	2015-03-10T16:08:34	Revert "Implement fail-fast for Travis as well" This reverts commit ba6c53b91b1d9c9dc49b7c0d8e8efbd9842c31dc.
4c88fd7c	2015-03-04T11:31:24	Add MinGW-w64 to matrix cache mingw-w64 downloads quiet curl and 7zip run appveyor steps in cmd for mingw
ba6c53b9	2015-03-03T21:07:12	Implement fail-fast for Travis as well
ac5fad27	2015-03-03T10:53:26	add mingw to appveyor matrix use MSYS makefiles generator add bash script for running mingw on appveyor add --login and fix run paths use msys style path to appveyor-mingw.sh add mingw path to /etc/fstab
6f446176	2014-11-21T10:59:20	Merge pull request #2710 from Therzok/shellcheckScripts Run shell scripts through shellcheck
a4fccbbf	2014-11-17T07:01:40	Run shell scripts through shellcheck
aa5a06c3	2014-11-20T00:52:52	travis: disable the cert callback on OSX The sshd on OSX has stopped responding to the setting which this test assumes is there, so let's disable it until we can figure out what's happening.
ebda0970	2014-09-16T02:07:39	script: use a parallel build on Travis
0fef3899	2014-09-16T01:25:53	Merge remote-tracking branch 'upstream/master' into cmn/host-cert-info
bf8756d6	2014-09-15T21:51:42	ssh: add test for host key Test that the certificate check callback gets the right fingerprint from the host we're connecting to.
26bf3a53	2014-08-10T17:13:00	travis: no need to clean out the test repository This was added to avoid the remote's default branch to be considered to the be notes one which the first network test leaves behind.
6a0d2b43	2014-08-27T15:09:07	Merge remote-tracking branch 'upstream/master' into cmn/ssh-retry
d4256ed5	2014-07-04T10:00:39	ssh: provide a factory function for setting ssh paths git allows you to set which paths to use for the git server programs when connecting over ssh; and we want to provide something similar. We do this by providing a factory function which can be set as the remote's transport callback which will set the given paths upon creation.
87339935	2014-06-26T22:38:54	travis: enable password authentication on OSX Our ssh tests assume that the server supports password authentication in a few places. This is convenient as we're not testing authentication methods, but what happens around them. Tell sshd on OSX to accept this form of authentication.
d7f962f4	2014-06-16T19:30:06	ssh: request credentials again on authentication failure Instead of completely giving up on the first failure, ask for credentials as long as we fail to authenticate.

c9b80c25

2021-08-21T15:28:45

valgrind: suppress leaks in dlopen and newer libraries dlopen sets up some thread-local state that isn't cleaned up by `dlclose`. Additionally, now that we're linking against different versions of libssh2 and OpenSSL, we're seeing different leak signatures.

322c15ee

2020-08-01T18:24:41

Make the pack and mwindow implementations data-race-free This change fixes a packfile heap corruption that can happen when interacting with multiple packfiles concurrently across multiple threads. This is exacerbated by setting a lower mwindow open file limit. This change: * Renames most of the internal methods in pack.c to clearly indicate that they expect to be called with a certain lock held, making reasoning about the state of locks a bit easier. * Splits the `git_pack_file` lock in two: the one in `git_pack_file` only protects the `index_map`. The protection to `git_mwindow_file` is now in that struct. * Explicitly checks for freshness of the `git_pack_file` in `git_packfile_unpack_header`: this allows the mwindow implementation to close files whenever there is enough cache pressure, and `git_packfile_unpack_header` will reopen the packfile if needed. * After a call to `p_munmap()`, the `data` and `len` fields are poisoned with `NULL` to make use-after-frees more evident and crash rather than being open to the possibility of heap corruption. * Adds a test case to prevent this from regressing in the future. Fixes: #5591

4ae41f9c

2020-08-02T16:26:25

Make the odb race-free This change adds all the necessary locking to the odb to avoid races in the backends. Part of: #5592

896b1db4

2020-08-03T07:17:52

Add a ThreadSanitizer build This change adds a ThreadSanitizer CI build rule. It's informative for now because there are still known places where there are races. Part of: #5592

11a62973

2020-08-03T10:01:26

Merge pull request #5569 from lhchavez/ci-sanitizers Add CI support for Memory and UndefinedBehavior Sanitizers

19eb1e4b

2020-06-05T10:07:33

cmake: specify project version We currently do not set up a project version within CMake, meaning that it can't be use by other projects including libgit2 as a sub-project and also not by other tools like IDEs. This commit changes this to always set up a project version, but instead of extracting it from the "version.h" header we now set it up directly. This is mostly to avoid mis-use of the previous `LIBGIT2_VERSION` variables, as we should now always use the `libgit2_VERSION` ones that are set up by CMake if one provides the "VERSION" keyword to the `project()` call. While this is one more moving target we need to adjust on releases, this commit also adjusts our release script to verify that the project version was incremented as expected.

6a917c04

2020-06-28T15:51:43

Add CI support for Memory and UndefinedBehavior Sanitizers This change adds two new build targets: MSan and UBSan. This is because even though OSS-Fuzz is great and adds a lot of coverage, it only does that for the fuzz targets, so the rest of the codebase is not necessarily run with the Sanitizers ever :( So this change makes sure that MSan/UBSan warnings don't make it into the codebase. As part of this change, the Ubuntu focal container is introduced. It builds mbedTLS and libssh2 as debug libraries into /usr/local and as MSan-enabled libraries into /usr/local/msan. This latter part is needed because MSan requires the binary and all its dependent libraries to be built with MSan support so that memory allocations and deallocations are tracked correctly to avoid false positives.

b79f7d38

2020-06-04T09:49:38

release script: fix typo

f1c1458c

2020-05-12T10:55:14

feat: Check the version in package.json

2ae45bc3

2020-01-30T11:40:13

scripts: add script to create releases The current release process is not documented in any way. As a result, it's not obvious how releases should be done at all, like e.g. which locations need adjusting. To fix this, let's introduce a new script that shall from now on be used to do all releases. As input it gets the tree that shall be released, the repository in which to do the release, credentials to authenticate against GitHub and the new version. E.g. executing the following will create a new release v0.32: $ ./script/release.py 0.32.0 --user pks-t --password **** While the password may currently be your usual GitLab password, it's recommended to use a personal access token intead. The script will then perform the following steps: 1. Verify that "include/git2/version.h" matches the new version. 2. Verify that "docs/changelog.md" has a section for that new version. 3. Extract the changelog entries for the current release from "docs/changelog.md". 4. Generate two archives in "tar.gz" and "zip" format via "git archive" from the tree passed by the user. If no tree was passed, we will use "HEAD". 5. Create the GitHub release using the extracted changelog entries as well as tag and name information derived from the version passed by the used. 6. Upload both code archives to that release. This should cover all steps required for a new release and thus ensures that nothing is missing that shouldn't be.

2ad3eb3e

2019-11-24T15:59:26

valgrind: add suppressions for undefined use valgrind will warn that OpenSSL will use undefined data in connect/read when talking to certain other TLS stacks. Thankfully, this only seems to occur when gcc is the compiler, so hopefully valgrind is just misunderstanding an optimization. Regardless, suppress this warning.

6df3ec4a

2019-11-23T21:14:32

valgrind: suppress libssh2_rsa_sha1_sign leaks

7adc32d5

2019-11-23T13:02:29

valgrind: suppress kexinit leaks

5dc1be8d

2019-11-23T11:25:56

valgrind: suppress uninitialized reads in libcrypto libcrypto will read uninitialized memory as entropy. Suppress warnings from this behavior.

56d5b443

2019-09-21T17:55:54

valgrind: suppress memory leaks in libssh2_session_handshake On Ubuntu, the combination of libgcrypt and libssh2 is quite old and known to contain memory leaks. We thus have several functions listed in our suppressions file that are known to leak. Due to a recent update of libssh2 or libgcrypt, there now are new memory leaks caused by libssh2_session_handshake and libssh2_init that cause the CI to fail. Add a new suppression to fix the issue.

d827b11b

2019-06-28T13:20:54

tests: execute leak checker via CTest directly Right now, we have an awful hack in our test CI setup that extracts the test command from CTest's output and then prepends the leak checker. This is dependent on non-machine-parseable output from CMake and also breaks on various ocassions, like for example when we have spaces in the current path or when the path contains backslashes. Both conditions may easily be triggered on Win32 systems, and in fact they do break our Azure Pipelines builds. Remove the awful hack in favour of a new CMake build option "USE_LEAK_CHECKER". If specifying e.g. "-DUSE_LEAK_CHECKER=valgrind", then we will set up all tests to be run under valgrind. Like this, we can again simply execute ctest without needing to rely on evil sourcery.

00c66dfd

2019-01-10T22:43:59

errors: update static analysis tools for giterr Update GITERR and giterr usages in the static code analysis tools to use the new names.

a74f4fb9

2019-01-04T14:04:48

coverity: attempt to model clar's assertions Coverity considers that anything that looks like assert() behaves like it (ie. side-effects would be skipped on a NDEBUG build). As we have a bunch of those in the test suite (128), this would ensure Coverity isn't confused.

24d17562

2018-07-27T16:40:44

ci: remove unused old ci scripts

24b8dd82

2018-07-27T12:31:32

ci: move travis to the new scripts

465f8b51

2018-07-26T15:14:37

ci: move appveyor to new scripts

b00672b9

2018-07-20T19:47:40

ci: enable leak checking on osx

ce798b25

2018-07-04T10:56:56

tests: simplify cmake test configuration Simplify the names for the tests, removing the unnecessary "libgit2-clar" prefix. Make "all" the new default test run, and include the online tests by default (since HTTPS should always be enabled). For the CI tests, create an offline-only test, then the various online tests.

61eaaadf

2018-04-20T23:11:30

travis: enable -Werror in the script instead of using the matrix

149790b9

2018-04-20T23:11:28

scripts: remove extraneous semicolons

4c969618

2018-04-20T23:11:27

scripts: use leaks on macOS

0fb8c1d0

2018-04-20T23:11:25

valgrind: bump num-callers to 50 for fuller stack traces

1f4ada2a

2018-04-20T23:11:23

travis: let cmake perform the build & install step The goal is to let cmake manage the parallelism

573c4089

2018-04-20T23:11:19

valgrind: skip buf::oom test

74b0a432

2018-04-20T23:11:16

travis: split valgrind check in its own script

2f4e7cb0

2018-04-20T23:11:14

travis: split testing from building

86353a72

2018-04-22T14:57:02

Merge pull request #4173 from tiennou/mbedtls mbedTLS support

d906a879

2018-04-17T23:39:54

Merge pull request #4476 from pks-t/pks/backport-script scripts: add backporting script

cb2da47e

2018-03-29T22:14:17

travis: pass -fPIC when configuring mbedtls

10aff3d5

2018-03-29T22:14:15

travis: just grab what we need from mbedtls

262dfcf0

2018-03-29T22:14:05

mbedtls: enable Travis CI tests

0b3d8592

2018-01-12T11:02:19

scripts: add backporting script This adds a simple script for backporting pull requests to older branches. It accepts as parameters a list of pull request numbers which whose commits are to be cherry-picked. The identification of PRs currently happens by using the commit message of the merge of the PR, which should conform to the message "Merge pull request #<PR>". While the heuristic works in practice, we could instead also use the direct references from GitHub via "pull/#<PR>/head". This requires the user to have all these references fetched, though, so we can just use the current heuristic until we experience any issues with that.

5874e151

2017-11-20T13:26:33

tests: create new test target for all SSH-based tests Some tests shall be run against our own SSH server we spin up in Travis. As those need to be run separate from our previous tests which run against git-daemon, we have to do this in a separate step. Instead of bundling all that knowledge in the CI script, move it into the test build instructions by creating a new test target.

54a1bf05

2017-06-07T13:06:53

tests: online::clone: inline creds-test with nonexistent URL Right now, we test our credential callback code twice, once via SSH on localhost and once via a non-existent GitHub repository. While the first URL makes sense to be configurable, it does not make sense to hard-code the non-existing repository, which requires us to call tests multiple times. Instead, we can just inline the URL into another set of tests.

fea60920

2017-06-07T12:48:48

tests: online::clone: construct credential-URL from environment We support two types of passing credentials to the proxy, either via the URL or explicitly by specifying user and password. We test these types by modifying the proxy URL and executing the tests twice, which is in fact unnecessary and requires us to maintain the list of environment variables and test executions across multiple CI infrastructures. To fix the situation, we can just always pass the host, port, user and password to the tests. The tests can then assemble the complete URL either with or without included credentials, allowing us to test both cases in-process.

28c89507

2017-11-06T11:49:46

Merge pull request #4394 from libgit2/cmn/macos-ramdisk travis: put clar's sandbox in a ramdisk on macOS

0b98a66b

2017-11-06T11:16:02

appveyor: build examples By default, CMake will not build our examples directory. As we do not instruct either the MinGW or MSVC builds on AppVeyor to enable building these examples, we cannot verify that those examples at least build on Windows systems. Fix that by passing `-DBUILD_EXAMPLES=ON` to AppVeyor's CMake invocation.

71ba4644

2017-10-31T14:43:28

travis: let's try a 5GB ramdisk

37bb1512

2017-10-31T10:40:24

travis: put clar's sandbox in a ramdisk on macOS The macOS tests are by far the slowest right now. This attempts to remedy the situation somewhat by asking clar to put its test data on a ramdisk.

9dc21efd

2017-10-07T00:10:06

travis: add custom apt sources Move back to Travis's VM infrastructure for efficiency.

366f4136

2017-09-28T17:19:56

travis: keep installing our custom libcurl build The block in the script installs the packages if we're _not_ on Precise. This was dropped in c17c3f8a ("travis: drop support for Ubuntu Precise") in error.

c17c3f8a

2017-09-06T08:04:19

travis: drop support for Ubuntu Precise Ubuntu Precise is end of life since April 2017. At that point in time, Precise was still the main distro on which Travis CI built upon, with the Trusty-based images still being in a beta state. But since June 21st, Trusty has officially moved out of beta and is now the default image for all new builds. Right now, we build on both old and new images to assure we support both. Unfortunately, this leaves us with the highest minimum version for CMake being 2.8.7, as Precise has no greater version in its repositories. And because of this limitation, we cannot actually use object libraries in our build instructions. But considering Precise is end of life and Trusty is now the new default for Travis, we can and should drop support for this old and unmaintained distribution. And so we do.

c582fa4e

2017-07-24T17:53:32

travis: only install custom libcurl on trusty

697583ea

2017-07-24T16:48:04

travis: only kill our own sshd

f031e20b

2017-07-23T03:41:52

travis: build with patched libcurl Ubuntu trusty has a bug in curl when using NTLM credentials in a proxy, dereferencing a null pointer and causing segmentation faults. Use a custom-patched version of libcurl that avoids this issue.

06619904

2017-04-26T13:04:23

travis: cibuild: set up our own sshd server Some tests of ours require to be running against an SSH server. Currently, we simply run against the SSH server provided and started by Travis itself. As our Linux tests run in a sudo-less environment, we have no control over its configuration and startup/shutdown procedure. While this has been no problem until now, it will become a problem as soon as we migrate over to newer Precise images, as the SSH server does not have any host keys set up. Luckily, we can simply set up our own unpriviledged SSH server. This has the benefit of us being able to modify its configuration even in a sudo-less environment. This commit sets up the unpriviledged SSH server on port 2222.

96d02989

2017-06-13T08:09:38

travis: replace use of deprecated homebrew/dupes tap The formulae provided by the homebrew/dupes tap are deprecated since at least April 4, 2017, with formulae having been migrated to homebrew/core. Replace the deprecated reference to "homebrew/dupes/zlib" with only "zlib".

844e85f2

2017-06-12T20:00:21

travis: install openssl explicitly

408a7b77

2017-02-24T17:37:00

appveyor: don't rewrite system mingw Download mingw-w64 into our build directory and execute it there, don't try to overwrite the system's mingw.

18c18e3d

2016-10-31T15:55:46

coverity: check for Coverity token only if necessary When running a Coverity build, we have to provide an authentication token in order to proof that we are actually allowed to run analysis in the name of a certain project. As this token should be secret, it is only set on the main repository, so when we were requested to run the Coverity script on another repository we do error out. But in fact we do also error out if the Coverity analysis should _not_ be run if there is no authentication token provided. Fix the issue by only checking for the authentication token after determining if analysis is indeed requested.

561276ee

2016-10-28T14:48:30

coverity: only analyze the master branch of the main repository We used to only execute Coverity analysis on the 'development' branch before commit 998f001 (Refine build limitation, 2014-01-15), which refined Coverity build limitations. While we do not really use the 'development' branch anymore, it does still make sense to only analyze a single branch, as otherwise Coverity might get confused. Re-establish the restriction such that we only analyze libgit2's 'master' branch. Also fix the message announcing why we do not actually analyze a certain build.

6c4d2d3e

2016-10-28T14:45:55

coverity: fix download URL

ec3f5a9c

2016-08-16T11:02:47

script: cibuild: build examples

db357667

2016-10-05T20:17:06

travis: take the newer ssh-keygen format into account The Mac machines have updated their SSH version and so the ssh-keygen format has changed. Ask it for MD5, which is the one that is output as hex.

94d565b9

2016-10-05T18:52:43

cibuild: set -x This lets us see the details of what we're doing instead of just seeing the output of unknown commands in the build output.

a37624ec

2016-07-24T16:05:17

Merge pull request #3815 from pks-t/pks/coverity-model Coverity user model

0239eff3

2016-07-24T14:51:28

ci: install homebrew's curl on mac

08556e6d

2016-07-22T17:45:03

ci: install homebrew's zlib on mac

4d8fe1cd

2016-06-07T09:20:35

coverity: model functions printing into git_buf The `git_buf` structure seems to be too complicated to correctly grasp for Coverity. As such, add simpler models trying to guide Coverity and remove false positives related to these functions.

956f1e23

2016-06-07T09:17:52

coverity: add user model The static analysis engine coverity allows for user models overriding how it treats functions when analyzing code. Like this, one can greatly reduce the rate of false positives and thus make it easier to spot actual errors. Add a user model that overrides function models for `git_buf_len` and `git_vector_insert`, which together amount for a majority of false positives.

db01724f

2016-03-14T13:42:10

CI: start the proxy before the build so it's ready It takes a bit for the propxy to get ready to accept connections, so start it before the build so we can be reasonably sure that it's going to be ready in time.

2f3f1ee0

2015-09-21T21:40:37

proxy: test proxy support on Travis

4848dd32

2016-03-14T17:45:15

Merge pull request #3647 from pks-t/pks/coverity-fixes-round6 Coverity fixes round 6

b1093e62

2016-03-09T19:01:33

Remove CI support for mingw32 The tests have never run successfully and we do have successful builds of mingw-w64, so remove these CI builds which do not add value.

2615d0d6

2016-03-02T01:50:34

coverity: report errors when uploading tarball Curl by default does not report errors by setting the error code. As the upload can fail through several conditions (e.g. the rate limit, leading to unauthorized access) we should indicate this information in Travis CI. To improve upon the behavior, use `--write-out=%{http_code}` to write out the HTTP code in addition to the received body and return an error if the code does not equal 201.

ba9bb664

2016-03-03T19:21:07

tests: create a ctest target for cred_callback

25205737

2016-03-03T10:08:00

test: make sure we retry the auth callback on all platforms We were missing this test on Windows, which meant we didn't notice that we never fixed the single authentication attempt it tries, nor its wrong return code. Enable this for the unix platforms as well over HTTP. We previously were doing it locally but disabled it on OS X due to issues with its sshd not accepting password authentication.

859ed5dd

2016-02-23T09:54:26

common: introduce GITERR_CHECK_ALLOC_BUF We commonly have to check if a git_buf has been allocated correctly or if we ran out of memory. Introduce a new macro similar to `GITERR_CHECK_ALLOC` which checks if we ran OOM and if so returns an error. Provide a `#nodef` for Coverity to mark the error case as an abort path.

f2a554b4

2016-02-22T14:43:28

coverity: hint git_vector_foreach does not deref NULL contents Coverity does not comprehend the connection between a vector's size and the contents pointer, that is that the vector's pointer is non-NULL when its size is positive. As the vector code should be reasonably well tested and users are expected to not manually modify a vector's contents it seems save to assume that the macros will never dereference a NULL pointer. Fix Coverity warnings by overriding the foreach macros with macros that explicitly aborting when (v)->contents is NULL.

40f6f225

2016-02-15T10:58:52

coverity: hint that string length is at least 2 When checking if a string is prefixed by a drive letter (e.g. "C:") we verify this by inspecting the first and second character of the string. Coverity thinks this is a defect as we do not check the string's length first, but in fact we only check the second character if the first character is part of the alphabet, that is it cannot be '\0'. Fix this by overriding the macro and explicitly checking the string's length.

5981ab1d

2016-02-15T09:41:08

coverity: add nodefs for abort macros Add nodefs for macros that abort the current flow due to errors. This includes macros that trigger on integer overflows and for the version check macro. This aids Coverity as we point out that these paths will cause a fatal error.

50174ab4

2016-02-10T11:06:23

coverity: use https URL for posting build When posting our instrumented build results to Coverity we have to include sensitive information, in particular our authorization token. Currently we use an unencrypted channel to post this information, leading to the token being transferred in plain. Fix this by using a secured connection instead.

8dddea42

2016-02-10T10:59:14

coverity: provide nodef for GITERR_CHECK_ALLOC Coverity currently lists a lot of errors with regard to GITERR_CHECK_ALLOC causing resource leaks. We know this macro is only invoked when we want to abort because we are out of memory. Coverity allows for overriding the default model where we know that certain functions guarantee a desired behavior. The user_nodefs.h is used to override the behavior of macros. Re-define GITERR_CHECK_ALLOC inside of it to specify its abort nature.

a0bdfe32

2015-07-06T18:42:39

travis: don't install CMake on OS X Homebrew will error out because it's already installed.

d41b8ed0

2015-07-06T18:32:31

travis: update the homebrew db We need to make sure we are asking for the current version of packages, or we might get 404s from the download service.

32f538ae

2015-06-27T15:02:53

Remove dependency installation file for travis builds. We're installing dependencies via the APT addon now.

51f87999

2015-06-26T18:05:17

Don't try to start ssh.

6042a050

2015-06-12T12:17:03

travis: fail if we fail the push tests These tests were not being taken into consideration for the failure of the test. They've been failing for a while now, but we hadn't noticed as Travis was reporting the builds successful.

7aa96593

2015-03-17T12:05:07

set PKG_CONFIG_LIBDIR in toolchain-mingw32.cmake

8f426d7d

2014-06-09T11:43:25

Win32: Enable WinHTTP for MinGW

3e329861

2015-03-10T16:08:34

Revert "Implement fail-fast for Travis as well" This reverts commit ba6c53b91b1d9c9dc49b7c0d8e8efbd9842c31dc.

4c88fd7c

2015-03-04T11:31:24

Add MinGW-w64 to matrix cache mingw-w64 downloads quiet curl and 7zip run appveyor steps in cmd for mingw

ba6c53b9

2015-03-03T21:07:12

Implement fail-fast for Travis as well

ac5fad27

2015-03-03T10:53:26

add mingw to appveyor matrix use MSYS makefiles generator add bash script for running mingw on appveyor add --login and fix run paths use msys style path to appveyor-mingw.sh add mingw path to /etc/fstab

6f446176

2014-11-21T10:59:20

Merge pull request #2710 from Therzok/shellcheckScripts Run shell scripts through shellcheck

a4fccbbf

2014-11-17T07:01:40

Run shell scripts through shellcheck

aa5a06c3

2014-11-20T00:52:52

travis: disable the cert callback on OSX The sshd on OSX has stopped responding to the setting which this test assumes is there, so let's disable it until we can figure out what's happening.

ebda0970

2014-09-16T02:07:39

script: use a parallel build on Travis

0fef3899

2014-09-16T01:25:53

Merge remote-tracking branch 'upstream/master' into cmn/host-cert-info

bf8756d6

2014-09-15T21:51:42

ssh: add test for host key Test that the certificate check callback gets the right fingerprint from the host we're connecting to.

26bf3a53

2014-08-10T17:13:00

travis: no need to clean out the test repository This was added to avoid the remote's default branch to be considered to the be notes one which the first network test leaves behind.

6a0d2b43

2014-08-27T15:09:07

Merge remote-tracking branch 'upstream/master' into cmn/ssh-retry

d4256ed5

2014-07-04T10:00:39

ssh: provide a factory function for setting ssh paths git allows you to set which paths to use for the git server programs when connecting over ssh; and we want to provide something similar. We do this by providing a factory function which can be set as the remote's transport callback which will set the given paths upon creation.

87339935

2014-06-26T22:38:54

travis: enable password authentication on OSX Our ssh tests assume that the server supports password authentication in a few places. This is convenient as we're not testing authentication methods, but what happens around them. Tell sshd on OSX to accept this form of authentication.

d7f962f4

2014-06-16T19:30:06

ssh: request credentials again on authentication failure Instead of completely giving up on the first failure, ask for credentials as long as we fail to authenticate.

thodg/libgit2/script

script

Log