SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for perl-Git-2.38.0-1.2.x86_64.rpm :

* Thu Oct 06 2022 Andreas Stieger - git 2.38.0:
* scalar: a repository management tool for large repositories
* new git rebase --update-refs (global rebase.updateRefs) to update dependent branches
* merge-tree integrated with the new ort merge strategy - -write-tree, while --trivial-merge retains the old mode
* bare git repositories can now be stored and distributed in other git repositories
* Setting the safe.bareRepository configuration to \"explicit\" avoids running arbitrary commands from filesystem monitoring hooks of untrusted git repositories unless --git-dir is set
* git grep: new -m / --max-count options to limit the number of matches per file
* git ls-files --format is a new option to customize outout
* git cat-file and git show now support mailmap author mapping
* bug fixes and performance improvements
* Thu Sep 22 2022 Dirk Müller - drop python2 requires as git-p4 is documented to work with python3
* Fri Sep 09 2022 Callum Farmer - Remove nogroup requirement: no longer needed
* Fri Sep 02 2022 Andreas Stieger - git 2.37.3:
* Plug memory leaks in the failure code path in the \"merge-ort\" merge strategy backend.
* \"vimdiff3\" regression has been corrected
* \"git fsck\" improvements
* Fixes to sparse index compatibility work for \"reset\" and \"checkout\" commands
* Documentation for \"git add --renormalize\" has been improved
* developer visible fixes
* Mon Aug 15 2022 Andreas Stieger - git 2.37.2:
* multiple bug fixes, developer visible or handling corner cases
* \"git p4\" improved non-ASCII support
* Tue Jul 12 2022 Andreas Stieger - git 2.37.1:
* Rewrite of \"git add -i\" in C that appeared in Git 2.25 didn\'t correctly record a removed file to the index, which is an old regression but has become widely known because the C version has become the default in the latest release.
* Fix for CVE-2022-29187 [boo#1201431]: The safety check that verifies a safe ownership of the Git worktree is now extended to also cover the ownership of the Git directory (and the `.git` file, if there is any).
* Mon Jul 11 2022 olafAATTaepfle.de- Usage of sysusers_requires is optional, like during quilt setup
* Sun Jul 10 2022 Callum Farmer - Use the system user\'s group instead of nogroup
* Fri Jul 08 2022 Petr Vorel - Add /etc/bash_completion.d/git-prompt: checks for git-prompt.sh and source it if available. Some users rely on the __git_ps1 function becoming available when bash-completion is loaded. Continue to load this library at bash-completion startup for now, to ease the transition to a world order where the prompt function is requested separately. Inspired by Debian.
* Thu Jul 07 2022 Danilo Spinella - Update git to 2.37.0: https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.37.0.txt- git add --interactive is now default upstream, remove suse patch:
* suse-use-builtin-add-interactive.patch
* Wed Jun 15 2022 Antoine Belvire - Fix rpmlint errors/warnings about bash/zsh completion locations.- Remove now obsolete git-zsh-completion-fixes.diff.- Adjust git-tcsh-completion-fixes.diff.
* Tue May 24 2022 Dominique Leuenberger - Do not recommend git-cvs and git-svn by git, but rather have those two packages supplement the combination of git and their respective counterparts.
* Fri May 06 2022 Andreas Stieger - git 2.36.1:
* fix \"git submodule update\" noisyness without pathspec
* fix \"diff-tree --stdin\"
* fix \"git name-rev\" referenging strings after they are freed
* fix \"git show ... -- \" loosing the pathspec when showing the second and subsequent commits
* fix \"git fast-export -- \" loosing the pathspec when showing the second and subsequent commits
* fix \"git format-patch -- \" loosing the pathspec when showing the second and subsequent commits
* Tue Apr 19 2022 Andreas Stieger - git 2.36.0:
* \"git name-rev --stdin\" has been deprecated and issues a warning when used; use \"git name-rev --annotate-stdin\" instead.
* \"git clone --filter=... --recurse-submodules\" only makes the top-level a partial clone, while submodules are fully cloned. This behaviour is changed to pass the same filter down to the submodules.
* improvements and extensions to multiple workflows and features
* bug fixes and performance improvements
* Thu Apr 14 2022 Andreas Stieger - git 2.35.3:
* usability fix-up for CVE-2022-24765 bsc#1198234: \'
*\' can be used as the value for the `safe.directory` variable to signal that the user considers that any directory is safe.
* The code that was meant to parse the new `safe.directory` configuration variable was not checking what configuration variable was being fed to it
* Wed Apr 13 2022 olafAATTaepfle.de- Require bash in git-daemon because the service file uses it- Reword git-daemon.service description to get a useful sentence in journalctl -b
* Tue Apr 12 2022 Andreas Stieger - git 2.35.2 (CVE-2022-24765, bsc#1198234):
* CVE-2022-24765: git may execute commands defined by other users from unexpected worktrees
* Thu Mar 10 2022 chrisAATTcomputersalat.de- fix deps for SLES 12
* Mon Feb 21 2022 Bjørn Lie - \"Downgrade\" git-gui and gitk Recommends to Suggests.
* Sat Jan 29 2022 Andreas Stieger - update to 2.35.1:
* fix \"rebase\" and \"stash\" in a secondary worktree
* Fri Jan 28 2022 Dirk Müller - update to 2.35.0:
* \"_\" is now treated as any other URL-valid characters in an URL when matching the per-URL configuration variable names.
* The color palette used by \"git grep\" has been updated to match that of GNU grep.
* \"git status --porcelain=v2\" now show the number of stash entries with --show-stash like the normal output does.
* \"git stash\" learned the \"--staged\" option to stash away what has been added to the index (and nothing else).
* \"git var GIT_DEFAULT_BRANCH\" is a way to see what name is used for the newly created branch if \"git init\" is run.
* Various operating modes of \"git reset\" have been made to work better with the sparse index.
* \"git submodule deinit\" for a submodule whose .git metadata directory is embedded in its working tree refused to work, until the submodule gets converted to use the \"absorbed\" form where the metadata directory is stored in superproject, and a gitfile at the top-level of the working tree of the submodule points at it. The command is taught to convert such submodules to the absorbed form as needed.
* The completion script (in contrib/) learns that the \"--date\" option of commands from the \"git log\" family takes \"human\" and \"auto\" as valid values.
* \"Zealous diff3\" style of merge conflict presentation has been added.
* The \"git log --format=%(describe)\" placeholder has been extended to allow passing selected command-line options to the underlying \"git describe\" command.
* \"default\" and \"reset\" have been added to our color palette.
* The cryptographic signing using ssh keys can specify literal keys for keytypes whose name do not begin with the \"ssh-\" prefix by using the \"key::\" prefix mechanism (e.g. \"key::ecdsa-sha2-nistp256\").
* \"git fetch\" without the \"--update-head-ok\" option ought to protect a checked out branch from getting updated, to prevent the working tree that checks it out to go out of sync. The code was written before the use of \"git worktree\" got widespread, and only checked the branch that was checked out in the current worktree, which has been updated.
* \"git name-rev\" has been tweaked to give output that is shorter and easier to understand.
* \"git apply\" has been taught to ignore a message without a patch with the \"--allow-empty\" option. It also learned to honor the \"--quiet\" option given from the command line.
* The \"init\" and \"set\" subcommands in \"git sparse-checkout\" have been unified for a better user experience and performance.
* Many git commands that deal with working tree files try to remove a directory that becomes empty (i.e. \"git switch\" from a branch that has the directory to another branch that does not would attempt remove all files in the directory and the directory itself). This drops users into an unfamiliar situation if the command was run in a subdirectory that becomes subject to removal due to the command. The commands have been taught to keep an empty directory if it is the directory they were started in to avoid surprising users.
* \"git am\" learns \"--empty=(stop|drop|keep)\" option to tweak what is done to a piece of e-mail without a patch in it.
* The default merge message prepared by \"git merge\" records the name of the current branch; the name can be overridden with a new option to allow users to pretend a merge is made on a different branch.
* The way \"git p4\" shows file sizes in its output has been updated to use human-readable units.
* \"git -c branch.autosetupmerge=inherit branch new old\" makes \"new\" to have the same upstream as the \"old\" branch, instead of marking \"old\" itself as its upstream.
* Fri Nov 26 2021 Dirk Müller - update to 2.34.1 (bsc#1193722):
* \"git grep\" looking in a blob that has non-UTF8 payload was completely broken when linked with certain versions of PCREv2 library in the latest release.
* \"git pull\" with any strategy when the other side is behind us should succeed as it is a no-op, but doesn\'t.
* An earlier change in 2.34.0 caused JGit application (that abused GIT_EDITOR mechanism when invoking \"git config\") to get stuck with a SIGTTOU signal; it has been reverted.
* An earlier change that broke .gitignore matching has been reverted.
* SubmittingPatches document gained a syntactically incorrect mark-up, which has been corrected.
* Sun Nov 21 2021 Dirk Müller - fix url
* Thu Nov 18 2021 Danilo Spinella - git 2.34.0:
* Release notes: https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.34.0.txt
* Wed Oct 20 2021 Callum Farmer - Add CONFIG parameter to %sysusers_generate_pre- Remove unneeded SHELL in git-daemon.conf- Fix sysusers usage in spec file- Require nogroup group for %pre (bsc#1192023)
* Wed Oct 13 2021 Andreas Stieger - git 2.33.1:
* fix \"git pull\" and \"git rebase -r\" various corner cases and bugs
* \"git commit --fixup\" now works with \"--edit\" again.
* Fix \"git send-email\" unwanted threading
* Fix output from \"git fast-export\" anonymization feature showing an annotated tag incorrectly.
* Fixes for various command output
* fix \"git difftool --dir-diff\" mishandling symbolic links
* Redact sensitive data in the HTTP trace for HTTP/2 requests
* further bug fixes for various git operations
* Mon Sep 20 2021 Johannes Segitz - Added hardening to systemd service(s) (bsc#1181400). Modified:
* git-daemon.service
* Sat Aug 21 2021 Andreas Stieger - git 2.33.0:
* \"git send-email\" learned the \"--sendmail-cmd\" command line option and the \"sendemail.sendmailCmd\" configuration variable, which is a more sensible approach than the current way of repurposing the \"smtp-server\" that is meant to name the server to instead name the command to talk to the server.
* The userdiff pattern for C# learned the token \"record\".
* \"git rev-list\" learns to omit the \"commit \" header lines from the output with the `--no-commit-header` option.
* \"git worktree add --lock\" learned to record why the worktree is locked with a custom message.
* internal improvements including performance optimizations
* a number of bug fixes
* Sun Jun 06 2021 Andreas Stieger - git 2.32.0:
* \".gitattributes\", \".gitignore\", and \".mailmap\" files that are symbolic links are ignored
* \"git apply --3way\" used to first attempt a straight application, and only fell back to the 3-way merge algorithm when the straight application failed. Starting with this version, the command will first try the 3-way merge algorithm and only when it fails (either resulting with conflict or the base versions of blobs are missing), falls back to the usual patch application.
* \"git stash show\" can now show the untracked part of the stash
* Improved \"git repack\" strategy
* http code can now unlock a certificate with a cached password respectively.
* \"git clone --reject-shallow\" option fails the clone as soon as we notice that we are cloning from a shallow repository.
* \"gitweb\" learned \"e-mail privacy\" feature
* Multiple improvements to output and configuration options
* Bug fixes and developer visible fixes
* Thu Apr 22 2021 Markéta Machová - Remove deprecated \"syslog\" option from git-daemon.service (bsc#1185147)
* Fri Apr 09 2021 Frederic Crozat - Add sysusers file to create git-daemon user.
* Thu Apr 08 2021 Dirk Müller - add suse-use-builtin-add-interactive.patch (jsc#SLE-17838)- split git-core perl module into git-core, move instaweb to git-web, and the single remaining perl builtin to git, so that git-core is perl free
* Sat Mar 27 2021 Andreas Stieger - git 2.31.1:
* fsmonitor bug fixes
* fix git bisect to take an annotated tag as a good/bad endpoint
* Fix a corner case in \"git mv\" on case insensitive systems
* Tue Mar 16 2021 Fabian Vogt - Require only openssh-clients where possible (TW, SLE >= 15 SP3) (boo#1183580)- Drop rsync requirement, not necessary anymore
* Mon Mar 15 2021 Andreas Stieger - git 2.31.0:
* Use of \"pack-redundant\" command is discouraged and will trigger a warning. The replacement is \"repack -d\".
* The \"--format=%(trailers)\" mechanism gets enhanced to make it easier to design output for machine consumption.
* No longer give message to choose between rebase or merge upon pull if the history fast-forwards
* The configuration variable \'core.abbrev\' can be set to \'no\' to force no abbreviation regardless of the hash algorithm.
* \"git rev-parse\" can be explicitly told to give output as absolute or relative path with the `--path-format=(absolute|relative)` option.
* Bash completion (in contrib/) update to make it easier for end-users to add completion for their custom \"git\" subcommands.
* \"git maintenance\" learned to drive scheduled maintenance on platforms whose native scheduling methods are not \'cron\'.
* After expiring a reflog and making a single commit, the reflog for the branch would record a single entry that knows both AATT{0} and AATT{1}, but we failed to answer \"what commit were we on?\", i.e. AATT{1}
* \"git bundle\" learns \"--stdin\" option to read its refs from the standard input. Also, it now does not lose refs whey they point at the same object.
* \"git log\" learned a new \"--diff-merges=\" option.
* \"git ls-files\" can and does show multiple entries when the index is unmerged, which is a source for confusion unless -s/-u option is in use. A new option --deduplicate has been introduced.
* `git worktree list` now annotates worktrees as prunable, shows locked and prunable attributes in --porcelain mode, and gained a --verbose option.
* \"git clone\" tries to locally check out the branch pointed at by HEAD of the remote repository after it is done, but the protocol did not convey the information necessary to do so when copying an empty repository. The protocol v2 learned how to do so.
* There are other ways than \"..\" for a single token to denote a \"commit range\", namely \"^!\" and \"^-\", but \"git range-diff\" did not understand them.
* The \"git range-diff\" command learned \"--(left|right)-only\" option to show only one side of the compared range.
* \"git mergetool\" feeds three versions (base, local and remote) of a conflicted path unmodified. The command learned to optionally prepare these files with unconflicted parts already resolved.
* The .mailmap is documented to be read only from the root level of a working tree, but a stray file in a bare repository also was read by accident, which has been corrected.
* \"git maintenance\" tool learned a new \"pack-refs\" maintenance task.
* The error message given when a configuration variable that is expected to have a boolean value has been improved.
* Signed commits and tags now allow verification of objects, whose two object names (one in SHA-1, the other in SHA-256) are both signed.
* \"git rev-list\" command learned \"--disk-usage\" option.
* \"git {diff,log} --{skip,rotate}-to=\" allows the user to discard diff output for early paths or move them to the end of the output.
* \"git difftool\" learned \"--skip-to=\" option to restart an interrupted session from an arbitrary path.
* \"git grep\" has been tweaked to be limited to the sparse checkout paths.
* \"git rebase --[no-]fork-point\" gained a configuration variable rebase.forkPoint so that users do not have to keep specifying a non-default setting.
* many bug fixes
* Tue Mar 09 2021 Andreas Stieger - git 2.30.2:
* CVE-2021-21300: On case-insensitive file systems with support for symbolic links, if Git is configured globally to apply delay-capable clean/smudge filters (such as Git LFS), Git could be fooled into running remote code during a clone (boo#1183026)
* Wed Feb 10 2021 Markéta Machová - git 2.30.1
* Bugfix release
* \"git stash\" did not work well in a sparsely checked out working tree.
* Newline characters in the host and path part of git:// URL are now forbidden.
* Tue Dec 29 2020 Andreas Stieger - git 2.30.0:
* Userdiff updates for PHP, Rust, CSS
* New features and options to multiple subcommands and workflows
* Avoid administrator error leading to data loss with \"git push --force-with-lease[=]\" by introducing \"--force-if-includes\"
* Updates to shell autocompletion
* Bug fixes and internal improvements
* Fri Nov 20 2020 Marcus Rueckert - only pull asciidoctor for the default ruby version
* Thu Oct 29 2020 Andreas Stieger - git 2.29.2: \"--committer-date-is-author-date\" option of \"rebase\" and \"am\" subcommands lost the e-mail address by mistake in 2.29
* Fri Oct 23 2020 Andreas Stieger - git 2.29.1:
* build system fixes for non-default installations (not affecting this package)
* Mon Oct 19 2020 Andreas Stieger - git 2.29.0:
* The transport protocol v2 has become the default again
* \"git worktree\" gained a \"repair\" subcommand, \"git init - -separate-git-dir\" no longer corrupts administrative data related to linked worktrees
* \"git maintenance\" introduced for repository maintenance tasks
* enhancements to multiple workflows, addition of configuration options and supported parameters, and bug fixes
* Tue Jul 28 2020 Marketa Calabkova - git 2.28.0
* \"fetch.writeCommitGraph\" is deemed to be still a bit too risky and is no longer part of the \"feature.experimental\" set.
* The commands in the \"diff\" family learned to honor \"diff.relative\" configuration variable.
* \"git diff-files\" has been taught to say paths that are marked as intent-to-add are new files, not modified from an empty blob.
* \"git gui\" now allows opening work trees from the start-up dialog.
* \"git bugreport\" learns to report what shell is in use.
* SHA-256 migration work continues, including CVS/SVN interface.
* Some repositories in the wild have commits that record nonsense committer timezone (e.g. rails.git); \"git fast-import\" learned an option to pass these nonsense timestamps intact to allow recreating existing repositories as-is.
* Other code cleanup, docfix, build fix, etc.
* Mon Jun 01 2020 Andreas Stieger - git 2.27.0:
* \"git describe\" will always use the \"long\" version when giving its output based misplaced tags
* \"git pull\" issues a warning message until the pull.rebase configuration variable is explicitly given
* The transport protocol version 2, which was promoted to the default in Git 2.26 release, turned out to have some remaining rough edges, so it has been demoted from the default
* A handful of options to configure SSL when talking to proxies have been added
* Smudge/clean conversion filters are now given more information
* many bug fixes, improvements, and additional workflow options- drop upstreamed patches:
* 0001-fetch-pack-return-enum-from-process_acks.patch
* 0002-fetch-pack-in-protocol-v2-in_vain-only-after-ACK.patch
* 0003-fetch-pack-in-protocol-v2-reset-in_vain-upon-ACK.patch- drop unneeded patches:
* 0001-DOC-Move-to-DocBook-5-when-using-asciidoctor.patch
* 0002-Also-use-DocBook-5-stylesheet-when-generating-HTML-o.patch
* Tue Apr 28 2020 Michal Suchanek - Protocol v2 in_vain fixes (bsc#1170741, bsc#1170939). Dropped: Revert-fetch-default-to-protocol-version-2.patch Added: 0001-fetch-pack-return-enum-from-process_acks.patch 0002-fetch-pack-in-protocol-v2-in_vain-only-after-ACK.patch 0003-fetch-pack-in-protocol-v2-reset-in_vain-upon-ACK.patch
* Mon Apr 27 2020 Michal Suchanek - Add back SuSEfirewall2 support needed for SLE12 (bsc#1170302).
* Tue Apr 21 2020 Michal Suchanek - With recent switch to protocol v2 people are reporting fetches transferring unreasonable amount of data. Upstream proposes switching the protocol back until the issue is properly diagnosed. The regression is problematic for people with lower network connection speed (bsc#1170741). Added: Revert-fetch-default-to-protocol-version-2.patch
* Mon Apr 20 2020 Andreas Stieger - git 2.26.2:
* CVE-2020-11008: Specially crafted URLs may have tricked the credentials helper to providing credential information that is not appropriate for the protocol in use and host being contacted (boo#1169936)
* Mon Apr 20 2020 Marketa Calabkova - Submit to SLE15 / resubmit to Factory (bsc#1169786, jsc#SLE-12396, bsc#1149792)
* Fri Apr 17 2020 Michal Suchanek - Fix git-daemon not starting after conversion from sysvinit to systemd service (bsc#1169605).
* Tue Apr 14 2020 Andreas Stieger - git 2.26.1: (boo#1168930)
* CVE-2020-5260: Specially crafted URLs with newline characters could have been used to make the Git client to send credential information for a wrong host to the attacker\'s site boo#1168930
* Mon Mar 23 2020 Andreas Stieger - git 2.26.0 (bsc#1167890, jsc#SLE-11608):
* \"git rebase\" now uses a different backend that is based on the \'merge\' machinery by default. The \'rebase.backend\' configuration variable reverts to old behaviour when set to \'apply\'
* Improved handling of sparse checkouts
* Improvements to many commands and internal features
* Thu Mar 19 2020 Andreas Stieger - git 2.25.2:
* bug fixes to various subcommands in specific operations
* Mon Feb 17 2020 Andreas Stieger - git 2.25.1:
* \"git commit\" now honors advise.statusHints
* various updates, bug fixes and documentation updates
* Tue Jan 14 2020 Marketa Calabkova - git 2.25.0
* The branch description (\"git branch --edit-description\") has been used to fill the body of the cover letters by the format-patch command; this has been enhanced so that the subject can also be filled.
* A few commands learned to take the pathspec from the standard input or a named file, instead of taking it as the command line arguments, with the \"--pathspec-from-file\" option.
* Test updates to prepare for SHA-2 transition continues.
* Redo \"git name-rev\" to avoid recursive calls.
* When all files from some subdirectory were renamed to the root directory, the directory rename heuristics would fail to detect that as a rename/merge of the subdirectory to the root directory, which has been corrected.
* HTTP transport had possible allocator/deallocator mismatch, which has been corrected. - dropped patch git-skip-test-s390x-aarch64-fail.patch (bsc#1156651)
* upstream maintainers have skipped the test themselves
* Wed Dec 11 2019 Andreas Stieger - git 2.24.1:
* CVE-2019-1348: The --export-marks option of fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths (boo#1158785)
* CVE-2019-1349: on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice (boo#1158787)
* CVE-2019-1350: Incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs (boo#1158788)
* CVE-2019-1351: on Windows mistakes drive letters outside of the US-English alphabet as relative paths (boo#1158789)
* CVE-2019-1352: on Windows was unaware of NTFS Alternate Data Streams (boo#1158790)
* CVE-2019-1353: when run in the Windows Subsystem for Linux while accessing a working directory on a regular Windows drive, none of the NTFS protections were active (boo#1158791)
* CVE-2019-1354: on Windows refuses to write tracked files with filenames that contain backslashes (boo#1158792)
* CVE-2019-1387: Recursive clones vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones (boo#1158793)
* CVE-2019-19604: a recursive clone followed by a submodule update could execute code contained within the repository without the user explicitly having asked for that (boo#1158795)
* Fri Nov 29 2019 Stefan Brüns - Guard xmlto/sgml-skel BuildRequires by docs bcond.- Fix building with asciidoctor and without DocBook4 stylesheets:
* Add 0002-Also-use-DocBook-5-stylesheet-when-generating-HTML-o.patch
* Refresh 0001-DOC-Move-to-DocBook-5-when-using-asciidoctor.patch- Spec file cleanup, remove conditionals for obsolete/EOLed distros.- Drop curl (executable) BuildRequires, only required by some skipped tests (skipped as these have an apache2 prerequisite).
* Fri Nov 29 2019 Marketa Calabkova - added patch git-skip-test-s390x-aarch64-fail.patch
* workaround for bsc#1156651
* Mon Nov 04 2019 Andreas Schwab - 0001-DOC-Move-to-DocBook-5-when-using-asciidoctor.patch: Don\'t remove \"-x manpage.xsl\" option- BuildRequire docbook5-xsl-stylesheets
* Mon Nov 04 2019 Marketa Calabkova - git 2.24.0
* The command line parser learned \"--end-of-options\" notation.
* A mechanism to affect the default setting for a (related) group of configuration variables is introduced.
* \"git fetch\" learned \"--set-upstream\" option to help those who first clone from their private fork they intend to push to, add the true upstream via \"git remote add\" and then \"git fetch\" from it.
* fixes and improvements to UI, workflow and features, bash completion fixes- modified patch 0001-DOC-Move-to-DocBook-5-when-using-asciidoctor.patch
* part of it merged upstream
* the Makefile attempted to download some documentation, banned
* Mon Oct 07 2019 Marketa Calabkova - Complete (but maybe a bit too generous) fix of bsc#1112230
* Thu Oct 03 2019 Marketa Calabkova - These patches have been merged upstream a long time ago, no longer needed:
* 0001-submodule-helper-use-to-signal-end-of-clone-options.patch
* 0002-submodule-config-ban-submodule-urls-that-start-with-.patch
* 0003-submodule-config-ban-submodule-paths-that-start-with.patch
* git-mark-path-lookup-errors.patch
* Sun Aug 18 2019 Andreas Stieger - git 2.23.0:
* The \"--base\" option of \"format-patch\" computed the patch-ids for prerequisite patches in an unstable way, which has been updated to compute in a way that is compatible with \"git patch-id - -stable\".
* The \"git log\" command by default behaves as if the --mailmap option was given.
* fixes and improvements to UI, workflow and features
* Wed Aug 14 2019 Marketa Calabkova - git 2.22.1
* A relative pathname given to \"git init --template= \" ought to be relative to the directory \"git init\" gets invoked in, but it instead was made relative to the repository, which has been corrected.
* \"git worktree add\" used to fail when another worktree connected to the same repository was corrupt, which has been corrected.
* \"git am -i --resolved\" segfaulted after trying to see a commit as if it were a tree, which has been corrected.
* \"git merge --squash\" is designed to update the working tree and the index without creating the commit, and this cannot be countermanded by adding the \"--commit\" option; the command now refuses to work when both options are given.
* Update to Unicode 12.1 width table.
* \"git request-pull\" learned to warn when the ref we ask them to pull from in the local repository and in the published repository are different.
* \"git fetch\" into a lazy clone forgot to fetch base objects that are necessary to complete delta in a thin packfile, which has been corrected.
* The URL decoding code has been updated to avoid going past the end of the string while parsing %-- sequence.
* \"git clean\" silently skipped a path when it cannot lstat() it; now it gives a warning.
* \"git rm\" to resolve a conflicted path leaked an internal message \"needs merge\" before actually removing the path, which was confusing. This has been corrected.
* Many more bugfixes and code cleanups.
* Wed Jul 24 2019 matthias.gerstnerAATTsuse.com- removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by firewalld, see [1]. [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html
* Mon Jul 15 2019 Marketa Calabkova - partial fix for bsc#1112230 (git instaweb gives 500 error)
* Mon Jun 10 2019 Marketa Calabkova - git 2.22.0
* The filter specification \"--filter=sparse:path=\" used to create a lazy/partial clone has been removed. Using a blob that is part of the project as sparse specification is still supported with the \"--filter=sparse:oid=\" option
* \"git checkout --no-overlay\" can be used to trigger a new mode of checking out paths out of the tree-ish, that allows paths that match the pathspec that are in the current index and working tree and are not in the tree-ish.
* Four new configuration variables {author,committer}.{name,email} have been introduced to override user.{name,email} in more specific cases.
* \"git branch\" learned a new subcommand \"--show-current\".
* The command line completion (in contrib/) has been taught to complete more subcommand parameters.
* The completion helper code now pays attention to repository-local configuration (when available), which allows --list-cmds to honour a repository specific setting of completion.commands, for example.
* The list of conflicted paths shown in the editor while concluding a conflicted merge was shown above the scissors line when the clean-up mode is set to \"scissors\", even though it was commented out just like the list of updated paths and other information to help the user explain the merge better.
* \"git rebase\" that was reimplemented in C did not set ORIG_HEAD correctly, which has been corrected.
* \"git worktree add\" used to do a \"find an available name with stat and then mkdir\", which is race-prone. This has been fixed by using mkdir and reacting to EEXIST in a loop.- Removed upstreamed patch worktree-fix-worktree-add-race.patch
* previous item
* Wed May 08 2019 Dominique Leuenberger - Add 0001-DOC-Move-to-DocBook-5-when-using-asciidoctor.patch: Move to DocBook 5.x. Asciidoctor 2.x no longer supports the legacy DocBook 4.5 format.
* Sun Apr 14 2019 Christian Boltz - update git-web AppArmor profile for bash and tar usrMerge (boo#1132350)
* Mon Feb 25 2019 Marketa Calabkova - git 2.21.0
* Historically, the \"-m\" (mainline) option can only be used for \"git cherry-pick\" and \"git revert\" when working with a merge commit. This version of Git no longer warns or errors out when working with a single-parent commit, as long as the argument to the \"-m\" option is 1 (i.e. it has only one parent, and the request is to pick or revert relative to that first parent). Scripts that relied on the behaviour may get broken with this change.
* Small fixes and features for fast-export and fast-import.
* The \"http.version\" configuration variable can be used with recent enough versions of cURL library to force the version of HTTP used to talk when fetching and pushing.
* \"git push $there $src:$dst\" rejects when $dst is not a fully qualified refname and it is not clear what the end user meant.
* Update \"git multimail\" from the upstream.
* A new date format \"--date=human\" that morphs its output depending on how far the time is from the current time has been introduced. \"--date=auto:human\" can be used to use this new format (or any existing format) when the output is going to the pager or to the terminal, and otherwise the default format.
* Wed Feb 13 2019 Michal Suchanek - Fix worktree creation race (bsc#1114225). worktree-fix-worktree-add-race.patch setup-don-t-fail-if-commondir-reference-is-deleted.patch
* Tue Jan 22 2019 Marketa Calabkova - the proper way how to add shadow dependency, only the -daemon subpackage uses the shadow package
* Sun Jan 20 2019 Hans-Peter Jansen - add shadow build dependency: pre/postinstall script checks fail for 42.3 otherwise
* Fri Jan 11 2019 Dominique Leuenberger - Do not BuildRequire apache2: + it is only in the build chain for the directory ownership. Let\'s just own the directories ourselves. + This actually also fixes the issue that installing, then uninstalling git-web, without apache2 being present on the machine, leaves those directories stale on the disk.
* Sun Dec 16 2018 astiegerAATTsuse.com- git 2.20.1:
* portability fixes
* \"git help -a\" did not work well when an overly long alias was defined
* no longer squelched an error message when the run_command API failed to run a missing command
* Mon Dec 10 2018 Marketa Calabkova - git 2.20.0
* \"git help -a\" now gives verbose output (same as \"git help -av\"). Those who want the old output may say \"git help --no-verbose -a\"..
* \"git send-email\" learned to grab address-looking string on any trailer whose name ends with \"-by\".
* \"git format-patch\" learned new \"--interdiff\" and \"--range-diff\" options to explain the difference between this version and the previous attempt in the cover letter (or after the three-dashes as a comment).
* Developer builds now use -Wunused-function compilation option.
* Fix a bug in which the same path could be registered under multiple worktree entries if the path was missing (for instance, was removed manually). Also, as a convenience, expand the number of cases in which --force is applicable.
* The overly large Documentation/config.txt file have been split into million little pieces. This potentially allows each individual piece to be included into the manual page of the command it affects more easily.
* Malformed or crafted data in packstream can make our code attempt to read or write past the allocated buffer and abort, instead of reporting an error, which has been fixed.
* Fix for a long-standing bug that leaves the index file corrupt when it shrinks during a partial commit.
* \"git merge\" and \"git pull\" that merges into an unborn branch used to completely ignore \"--verify-signatures\", which has been corrected.
* ...and much more features and fixes
* Wed Dec 05 2018 Hans-Peter Jansen - group(nogroup) is provided with Leap 15 onwards only
* Tue Dec 04 2018 Jan Engelhardt - Use Requires(pre).- Do not ignore error returns from useradd.- Package descriptions need not be wrapped in %if..%endif.
* Fri Nov 30 2018 Marketa Calabkova - Avoid boo#1082023 - git send-email fails to authenticate with SMTP server
* Mon Nov 26 2018 Marketa Calabkova - fix CVE-2018-19486 (bsc#1117257)
* git-mark-path-lookup-errors.patch
* Wed Nov 21 2018 astiegerAATTsuse.com- git 2.19.2:
* various bug fixes for multiple subcommands and operations
* Mon Oct 08 2018 tiwaiAATTsuse.de- Fix VUL-0: arbitrary code execution via .gitmodules (CVE-2018-17456, bsc#1110949): 0001-submodule-helper-use-to-signal-end-of-clone-options.patch 0002-submodule-config-ban-submodule-urls-that-start-with-.patch 0003-submodule-config-ban-submodule-paths-that-start-with.patch
* Fri Oct 05 2018 astiegerAATTsuse.com- git 2.19.1:
* CVE-2018-17456: Specially crafted .gitmodules files may have allowed arbitrary code execution when the repository is cloned with --recurse-submodules (bsc#1110949)
* Tue Sep 11 2018 Petr Vorel - git 2.19.0:
* \"git diff\" compares the index and the working tree. For paths added with intent-to-add bit, the command shows the full contents of them as added, but the paths themselves were not marked as new files. They are now shown as new by default.
* \"git apply\" learned the \"--intent-to-add\" option so that an otherwise working-tree-only application of a patch will add new paths to the index marked with the \"intent-to-add\" bit.
* \"git grep\" learned the \"--column\" option that gives not just the line number but the column number of the hit.
* The \"-l\" option in \"git branch -l\" is an unfortunate short-hand for \"--create-reflog\", but many users, both old and new, somehow expect it to be something else, perhaps \"--list\". This step warns when \"-l\" is used as a short-hand for \"--create-reflog\" and warns about the future repurposing of the it when it is used.
* The userdiff pattern for .php has been updated.
* The content-transfer-encoding of the message \"git send-email\" sends out by default was 8bit, which can cause trouble when there is an overlong line to bust RFC 5322/2822 limit. A new option \'auto\' to automatically switch to quoted-printable when there is such a line in the payload has been introduced and is made the default.
* \"git checkout\" and \"git worktree add\" learned to honor checkout.defaultRemote when auto-vivifying a local branch out of a remote tracking branch in a repository with multiple remotes that have tracking branches that share the same names. (merge 8d7b558bae ab/checkout-default-remote later to maint).
* \"git grep\" learned the \"--only-matching\" option.
* \"git rebase --rebase-merges\" mode now handles octopus merges as well.
* Add a server-side knob to skip commits in exponential/fibbonacci stride in an attempt to cover wider swath of history with a smaller number of iterations, potentially accepting a larger packfile transfer, instead of going back one commit a time during common ancestor discovery during the \"git fetch\" transaction. (merge 42cc7485a2 jt/fetch-negotiator-skipping later to maint).
* A new configuration variable core.usereplacerefs has been added, primarily to help server installations that want to ignore the replace mechanism altogether.
* Teach \"git tag -s\" etc. a few configuration variables (gpg.format that can be set to \"openpgp\" or \"x509\", and gpg..program that is used to specify what program to use to deal with the format) to allow x.509 certs with CMS via \"gpgsm\" to be used instead of openpgp via \"gnupg\".
* Many more strings are prepared for l10n.
* \"git p4 submit\" learns to ask its own pre-submit hook if it should continue with submitting.
* The test performed at the receiving end of \"git push\" to prevent bad objects from entering repository can be customized via receive.fsck.
* configuration variables; we now have gained a counterpart to do the same on the \"git fetch\" side, with fetch.fsck.
* configuration variables.
* \"git pull --rebase=interactive\" learned \"i\" as a short-hand for \"interactive\".
* \"git instaweb\" has been adjusted to run better with newer Apache on RedHat based distros.
* \"git range-diff\" is a reimplementation of \"git tbdiff\" that lets us compare individual patches in two iterations of a topic.
* The sideband code learned to optionally paint selected keywords at the beginning of incoming lines on the receiving end.
* \"git branch --list\" learned to take the default sort order from the \'branch.sort\' configuration variable, just like \"git tag --list\" pays attention to \'tag.sort\'.
* \"git worktree\" command learned \"--quiet\" option to make it less verbose.
* Mon Aug 27 2018 tchvatalAATTsuse.com- State zlib-devel in deps, previously magically pulled in by openssl
* Mon Jun 25 2018 astiegerAATTsuse.com- git 2.18.0:
* improvements to rename detection logic
* When built with more recent cURL, GIT_SSL_VERSION can now specify \"tlsv1.3\" as its value.
* \"git mergetools\" learned talking to guiffy.
* various other workflow improvements and fixes
* performance improvements and other developer visible fixes- drop git-bash-completion-egrep-color-fix.diff no longer required
* Wed May 30 2018 tiwaiAATTsuse.de- Update to git 2.16.4: security fix release
* path sanity-checks on NTFS can read arbitrary memory (CVE-2018-11233, bsc#1095218)
* arbitrary code execution when recursively cloning a malicious repository (CVE-2018-11235, bsc#1095219)
* Tue May 29 2018 avindraAATTopensuse.org- git 2.17.1
* Submodule \"names\" come from the untrusted .gitmodules file, but we blindly append them to $GIT_DIR/modules to create our on-disk repo paths. This means you can do bad things by putting \"../\" into the name. We now enforce some rules for submodule names which will cause Git to ignore these malicious names (CVE-2018-11235, bsc#1095219)
* It was possible to trick the code that sanity-checks paths on NTFS into reading random piece of memory (CVE-2018-11233, bsc#1095218)
* Support on the server side to reject pushes to repositories that attempt to create such problematic .gitmodules file etc. as tracked contents, to help hosting sites protect their customers by preventing malicious contents from spreading.
* Thu May 24 2018 tchvatalAATTsuse.com- Fix docless build to not fail on find/chmod not having any files- Require just python3-base not full python for build
* Sat May 19 2018 schwabAATTlinux-m68k.org- git 2.17.0:
* \"diff\" family of commands learned \"--find-object=\" option to limit the findings to changes that involve the named object.
* \"git format-patch\" learned to give 72-cols to diffstat, which is consistent with other line length limits the subcommand uses for its output meant for e-mails.
* The log from \"git daemon\" can be redirected with a new option; one relevant use case is to send the log to standard error (instead of syslog) when running it from inetd.
* \"git rebase\" learned to take \"--allow-empty-message\" option.
* \"git am\" has learned the \"--quit\" option, in addition to the existing \"--abort\" option; having the pair mirrors a few other commands like \"rebase\" and \"cherry-pick\".
* \"git worktree add\" learned to run the post-checkout hook, just like \"git clone\" runs it upon the initial checkout.
* \"git tag\" learned an explicit \"--edit\" option that allows the message given via \"-m\" and \"-F\" to be further edited.
* \"git fetch --prune-tags\" may be used as a handy short-hand for getting rid of stale tags that are locally held.
* The new \"--show-current-patch\" option gives an end-user facing way to get the diff being applied when \"git rebase\" (and \"git am\") stops with a conflict.
* \"git add -p\" used to offer \"/\" (look for a matching hunk) as a choice, even there was only one hunk, which has been corrected. Also the single-key help is now given only for keys that are enabled (e.g. help for \'/\' won\'t be shown when there is only one hunk).
* Since Git 1.7.9, \"git merge\" defaulted to --no-ff (i.e. even when the side branch being merged is a descendant of the current commit, create a merge commit instead of fast-forwarding) when merging a tag object. This was appropriate default for integrators who pull signed tags from their downstream contributors, but caused an unnecessary merges when used by downstream contributors who habitually \"catch up\" their topic branches with tagged releases from the upstream. Update \"git merge\" to default to --no-ff only when merging a tag object that does
*not
* sit at its usual place in refs/tags/ hierarchy, and allow fast-forwarding otherwise, to mitigate the problem.
* \"git status\" can spend a lot of cycles to compute the relation between the current branch and its upstream, which can now be disabled with \"--no-ahead-behind\" option.
* \"git diff\" and friends learned funcname patterns for Go language source files.
* \"git send-email\" learned \"--reply-to=
\" option.
* Funcname pattern used for C# now recognizes \"async\" keyword.
* In a way similar to how \"git tag\" learned to honor the pager setting only in the list mode, \"git config\" learned to ignore the pager setting when it is used for setting values (i.e. when the purpose of the operation is not to \"show\").
* Tue Mar 27 2018 kukukAATTsuse.de- Use %license instead of %doc [bsc#1082318]
* Fri Mar 23 2018 avindraAATTopensuse.org- git 2.16.3:
* \"git status\" after moving a path in the working tree (hence making it appear \"removed\") and then adding with the -N option (hence making that appear \"added\") detected it as a rename, but did not report the old and new pathnames correctly.
* \"git commit --fixup\" did not allow \"-m\" option to be used at the same time; allow it to annotate resulting commit with more text.
* When resetting the working tree files recursively, the working tree of submodules are now also reset to match.
* Fix for a commented-out code to adjust it to a rather old API change around object ID.
* When there are too many changed paths, \"git diff\" showed a warning message but in the middle of a line.
* The http tracing code, often used to debug connection issues, learned to redact potentially sensitive information from its output so that it can be more safely sharable.
* Crash fix for a corner case where an error codepath tried to unlock what it did not acquire lock on.
* The split-index mode had a few corner case bugs fixed.
* Assorted fixes to \"git daemon\".
* Completion of \"git merge -s\" (in contrib/) did not work well in non-C locale.
* Workaround for segfault with more recent versions of SVN.
* Recently introduced leaks in fsck have been plugged.
* Travis CI integration now builds the executable in \'script\' phase to follow the established practice, rather than during \'before_script\' phase. This allows the CI categorize the failures better (\'failed\' is project\'s fault, \'errored\' is build environment\'s).
* Thu Mar 08 2018 tiwaiAATTsuse.de- Drop superfluous xinetd snippet, no longer used (bsc#1084460)
* Tue Mar 06 2018 tiwaiAATTsuse.de- Build with asciidoctor for the recent distros (bsc#1075764)
* Mon Feb 26 2018 schwabAATTlinux-m68k.org- Move %{?systemd_requires} to daemon subpackage
* Wed Feb 21 2018 fcrozatAATTsuse.com- Create subpackage for libsecret credential helper.
* Sun Feb 18 2018 avindraAATTopensuse.org- git 2.16.2:
* An old regression in \"git describe --all $annotated_tag^0\" has been fixed.
* \"git svn dcommit\" did not take into account the fact that a svn+ssh:// URL with a usernameAATT (typically used for pushing) refers to the same SVN repository without the usernameAATT and failed when svn.pushmergeinfo option is set.
* \"git merge -Xours/-Xtheirs\" learned to use our/their version when resolving a conflicting updates to a symbolic link.
* \"git clone $there $here\" is allowed even when here directory exists as long as it is an empty directory, but the command incorrectly removed it upon a failure of the operation.
* \"git stash -- \" incorrectly blew away untracked files in the directory that matched the pathspec, which has been corrected.
* \"git add -p\" was taught to ignore local changes to submodules as they do not interfere with the partial addition of regular changes anyway.
* Tue Jan 23 2018 astiegerAATTsuse.com- git 2.16.1:
* \"git clone\" segfaulted when cloning a project that happens to track two paths that differ only in case on a case insensitive filesystem
* Fri Jan 19 2018 avindraAATTopensuse.org- git 2.16.0 (CVE-2017-15298, bsc#1063412):
* See https://raw.github.com/git/git/master/Documentation/RelNotes/2.16.0.txt- partial cleanup with spec-cleaner- drop git-gui-tclIndex.patch
* merged upstream in da10ea373b80cc8bf8efca5acb1d11ecf410fb0c
  
ICM