- Update from version 2.46.0 to 2.48.1 - Update of rootfile - Changelog 2.48.1 This release merges up the fix that appears in v2.40.4, v2.41.3, v2.42.4, v2.43.6, v2.44.3, v2.45.3, v2.46.3, and v2.47.2 to address the security issues CVE-2024-50349 and CVE-2024-52006; see the release notes for these versions for details. 2.48.0 UI, Workflows & Features * A new configuration variable remote.<name>.serverOption makes the transport layer act as if the --serverOption=<value> option is given from the command line. * "git rebase --rebase-merges" now uses branch names as labels when able. * Describe the policy to introduce breaking changes. * Teach 'git notes add' and 'git notes append' a new '-e' flag, instructing them to open the note in $GIT_EDITOR before saving. * Documentation for "git bundle" saw improvements to more prominently call out the use of '--all' when creating bundles. * Drop support for older libcURL and Perl. * End-user experience of "git mergetool" when the command errors out has been improved. * "git bundle --unbundle" and "git clone" running on a bundle file both learned to trigger fsck over the new objects with configurable fck check levels. * When "git fetch $remote" notices that refs/remotes/$remote/HEAD is missing and discovers what branch the other side points with its HEAD, refs/remotes/$remote/HEAD is updated to point to it. * "git fetch" honors "remote.<remote>.followRemoteHEAD" settings to tweak the remote-tracking HEAD in "refs/remotes/<remote>/HEAD". * "git range-diff" learned to optionally show and compare merge commits in the ranges being compared, with the --diff-merges option. Performance, Internal Implementation, Development Support etc. * Document "amlog" notes. * The way AsciiDoc is used for SYNOPSIS part of the manual pages has been revamped. The sources, at least for the simple cases, got vastly more pleasant to work with. * The reftable library is now prepared to expect that the memory allocation function given to it may fail to allocate and to deal with such an error. * An extra worktree attached to a repository points at each other to allow finding the repository from the worktree (and vice versa) possible. Use relative paths for this linkage. * Enable Windows-based CI in GitLab. * Commands that can also work outside Git have learned to take the repository instance "repo" when we know we are in a repository, and NULL when we are not, in a parameter. The uses of the_repository variable in a few of them have been removed using the new calling convention. * The reftable sub-system grew a new reftable-specific strbuf replacement to reduce its dependency on Git-specific data structures. * The ref-filter machinery learns to recognize and avoid cases where sorting would be redundant. * Various platform compatibility fixes split out of the larger effort to use Meson as the primary build tool. * Treat ECONNABORTED the same as ECONNRESET in 'git credential-cache' to work around a possible Cygwin regression. This resolves a race condition caused by changes in Cygwin's handling of socket closures, allowing the client to exit cleanly when encountering ECONNABORTED. * Demonstrate an assertion failure in 'git mv'. * Documentation update to clarify that 'uploadpack.allowAnySHA1InWant' implies both 'allowTipSHA1InWant' and 'allowReachableSHA1InWant'. * Replace various calls to atoi() with strtol_i() and strtoul_ui(), and add improved error handling. * Documentation updates to 'git-update-ref(1)'. * Update the project's CodingGuidelines to discourage naming functions with a "_1()" suffix. * Update '.clang-format' to match project conventions. * Centralize documentation for repository extensions into a single place. * Buildfix and upgrade of Clar to a newer version. * Documentation mark-up updates. * Renaming a handful of variables and structure fields. * Fix for clar unit tests to support CMake build. * C23 compatibility updates. * GCC 15 compatibility updates. * We now ensure "index-pack" is used with the "--promisor" option only during a "git fetch". * The migration procedure between two ref backends has been optimized. * "git fsck" learned to issue warnings on "curiously formatted" ref contents that have always been treated as valid but that Git wouldn't have written itself (e.g., missing terminating end-of-line after the full object name). * Work around Coverity warning that would not trigger in practice. * Built-in Git subcommands are supplied the repository object to work with; they learned to do the same when they invoke sub-subcommands. * Drop support for ancient environments in various CI jobs. * Isolate the reftable subsystem from the rest of Git's codebase by using fewer pieces of Git's infrastructure. * Optimize reading random references out of the reftable backend by allowing reuse of iterator objects. * Backport oss-fuzz tests to our codebase. * Introduce a new repository extension to prevent older Git versions from mis-interpreting worktrees created with relative paths. * Yet another "pass the repository through the callchain" topic. * "git describe" learned to stop digging the history needlessly deeper. * Build procedure update plus introduction of Meson based builds. * Recent reftable updates mistook a NULL return from a request for 0-byte allocation as OOM and died unnecessarily, which has been corrected. * Reftable backend adds check for upper limit of log's update_index. * Start working to make the codebase buildable with -Wsign-compare. * Regression fix for 'show-index' when run outside of a repository. * The meson-build procedure is integrated into CI to catch and prevent bitrotting. * "git refs migrate" learned to also migrate the reflog data across backends. * The developer documentation has been updated to give the latest info on gitk and git-gui maintainer. * CI jobs that run threaded programs under LSan has been giving false positives from time to time, which has been worked around. * Doc update to clarify how periodical maintenance are scheduled, spread across time to avoid thundering herds. * Use after free and double freeing at the end in "git log -L... -p" had been identified and fixed. * On macOS, fsmonitor can fall into a race condition that results in a client waiting forever to be notified about an event that has already happened. This problem has been corrected. * "git maintenance start" crashed due to an uninitialized variable reference, which has been corrected. * Fail gracefully instead of crashing when attempting to write the contents of a corrupt in-core index as a tree object. * A "git fetch" from the superproject going down to a submodule used a wrong remote when the default remote names are set differently between them. * Fixes compile time warnings with 64-bit MSVC. * Teaches 'shortlog' to explicitly use SHA-1 when operating outside of a repository. * Fix 'git grep' regression on macOS by disabling lookahead when encountering invalid UTF-8 byte sequences. * The dumb-http code regressed when the result of re-indexing a pack yielded an *.idx file that differs in content from the *.idx file it downloaded from the remote. This has been corrected by no longer relying on the *.idx file we got from the remote. * When called with '--left-right' and '--use-bitmap-index', 'rev-list' will produce output without any left/right markers, which has been corrected. * More leakfixes. * Test modernization. * The "--shallow-exclude=<ref>" option to various history transfer commands takes a ref, not an arbitrary revision. * A regression where commit objects missing from a commit-graph can cause an infinite loop when doing a fetch in a partial clone has been fixed. * The MinGW compatibility layer has been taught to support POSIX semantics for atomic renames when other process(es) have a file opened at the destination path. * "git gc" discards any objects that are outside promisor packs that are referred to by an object in a promisor pack, and we do not refetch them from the promisor at runtime, resulting an unusable repository. Work around it by including these objects in the referring promisor pack at the receiving end of the fetch. * Avoid build/test breakage on a system without working malloc debug support dynamic library. (merge 72ad6dc368 jk/test-malloc-debug-check later to maint). * Double-free fix. (merge fe17a25905 jk/fetch-prefetch-double-free-fix later to maint). * Use of some uninitialized variables in "git difftool" has been corrected. * Object reuse code based on multi-pack-index sent an unwanted copy of object. (merge e199290592 tb/multi-pack-reuse-dupfix later to maint). * "git fast-import" can be tricked into a replace ref that maps an object to itself, which is a useless thing to do. (merge 5e904f1a4a en/fast-import-avoid-self-replace later to maint). * The ref-transaction hook triggered for reflog updates, which has been corrected. (merge b886db48c6 kn/ref-transaction-hook-with-reflog later to maint). * Give a bit of advice/hint message when "git maintenance" stops finding a lock file left by another instance that still is potentially running. (merge ba874d1dac ps/gc-stale-lock-warning later to maint). * Use the right helper program to measure file size in performance tests. (merge 3f97f1bce6 tb/use-test-file-size-more later to maint). * A double-free that may not trigger in practice by luck has been corrected in the reference resolution code. (merge b6318cf23a sj/refs-symref-referent-fix later to maint). * The sequencer failed to honor core.commentString in some places. * Describe a case where an option value needs to be spelled as a separate argument, i.e. "--opt val", not "--opt=val". (merge 1bc1e94091 jc/doc-opt-tilde-expand later to maint). * Loosen overly strict ownership check introduced in the recent past, to keep the promise "cloning a suspicious repository is a safe first step to inspect it". (merge 0ffb5a6bf1 bc/allow-upload-pack-from-other-people later to maint). * "git fast-import" learned to reject paths with ".." and "." as their components to avoid creating invalid tree objects. (merge 8cb4c6e62f en/fast-import-verify-path later to maint). * The --ancestry-path option is designed to be given a commit that is on the path, which was not documented, which has been corrected. (merge bc1a980759 kk/doc-ancestry-path later to maint). * "git tag" has been taught to refuse to create refs/tags/HEAD since such a tag will be confusing in the context of the UI provided by the Git Porcelain commands. (merge bbd445d5ef jc/forbid-head-as-tagname later to maint). * The advice messages now tell the newer 'git config set' command to set the advice.token configuration variable to squelch a message. (merge 6c397d0104 bf/explicit-config-set-in-advice-messages later to maint). * The syntax ":/<text>" to name the latest commit with the matching text was broken with a recent change, which has been corrected. (merge 0ff919e87a ps/commit-with-message-syntax-fix later to maint). * Fix performance regression of a recent "fatten promisor pack with local objects" protection against an unwanted gc. * "git log -p --remerge-diff --reverse" was completely broken. (merge f94bfa1516 js/log-remerge-keep-ancestry later to maint). * "git bundle create" with an annotated tag on the positive end of the revision range had a workaround code for older limitation in the revision walker, which has become unnecessary. (merge dd1072dfa8 tc/bundle-with-tag-remove-workaround later to maint). * GitLab CI updates. (merge c6b43f663e ps/ci-gitlab-update later to maint). * Code to reuse objects based on bitmap contents have been tightened to avoid race condition even when multiple packs are involved. (merge 62b3ec8a3f tb/bitmap-fix-pack-reuse later to maint). * An earlier "csum-file checksum does not have to be computed with sha1dc" topic had a few code paths that had initialized an implementation of a hash function to be used by an unmatching hash by mistake, which have been corrected. (merge 599a63409b ps/weak-sha1-for-tail-sum-fix later to maint). * Other code cleanup, docfix, build fix, etc. (merge 77af53f56f aa/t7300-modernize later to maint). (merge dcd590a39d bf/t-readme-mention-reftable later to maint). (merge 68e3c69efa kh/trailer-in-glossary later to maint). (merge 91f88f76e6 tb/boundary-traversal-fix later to maint). (merge 168ebb7159 jc/doc-error-message-guidelines later to maint). (merge 18693d7d65 kh/doc-bundle-typofix later to maint). (merge e2f5d3b491 kh/doc-update-ref-grammofix later to maint). (merge 8525e92886 mh/doc-windows-home-env later to maint). 2.47.2 This release merges up the fix that appears in v2.40.4, v2.41.3, v2.42.4, v2.43.6, v2.44.3, v2.45.3 and v2.46.3 to address the security issues CVE-2024-50349 and CVE-2024-52006; see the release notes for these versions for details. 2.47.1 This is to flush accumulated fixes since 2.47.0 on the 'master' front down to the maintenance track. Fixes since Git 2.47 * Use after free and double freeing at the end in "git log -L... -p" had been identified and fixed. * On macOS, fsmonitor can fall into a race condition that results in a client waiting forever to be notified for an event that have already happened. This problem has been corrected. * "git maintenance start" crashed due to an uninitialized variable reference, which has been corrected. * Fail gracefully instead of crashing when attempting to write the contents of a corrupt in-core index as a tree object. * A "git fetch" from the superproject going down to a submodule used a wrong remote when the default remote names are set differently between them. * The "gitk" project tree has been synchronized again with its new maintainer, Johannes Sixt. Also contains minor documentation updates and code clean-ups. 2.47.0 UI, Workflows & Features * Many Porcelain commands that internally use the merge machinery were taught to consistently honor the diff.algorithm configuration. * A few descriptions in "git show-ref -h" have been clarified. * A 'P' command to "git add -p" that passes the patch hunk to the pager has been added. * "git grep -W" omits blank lines that follow the found function at the end of the file, just like it omits blank lines before the next function. * The value of http.proxy can have "path" at the end for a socks proxy that listens to a unix-domain socket, but we started to discard it when we taught proxy auth code path to use the credential helpers, which has been corrected. * The code paths to compact multiple reftable files have been updated to correctly deal with multiple compaction triggering at the same time. * Support to specify ref backend for submodules has been enhanced. * "git svn" has been taught about svn:global-ignores property recent versions of Subversion has. * The default object hash and ref backend format used to be settable only with explicit command line option to "git init" and environment variables, but now they can be configured in the user's global and system wide configuration. * "git send-email" learned "--translate-aliases" option that reads addresses from the standard input and emits the result of applying aliases on them to the standard output. * 'git for-each-ref' learned a new "--format" atom to find the branch that the history leading to a given commit "%(is-base:<commit>)" is likely based on. * The command line prompt support used to be littered with bash-isms, which has been corrected to work with more shells. * Support for the RUNTIME_PREFIX feature has been added to z/OS port. * "git send-email" learned "--mailmap" option to allow rewriting the recipient addresses. * "git mergetool" learned to use VSCode as a merge backend. * "git pack-redundant" has been marked for removal in Git 3.0. * One-line messages to "die" and other helper functions will get LF added by these helper functions, but many existing messages had an unnecessary LF at the end, which have been corrected. * The "scalar clone" command learned the "--no-tags" option. * The environment GIT_ADVICE has been intentionally kept undocumented to discourage its use by interactive users. Add documentation to help tool writers. * "git apply --3way" learned to take "--ours" and other options. Performance, Internal Implementation, Development Support etc. * A build tweak knob has been simplified by not setting the value that is already the default; another unused one has been removed. * A CI job that use clang-format to check coding style issues in new code has been added. * The reviewing guidelines document now explicitly encourages people to give positive reviews and how. * Test script linter has been updated to catch an attempt to use one-shot export construct "VAR=VAL func" for shell functions (which does not work for some shells) better. * Some project conventions have been added to CodingGuidelines. * In the refs subsystem, implicit reliance of the_repository has been eliminated; the repository associated with the ref store object is used instead. * Various tests in reftable library have been rewritten using the unit test framework. * A test that fails on an unusually slow machine was found, and made less likely to cause trouble by lengthening the expiry value it uses. * An existing test of hashmap API has been rewritten with the unit-test framework. * A policy document that describes platform support levels and expectation on platform stakeholders has been introduced. * The refs API has been taught to give symref target information to the users of ref iterators, allowing for-each-ref and friends to avoid an extra ref_resolve_* API call per a symbolic ref. * Unit-test framework has learned a simple control structure to allow embedding test statements in-line instead of having to create a new function to contain them. * Incremental updates of multi-pack index files is getting worked on. * Use of API functions that implicitly depend on the_repository object in the config subsystem has been rewritten to pass a repository object through the callchain. * Unused parameters have been either marked as UNUSED to squelch -Wunused warnings or dropped from many functions.. * The code in the reftable library has been cleaned up by discarding unused "generic" interface. * The underlying machinery for "git diff-index" has long been made to expand the sparse index as needed, but the command fully expanded the sparse index upfront, which now has been taught not to do. * More trace2 events at key points on push and fetch code paths have been added. * Make our codebase compilable with the -Werror=unused-parameter option. * "git cat-file" works well with the sparse-index, and gets marked as such. * CI started failing completely for linux32 jobs, as the step to upload failed test directory uses GitHub actions that is deprecated and is now disabled. * Import clar unit tests framework libgit2 folks invented for our use. * The error messages from the test script checker have been improved. * The convention to calling into built-in command implementation has been updated to pass the repository, if known, together with the prefix value. * "git apply" had custom buffer management code that predated before use of strbuf got widespread, which has been updated to use strbuf, which also plugged some memory leaks. * The reftable backend learned to more efficiently handle exclude patterns while enumerating the refs. * CI updates. FreeBSD image has been updated to 13.4. (merge 2eeb29702e cb/ci-freebsd-13-4 later to maint). * Give timeout to the locking code to write to reftable, instead of failing on the first failure without retrying. * The checksum at the tail of files are now computed without collision detection protection. This is safe as the consumer of the information to protect itself from replay attacks checks for hash collisions independently. 2.46.3 This release merges up the fix that appears in v2.40.4, v2.41.3, v2.42.4, v2.43.6, v2.44.3 and v2.45.3 to address the security issues CVE-2024-50349 and CVE-2024-52006; see the release notes for these versions for details. 2.46.2 This release is primarily to merge changes to unbreak the 32-bit GitHub actions jobs we use for CI testing, so that we can release real fixes for the 2.46.x track after they pass CI. It also reverts the "git patch-id" change that went into 2.46.1, as it seems to have got a regression reported (I haven't verified, but it is better to keep a known breakage than adding an unintended regression). Other than that, a handful of minor bugfixes are included. * In a few corner cases "git diff --exit-code" failed to report "changes" (e.g., renamed without any content change), which has been corrected. * Cygwin does have /dev/tty support that is needed by things like single-key input mode. * The interpret-trailers command failed to recognise the end of the message when the commit log ends in an incomplete line. 2.46.1 This release is primarily to merge fixes accumulated on the 'master' front to prepare for 2.47 release that are still relevant to 2.46.x maintenance track. * "git checkout --ours" (no other arguments) complained that the option is incompatible with branch switching, which is technically correct, but found confusing by some users. It now says that the user needs to give pathspec to specify what paths to checkout. * It has been documented that we avoid "VAR=VAL shell_func" and why. * "git add -p" by users with diff.suppressBlankEmpty set to true failed to parse the patch that represents an unmodified empty line with an empty line (not a line with a single space on it), which has been corrected. * "git rebase --help" referred to "offset" (the difference between the location a change was taken from and the change gets replaced) incorrectly and called it "fuzz", which has been corrected. * "git notes add -m '' --allow-empty" and friends that take prepared data to create notes should not invoke an editor, but it started doing so since Git 2.42, which has been corrected. * An expensive operation to prepare tracing was done in re-encoding code path even when the tracing was not requested, which has been corrected. * Perforce tests have been updated. * The credential helper to talk to OSX keychain sometimes sent garbage bytes after the username, which has been corrected. * A recent update broke "git ls-remote" used outside a repository, which has been corrected. * "git config --value=foo --fixed-value section.key newvalue" barfed when the existing value in the configuration file used the valueless true syntax, which has been corrected. * "git reflog expire" failed to honor annotated tags when computing reachable commits. * A flakey test and incorrect calls to strtoX() functions have been fixed. * Follow-up on 2.45.1 regression fix. * "git rev-list ... | git diff-tree -p --remerge-diff --stdin" should behave more or less like "git log -p --remerge-diff" but instead it crashed, forgetting to prepare a temporary object store needed. * The patch parser in "git patch-id" has been tightened to avoid getting confused by lines that look like a patch header in the log message. * "git bundle unbundle" outside a repository triggered a BUG() unnecessarily, which has been corrected. * The code forgot to discard unnecessary in-core commit buffer data for commits that "git log --skip=<number>" traversed but omitted from the output, which has been corrected. * "git verify-pack" and "git index-pack" started dying outside a repository, which has been corrected. * A corner case bug in "git stash" was fixed. Also contains minor documentation updates and code clean-ups.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/packages/git | 2 +- lfs/git | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/config/rootfiles/packages/git b/config/rootfiles/packages/git index 4422f01ac..6dad7e0a8 100644 --- a/config/rootfiles/packages/git +++ b/config/rootfiles/packages/git @@ -203,12 +203,12 @@ usr/libexec/git-core/mergetools/smerge usr/libexec/git-core/mergetools/tkdiff usr/libexec/git-core/mergetools/tortoisemerge usr/libexec/git-core/mergetools/vimdiff +usr/libexec/git-core/mergetools/vscode usr/libexec/git-core/mergetools/winmerge usr/libexec/git-core/mergetools/xxdiff usr/libexec/git-core/scalar #usr/share/git-core #usr/share/git-core/templates -usr/share/git-core/templates/branches usr/share/git-core/templates/description #usr/share/git-core/templates/hooks usr/share/git-core/templates/hooks/applypatch-msg.sample diff --git a/lfs/git b/lfs/git index e209fb568..185029b17 100644 --- a/lfs/git +++ b/lfs/git @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2024 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2025 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 2.46.0 +VER = 2.48.1 SUMMARY = Fast, scalable, distributed revision control system
THISAPP = git-$(VER) @@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = git -PAK_VER = 35 +PAK_VER = 36
DEPS = perl-Authen-SASL perl-Net-SMTP-SSL
@@ -47,7 +47,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 11fd88faea8cca0982945320c0a1ff949d2abedca9ffde34d40a739349e2a7ae6ceb51a23e8c21f7985cd494d9d17abcec4769e766c3c5188162b906eb1b96bc +$(DL_FILE)_BLAKE2 = 092ed16fab3b3e56c81cb91db48e4db1f41b6d91d4855a7c73fb642f1fd0272823a92b8963644ef33517c61956bca89a95e4b4dc3e9237cb0520aa37c0770966
install : $(TARGET)