SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for git-core-2.47.0-lp151.637.1.x86_64.rpm :

* Wed Oct 09 2024 Dirk Müller - update to 2.47.0:
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.47.0.txt
* Many Porcelain commands that internally use the merge machinery were taught to consistently honor the diff.algorithm configuration.
* A few descriptions in \"git show-ref -h\" have been clarified.
* A \'P\' command to \"git add -p\" that passes the patch hunk to the pager has been added.
* \"git grep -W\" omits blank lines that follow the found function at the end of the file, just like it omits blank lines before the next function.
* The value of http.proxy can have \"path\" at the end for a socks proxy that listens to a unix-domain socket, but we started to discard it when we taught proxy auth code path to use the credential helpers, which has been corrected.
* The code paths to compact multiple reftable files have been updated to correctly deal with multiple compaction triggering at the same time.
* Support to specify ref backend for submodules has been enhanced.
* \"git svn\" has been taught about svn:global-ignores property recent versions of Subversion has.
* The default object hash and ref backend format used to be settable only with explicit command line option to \"git init\" and environment variables, but now they can be configured in the user\'s global and system wide configuration.
* \"git send-email\" learned \"--translate-aliases\" option that reads addresses from the standard input and emits the result of applying aliases on them to the standard output.
* \'git for-each-ref\' learned a new \"--format\" atom to find the branch that the history leading to a given commit \"%(is-base:)\" is likely based on.
* The command line prompt support used to be littered with bash-isms, which has been corrected to work with more shells.
* Support for the RUNTIME_PREFIX feature has been added to z/OS port.
* \"git send-email\" learned \"--mailmap\" option to allow rewriting the recipient addresses.
* \"git mergetool\" learned to use VSCode as a merge backend.
* \"git pack-redundant\" has been marked for removal in Git 3.0.
* One-line messages to \"die\" and other helper functions will get LF added by these helper functions, but many existing messages had an unnecessary LF at the end, which have been corrected.
* The \"scalar clone\" command learned the \"--no-tags\" option.
* The environment GIT_ADVICE has been intentionally kept undocumented to discourage its use by interactive users. Add documentation to help tool writers.
* \"git apply --3way\" learned to take \"--ours\" and other options.
* Mon Oct 07 2024 Antonio Teixeira - Update to version 2.46.2:
* Revert the \"git patch-id\" change that went into 2.46.1, as it seems to have got a regression reported (I haven\'t verified, but it is better to keep a known breakage than adding an unintended regression).
* In a few corner cases \"git diff --exit-code\" failed to report \"changes\" (e.g., renamed without any content change), which has been corrected.
* The interpret-trailers command failed to recognise the end of the message when the commit log ends in an incomplete line.
* Fri Sep 20 2024 Dominique Leuenberger - Update to version 2.46.1;
* \"git checkout --ours\" (no other arguments) complained that the option is incompatible with branch switching, which is technically correct, but found confusing by some users. It now says that the user needs to give pathspec to specify what paths to checkout.
* It has been documented that we avoid \"VAR=VAL shell_func\" and why.
* \"git add -p\" by users with diff.suppressBlankEmpty set to true failed to parse the patch that represents an unmodified empty line with an empty line (not a line with a single space on it), which has been corrected.
* \"git rebase --help\" referred to \"offset\" (the difference between the location a change was taken from and the change gets replaced) incorrectly and called it \"fuzz\", which has been corrected.
* \"git notes add -m \'\' --allow-empty\" and friends that take prepared data to create notes should not invoke an editor, but it started doing so since Git 2.42, which has been corrected.
* An expensive operation to prepare tracing was done in re-encoding code path even when the tracing was not requested, which has been corrected.
* Perforce tests have been updated.
* The credential helper to talk to OSX keychain sometimes sent garbage bytes after the username, which has been corrected.
* A recent update broke \"git ls-remote\" used outside a repository, which has been corrected.
* \"git config --value=foo --fixed-value section.key newvalue\" barfed when the existing value in the configuration file used the valueless true syntax, which has been corrected.
* \"git reflog expire\" failed to honor annotated tags when computing reachable commits.
* A flakey test and incorrect calls to strtoX() functions have been fixed.
* Follow-up on 2.45.1 regression fix.
* \"git rev-list ... | git diff-tree -p --remerge-diff --stdin\" should behave more or less like \"git log -p --remerge-diff\" but instead it crashed, forgetting to prepare a temporary object store needed.
* The patch parser in \"git patch-id\" has been tightened to avoid getting confused by lines that look like a patch header in the log message.
* \"git bundle unbundle\" outside a repository triggered a BUG() unnecessarily, which has been corrected.
* The code forgot to discard unnecessary in-core commit buffer data for commits that \"git log --skip=\" traversed but omitted from the output, which has been corrected.
* \"git verify-pack\" and \"git index-pack\" started dying outside a repository, which has been corrected.
* A corner case bug in \"git stash\" was fixed.
* Wed Aug 28 2024 Georg Pfuetzenreuter - Change less requirement to path to allow for use with BusyBox
* Tue Jul 30 2024 Marcus Rueckert - update to 2.46.0 UI, Workflows & Features
* The \"--rfc\" option of \"git format-patch\" learned to take an optional string value to be used in place of \"RFC\" to tweak the \"[PATCH]\" on the subject header.
* The credential helper protocol, together with the HTTP layer, have been enhanced to support authentication schemes different from username & password pair, like Bearer and NTLM.
* Command line completion script (in contrib/) learned to complete \"git symbolic-ref\" a bit better (you need to enable plumbing commands to be completed with GIT_COMPLETION_SHOW_ALL_COMMANDS).
* When the user responds to a prompt given by \"git add -p\" with an unsupported command, list of available commands were given, which was too much if the user knew what they wanted to type but merely made a typo. Now the user gets a much shorter error message.
* The color parsing code learned to handle 12-bit RGB colors, spelled as \"#RGB\" (in addition to \"#RRGGBB\" that is already supported).
* The operation mode options (like \"--get\") the \"git config\" command uses have been deprecated and replaced with subcommands (like \"git config get\").
* \"git tag\" learned the \"--trailer\" option to futz with the trailers in the same way as \"git commit\" does.
* A new global \"--no-advice\" option can be used to disable all advice messages, which is meant to be used only in scripts.
* Updates to symbolic refs can now be made as a part of ref transaction.
* The trailer API has been reshuffled a bit.
* Terminology to call various ref-like things are getting straightened out.
* The command line completion script (in contrib/) has been adjusted to the recent update to \"git config\" that adopted subcommand based UI.
* The knobs to tweak how reftable files are written have been made available as configuration variables.
* When \"git push\" notices that the commit at the tip of the ref on the other side it is about to overwrite does not exist locally, it used to first try fetching it if the local repository is a partial clone. The command has been taught not to do so and immediately fail instead.
* The promisor.quiet configuration knob can be set to true to make lazy fetching from promisor remotes silent.
* The inter/range-diff output has been moved to the end of the patch when format-patch adds it to a single patch, instead of writing it before the patch text, to be consistent with what is done for a cover letter for a multi-patch series.
* A new command has been added to migrate a repository that uses the files backend for its ref storage to use the reftable backend, with limitations.
* \"git diff --exit-code --ext-diff\" learned to take the exit status of the external diff driver into account when deciding the exit status of the overall \"git diff\" invocation when configured to do so.
* \"git update-ref --stdin\" learned to handle transactional updates of symbolic-refs.
* \"git format-patch --interdiff\" for multi-patch series learned to turn on cover letters automatically (unless told never to enable cover letter with \"--no-cover-letter\" and such).
* The \"--heads\" option of \"ls-remote\" and \"show-ref\" has been been deprecated; \"--branches\" replaces \"--heads\".
* For over a year, setting add.interactive.useBuiltin configuration variable did nothing but giving a \"this does not do anything\" warning. The warning has been removed.
* The http transport can now be told to send request with authentication material without first getting a 401 response.
* A handful of entries are added to the GitFAQ document.
* \"git var GIT_SHELL_PATH\" should report the path to the shell used to spawn external commands, but it didn\'t do so on Windows, which has been corrected. Performance, Internal Implementation, Development Support etc.
* Advertise \"git contacts\", a tool for newcomers to find people to ask review for their patches, a bit more in our developer documentation.
* In addition to building the objects needed, try to link the objects that are used in fuzzer tests, to make sure at least they build without bitrot, in Linux CI runs.
* Code to write out reftable has seen some optimization and simplification.
* Tests to ensure interoperability between reftable written by jgit and our code have been added and enabled in CI.
* The singleton index_state instance \"the_index\" has been eliminated by always instantiating \"the_repository\" and replacing references to \"the_index\" with references to its .index member.
* Git-GUI has a new maintainer, Johannes Sixt.
* The \"test-tool\" has been taught to run testsuite tests in parallel, bypassing the need to use the \"prove\" tool.
* The \"whitespace check\" task that was enabled for GitHub Actions CI has been ported to GitLab CI.
* The refs API lost functions that implicitly assumes to work on the primary ref_store by forcing the callers to pass a ref_store as an argument.
* Code clean-up to reduce inter-function communication inside builtin/config.c done via the use of global variables.
* The pack bitmap code saw some clean-up to prepare for a follow-up topic.
* Preliminary code clean-up for \"git send-email\".
* The default \"creation-factor\" used by \"git format-patch\" has been raised to make it more aggressively find matching commits.
* Before discovering the repository details, We used to assume SHA-1 as the \"default\" hash function, which has been corrected. Hopefully this will smoke out codepaths that rely on such an unwarranted assumptions.
* The project decision making policy has been documented.
* The strcmp-offset tests have been rewritten using the unit test framework.
* \"git add -p\" learned to complain when an answer with more than one letter is given to a prompt that expects a single letter answer.
* The alias-expanded command lines are logged to the trace output.
* A new test was added to ensure git commands that are designed to run outside repositories do work.
* A few tests in reftable library have been rewritten using the unit test framework.
* A pair of test helpers that essentially are unit tests on hash algorithms have been rewritten using the unit-tests framework.
* A test helper that essentially is unit tests on the \"decorate\" logic has been rewritten using the unit-tests framework.
* Many memory leaks in the sparse-checkout code paths have been plugged.
* \"make check-docs\" noticed problems and reported to its output but failed to signal its findings with its exit status, which has been corrected.
* Building with \"-Werror -Wwrite-strings\" is now supported.
* To help developers, the build procedure now allows builders to use CFLAGS_APPEND to specify additional CFLAGS.
* \"oidtree\" tests were rewritten to use the unit test framework.
* The structure of the document that records longer-term project decisions to deprecate/remove/update various behaviour has been outlined.
* The pseudo-merge reachability bitmap to help more efficient storage of the reachability bitmap in a repository with too many refs has been added.
* When \"git merge\" sees that the index cannot be refreshed (e.g. due to another process doing the same in the background), it died but after writing MERGE_HEAD etc. files, which was useless for the purpose to recover from the failure.
* The output from \"git cat-file --batch-check\" and \"--batch-command (info)\" should not be unbuffered, for which some tests have been added.
* A CPP macro USE_THE_REPOSITORY_VARIABLE is introduced to help transition the codebase to rely less on the availability of the singleton the_repository instance.
* \"git version --build-options\" reports the version information of OpenSSL and other libraries (if used) in the build.
* Memory ownership rules for the in-core representation of remote.
*.url configuration values have been straightened out, which resulted in a few leak fixes and code clarification.
* When bundleURI interface fetches multiple bundles, Git failed to take full advantage of all bundles and ended up slurping duplicated objects, which has been corrected.
* The code to deal with modified paths that are out-of-cone in a sparsely checked out working tree has been optimized.
* An existing test of oidmap API has been rewritten with the unit-test framework.
* The \"ort\" merge backend saw one bugfix for a crash that happens when inner merge gets killed, and assorted code clean-ups.
* A new warning message is issued when a command has to expand a sparse index to handle working tree cruft that are outside of the sparse checkout.
* The test framework learned to take the test body not as a single string but as a here-document.
* \"git push \'\' HEAD:there\" used to hit a BUG(); it has been corrected to die with \"fatal: bad repository \'\'\".
* What happens when http.cookieFile gets the special value \"\" has been clarified in the documentation. Fixes
* \"git rebase --signoff\" used to forget that it needs to add a sign-off to the resulting commit when told to continue after a conflict stops its operation.
* The procedure to build multi-pack-index got confused by the replace-refs mechanism, which has been corrected by disabling the latter.
* The \"-k\" and \"--rfc\" options of \"format-patch\" will now error out when used together, as one tells us not to add anything to the title of the commit, and the other one tells us to add \"RFC\" in addition to \"PATCH\".
* \"git stash -S\" did not handle binary files correctly, which has been corrected.
* A scheduled \"git maintenance\" job is expected to work on all repositories it knows about, but it stopped at the first one that errored out. Now it keeps going.
* zsh can pretend to be a normal shell pretty well except for some glitches that we tickle in some of our scripts. Work them around so that \"vimdiff\" and our test suite works well enough with it.
* Command line completion support for zsh (in contrib/) has been updated to stop exposing internal state to end-user shell interaction.
* Tests that try to corrupt in-repository files in chunked format did not work well on macOS due to its broken \"mv\", which has been worked around.
* The maximum size of attribute files is enforced more consistently.
* Unbreak CI jobs so that we do not attempt to use Python 2 that has been removed from the platform.
* Git 2.43 started using the tree of HEAD as the source of attributes in a bare repository, which has severe performance implications. For now, revert the change, without ripping out a more explicit support for the attr.tree configuration variable.
* The \"--exit-code\" option of \"git diff\" command learned to work with the \"--ext-diff\" option.
* Windows CI running in GitHub Actions started complaining about the order of arguments given to calloc(); the imported regex code uses the wrong order almost consistently, which has been corrected.
* Expose \"name conflict\" error when a ref creation fails due to D/F conflict in the ref namespace, to improve an error message given by \"git fetch\". (merge 9339fca23e it/refs-name-conflict later to maint).
* The SubmittingPatches document now refers folks to manpages translation project.
* The documentation for \"git diff --name-only\" has been clarified that it is about showing the names in the post-image tree.
* The credential helper that talks with osx keychain learned to avoid storing back the authentication material it just got received from the keychain. (merge e1ab45b2da kn/osxkeychain-skip-idempotent-store later to maint).
* The chainlint script (invoked during \"make test\") did nothing when it failed to detect the number of available CPUs. It now falls back to 1 CPU to avoid the problem.
* Revert overly aggressive \"layered defence\" that went into 2.45.1 and friends, which broke \"git-lfs\", \"git-annex\", and other use cases, so that we can rebuild necessary counterparts in the open.
* \"git init\" in an already created directory, when the user configuration has includeif.onbranch, started to fail recently, which has been corrected.
* Memory leaks in \"git mv\" has been plugged.
* The safe.directory configuration knob has been updated to optionally allow leading path matches.
* An overly large \".gitignore\" files are now rejected silently.
* Upon expiration event, the credential subsystem forgot to clear in-core authentication material other than password (whose support was added recently), which has been corrected.
* Fix for an embarrassing typo that prevented Python2 tests from running anywhere.
* Varargs functions that are unannotated as printf-like or execl-like have been annotated as such.
* \"git am\" has a safety feature to prevent it from starting a new session when there already is a session going. It reliably triggers when a mbox is given on the command line, but it has to rely on the tty-ness of the standard input. Add an explicit way to opt out of this safety with a command line option. (merge 62c71ace44 jk/am-retry later to maint).
* A leak in \"git imap-send\" that somehow escapes LSan has been plugged.
* Setting core.abbrev too early before the repository set-up (typically in \"git clone\") caused segfault, which as been corrected.
* When the user adds to \"git rebase -i\" instruction to \"pick\" a merge commit, the error experience is not pleasant. Such an error is now caught earlier in the process that parses the todo list.
* We forgot to normalize the result of getcwd() to NFC on macOS where all other paths are normalized, which has been corrected. This still does not address the case where core.precomposeUnicode configuration is not defined globally.
* Earlier we stopped using the tree of HEAD as the default source of attributes in a bare repository, but failed to document it. This has been corrected.
* \"git update-server-info\" and \"git commit-graph --write\" have been updated to use the tempfile API to avoid leaving cruft after failing.
* An unused extern declaration for mingw has been removed to prevent it from causing build failure.
* A helper function shared between two tests had a copy-paste bug, which has been corrected.
* \"git fetch-pack -k -k\" without passing \"--lock-pack\" (which we never do ourselves) did not work at all, which has been corrected.
* CI job to build minimum fuzzers learned to pass NO_CURL=NoThanks to the build procedure, as its build environment does not offer, or the rest of the build needs, anything cURL. (merge 4e66b5a990 jc/fuzz-sans-curl later to maint).
* \"git diff --no-ext-diff\" when diff.external is configured ignored the \"--color-moved\" option. (merge 0f4b0d4cf0 rs/diff-color-moved-w-no-ext-diff-fix later to maint).
* \"git archive --add-virtual-file=:\" never paid attention to the --prefix= option but the documentation said it would. The documentation has been corrected. (merge 72c282098d jc/archive-prefix-with-add-virtual-file later to maint).
* When GIT_PAGER failed to spawn, depending on the code path taken, we failed immediately (correct) or just spew the payload to the standard output (incorrect). The code now always fail immediately when GIT_PAGER fails. (merge 78f0a5d187 rj/pager-die-upon-exec-failure later to maint).
* date parser updates to be more careful about underflowing epoch based timestamp. (merge 9d69789770 db/date-underflow-fix later to maint).
* The Bloom filter used for path limited history traversal was broken on systems whose \"char\" is unsigned; update the implementation and bump the format version to 2. (merge 9c8a9ec787 tb/path-filter-fix later to maint).
* Typofix. (merge 231cf7370e as/pathspec-h-typofix later to maint).
* Code clean-up. (merge 4b837f821e rs/simplify-submodule-helper-super-prefix-invocation later to maint).
* \"git describe --dirty --broken\" forgot to refresh the index before seeing if there is any chang, (\"git describe --dirty\" correctly did so), which has been corrected. (merge b8ae42e292 as/describe-broken-refresh-index-fix later to maint).
* Test suite has been taught not to unnecessarily rely on DNS failing a bogus external name. (merge 407cdbd271 jk/tests-without-dns later to maint).
* GitWeb update to use committer date consistently in rss/atom feeds. (merge cf6ead095b am/gitweb-feed-use-committer-date later to maint).
* Custom control structures we invented more recently have been taught to the clang-format file. (merge 1457dff9be rs/clang-format-updates later to maint).
* Developer build procedure fix. (merge df32729866 tb/dev-build-pedantic-fix later to maint).
* \"git push\" that pushes only deletion gave an unnecessary and harmless error message when push negotiation is configured, which has been corrected. (merge 4d8ee0317f jc/disable-push-nego-for-deletion later to maint).
* Address-looking strings found on the trailer are now placed on the Cc: list after running through sanitize_address by \"git send-email\". (merge c852531f45 cb/send-email-sanitize-trailer-addresses later to maint).
* Tests that use GIT_TEST_SANITIZE_LEAK_LOG feature got their exit status inverted, which has been corrected. (merge 8c1d6691bc rj/test-sanitize-leak-log-fix later to maint).
* The http.cookieFile and http.saveCookies configuration variables have a few values that need to be avoided, which are now ignored with warning messages. (merge 4f5822076f jc/http-cookiefile later to maint).
* Repacking a repository with multi-pack index started making stupid pack selections in Git 2.45, which has been corrected. (merge 8fb6d11fad ds/midx-write-repack-fix later to maint).
* Fix documentation mark-up regression in 2.45. (merge 6474da0aa4 ja/doc-markup-updates-fix later to maint).
* Work around asciidoctor\'s css that renders `monospace` material in the SYNOPSIS section of manual pages as block elements. (merge d44ce6ddd5 js/doc-markup-updates-fix later to maint).
* Other code cleanup, docfix, build fix, etc. (merge 493fdae046 ew/object-convert-leakfix later to maint). (merge 00f3661a0a ss/doc-eol-attr-fix later to maint). (merge 428c40da61 ri/doc-show-branch-fix later to maint). (merge 58696bfcaa jc/where-is-bash-for-ci later to maint). (merge 616e94ca24 tb/doc-max-tree-depth-fix later to maint).
* Thu Jul 18 2024 Antonio Teixeira - Add CVE-2024-24577.patch
* CVE-2024-24577: arbitrary code execution due to heap corruption in git_index_add (boo#1219660)
* Fri May 31 2024 Matej Cepl - Compat stub for %python3_fix_shebang_path
* Fri May 31 2024 Marcus Rueckert - only call the %python3_fix_shebang_path if it is actually defined. This fixes the build on 15.x
* Fri May 31 2024 Andreas Stieger - update to 2.45.2:
* Revert \"defense in depth\" fixes from 2.45.1 broke \'git lfs\' and \'git annex\'
* Mon May 27 2024 Matej Cepl - remove dependency on /usr/bin/python3 using %python3_fix_shebang_path macro, [bsc#1212476]
* Tue May 14 2024 Andreas Stieger - update to 2.45.1:
* CVE-2024-32002: recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion (boo#1224168)
* CVE-2024-32004: arbitrary code execution during local clones (boo#1224170)
* CVE-2024-32020: file overwriting vulnerability during local clones (boo#1224171)
* CVE-2024-32021: git may create hardlinks to arbitrary user- readable files (boo#1224172)
* CVE-2024-32465: arbitrary code execution during clone operations (boo#1224173)
* Wed May 01 2024 Andreas Stieger - update to 2.45.0:
* Improved efficiency managing repositories with many references (\"git init --ref-format=reftable\")
* \"git checkout -p\" and friends learned that that \"AATT\" is a synonym for \"HEAD\"
* cli improvements handling refs
* Expanded a number of commands and options, UI improvements
* status.showUntrackedFiles now accepts \"true\"
* git-cherry-pick(1) now automatically drops redundant commits with new --empty option
* The userdiff patterns for C# has been updated.
* Sun Feb 25 2024 Andreas Stieger - update to 2.44.0:
* \"git checkout -B \" now longer allows switching to a branch that is in use on another worktree. The users need to use \"--ignore-other-worktrees\" option.
* Faster server-side rebases with git replay
* Faster pack generation with multi-pack reuse
* rebase auto-squashing now works in non-interactive mode
* pathspec now understands attr, e.g. \':(attr:~binary) for selecting non-binaries, or builtin_objectmode for selecting items by file mode or other properties
* Many other cli UI and internal improvements and extensions
* Tue Feb 20 2024 Danilo Spinella - Do not replace apparmor configuration, fixes bsc#1216545
* Thu Feb 15 2024 Andreas Stieger - update to 2.43.2:
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.2.txt
* Update to a new feature recently added, \"git show-ref --exists\".
* Rename detection logic ignored the final line of a file if it is an incomplete line.
* \"git diff --no-rename A B\" did not disable rename detection but did not trigger an error from the command line parser.
* \"git diff --no-index file1 file2\" segfaulted while invoking the external diff driver, which has been corrected.
* A failed \"git tag -s\" did not necessarily result in an error depending on the crypto backend, which has been corrected.
* \"git stash\" sometimes was silent even when it failed due to unwritable index file, which has been corrected.
* Recent conversion to allow more than 0/1 in GIT_FLUSH broke the mechanism by flipping what yes/no means by mistake, which has been corrected.
* Mon Feb 12 2024 Dirk Müller - update to 2.43.1:
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.1.txt
* Tue Jan 09 2024 Christian Boltz - gitweb AppArmor profile: allow reading etc/gitweb-common.conf (boo#1218664)
* Mon Jan 08 2024 Christian Boltz - git moved to /usr/libexec/git/git, update AppArmor profile accordingly (boo#1218588)
* Tue Nov 21 2023 Dirk Müller - update to 2.43.0:
* The \"--rfc\" option of \"git format-patch\" used to be a valid way to override an earlier \"--subject-prefix=\" on the command line and replace it with \"[RFC PATCH]\", but from this release, it merely prefixes the string \"RFC \" in front of the given subject prefix. If you are negatively affected by this change, please use \"--subject-prefix=PATCH --rfc\" as a replacement.
* In Git 2.42, \"git rev-list --stdin\" learned to take non-revisions (like \"--not\") from the standard input, but the way such a \"--not\" was handled was quite confusing, which has been rethought. The updated rule is that \"--not\" given from the command line only affects revs given from the command line that comes but not revs read from the standard input, and \"--not\" read from the standard input affects revs given from the standard input and not revs given from the command line.
* A message written in olden time prevented a branch from getting checked out, saying it is already checked out elsewhere. But these days, we treat a branch that is being bisected or rebased just like a branch that is checked out and protect it from getting modified with the same codepath. The message has been rephrased to say that the branch is \"in use\" to avoid confusion.
* Hourly and other schedules of \"git maintenance\" jobs are randomly distributed now.
* \"git cmd -h\" learned to signal which options can be negated by listing such options like \"--[no-]opt\".
* The way authentication related data other than passwords (e.g., oauth token and password expiration data) are stored in libsecret keyrings has been rethought.
* Update the libsecret and wincred credential helpers to correctly match which credential to erase; they erased the wrong entry in some cases.
* Git GUI updates.
* \"git format-patch\" learned a new \"--description-file\" option that lets cover letter description to be fed; this can be used on detached HEAD where there is no branch description available, and also can override the branch description if there is one.
* Use of the \"--max-pack-size\" option to allow multiple packfiles to be created is now supported even when we are sending unreachable objects to cruft packs.
* \"git format-patch --rfc --subject-prefix=\" used to ignore the \"--subject-prefix\" option and used \"[RFC PATCH]\"; now we will add \"RFC\" prefix to whatever subject prefix is specified.
* \"git log --format\" has been taught the %(decorate) placeholder for further customization over what the \"--decorate\" option offers.
* The default log message created by \"git revert\", when reverting a commit that records a revert, has been tweaked, to encourage people to describe complex \"revert of revert of revert\" situations better in their own words.
* The command-line completion support (in contrib/) learned to complete \"git commit --trailer=\" for possible trailer keys.
* \"git update-index\" learned the \"--show-index-version\" option to inspect the index format version used by the on-disk index file.
* \"git diff\" learned the \"diff.statNameWidth\" configuration variable, to give the default width for the name part in the \"--stat\" output.
* \"git range-diff --notes=foo\" compared \"log --notes=foo --notes\" of the two ranges, instead of using just the specified notes tree, which has been corrected to use only the specified notes tree.
* The command line completion script (in contrib/) can be told to complete aliases by including \": git ;\" in the alias to tell it that the alias should be completed in a similar way to how \"git \" is completed. The parsing code for the alias has been loosened to allow \';\' without an extra space before it.
* \"git for-each-ref\" and friends learned to apply mailmap to authorname and other fields in a more flexible way than using separate placeholder letters like %a[eElL] every time we want to come up with small variants.
* \"git repack\" machinery learned to pay attention to the \"--filter=\" option.
* \"git repack\" learned the \"--max-cruft-size\" option to prevent cruft packs from growing without bounds.
* \"git merge-tree\" learned to take strategy backend specific options via the \"-X\" option, like \"git merge\" does.
* \"git log\" and friends learned the \"--dd\" option that is a short-hand for \"--diff-merges=first-parent -p\".
* The attribute subsystem learned to honor the \"attr.tree\" configuration variable that specifies which tree to read the .gitattributes files from.
* \"git merge-file\" learns a mode to read three variants of the contents to be merged from blob objects.
* see https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.0.txt
* Sat Nov 04 2023 Andreas Stieger - git 2.42.1:
* The usual number of bug fixes, including
* Fix \"git diff\" exit code handling
* Various fixes to the behavior of \"rebase -i\" when the command got interrupted by conflicting changes
* Mon Oct 23 2023 Michal Suchanek - Add rule for /etc/gitconfig in gitweb.cgi apparmor profile (bsc#1216501).
* Mon Oct 23 2023 Christian Boltz - gitweb.cgi AppArmor profile - make the profile a named profile - add local/ include to make custom additions easier
* Fri Sep 22 2023 Michal Suchanek - Downgrade openssh dependency to recommends (bsc#1215533)
* Wed Aug 23 2023 Andreas Stieger - git 2.42.0:
* \"git pack-refs\" learns \"--include\" and \"--exclude\" to tweak the ref hierarchy to be packed using pattern matching.
* \'git worktree add\' learned how to create a worktree based on an orphaned branch with `--orphan`.
* \"git pack-objects\" learned to invoke a new hook program that enumerates extra objects to be used as anchoring points to keep otherwise unreachable objects in cruft packs.
* Add more \"git var\" for toolsmiths to learn various locations Git is configured with either via the configuration or hard-coded defaults.
* \'git notes append\' was taught \'--separator\' to specify string to insert between paragraphs.
* The \"git for-each-ref\" family of commands learned placeholders related to GPG signature verification.
* \"git diff --no-index\" learned to read from named pipes as if they were regular files, to allow \"git diff <(process) <(substitution)\" some shells support.
* Help newbies by suggesting that there are cases where force-pushing is a valid and sensible thing to update a branch at a remote repository, rather than reconciling with merge/rebase.
* \"git blame --contents=file\" has been taught to work in a bare repository.
* \"git branch -f X\" to repoint the branch X said that X was \"checked out\" in another worktree, even when branch X was not and instead being bisected or rebased. The message was reworded to say the branch was \"in use\".
* Tone down the warning on SHA-256 repositories being an experimental curiosity. We do not have support for them to interoperate with traditional SHA-1 repositories, but at this point, we do not plan to make breaking changes to SHA-256 repositories and there is no longer need for such a strongly phrased warning.
* \"git diff-tree\" has been taught to take advantage of the sparse-index feature.
* The object traversal using reachability bitmap done by \"pack-object\" has been tweaked to take advantage of the fact that using \"boundary\" commits as representative of all the uninteresting ones can save quite a lot of object enumeration.
* \"git worktree\" learned to work better with sparse index feature.
* When the external merge driver is killed by a signal, its output should not be trusted as a resolution with conflicts that is proposed by the driver, but the code did.
* The set-up code for the get_revision() API now allows feeding options like --all and --not in the --stdin mode.
* Move functions that are not about pure string manipulation out of strbuf.[ch]
* \"imap-send\" codepaths got cleaned up to get rid of unused parameters.
* Enumerating refs in the packed-refs file, while excluding refs that match certain patterns, has been optimized.
* Mark-up unused parameters in the code so that we can eventually enable -Wunused-parameter by default.
* Instead of inventing a custom counter variables for debugging, use existing trace2 facility in the fsync customization codepath.
* \"git branch --list --format=\" and friends are taught a new \"%(describe)\" placeholder.
* Clarify how to choose the starting point for a new topic in developer guidance document.
* The implementation of \"get_sha1_hex()\" that reads a hexadecimal string that spells a full object name has been extended to cope with any hash function used in the repository, but the \"sha1\" in its name survived. Rename it to get_hash_hex(), a name that is more consistent within its friends like get_hash_hex_algop().
* Command line parser fix, and a small parse-options API update.
* bug fixes
* Sat Jun 03 2023 Andreas Stieger - git 2.41.0: This update contains a number of compatible updates, improvements and extensions to multiple workflows. Some changes may break backwards compatibility:
* The libsecret credential helper obsoletes direct GNOME keyring support, which was dropped (git-credential-gnome-keyring)
* \"git format-patch\" has been taught to ignore end-user configuration (\"diff.noprefix\") and always use the standard prefixes, to avoid breaking the receiving end of the patch- drop sha256_clone_fix.patch
* Tue Apr 25 2023 Andreas Stieger - git 2.40.1:
* CVE-2023-25652: By feeding specially crafted input to git apply - -reject, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch).
* CVE-2023-25815: When Git is compiled with runtime prefix support and runs without translated messages, it still used the gettext machinery to display messages, which subsequently potentially looked for translated messages in unexpected places. This allowed for malicious placement of crafted messages.
* CVE-2023-29007: When renaming or deleting a section from a configuration file, certain malicious configuration values may be misinterpreted as the beginning of a new configuration section, leading to arbitrary configuration injection.
* Thu Apr 06 2023 Adam Majer - sha256_clone_fix.patch: fix cloning of empty sha256 repositories (jsc#PED-3891)
* Mon Mar 13 2023 Andreas Stieger - git 2.40.0:
* backward incompatible change: The format.attach configuration variable lacked a way to override a value defined in a lower-priority configuration file (e.g. the system one) by redefining it in a higher-priority configuration file. Now, setting format.attach to an empty string means show the patch inline in the e-mail message, without using MIME attachment.
* multiple commands and workflows gained additional options, compatible functionality, or more helpful output
* \"grep -P\" learned to use Unicode Character Property to grok character classes when processing \\b and \\w etc.
* under-the-hood improvements and bug fixes- The scripted \"git add -p/-i\" implementation was removed upstream. The openSUSE package already preferred the C implementation.
* Tue Feb 14 2023 Andreas Stieger - git 2.39.2:
* CVE-2023-22490: Using a specially-crafted repository, Git can be tricked into using its local clone optimization even when using a non-local transport boo#1208027
* CVE-2023-23946: a path outside the working tree can be overwritten as the user who is running \"git apply\" boo#1208028
* Tue Jan 17 2023 Andreas Stieger - git 2.39.1, fixing two security issues that could allow remote code execution when accessing specially crafted repositories:
* CVE-2022-41903: log format integer overflow boo#1207033
* CVE-2022-23521: gitattributed parsing integer overflow boo#1207032
* Thu Dec 15 2022 Dirk Müller - switch to pkgconfig(zlib) so that alternative providers can be used
* Mon Dec 12 2022 Andreas Stieger - git 2.39.0:
* \"git grep\" learned to expand the sparse-index more lazily and on demand in a sparse checkout.
* By default, use of fsmonitor on a repository on networked filesystem is disabled.
* After checking out a \"branch\" that is a symbolic-ref that points at another branch, \"git symbolic-ref HEAD\" reports the underlying branch, not the symbolic-ref the user gave checkout as argument. The command learned the \"--no-recurse\" option to stop after dereferencing a symbolic-ref only once.
* \"git branch --edit-description AATT{-1}\" is now a way to edit branch description of the branch you were on before switching to the current branch.
* \"git merge-tree --stdin\" is a new way to request a series of merges and report the merge results.
* \"git shortlog\" learned to group by the \"format\" string.
* A new \"--include-whitespace\" option is added to \"git patch-id\", and existing bugs in the internal patch-id logic that did not match what \"git patch-id\" produces have been corrected.
* Enable gc.cruftpacks by default for those who opt into feature.experimental setting.
* \"git repack\" learns to send cruft objects out of the way into packfiles outside the repository.
* \'scalar reconfigure -a\' is taught to automatically remove scalar.repo entires which no longer exist.
* Redact headers from cURL\'s h2h3 module in GIT_CURL_VERBOSE and others.
* \'git maintenance register\' is taught to write configuration to an arbitrary path, and \'git for-each-repo\' is taught to expand tilde characters in paths.
* When creating new notes, the template used to get a stray empty newline, which has been removed.
* \"git receive-pack\" used to use all the local refs as the boundary for checking connectivity of the data \"git push\" sent, but now it uses only the refs that it advertised to the pusher. In a repository with the .hideRefs configuration, this reduces the resources needed to perform the check.
* With \'--recurse-submodules=on-demand\', all submodules are recursively pushed.
* developer visible fixes
* Mon Dec 12 2022 Andreas Stieger - git 2.38.2, a general maintenance release:
* Fix unaligned memory access for reads from the index v4
* \"git remote rename\" failed to rename a remote without fetch refspec, which has been corrected.
* \"git clone\" did not like to see the \"--bare\" and the \"--origin\" options used together without a good reason.
* \"git fsck\" failed to release contents of tree objects already used from the memory
* \"git rebase -i\" can mistakenly attempt to apply a fixup to commit itself, which has been corrected.
* Fix segfault with \"git merge-tree\" on read-only repositories
* Fix a logic in \"mailinfo -b\" that miscomputed the length of a substring, which lead to an out-of-bounds access.
* The codepath to sign learned to report errors when it fails to read from \"ssh-keygen\".
* \"GIT_EDITOR=: git branch --edit-description\" resulted in failure
* \"git multi-pack-index repack/expire\" used to repack unreachable cruft into a new pack, which have been corrected.
* The code to clean temporary object directories (used for quarantine) tried to remove them inside its signal handler
* \"git branch --edit-description\" on an unborh branch misleadingly said that no such branch exists
* `git rebase --update-refs` would delete references when all `update-ref` commands in the sequencer were removed
* Tue Nov 01 2022 Andreas Stieger - disable tests on s390x (check-chainlint)
* Wed Oct 26 2022 Dirk Müller - update to 2.38.1 (bsc#1204455, CVE-2022-39253, bsc#1204456, CVE-2022-39260):
* CVE-2022-39253: When relying on the `--local` clone optimization, Git dereferences symbolic links in the source repository before creating hardlinks (or copies) of the dereferenced link in the destination repository. This can lead to surprising behavior where arbitrary files are present in a repository\'s `$GIT_DIR` when cloning from a malicious repository. Git will no longer dereference symbolic links via the `--local` clone mechanism, and will instead refuse to clone repositories that have symbolic links present in the `$GIT_DIR/objects` directory. Additionally, the value of `protocol.file.allow` is changed to be \"user\" by default.
* CVE-2022-39260: An overly-long command string given to `git shell` can result in overflow in `split_cmdline()`, leading to arbitrary heap writes and remote code execution when `git shell` is exposed and the directory `$HOME/git-shell-commands` exists. `git shell` is taught to refuse interactive commands that are longer than 4MiB in size. `split_cmdline()` is hardened to reject inputs larger than 2GiB.
* Thu Oct 06 2022 Andreas Stieger - git 2.38.0:
* scalar: a repository management tool for large repositories
* new git rebase --update-refs (global rebase.updateRefs) to update dependent branches
* merge-tree integrated with the new ort merge strategy - -write-tree, while --trivial-merge retains the old mode
* bare git repositories can now be stored and distributed in other git repositories
* Setting the safe.bareRepository configuration to \"explicit\" avoids running arbitrary commands from filesystem monitoring hooks of untrusted git repositories unless --git-dir is set
* git grep: new -m / --max-count options to limit the number of matches per file
* git ls-files --format is a new option to customize outout
* git cat-file and git show now support mailmap author mapping
* bug fixes and performance improvements
* Thu Sep 22 2022 Dirk Müller - drop python2 requires as git-p4 is documented to work with python3
* Fri Sep 09 2022 Callum Farmer - Remove nogroup requirement: no longer needed
* Fri Sep 02 2022 Andreas Stieger - git 2.37.3:
* Plug memory leaks in the failure code path in the \"merge-ort\" merge strategy backend.
* \"vimdiff3\" regression has been corrected
* \"git fsck\" improvements
* Fixes to sparse index compatibility work for \"reset\" and \"checkout\" commands
* Documentation for \"git add --renormalize\" has been improved
* developer visible fixes
* Mon Aug 15 2022 Andreas Stieger - git 2.37.2:
* multiple bug fixes, developer visible or handling corner cases
* \"git p4\" improved non-ASCII support
* Tue Jul 12 2022 Andreas Stieger - git 2.37.1:
* Rewrite of \"git add -i\" in C that appeared in Git 2.25 didn\'t correctly record a removed file to the index, which is an old regression but has become widely known because the C version has become the default in the latest release.
* Fix for CVE-2022-29187 [boo#1201431]: The safety check that verifies a safe ownership of the Git worktree is now extended to also cover the ownership of the Git directory (and the `.git` file, if there is any).
* Mon Jul 11 2022 olafAATTaepfle.de- Usage of sysusers_requires is optional, like during quilt setup
* Sun Jul 10 2022 Callum Farmer - Use the system user\'s group instead of nogroup
* Fri Jul 08 2022 Petr Vorel - Add /etc/bash_completion.d/git-prompt: checks for git-prompt.sh and source it if available. Some users rely on the __git_ps1 function becoming available when bash-completion is loaded. Continue to load this library at bash-completion startup for now, to ease the transition to a world order where the prompt function is requested separately. Inspired by Debian.
* Thu Jul 07 2022 Danilo Spinella - Update git to 2.37.0: https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.37.0.txt- git add --interactive is now default upstream, remove suse patch:
* suse-use-builtin-add-interactive.patch
* Wed Jun 15 2022 Antoine Belvire - Fix rpmlint errors/warnings about bash/zsh completion locations.- Remove now obsolete git-zsh-completion-fixes.diff.- Adjust git-tcsh-completion-fixes.diff.
* Tue May 24 2022 Dominique Leuenberger - Do not recommend git-cvs and git-svn by git, but rather have those two packages supplement the combination of git and their respective counterparts.
* Fri May 06 2022 Andreas Stieger - git 2.36.1:
* fix \"git submodule update\" noisyness without pathspec
* fix \"diff-tree --stdin\"
* fix \"git name-rev\" referenging strings after they are freed
* fix \"git show ... -- \" loosing the pathspec when showing the second and subsequent commits
* fix \"git fast-export -- \" loosing the pathspec when showing the second and subsequent commits
* fix \"git format-patch -- \" loosing the pathspec when showing the second and subsequent commits
* Tue Apr 19 2022 Andreas Stieger - git 2.36.0:
* \"git name-rev --stdin\" has been deprecated and issues a warning when used; use \"git name-rev --annotate-stdin\" instead.
* \"git clone --filter=... --recurse-submodules\" only makes the top-level a partial clone, while submodules are fully cloned. This behaviour is changed to pass the same filter down to the submodules.
* improvements and extensions to multiple workflows and features
* bug fixes and performance improvements
* Thu Apr 14 2022 Andreas Stieger - git 2.35.3:
* usability fix-up for CVE-2022-24765 bsc#1198234: \'
*\' can be used as the value for the `safe.directory` variable to signal that the user considers that any directory is safe.
* The code that was meant to parse the new `safe.directory` configuration variable was not checking what configuration variable was being fed to it
* Wed Apr 13 2022 olafAATTaepfle.de- Require bash in git-daemon because the service file uses it- Reword git-daemon.service description to get a useful sentence in journalctl -b
* Tue Apr 12 2022 Andreas Stieger - git 2.35.2 (CVE-2022-24765, bsc#1198234):
* CVE-2022-24765: git may execute commands defined by other users from unexpected worktrees
* Thu Mar 10 2022 chrisAATTcomputersalat.de- fix deps for SLES 12
* Mon Feb 21 2022 Bjørn Lie - \"Downgrade\" git-gui and gitk Recommends to Suggests.
* Sat Jan 29 2022 Andreas Stieger - update to 2.35.1:
* fix \"rebase\" and \"stash\" in a secondary worktree
* Fri Jan 28 2022 Dirk Müller - update to 2.35.0:
* \"_\" is now treated as any other URL-valid characters in an URL when matching the per-URL configuration variable names.
* The color palette used by \"git grep\" has been updated to match that of GNU grep.
* \"git status --porcelain=v2\" now show the number of stash entries with --show-stash like the normal output does.
* \"git stash\" learned the \"--staged\" option to stash away what has been added to the index (and nothing else).
* \"git var GIT_DEFAULT_BRANCH\" is a way to see what name is used for the newly created branch if \"git init\" is run.
* Various operating modes of \"git reset\" have been made to work better with the sparse index.
* \"git submodule deinit\" for a submodule whose .git metadata directory is embedded in its working tree refused to work, until the submodule gets converted to use the \"absorbed\" form where the metadata directory is stored in superproject, and a gitfile at the top-level of the working tree of the submodule points at it. The command is taught to convert such submodules to the absorbed form as needed.
* The completion script (in contrib/) learns that the \"--date\" option of commands from the \"git log\" family takes \"human\" and \"auto\" as valid values.
* \"Zealous diff3\" style of merge conflict presentation has been added.
* The \"git log --format=%(describe)\" placeholder has been extended to allow passing selected command-line options to the underlying \"git describe\" command.
* \"default\" and \"reset\" have been added to our color palette.
* The cryptographic signing using ssh keys can specify literal keys for keytypes whose name do not begin with the \"ssh-\" prefix by using the \"key::\" prefix mechanism (e.g. \"key::ecdsa-sha2-nistp256\").
* \"git fetch\" without the \"--update-head-ok\" option ought to protect a checked out branch from getting updated, to prevent the working tree that checks it out to go out of sync. The code was written before the use of \"git worktree\" got widespread, and only checked the branch that was checked out in the current worktree, which has been updated.
* \"git name-rev\" has been tweaked to give output that is shorter and easier to understand.
* \"git apply\" has been taught to ignore a message without a patch with the \"--allow-empty\" option. It also learned to honor the \"--quiet\" option given from the command line.
* The \"init\" and \"set\" subcommands in \"git sparse-checkout\" have been unified for a better user experience and performance.
* Many git commands that deal with working tree files try to remove a directory that becomes empty (i.e. \"git switch\" from a branch that has the directory to another branch that does not would attempt remove all files in the directory and the directory itself). This drops users into an unfamiliar situation if the command was run in a subdirectory that becomes subject to removal due to the command. The commands have been taught to keep an empty directory if it is the directory they were started in to avoid surprising users.
* \"git am\" learns \"--empty=(stop|drop|keep)\" option to tweak what is done to a piece of e-mail without a patch in it.
* The default merge message prepared by \"git merge\" records the name of the current branch; the name can be overridden with a new option to allow users to pretend a merge is made on a different branch.
* The way \"git p4\" shows file sizes in its output has been updated to use human-readable units.
* \"git -c branch.autosetupmerge=inherit branch new old\" makes \"new\" to have the same upstream as the \"old\" branch, instead of marking \"old\" itself as its upstream.
* Fri Nov 26 2021 Dirk Müller - update to 2.34.1 (bsc#1193722):
* \"git grep\" looking in a blob that has non-UTF8 payload was completely broken when linked with certain versions of PCREv2 library in the latest release.
* \"git pull\" with any strategy when the other side is behind us should succeed as it is a no-op, but doesn\'t.
* An earlier change in 2.34.0 caused JGit application (that abused GIT_EDITOR mechanism when invoking \"git config\") to get stuck with a SIGTTOU signal; it has been reverted.
* An earlier change that broke .gitignore matching has been reverted.
* SubmittingPatches document gained a syntactically incorrect mark-up, which has been corrected.
* Sun Nov 21 2021 Dirk Müller - fix url
* Thu Nov 18 2021 Danilo Spinella - git 2.34.0:
* Release notes: https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.34.0.txt
* Wed Oct 20 2021 Callum Farmer - Add CONFIG parameter to %sysusers_generate_pre- Remove unneeded SHELL in git-daemon.conf- Fix sysusers usage in spec file- Require nogroup group for %pre (bsc#1192023)
* Wed Oct 13 2021 Andreas Stieger - git 2.33.1:
* fix \"git pull\" and \"git rebase -r\" various corner cases and bugs
* \"git commit --fixup\" now works with \"--edit\" again.
* Fix \"git send-email\" unwanted threading
* Fix output from \"git fast-export\" anonymization feature showing an annotated tag incorrectly.
* Fixes for various command output
* fix \"git difftool --dir-diff\" mishandling symbolic links
* Redact sensitive data in the HTTP trace for HTTP/2 requests
* further bug fixes for various git operations
* Mon Sep 20 2021 Johannes Segitz - Added hardening to systemd service(s) (bsc#1181400). Modified:
* git-daemon.service
* Sat Aug 21 2021 Andreas Stieger - git 2.33.0:
* \"git send-email\" learned the \"--sendmail-cmd\" command line option and the \"sendemail.sendmailCmd\" configuration variable, which is a more sensible approach than the current way of repurposing the \"smtp-server\" that is meant to name the server to instead name the command to talk to the server.
* The userdiff pattern for C# learned the token \"record\".
* \"git rev-list\" learns to omit the \"commit \" header lines from the output with the `--no-commit-header` option.
* \"git worktree add --lock\" learned to record why the worktree is locked with a custom message.
* internal improvements including performance optimizations
* a number of bug fixes
* Sun Jun 06 2021 Andreas Stieger - git 2.32.0:
* \".gitattributes\", \".gitignore\", and \".mailmap\" files that are symbolic links are ignored
* \"git apply --3way\" used to first attempt a straight application, and only fell back to the 3-way merge algorithm when the straight application failed. Starting with this version, the command will first try the 3-way merge algorithm and only when it fails (either resulting with conflict or the base versions of blobs are missing), falls back to the usual patch application.
* \"git stash show\" can now show the untracked part of the stash
* Improved \"git repack\" strategy
* http code can now unlock a certificate with a cached password respectively.
* \"git clone --reject-shallow\" option fails the clone as soon as we notice that we are cloning from a shallow repository.
* \"gitweb\" learned \"e-mail privacy\" feature
* Multiple improvements to output and configuration options
* Bug fixes and developer visible fixes
* Thu Apr 22 2021 Markéta Machová - Remove deprecated \"syslog\" option from git-daemon.service (bsc#1185147)
* Fri Apr 09 2021 Frederic Crozat - Add sysusers file to create git-daemon user.
* Thu Apr 08 2021 Dirk Müller - add suse-use-builtin-add-interactive.patch (jsc#SLE-17838)- split git-core perl module into git-core, move instaweb to git-web, and the single remaining perl builtin to git, so that git-core is perl free
* Sat Mar 27 2021 Andreas Stieger - git 2.31.1:
* fsmonitor bug fixes
* fix git bisect to take an annotated tag as a good/bad endpoint
* Fix a corner case in \"git mv\" on case insensitive systems
* Tue Mar 16 2021 Fabian Vogt - Require only openssh-clients where possible (TW, SLE >= 15 SP3) (boo#1183580)- Drop rsync requirement, not necessary anymore
* Mon Mar 15 2021 Andreas Stieger - git 2.31.0:
* Use of \"pack-redundant\" command is discouraged and will trigger a warning. The replacement is \"repack -d\".
* The \"--format=%(trailers)\" mechanism gets enhanced to make it easier to design output for machine consumption.
* No longer give message to choose between rebase or merge upon pull if the history fast-forwards
* The configuration variable \'core.abbrev\' can be set to \'no\' to force no abbreviation regardless of the hash algorithm.
* \"git rev-parse\" can be explicitly told to give output as absolute or relative path with the `--path-format=(absolute|relative)` option.
* Bash completion (in contrib/) update to make it easier for end-users to add completion for their custom \"git\" subcommands.
* \"git maintenance\" learned to drive scheduled maintenance on platforms whose native scheduling methods are not \'cron\'.
* After expiring a reflog and making a single commit, the reflog for the branch would record a single entry that knows both AATT{0} and AATT{1}, but we failed to answer \"what commit were we on?\", i.e. AATT{1}
* \"git bundle\" learns \"--stdin\" option to read its refs from the standard input. Also, it now does not lose refs whey they point at the same object.
* \"git log\" learned a new \"--diff-merges=\" option.
* \"git ls-files\" can and does show multiple entries when the index is unmerged, which is a source for confusion unless -s/-u option is in use. A new option --deduplicate has been introduced.
* `git worktree list` now annotates worktrees as prunable, shows locked and prunable attributes in --porcelain mode, and gained a --verbose option.
* \"git clone\" tries to locally check out the branch pointed at by HEAD of the remote repository after it is done, but the protocol did not convey the information necessary to do so when copying an empty repository. The protocol v2 learned how to do so.
* There are other ways than \"..\" for a single token to denote a \"commit range\", namely \"^!\" and \"^-\", but \"git range-diff\" did not understand them.
* The \"git range-diff\" command learned \"--(left|right)-only\" option to show only one side of the compared range.
* \"git mergetool\" feeds three versions (base, local and remote) of a conflicted path unmodified. The command learned to optionally prepare these files with unconflicted parts already resolved.
* The .mailmap is documented to be read only from the root level of a working tree, but a stray file in a bare repository also was read by accident, which has been corrected.
* \"git maintenance\" tool learned a new \"pack-refs\" maintenance task.
* The error message given when a configuration variable that is expected to have a boolean value has been improved.
* Signed commits and tags now allow verification of objects, whose two object names (one in SHA-1, the other in SHA-256) are both signed.
* \"git rev-list\" command learned \"--disk-usage\" option.
* \"git {diff,log} --{skip,rotate}-to=\" allows the user to discard diff output for early paths or move them to the end of the output.
* \"git difftool\" learned \"--skip-to=\" option to restart an interrupted session from an arbitrary path.
* \"git grep\" has been tweaked to be limited to the sparse checkout paths.
* \"git rebase --[no-]fork-point\" gained a configuration variable rebase.forkPoint so that users do not have to keep specifying a non-default setting.
* many bug fixes
* Tue Mar 09 2021 Andreas Stieger - git 2.30.2:
* CVE-2021-21300: On case-insensitive file systems with support for symbolic links, if Git is configured globally to apply delay-capable clean/smudge filters (such as Git LFS), Git could be fooled into running remote code during a clone (boo#1183026)
* Wed Feb 10 2021 Markéta Machová - git 2.30.1
* Bugfix release
* \"git stash\" did not work well in a sparsely checked out working tree.
* Newline characters in the host and path part of git:// URL are now forbidden.
* Tue Dec 29 2020 Andreas Stieger - git 2.30.0:
* Userdiff updates for PHP, Rust, CSS
* New features and options to multiple subcommands and workflows
* Avoid administrator error leading to data loss with \"git push --force-with-lease[=]\" by introducing \"--force-if-includes\"
* Updates to shell autocompletion
* Bug fixes and internal improvements
* Fri Nov 20 2020 Marcus Rueckert - only pull asciidoctor for the default ruby version
* Thu Oct 29 2020 Andreas Stieger - git 2.29.2: \"--committer-date-is-author-date\" option of \"rebase\" and \"am\" subcommands lost the e-mail address by mistake in 2.29
* Fri Oct 23 2020 Andreas Stieger - git 2.29.1:
* build system fixes for non-default installations (not affecting this package)
* Mon Oct 19 2020 Andreas Stieger - git 2.29.0:
* The transport protocol v2 has become the default again
* \"git worktree\" gained a \"repair\" subcommand, \"git init - -separate-git-dir\" no longer corrupts administrative data related to linked worktrees
* \"git maintenance\" introduced for repository maintenance tasks
* enhancements to multiple workflows, addition of configuration options and supported parameters, and bug fixes
* Tue Jul 28 2020 Marketa Calabkova - git 2.28.0
* \"fetch.writeCommitGraph\" is deemed to be still a bit too risky and is no longer part of the \"feature.experimental\" set.
* The commands in the \"diff\" family learned to honor \"diff.relative\" configuration variable.
* \"git diff-files\" has been taught to say paths that are marked as intent-to-add are new files, not modified from an empty blob.
* \"git gui\" now allows opening work trees from the start-up dialog.
* \"git bugreport\" learns to report what shell is in use.
* SHA-256 migration work continues, including CVS/SVN interface.
* Some repositories in the wild have commits that record nonsense committer timezone (e.g. rails.git); \"git fast-import\" learned an option to pass these nonsense timestamps intact to allow recreating existing repositories as-is.
* Other code cleanup, docfix, build fix, etc.
* Mon Jun 01 2020 Andreas Stieger - git 2.27.0:
* \"git describe\" will always use the \"long\" version when giving its output based misplaced tags
* \"git pull\" issues a warning message until the pull.rebase configuration variable is explicitly given
* The transport protocol version 2, which was promoted to the default in Git 2.26 release, turned out to have some remaining rough edges, so it has been demoted from the default
* A handful of options to configure SSL when talking to proxies have been added
* Smudge/clean conversion filters are now given more information
* many bug fixes, improvements, and additional workflow options- drop upstreamed patches:
* 0001-fetch-pack-return-enum-from-process_acks.patch
* 0002-fetch-pack-in-protocol-v2-in_vain-only-after-ACK.patch
* 0003-fetch-pack-in-protocol-v2-reset-in_vain-upon-ACK.patch- drop unneeded patches:
* 0001-DOC-Move-to-DocBook-5-when-using-asciidoctor.patch
* 0002-Also-use-DocBook-5-stylesheet-when-generating-HTML-o.patch
* Tue Apr 28 2020 Michal Suchanek - Protocol v2 in_vain fixes (bsc#1170741, bsc#1170939). Dropped: Revert-fetch-default-to-protocol-version-2.patch Added: 0001-fetch-pack-return-enum-from-process_acks.patch 0002-fetch-pack-in-protocol-v2-in_vain-only-after-ACK.patch 0003-fetch-pack-in-protocol-v2-reset-in_vain-upon-ACK.patch
* Mon Apr 27 2020 Michal Suchanek - Add back SuSEfirewall2 support needed for SLE12 (bsc#1170302).
* Tue Apr 21 2020 Michal Suchanek - With recent switch to protocol v2 people are reporting fetches transferring unreasonable amount of data. Upstream proposes switching the protocol back until the issue is properly diagnosed. The regression is problematic for people with lower network connection speed (bsc#1170741). Added: Revert-fetch-default-to-protocol-version-2.patch
* Mon Apr 20 2020 Andreas Stieger - git 2.26.2:
* CVE-2020-11008: Specially crafted URLs may have tricked the credentials helper to providing credential information that is not appropriate for the protocol in use and host being contacted (boo#1169936)
* Mon Apr 20 2020 Marketa Calabkova - Submit to SLE15 / resubmit to Factory (bsc#1169786, jsc#SLE-12396, bsc#1149792)
* Fri Apr 17 2020 Michal Suchanek - Fix git-daemon not starting after conversion from sysvinit to systemd service (bsc#1169605).
* Tue Apr 14 2020 Andreas Stieger - git 2.26.1: (boo#1168930)
* CVE-2020-5260: Specially crafted URLs with newline characters could have been used to make the Git client to send credential information for a wrong host to the attacker\'s site boo#1168930
* Mon Mar 23 2020 Andreas Stieger - git 2.26.0 (bsc#1167890, jsc#SLE-11608):
* \"git rebase\" now uses a different backend that is based on the \'merge\' machinery by default. The \'rebase.backend\' configuration variable reverts to old behaviour when set to \'apply\'
* Improved handling of sparse checkouts
* Improvements to many commands and internal features
* Thu Mar 19 2020 Andreas Stieger - git 2.25.2:
* bug fixes to various subcommands in specific operations
* Mon Feb 17 2020 Andreas Stieger - git 2.25.1:
* \"git commit\" now honors advise.statusHints
* various updates, bug fixes and documentation updates
* Tue Jan 14 2020 Marketa Calabkova - git 2.25.0
* The branch description (\"git branch --edit-description\") has been used to fill the body of the cover letters by the format-patch command; this has been enhanced so that the subject can also be filled.
* A few commands learned to take the pathspec from the standard input or a named file, instead of taking it as the command line arguments, with the \"--pathspec-from-file\" option.
* Test updates to prepare for SHA-2 transition continues.
* Redo \"git name-rev\" to avoid recursive calls.
* When all files from some subdirectory were renamed to the root directory, the directory rename heuristics would fail to detect that as a rename/merge of the subdirectory to the root directory, which has been corrected.
* HTTP transport had possible allocator/deallocator mismatch, which has been corrected. - dropped patch git-skip-test-s390x-aarch64-fail.patch (bsc#1156651)
* upstream maintainers have skipped the test themselves
* Wed Dec 11 2019 Andreas Stieger - git 2.24.1:
* CVE-2019-1348: The --export-marks option of fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths (boo#1158785)
* CVE-2019-1349: on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice (boo#1158787)
* CVE-2019-1350: Incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs (boo#1158788)
* CVE-2019-1351: on Windows mistakes drive letters outside of the US-English alphabet as relative paths (boo#1158789)
* CVE-2019-1352: on Windows was unaware of NTFS Alternate Data Streams (boo#1158790)
* CVE-2019-1353: when run in the Windows Subsystem for Linux while accessing a working directory on a regular Windows drive, none of the NTFS protections were active (boo#1158791)
* CVE-2019-1354: on Windows refuses to write tracked files with filenames that contain backslashes (boo#1158792)
* CVE-2019-1387: Recursive clones vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones (boo#1158793)
* CVE-2019-19604: a recursive clone followed by a submodule update could execute code contained within the repository without the user explicitly having asked for that (boo#1158795)
* Fri Nov 29 2019 Stefan Brüns - Guard xmlto/sgml-skel BuildRequires by docs bcond.- Fix building with asciidoctor and without DocBook4 stylesheets:
* Add 0002-Also-use-DocBook-5-stylesheet-when-generating-HTML-o.patch
* Refresh 0001-DOC-Move-to-DocBook-5-when-using-asciidoctor.patch- Spec file cleanup, remove conditionals for obsolete/EOLed distros.- Drop curl (executable) BuildRequires, only required by some skipped tests (skipped as these have an apache2 prerequisite).
* Fri Nov 29 2019 Marketa Calabkova - added patch git-skip-test-s390x-aarch64-fail.patch
* workaround for bsc#1156651
* Mon Nov 04 2019 Andreas Schwab - 0001-DOC-Move-to-DocBook-5-when-using-asciidoctor.patch: Don\'t remove \"-x manpage.xsl\" option- BuildRequire docbook5-xsl-stylesheets
* Mon Nov 04 2019 Marketa Calabkova - git 2.24.0
* The command line parser learned \"--end-of-options\" notation.
* A mechanism to affect the default setting for a (related) group of configuration variables is introduced.
* \"git fetch\" learned \"--set-upstream\" option to help those who first clone from their private fork they intend to push to, add the true upstream via \"git remote add\" and then \"git fetch\" from it.
* fixes and improvements to UI, workflow and features, bash completion fixes- modified patch 0001-DOC-Move-to-DocBook-5-when-using-asciidoctor.patch
* part of it merged upstream
* the Makefile attempted to download some documentation, banned
* Mon Oct 07 2019 Marketa Calabkova - Complete (but maybe a bit too generous) fix of bsc#1112230
* Thu Oct 03 2019 Marketa Calabkova - These patches have been merged upstream a long time ago, no longer needed:
* 0001-submodule-helper-use-to-signal-end-of-clone-options.patch
* 0002-submodule-config-ban-submodule-urls-that-start-with-.patch
* 0003-submodule-config-ban-submodule-paths-that-start-with.patch
* git-mark-path-lookup-errors.patch
* Sun Aug 18 2019 Andreas Stieger - git 2.23.0:
* The \"--base\" option of \"format-patch\" computed the patch-ids for prerequisite patches in an unstable way, which has been updated to compute in a way that is compatible with \"git patch-id - -stable\".
* The \"git log\" command by default behaves as if the --mailmap option was given.
* fixes and improvements to UI, workflow and features
* Wed Aug 14 2019 Marketa Calabkova - git 2.22.1
* A relative pathname given to \"git init --template= \" ought to be relative to the directory \"git init\" gets invoked in, but it instead was made relative to the repository, which has been corrected.
* \"git worktree add\" used to fail when another worktree connected to the same repository was corrupt, which has been corrected.
* \"git am -i --resolved\" segfaulted after trying to see a commit as if it were a tree, which has been corrected.
* \"git merge --squash\" is designed to update the working tree and the index without creating the commit, and this cannot be countermanded by adding the \"--commit\" option; the command now refuses to work when both options are given.
* Update to Unicode 12.1 width table.
* \"git request-pull\" learned to warn when the ref we ask them to pull from in the local repository and in the published repository are different.
* \"git fetch\" into a lazy clone forgot to fetch base objects that are necessary to complete delta in a thin packfile, which has been corrected.
* The URL decoding code has been updated to avoid going past the end of the string while parsing %-- sequence.
* \"git clean\" silently skipped a path when it cannot lstat() it; now it gives a warning.
* \"git rm\" to resolve a conflicted path leaked an internal message \"needs merge\" before actually removing the path, which was confusing. This has been corrected.
* Many more bugfixes and code cleanups.
* Wed Jul 24 2019 matthias.gerstnerAATTsuse.com- removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by firewalld, see [1]. [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html
* Mon Jul 15 2019 Marketa Calabkova - partial fix for bsc#1112230 (git instaweb gives 500 error)
* Mon Jun 10 2019 Marketa Calabkova - git 2.22.0
* The filter specification \"--filter=sparse:path=\" used to create a lazy/partial clone has been removed. Using a blob that is part of the project as sparse specification is still supported with the \"--filter=sparse:oid=\" option
* \"git checkout --no-overlay\" can be used to trigger a new mode of checking out paths out of the tree-ish, that allows paths that match the pathspec that are in the current index and working tree and are not in the tree-ish.
* Four new configuration variables {author,committer}.{name,email} have been introduced to override user.{name,email} in more specific cases.
* \"git branch\" learned a new subcommand \"--show-current\".
* The command line completion (in contrib/) has been taught to complete more subcommand parameters.
* The completion helper code now pays attention to repository-local configuration (when available), which allows --list-cmds to honour a repository specific setting of completion.commands, for example.
* The list of conflicted paths shown in the editor while concluding a conflicted merge was shown above the scissors line when the clean-up mode is set to \"scissors\", even though it was commented out just like the list of updated paths and other information to help the user explain the merge better.
* \"git rebase\" that was reimplemented in C did not set ORIG_HEAD correctly, which has been corrected.
* \"git worktree add\" used to do a \"find an available name with stat and then mkdir\", which is race-prone. This has been fixed by using mkdir and reacting to EEXIST in a loop.- Removed upstreamed patch worktree-fix-worktree-add-race.patch
* previous item
* Wed May 08 2019 Dominique Leuenberger - Add 0001-DOC-Move-to-DocBook-5-when-using-asciidoctor.patch: Move to DocBook 5.x. Asciidoctor 2.x no longer supports the legacy DocBook 4.5 format.
* Sun Apr 14 2019 Christian Boltz - update git-web AppArmor profile for bash and tar usrMerge (boo#1132350)
* Mon Feb 25 2019 Marketa Calabkova - git 2.21.0
* Historically, the \"-m\" (mainline) option can only be used for \"git cherry-pick\" and \"git revert\" when working with a merge commit. This version of Git no longer warns or errors out when working with a single-parent commit, as long as the argument to the \"-m\" option is 1 (i.e. it has only one parent, and the request is to pick or revert relative to that first parent). Scripts that relied on the behaviour may get broken with this change.
* Small fixes and features for fast-export and fast-import.
* The \"http.version\" configuration variable can be used with recent enough versions of cURL library to force the version of HTTP used to talk when fetching and pushing.
* \"git push $there $src:$dst\" rejects when $dst is not a fully qualified refname and it is not clear what the end user meant.
* Update \"git multimail\" from the upstream.
* A new date format \"--date=human\" that morphs its output depending on how far the time is from the current time has been introduced. \"--date=auto:human\" can be used to use this new format (or any existing format) when the output is going to the pager or to the terminal, and otherwise the default format.
* Wed Feb 13 2019 Michal Suchanek - Fix worktree creation race (bsc#1114225). worktree-fix-worktree-add-race.patch setup-don-t-fail-if-commondir-reference-is-deleted.patch
* Tue Jan 22 2019 Marketa Calabkova - the proper way how to add shadow dependency, only the -daemon subpackage uses the shadow package
* Sun Jan 20 2019 Hans-Peter Jansen - add shadow build dependency: pre/postinstall script checks fail for 42.3 otherwise
* Fri Jan 11 2019 Dominique Leuenberger - Do not BuildRequire apache2: + it is only in the build chain for the directory ownership. Let\'s just own the directories ourselves. + This actually also fixes the issue that installing, then uninstalling git-web, without apache2 being present on the machine, leaves those directories stale on the disk.
* Sun Dec 16 2018 astiegerAATTsuse.com- git 2.20.1:
* portability fixes
* \"git help -a\" did not work well when an overly long alias was defined
* no longer squelched an error message when the run_command API failed to run a missing command
* Mon Dec 10 2018 Marketa Calabkova - git 2.20.0
* \"git help -a\" now gives verbose output (same as \"git help -av\"). Those who want the old output may say \"git help --no-verbose -a\"..
* \"git send-email\" learned to grab address-looking string on any trailer whose name ends with \"-by\".
* \"git format-patch\" learned new \"--interdiff\" and \"--range-diff\" options to explain the difference between this version and the previous attempt in the cover letter (or after the three-dashes as a comment).
* Developer builds now use -Wunused-function compilation option.
* Fix a bug in which the same path could be registered under multiple worktree entries if the path was missing (for instance, was removed manually). Also, as a convenience, expand the number of cases in which --force is applicable.
* The overly large Documentation/config.txt file have been split into million little pieces. This potentially allows each individual piece to be included into the manual page of the command it affects more easily.
* Malformed or crafted data in packstream can make our code attempt to read or write past the allocated buffer and abort, instead of reporting an error, which has been fixed.
* Fix for a long-standing bug that leaves the index file corrupt when it shrinks during a partial commit.
* \"git merge\" and \"git pull\" that merges into an unborn branch used to completely ignore \"--verify-signatures\", which has been corrected.
* ...and much more features and fixes
* Wed Dec 05 2018 Hans-Peter Jansen - group(nogroup) is provided with Leap 15 onwards only
* Tue Dec 04 2018 Jan Engelhardt - Use Requires(pre).- Do not ignore error returns from useradd.- Package descriptions need not be wrapped in %if..%endif.
* Fri Nov 30 2018 Marketa Calabkova - Avoid boo#1082023 - git send-email fails to authenticate with SMTP server
* Mon Nov 26 2018 Marketa Calabkova - fix CVE-2018-19486 (bsc#1117257)
* git-mark-path-lookup-errors.patch
* Wed Nov 21 2018 astiegerAATTsuse.com- git 2.19.2:
* various bug fixes for multiple subcommands and operations
* Mon Oct 08 2018 tiwaiAATTsuse.de- Fix VUL-0: arbitrary code execution via .gitmodules (CVE-2018-17456, bsc#1110949): 0001-submodule-helper-use-to-signal-end-of-clone-options.patch 0002-submodule-config-ban-submodule-urls-that-start-with-.patch 0003-submodule-config-ban-submodule-paths-that-start-with.patch
* Fri Oct 05 2018 astiegerAATTsuse.com- git 2.19.1:
* CVE-2018-17456: Specially crafted .gitmodules files may have allowed arbitrary code execution when the repository is cloned with --recurse-submodules (bsc#1110949)
* Tue Sep 11 2018 Petr Vorel - git 2.19.0:
* \"git diff\" compares the index and the working tree. For paths added with intent-to-add bit, the command shows the full contents of them as added, but the paths themselves were not marked as new files. They are now shown as new by default.
* \"git apply\" learned the \"--intent-to-add\" option so that an otherwise working-tree-only application of a patch will add new paths to the index marked with the \"intent-to-add\" bit.
* \"git grep\" learned the \"--column\" option that gives not just the line number but the column number of the hit.
* The \"-l\" option in \"git branch -l\" is an unfortunate short-hand for \"--create-reflog\", but many users, both old and new, somehow expect it to be something else, perhaps \"--list\". This step warns when \"-l\" is used as a short-hand for \"--create-reflog\" and warns about the future repurposing of the it when it is used.
* The userdiff pattern for .php has been updated.
* The content-transfer-encoding of the message \"git send-email\" sends out by default was 8bit, which can cause trouble when there is an overlong line to bust RFC 5322/2822 limit. A new option \'auto\' to automatically switch to quoted-printable when there is such a line in the payload has been introduced and is made the default.
* \"git checkout\" and \"git worktree add\" learned to honor checkout.defaultRemote when auto-vivifying a local branch out of a remote tracking branch in a repository with multiple remotes that have tracking branches that share the same names. (merge 8d7b558bae ab/checkout-default-remote later to maint).
* \"git grep\" learned the \"--only-matching\" option.
* \"git rebase --rebase-merges\" mode now handles octopus merges as well.
* Add a server-side knob to skip commits in exponential/fibbonacci stride in an attempt to cover wider swath of history with a smaller number of iterations, potentially accepting a larger packfile transfer, instead of going back one commit a time during common ancestor discovery during the \"git fetch\" transaction. (merge 42cc7485a2 jt/fetch-negotiator-skipping later to maint).
* A new configuration variable core.usereplacerefs has been added, primarily to help server installations that want to ignore the replace mechanism altogether.
* Teach \"git tag -s\" etc. a few configuration variables (gpg.format that can be set to \"openpgp\" or \"x509\", and gpg..program that is used to specify what program to use to deal with the format) to allow x.509 certs with CMS via \"gpgsm\" to be used instead of openpgp via \"gnupg\".
* Many more strings are prepared for l10n.
* \"git p4 submit\" learns to ask its own pre-submit hook if it should continue with submitting.
* The test performed at the receiving end of \"git push\" to prevent bad objects from entering repository can be customized via receive.fsck.
* configuration variables; we now have gained a counterpart to do the same on the \"git fetch\" side, with fetch.fsck.
* configuration variables.
* \"git pull --rebase=interactive\" learned \"i\" as a short-hand for \"interactive\".
* \"git instaweb\" has been adjusted to run better with newer Apache on RedHat based distros.
* \"git range-diff\" is a reimplementation of \"git tbdiff\" that lets us compare individual patches in two iterations of a topic.
* The sideband code learned to optionally paint selected keywords at the beginning of incoming lines on the receiving end.
* \"git branch --list\" learned to take the default sort order from the \'branch.sort\' configuration variable, just like \"git tag --list\" pays attention to \'tag.sort\'.
* \"git worktree\" command learned \"--quiet\" option to make it less verbose.
* Mon Aug 27 2018 tchvatalAATTsuse.com- State zlib-devel in deps, previously magically pulled in by openssl
* Mon Jun 25 2018 astiegerAATTsuse.com- git 2.18.0:
* improvements to rename detection logic
* When built with more recent cURL, GIT_SSL_VERSION can now specify \"tlsv1.3\" as its value.
* \"git mergetools\" learned talking to guiffy.
* various other workflow improvements and fixes
* performance improvements and other developer visible fixes- drop git-bash-completion-egrep-color-fix.diff no longer required
* Wed May 30 2018 tiwaiAATTsuse.de- Update to git 2.16.4: security fix release
* path sanity-checks on NTFS can read arbitrary memory (CVE-2018-11233, bsc#1095218)
* arbitrary code execution when recursively cloning a malicious repository (CVE-2018-11235, bsc#1095219)
* Tue May 29 2018 avindraAATTopensuse.org- git 2.17.1
* Submodule \"names\" come from the untrusted .gitmodules file, but we blindly append them to $GIT_DIR/modules to create our on-disk repo paths. This means you can do bad things by putting \"../\" into the name. We now enforce some rules for submodule names which will cause Git to ignore these malicious names (CVE-2018-11235, bsc#1095219)
* It was possible to trick the code that sanity-checks paths on NTFS into reading random piece of memory (CVE-2018-11233, bsc#1095218)
* Support on the server side to reject pushes to repositories that attempt to create such problematic .gitmodules file etc. as tracked contents, to help hosting sites protect their customers by preventing malicious contents from spreading.
* Thu May 24 2018 tchvatalAATTsuse.com- Fix docless build to not fail on find/chmod not having any files- Require just python3-base not full python for build
* Sat May 19 2018 schwabAATTlinux-m68k.org- git 2.17.0:
* \"diff\" family of commands learned \"--find-object=\" option to limit the findings to changes that involve the named object.
* \"git format-patch\" learned to give 72-cols to diffstat, which is consistent with other line length limits the subcommand uses for its output meant for e-mails.
* The log from \"git daemon\" can be redirected with a new option; one relevant use case is to send the log to standard error (instead of syslog) when running it from inetd.
* \"git rebase\" learned to take \"--allow-empty-message\" option.
* \"git am\" has learned the \"--quit\" option, in addition to the existing \"--abort\" option; having the pair mirrors a few other commands like \"rebase\" and \"cherry-pick\".
* \"git worktree add\" learned to run the post-checkout hook, just like \"git clone\" runs it upon the initial checkout.
* \"git tag\" learned an explicit \"--edit\" option that allows the message given via \"-m\" and \"-F\" to be further edited.
* \"git fetch --prune-tags\" may be used as a handy short-hand for getting rid of stale tags that are locally held.
* The new \"--show-current-patch\" option gives an end-user facing way to get the diff being applied when \"git rebase\" (and \"git am\") stops with a conflict.
* \"git add -p\" used to offer \"/\" (look for a matching hunk) as a choice, even there was only one hunk, which has been corrected. Also the single-key help is now given only for keys that are enabled (e.g. help for \'/\' won\'t be shown when there is only one hunk).
* Since Git 1.7.9, \"git merge\" defaulted to --no-ff (i.e. even when the side branch being merged is a descendant of the current commit, create a merge commit instead of fast-forwarding) when merging a tag object. This was appropriate default for integrators who pull signed tags from their downstream contributors, but caused an unnecessary merges when used by downstream contributors who habitually \"catch up\" their topic branches with tagged releases from the upstream. Update \"git merge\" to default to --no-ff only when merging a tag object that does
*not
* sit at its usual place in refs/tags/ hierarchy, and allow fast-forwarding otherwise, to mitigate the problem.
* \"git status\" can spend a lot of cycles to compute the relation between the current branch and its upstream, which can now be disabled with \"--no-ahead-behind\" option.
* \"git diff\" and friends learned funcname patterns for Go language source files.
* \"git send-email\" learned \"--reply-to=
\" option.
* Funcname pattern used for C# now recognizes \"async\" keyword.
* In a way similar to how \"git tag\" learned to honor the pager setting only in the list mode, \"git config\" learned to ignore the pager setting when it is used for setting values (i.e. when the purpose of the operation is not to \"show\").
* Tue Mar 27 2018 kukukAATTsuse.de- Use %license instead of %doc [bsc#1082318]
* Fri Mar 23 2018 avindraAATTopensuse.org- git 2.16.3:
* \"git status\" after moving a path in the working tree (hence making it appear \"removed\") and then adding with the -N option (hence making that appear \"added\") detected it as a rename, but did not report the old and new pathnames correctly.
* \"git commit --fixup\" did not allow \"-m\" option to be used at the same time; allow it to annotate resulting commit with more text.
* When resetting the working tree files recursively, the working tree of submodules are now also reset to match.
* Fix for a commented-out code to adjust it to a rather old API change around object ID.
* When there are too many changed paths, \"git diff\" showed a warning message but in the middle of a line.
* The http tracing code, often used to debug connection issues, learned to redact potentially sensitive information from its output so that it can be more safely sharable.
* Crash fix for a corner case where an error codepath tried to unlock what it did not acquire lock on.
* The split-index mode had a few corner case bugs fixed.
* Assorted fixes to \"git daemon\".
* Completion of \"git merge -s\" (in contrib/) did not work well in non-C locale.
* Workaround for segfault with more recent versions of SVN.
* Recently introduced leaks in fsck have been plugged.
* Travis CI integration now builds the executable in \'script\' phase to follow the established practice, rather than during \'before_script\' phase. This allows the CI categorize the failures better (\'failed\' is project\'s fault, \'errored\' is build environment\'s).
* Thu Mar 08 2018 tiwaiAATTsuse.de- Drop superfluous xinetd snippet, no longer used (bsc#1084460)
* Tue Mar 06 2018 tiwaiAATTsuse.de- Build with asciidoctor for the recent distros (bsc#1075764)
* Mon Feb 26 2018 schwabAATTlinux-m68k.org- Move %{?systemd_requires} to daemon subpackage
* Wed Feb 21 2018 fcrozatAATTsuse.com- Create subpackage for libsecret credential helper.
* Sun Feb 18 2018 avindraAATTopensuse.org- git 2.16.2:
* An old regression in \"git describe --all $annotated_tag^0\" has been fixed.
* \"git svn dcommit\" did not take into account the fact that a svn+ssh:// URL with a usernameAATT (typically used for pushing) refers to the same SVN repository without the usernameAATT and failed when svn.pushmergeinfo option is set.
* \"git merge -Xours/-Xtheirs\" learned to use our/their version when resolving a conflicting updates to a symbolic link.
* \"git clone $there $here\" is allowed even when here directory exists as long as it is an empty directory, but the command incorrectly removed it upon a failure of the operation.
* \"git stash -- \" incorrectly blew away untracked files in the directory that matched the pathspec, which has been corrected.
* \"git add -p\" was taught to ignore local changes to submodules as they do not interfere with the partial addition of regular changes anyway.
* Tue Jan 23 2018 astiegerAATTsuse.com- git 2.16.1:
* \"git clone\" segfaulted when cloning a project that happens to track two paths that differ only in case on a case insensitive filesystem
* Fri Jan 19 2018 avindraAATTopensuse.org- git 2.16.0 (CVE-2017-15298, bsc#1063412):
* See https://raw.github.com/git/git/master/Documentation/RelNotes/2.16.0.txt- partial cleanup with spec-cleaner- drop git-gui-tclIndex.patch
* merged upstream in da10ea373b80cc8bf8efca5acb1d11ecf410fb0c
* Fri Dec 01 2017 aavindraaAATTgmail.com- git 2.15.1:
* fix \"auto\" column output
* fixes to moved lines diffing
* documentation updates
* fix use of repositories immediately under the root directory
* improve usage of libsecret
* fixes to various error conditions in git commands
* Tue Nov 28 2017 tiwaiAATTsuse.de- Rewrite from sysv init to systemd unit file for git-daemon (bsc#1069803)
* Thu Nov 23 2017 rbrownAATTsuse.com- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)
* Thu Nov 09 2017 jmatejekAATTsuse.com- split off p4 to a subpackage (bsc#1067502)- do not buildrequire asciidoc (dependent on Python 2) when not building docs- switch to Python 3 for tests
* Mon Nov 06 2017 tiwaiAATTsuse.de- Build with the external libsha1detectcoll (bsc#1042644)
* Wed Nov 01 2017 astiegerAATTsuse.com- git 2.15.0:
* Use of an empty string as a pathspec element that is used for \'everything matches\' is still warned and Git asks users to use a more explicit \'.\' for that instead. Removal scheduled for 2.16
* Git now avoids blindly falling back to \".git\" when the setup sequence said we are _not_ in Git repository (another corner case removed)
* \"branch --set-upstream\" was retired, deprecated since 1.8
* many other improvements and updates
* Mon Oct 23 2017 astiegerAATTsuse.com- git 2.14.3:
* git send-email understands more cc: formats
* fixes so gitk --bisect
* git commit-tree fixed to handle -F file alike
* Prevent segfault in \"git cat-file --textconv\"
* Fix function header parsing for HTML
* Various small fixes to user commands and and internal functions
* Tue Sep 26 2017 astiegerAATTsuse.com- git 2.14.2:
* fixes to color output
* http.{sslkey,sslCert} now interpret \"~[username]/\" prefix
* fixes to walking of reflogs via \"log -g\" and friends
* various fixes to output correctness
* \"git push --recurse-submodules $there HEAD:$target\" is now propagated down to the submodules
* \"git clone --recurse-submodules --quiet\" c$how propagates quiet option down to submodules.
* \"git svn --localtime\" correctness fixes
* \"git grep -L\" and \"git grep --quiet -L\" now report same exit code
* fixes to \"git apply\" when converting line endings
* Various Perl scripts did not use safe_pipe_capture() instead of backticks, leaving them susceptible to end-user input. CVE-2017-14867 bsc#1061041
* \"git cvsserver\" no longer is invoked by \"git daemon\" by default
* Thu Aug 10 2017 astiegerAATTsuse.com- git 2.14.1 (bsc#1052481):
* Security fix for CVE-2017-1000117: A malicious third-party can give a crafted \"ssh://...\" URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim\'s machine being executed. Such a URL could be placed in the .gitmodules file of a malicious project, and an unsuspecting victim could be tricked into running \"git clone --recurse-submodules\" to trigger the vulnerability.
* A \"ssh://...\" URL can result in a \"ssh\" command line with a hostname that begins with a dash \"-\", which would cause the \"ssh\" command to instead (mis)treat it as an option. This is now prevented by forbidding such a hostname (which should not impact any real-world usage).
* Similarly, when GIT_PROXY_COMMAND is configured, the command is run with host and port that are parsed out from \"ssh://...\" URL; a poorly written GIT_PROXY_COMMAND could be tricked into treating a string that begins with a dash \"-\" as an option. This is now prevented by forbidding such a hostname and port number (again, which should not impact any real-world usage).
* In the same spirit, a repository name that begins with a dash \"-\" is also forbidden now.
* Sat Aug 05 2017 astiegerAATTsuse.com- git 2.14.0:
* Use of an empty string as a pathspec element that is used for \'everything matches\' is deprecated, use \'.\'
* Avoid blindly falling back to \".git\" when the setup sequence indicates operation not on a Git repository
* \"indent heuristics\" are now the default.
* Builds with pcre2
* Many bug fixes, improvements and updates
* Wed Aug 02 2017 astiegerAATTsuse.com- git 2.13.4:
* Update the character width tables.
* Fix an alias that contained an uppercase letter
* Progress meter fixes
* git gc concurrency fixes
* Thu Jul 13 2017 astiegerAATTsuse.com- git 2.13.3:
* various internal bug fixes
* Fix a regression to \"git rebase -i\"
* Correct unaligned 32-bit access in pack-bitmap code
* Tighten error checks for invalid \"git apply\" input
* The split index code did not honor core.sharedrepository setting correctly
* Fix \"git branch --list\" handling of color.branch.local
* Sun Jun 25 2017 astiegerAATTsuse.com- git 2.13.2:
* \"collision detecting\" SHA-1 update for platform fixes
* \"git checkout --recurse-submodules\" did not quite work with a submodule that itself has submodules.
* The \"run-command\" API implementation has been made more robust against dead-locking in a threaded environment.
* \"git clean -d\" now only cleans ignored files with \"-x\"
* \"git status --ignored\" did not list ignored and untracked files without \"-uall\"
* \"git pull --rebase --autostash\" didn\'t auto-stash when the local history fast-forwards to the upstream.
* \"git describe --contains\" gives as much weight to lightweight tags as annotated tags
* Fix \"git stash push \" from a subdirectory
* Mon Jun 05 2017 astiegerAATTsuse.com- git 2.13.1:
* Setting \"log.decorate=false\" in the configuration file did not take effect in v2.13, which has been corrected.
* corrections to documentation and command help output
* garbage collection fixes
* memory leaks fixed
* receive-pack now makes sure that the push certificate records the same set of push options used for pushing
* shell completion corrections for git stash
* fix \"git clone --config var=val\" with empty strings
* internal efficiency improvements
* Update sha1 collision detection code for big-endian platforms and platforms not supporting unaligned fetches
* Sat May 27 2017 schwabAATTlinux-m68k.org- Fix packaging of documentation
* Wed May 10 2017 astiegerAATTsuse.com- git 2.13.0:
* empty string as a pathspec element for \'everything matches\' is still warned, for future removal.
* deprecated argument order \"git merge HEAD ...\" was removed
* default location \"~/.git-credential-cache/socket\" for the socket used to communicate with the credential-cache daemon moved to \"~/.cache/git/credential/socket\".
* now avoid blindly falling back to \".git\" when the setup sequence indicated otherwise
* many workflow features, improvements and bug fixes
* add a hardened implementation of SHA1 in response to practical collision attacks (CVE-2005-4900, bsc#1042640)
* Wed May 10 2017 astiegerAATTsuse.com- git 2.12.3:
* CVE-2017-8386: On a server running git-shell as login shell to restrict user to git commands, remote users may have been able to have git service programs spawn an interactive pager and thus escape the shell restrictions. (bsc#1038395)
* Sat Mar 25 2017 astiegerAATTsuse.com- git 2.12.2:
* CLI output fixes
* \"Dump http\" transport fixes
* various fixes for internal code paths
* Trailer \"Cc:\" RFC fix
* Tue Mar 21 2017 astiegerAATTsuse.com- git 2.12.1:
* Reduce authentication round-trip over HTTP when the server supports just a single authentication method.
* \"git add -i\" patch subcommand fixed to have a path selection
* various path verification fixes
* fix \"git log -L...\" buffer overrun
* Tue Mar 07 2017 lchiquittoAATTsuse.de- Submit version 2.12.0 to SLE-12 (fate#322294, bsc#977477)
* Fri Feb 24 2017 astiegerAATTsuse.com- git 2.12.0:
* Use of an empty string that is used for \'everything matches\' is still warned and Git asks users to use a more explicit \'.\' for that instead. The hope is that existing users will not mind this change, and eventually the warning can be turned into a hard error, upgrading the deprecation into removal of this (mis)feature. That is not scheduled to happen in the upcoming release (yet).
* The historical argument order \"git merge HEAD ...\" has been deprecated for quite some time, and will be removed in a future release.
* An ancient script \"git relink\" has been removed.
* Thu Feb 09 2017 dimstarAATTopensuse.org- Explicitly package %{_docdir}/%{name} to fix build with RPM 4.13.
* Fri Feb 03 2017 astiegerAATTsuse.com- git 2.11.1:
* The default Travis-CI configuration specifies newer P4 and GitLFS.
* The character width table has been updated to match Unicode 9.0
* various fixes affecting multiple subcommands for correctness, bugs, and unexpected behavior.
* documentation updates
* git-svn updates
* Wed Feb 01 2017 lchiquittoAATTsuse.de- Refresh all patches to update line numbers- Add old bug reference to allow submission to SLE-12
* Fri Dec 09 2016 olafAATTaepfle.de- git-gui: Sort entries in optimized tclIndex git-gui-tclIndex.patch
* Wed Nov 30 2016 astiegerAATTsuse.com- git 2.11.0:
* backward compatibility: + empty string (matching everything) used as pathspec now triggers a warning + historical argument order \"git merge HEAD ...\" is deprecated + default abbreviation length of 7 now scales by repo size
* updates + new version of git-gui + many new command line and configuration options + many workflow and output improvements
* dropped upstreamed patches: + git-setup-i18n-fix.patch + git-tclIndex.patch
* Sat Oct 29 2016 astiegerAATTsuse.com- git 2.10.2:
* minor bug fixes
* internal code improvements
* documentation updates
* Tue Oct 04 2016 astiegerAATTsuse.com- git 2.10.1:
* documentation and command output updates
* Prevents loops on submodules with broken metadata
* Forbid removal of the symbolic reference HEAD
* Update Japanese translation for \"git-gui\".
* Fix \"git commit-tree\" reading commit.gpgsign configuration
* Ignore merges when matching with \"git log --cherry-pick\"
* Fix \"git format-patch --base=...\" usage of signature separator
* \"git add --chmod=+x \" added recently only toggled the executable bit for paths that are either new or modified. This has been corrected to flip the executable bit for all paths that match the given pathspec.
* Wed Sep 07 2016 astiegerAATTsuse.com- fix shell lib include path in git-sh-setup (boo#1011169) adding git-setup-i18n-fix.patch
* Sat Sep 03 2016 astiegerAATTsuse.com- git 2.10.0, feature and bugfix update:
* various workflow output improvements
* various improvements and extensions of command line options
* A handful of \"git svn\" updates.
* internal performance improvements
* Wed Aug 31 2016 olafAATTaepfle.de- Reduce build-compare noise git-asciidoc.patch git-tclIndex.patch
* Sat Aug 13 2016 astiegerAATTsuse.com- git 2.9.3:
* many compatible fixes and improvements to various git commands and functions
* Sat Jul 16 2016 astiegerAATTsuse.com- git 2.9.2:
* fix test suite failues with 64 bit timestamps
* Tue Jul 12 2016 astiegerAATTsuse.com- git 2.9.1:
* socket-level KEEPALIVE for git daemon
* Various compatible workflow and UI fixes
* Various optimisations and documentation updates
* Fix regression in v2.9 affecting \"clone --depth\"
* Mon Jun 13 2016 astiegerAATTsuse.com- git 2.9.0:
* commands in the \"git diff\" and \"git log\" family by default enable the rename detection; use \"diff.renames\" configuration variable to disable this.
* merging two branches that have no common ancestor with \"git merge\" is by default forbidden now to prevent creating such an unusual merge by mistake.
* output formats of \"git log\" that indents the commit log message by 4 spaces now expands HT in the log message by default. The \"--no-expand-tabs\" option disables this.
* \"git commit-tree\" plumbing command required the user to always sign its result when the user sets the commit.gpgsign configuration variable, this is no longer the case. Scrips using commit-tree which may rely on this mistake no needs to read commit.gpgsign and pass the -S option as necessary.
* Many more bug fixes and minor updates.
* Tue Jun 07 2016 astiegerAATTsuse.com- git 2.8.4:
* Documentation updates
* \"git fsck\" learned to catch NUL byte in a commit object as potential error and warn.
* \"git describe --contains\" improvements
* Treat \"http.cookieFile\" config as a path
* Suggest \"submodule deinit --all\" for deinitializing all submodules
* A couple of bugs around core.autocrlf have been fixed.
* \"git difftool\" learned to handle unmerged paths correctly in dir-diff mode.
* Thu May 19 2016 astiegerAATTsuse.com- git 2.8.3:
* \"git send-email\" now uses a more readable timestamps when formulating a message ID.
* When \"git worktree\" feature is in use, \"git branch -d\" allowed deletion of a branch that is checked out in another worktree
* When \"git worktree\" feature is in use, \"git branch -m\" renamed a branch that is checked out in another worktree without adjusting the HEAD symbolic ref for the worktree.
* \"git format-patch --help\" showed `-s` and `--no-patch` as if these are valid options to the command. We already hide `--patch` option from the documentation, because format-patch is about showing the diff, and the documentation now hides these options as well.
* A change back in version 2.7 to \"git branch\" broke display of a symbolic ref in a non-standard place in the refs/ hierarchy (we expect symbolic refs to appear in refs/remotes/
*/HEAD to point at the primary branch the remote has, and as .git/HEAD to point at the branch we locally checked out).
* A partial rewrite of \"git submodule\" in the 2.7 timeframe changed the way the gitdir: pointer in the submodules point at the real repository location to use absolute paths by accident. This has been corrected.
* \"git commit\" misbehaved in a few minor ways when an empty message is given via -m \'\', all of which has been corrected.
* Support for CRAM-MD5 authentication method in \"git imap-send\" did not work well.
* The socks5:// proxy support added back in 2.6.4 days was not aware that socks5h:// proxies behave differently.
* \"git config\" had a codepath that tried to pass a NULL to printf(\"%s\"), which nobody seems to have noticed.
* \"git replace -e\" did not honour \"core.editor\" configuration.
* \"git submodule\" reports the paths of submodules the command recurses into, but this was incorrect when the command was not run from the root level of the superproject.
* The \"user.useConfigOnly\" configuration variable makes it an error if users do not explicitly set user.name and user.email. However, its check was not done early enough and allowed another error to trigger, reporting that the default value we guessed from the system setting was unusable. This was a suboptimal end-user experience as we want the users to set user.name/user.email without relying on the auto-detection at all.
* \"git mv old new\" did not adjust the path for a submodule that lives as a subdirectory inside old/ directory correctly.
* \"git push\" from a corrupt repository that attempts to push a large number of refs deadlocked; the thread to relay rejection notices for these ref updates blocked on writing them to the main thread, after the main thread at the receiving end notices that the push failed and decides not to read these notices and return a failure.
* A question by \"git send-email\" to ask the identity of the sender has been updated.
* Recent update to Git LFS broke \"git p4\" by changing the output from its \"lfs pointer\" subcommand.
* Some multi-byte encoding can have a backslash byte as a later part of one letter, which would confuse \"highlight\" filter used in gitweb.
* Sat Apr 30 2016 astiegerAATTsuse.com- git 2.8.2:
* \"index-pack --keep=\" was broken since v2.1.0 timeframe.
* \"git config --get-urlmatch\", unlike other variants of the \"git config --get\" family, did not signal error with its exit status when there was no matching configuration.
* The \"--local-env-vars\" and \"--resolve-git-dir\" options of \"git rev-parse\" failed to work outside a repository when the command\'s option parsing was rewritten in 1.8.5 era.
* Fetching of history by naming a commit object name directly didn\'t work across remote-curl transport.
* A small memory leak in an error codepath has been plugged in xdiff code.
* \"git mergetool\" did not work well with conflicts that both sides deleted.
* \"git send-email\" had trouble parsing alias file in mailrc format when lines in it had trailing whitespaces on them.
* When \"git merge --squash\" stopped due to conflict, the concluding \"git commit\" failed to read in the SQUASH_MSG that shows the log messages from all the squashed commits.
* \"git merge FETCH_HEAD\" dereferenced NULL pointer when merging nothing into an unborn history (which is arguably unusual usage, which perhaps was the reason why nobody noticed it).
* \"git diff -M\" used to work better when two originally identical files A and B got renamed to X/A and X/B by pairing A to X/A and B to X/B, but this was broken in the 2.0 timeframe.
* \"git send-pack --all \" was broken when its command line option parsing was written in the 2.6 timeframe.
* When running \"git blame $path\" with unnormalized data in the index for the path, the data in the working tree was blamed, even though \"git add\" would not have changed what is already in the index, due to \"safe crlf\" that disables the line-end conversion. It has been corrected.
* Mon Apr 18 2016 termimAATTgmail.com- add desktop entry for the git gui
* Sun Apr 03 2016 astiegerAATTsuse.com- git 2.8.1:
* make rpmbuild target was broken, unused in openSUSE package
* Fri Apr 01 2016 astiegerAATTsuse.com- git 2.8.0
* Backward compatibility: + The rsync:// transport has been removed.
* various subcommands improvements
* various output improvements
* improved handling of notes
* improved handling of end of line styles
* http.proxyAuthMethod configures proxy authentication method
* new \"^{/!-}\" notation
* \"user.useConfigOnly\" configuration variable forces individual project configuration
* \"git fetch\" and friends that make network connections can now be told to only use ipv4 (or ipv6).
* http.[.]pinnedpubkey to specify the pinned public key
* bug fixes and performance improvements
* Thu Mar 17 2016 astiegerAATTsuse.com- git 2.7.4: Fix remote code execution via buffer overflow (CVE-2016-2315, CVE-2016-2324, bsc#971328)
* plug heap corruption holes
* catch integer overflow in the computation of pathname lengths
* get rid of the name_path API. Both of These would have resulted in writing over an under-allocated buffer when formulating pathnames while tree traversal.
* Fri Mar 11 2016 astiegerAATTsuse.com- git 2.7.3:
* \"git show \'HEAD:Foo[BAR]Baz\'\" did not interpret the argument as a rev, i.e. the object named by the the pathname with wildcard characters in a tree object.
* \"git rev-parse --git-common-dir\" used in the worktree feature misbehaved when run from a subdirectory.
* The \"v(iew)\" subcommand of the interactive \"git am -i\" command was broken in 2.6.0 timeframe when the command was rewritten in C.
* \"git merge-tree\" used to mishandle \"both sides added\" conflict with its own \"create a fake ancestor file that has the common parts of what both sides have added and do a 3-way merge\" logic; this has been updated to use the usual \"3-way merge with an empty blob as the fake common ancestor file\" approach used in the rest of the system.
* The documentation did not clearly state that the \'simple\' mode is now the default for \"git push\" when push.default configuration is not set.
* Test adjustments for GNU grep, obsoleting git-2.7.1-fix-tests-grep-2.23.patch
* \"git config section.var value\" to set a value in per-repository configuration file failed when it was run outside any repository, but didn\'t say the reason correctly.
* Tue Feb 23 2016 astiegerAATTsuse.com- git 2.7.2:
* improvements placing conflict markers with different line terminators
* \"git worktree\" fixes for manually moved paths
* \"git push --force-with-lease\" has been taught to report if the push needed to force (or fast-forwarded).
* vimdiff backend improvements for \"git mergetool\": buffer order
* improvements for handling paths added to index with \"add -N\" which are not in the index yet
* Mon Feb 15 2016 astiegerAATTsuse.com- fix test failures with grep 2.23 add git-2.7.1-fix-tests-grep-2.23.patch
* Sat Feb 06 2016 astiegerAATTsuse.com- git 2.7.1:
* fix hooks and aliases fixes with GIT_WORK_TREE
* fix \"git send-email\" reading escaped quotes in mutt alias files
* fix some crashes and regressions
* Tue Jan 26 2016 bwiedemannAATTsuse.com- use %perl_requires to allow for easier git+perl updates (boo#961112)
* Mon Jan 11 2016 astiegerAATTsuse.com- package git-new-workdir [boo#961292]
* Tue Jan 05 2016 astiegerAATTsuse.com- git 2.7.0:
* UI, Workflows & Features updates
* new subcommands, parameters and configuration options
* performance improvements and code clean-ups
* remove upstreamed patches: 0001-gitk-Fix-crash-with-all-in-non-English-locales.patch 0002-gitk-Update-msgid-s-for-menu-items-with-accelerator.patch 0003-gitk-Add-accelerators-to-Japanese-locale.patch 0004-gitk-Add-accelerator-to-German-locale.patch
* Tue Jan 05 2016 astiegerAATTsuse.com- git 2.6.5:
* Update \"git subtree\" (in contrib/) so that it can take whitespaces in the pathnames, not only in the in-tree pathname but the name of the directory that the repository is in.
* \"git p4\" used to import Perforce CLs that touch only paths outside the client spec as empty commits. It has been corrected to ignorethem instead, with a new configuration git-p4.keepEmptyCommits as a backward compatibility knob.
* Improve error reporting when SMTP TLS fails.
* \"git symbolic-ref\" forgot to report a failure with its exit status.
* History traversal with \"git log --source\" that starts with an annotated tag failed to report the tag as \"source\", due to an old regression in the command line parser back in v2.2 days.
* Wed Dec 09 2015 astiegerAATTsuse.com- git 2.6.4:
* Add support for talking http/https over socks proxy.
* Allow all hooks to ignore their standard input, rather than having git complain of SIGPIPE.
* Allow tilde-expansion in some http config variables.
* Make git-p4 work on a detached head.
* Add \"git rebase --no-autostash\"
* Allow \"git interpret-trailers\" to run outside of a Git repository.
* Sat Nov 07 2015 astiegerAATTsuse.com- git 2.6.3:
* UI output fixes
* Bug fixes on case insensitive filesystems
* git p4 fixes
* Prepare for Git on-disk repository representation to undergo backward incompatible changes by introducing a new repository format version \"1\", with an extension mechanism.- include gpg2 for tests
* Thu Oct 22 2015 tiwaiAATTsuse.de- Fix crash of gitk with --all option in non-English locales (bsc#951153): 0001-gitk-Fix-crash-with-all-in-non-English-locales.patch 0002-gitk-Update-msgid-s-for-menu-items-with-accelerator.patch 0003-gitk-Add-accelerators-to-Japanese-locale.patch 0004-gitk-Add-accelerator-to-German-locale.patch
* Mon Oct 19 2015 astiegerAATTsuse.com- git 2.6.2:
* git fsck return status fixes
* Fix for case insensitive filesystems
* Fix \"git am\" ignoring user.signingkey
* For ssh transport, explicitly clear GIT_
* environment variables
* Other compatible minor bug fixes and improvements- drop pager-don-t-use-unsafe-functions-in-signal-handle.patch
* Tue Oct 06 2015 astiegerAATTsuse.com- git 2.6.1, with a security fix:
* Make xdiff code handle extremely large files, cap around 1GB.
* Some protocols (like git-remote-ext) can execute arbitrary code found in the URL. The URLs that submodules use may come from arbitrary sources (e.g., .gitmodules files in a remote repository), and can hurt those who blindly enable recursive fetch. Restrict the allowed protocols to well known and safe ones. [boo#948969]
* Tue Sep 29 2015 astiegerAATTsuse.com- git 2.6.0:
* many UI and workflow updates, added parameters and options
* some performance optimisations and resource use reduction- refresh pager-don-t-use-unsafe-functions-in-signal-handle.patch
* Fri Sep 25 2015 tiwaiAATTsuse.de- Fix deadlock in signal handler in pager (boo#942297): pager-don-t-use-unsafe-functions-in-signal-handle.patch
* Sun Sep 20 2015 astiegerAATTsuse.com- git 2.5.3:
* The experimental untracked-cache feature were buggy when paths with a few levels of subdirectories are involved.
* Fix performance regression in \"git am --skip\"
* Sat Sep 19 2015 dimstarAATTopensuse.org- Suggest instead of recommend git-web: git-web is the web-server browsing part. Users that install git-core and appache will still get it auto-recommended based on the supplements.
* Fri Sep 11 2015 astiegerAATTsuse.com- git 2.5.2:
* usability bug fixes
* performance bug fixes
* fix \"git archive\" usage of zip64 for >64k entries
* Sun Aug 30 2015 astiegerAATTsuse.com- git 2.5.1:
* Performance optimisation for some casee
* Minor bug fixes
* Fix a regression for clone repository name guessing
* Fix a regressoin in \"git pull\" related to --upload-pack
* Tue Aug 25 2015 schwabAATTsuse.de- In SLE 11 perl-Term-ReadKey is called perl-TermReadKey
* Tue Jul 28 2015 astiegerAATTsuse.com- git 2.5.0:
* Improvements working with perforce (git p4)
* A new short-hand AATT{push}
* Introduce http..SSLCipherList configuration variable to tweak the list of cipher suite to be used with libcURL when talking with https:// sites.
* \"git cat-file --batch(-check)\" new option \"--follow-symlinks\"
* \"git send-email\" learned the alias file format used by the sendmail program
* For 3-way merge drivers, add %P (final path)
* \"git blame\" learned blame.showEmail configuration variable.
* Add the \"--allow-unknown-type\" option to \"cat-file\"
* Many long-running operations now show progress eye-candy
* Tue Jul 28 2015 astiegerAATTsuse.com- git 2.4.7:
* Fix \"git fsck\" regression related to body-less tag object
* Ask libCURL to use the most secure proxy authentication method
* Fix shell handling issues in git log
* Fix git config on read-only fs
* Make \"git rebase\" exit with failure when format-patch fails
* Wed Jul 22 2015 jslabyAATTsuse.com- put git-credential-cache--daemon into git-core -- it is needed for git-credential-cache (bnc#939065)
* Fri Jul 17 2015 astiegerAATTsuse.com- git 2.4.6:
* \"git fetch --depth=\" and \"git clone --depth=\" issued a shallow transfer request even to an upload-pack that does not support the capability.
* \"git fsck\" used to ignore missing or invalid objects recorded in reflog.
* The tcsh completion writes a bash scriptlet but that would have failed for users with noclobber set.
* \"git format-patch --ignore-if-upstream A..B\" did not like to be fed tags as boundary commits.- git-tcsh-completion-fixes.diff adjusted for context changes
* Fri Jun 26 2015 astiegerAATTsuse.com- git 2.4.5:
* internal code and stability improvements
* \"\"git rebase -i\" fired post-rewrite hook when it shouldn\'t (namely, when it was told to stop sequencing with \'exec\' insn).
* Wed Jun 17 2015 astiegerAATTsuse.com- git 2.4.4:
* l10n updates for German.
* An earlier leakfix to bitmap testing code was incomplete.
* \"git clean pathspec...\" tried to lstat(2) and complain even for paths outside the given pathspec.
* Communication between the HTTP server and http_backend process can lead to a dead-lock when relaying a large ref negotiation request. Diagnose the situation better, and mitigate it by reading such a request first into core (to a reasonable limit).
* The clean/smudge interface did not work well when filtering an empty contents (failed and then passed the empty input through). It can be argued that a filter that produces anything but empty for an empty input is nonsense, but if the user wants to do strange things, then why not?
* Make \"git stash something --help\" error out, so that users can safely say \"git stash drop --help\".
* Clarify that \"log --raw\" and \"log --format=raw\" are unrelated concepts.
* Catch a programmer mistake to feed a pointer not an array to ARRAY_SIZE() macro, by using a couple of GCC extensions.
* Sun Jun 07 2015 astiegerAATTsuse.com- git 2.4.3:
* Ui message corrections and improvements
* \"git pull --log\" and \"git pull --no-log\" worked as expected, but \"git pull --log=20\" did not.
* Fix pull.ff configuration overriding merge.ff
* fix memory leaks and resource exhaustion errors
* documentation fixes
* Fix core.excludesfile priorities
* Wed May 27 2015 astiegerAATTsuse.com- git 2.4.2:
* \"git rev-list --objects $old --not --all\" to see if everything that is reachable from $old is already connected to the existing refs was very inefficient.
* \"hash-object --literally\" introduced in v2.2 was not prepared to take a really long object type name.
* \"git rebase --quiet\" was not quite quiet when there is nothing to do.
* The completion for \"log --decorate=\" parameter value was incorrect.
* \"filter-branch\" corrupted commit log message that ends with an incomplete line on platforms with some \"sed\" implementations that munge such a line. Work it around by avoiding to use \"sed\".
* \"git daemon\" fails to build from the source under NO_IPV6 configuration (regression in 2.4).
* \"git stash pop/apply\" forgot to make sure that not just the working tree is clean but also the index is clean. The latter is important as a stash application can conflict and the index will be used for conflict resolution.
* No longer prepend $GIT_EXEC_PATH and install path to path of executed subprograms and hooks.
* Thu May 14 2015 astiegerAATTsuse.com- git 2.4.1:
* git diff bugfixes and improvements
* Fix spelling in .gitconfig created upon \"git config --global\"
* \"git commit --date=now\" or anything that relies on approxidate lost the daylight-saving-time offset.
* \"git cat-file bl $blob\" failed to barf even though there is no object type that is \"bl\".
* Improvements for repositories on NFS
* Mon May 04 2015 jengelhAATTinai.de- Update to new upstream release 2.4.0
* \"git push\" has been taught an \"--atomic\" option that makes a push that updates more than one ref an \"all-or-none\" affair.
* Output from \"git log --decorate\" now distinguishes between a detached HEAD vs. a HEAD that points at a branch.
* The phrasing `git branch` uses to describe a detached HEAD has been updated to agree with the phrasing used by `git status`.
* A new \"push.followTags\" configuration turns the \"--follow-tags\" option on by default for the `git push` command.- Retrieve tarball signature
* Tue Apr 28 2015 astiegerAATTsuse.com- git 2.3.7:
* An earlier update to the parser that disects a URL broke an address, followed by a colon, followed by an empty string (instead of the port number), e.g. ssh://example.com:/path/to/repo.
* The completion script (in contrib/) contaminated global namespace and clobbered on a shell variable $x.
* The \"git push --signed\" protocol extension did not limit what the \"nonce\" that is a server-chosen string can contain or how long it can be, which was unnecessarily lax. Limit both the length and the alphabet to a reasonably small space that can still have enough entropy.
* Sun Apr 26 2015 astiegerAATTsuse.com- git 2.3.6:
* \"diff-highlight\" (in contrib/) multibyte character support
* Thu Apr 02 2015 astiegerAATTsuse.com- git 2.3.5:
* The prompt script (in contrib/) did not show the untracked sign when working in a subdirectory without any untracked files.
* Even though \"git grep --quiet\" is run merely to ask for the exit status, we spawned the pager regardless. Stop doing that.
* Recommend format-patch and send-email for those who want to submit patches to this project.
* An failure early in the \"git clone\" that started creating the working tree and repository could have resulted in some directories and files left without getting cleaned up.
* \"git fetch\" that fetches a commit using the allow-tip-sha1-in-want extension could have failed to fetch all the requested refs.
* The split-index mode introduced at v2.3.0-rc0~41 was broken in the codepath to protect us against a broken reimplementation of Git that writes an invalid index with duplicated index entries, etc.
* \"git prune\" used to largely ignore broken refs when deciding which objects are still being used, which could spread an existing small damage and make it a larger one.
* \"git tag -h\" used to show the \"--column\" and \"--sort\" options that are about listing in a wrong section.
* The transfer.hiderefs support did not quite work for smart-http transport.
* The code that reads from the ctags file in the completion script (in contrib/) did not spell ${param/pattern/string} substitution correctly, which happened to work with bash but not with zsh.
* The explanation on \"rebase --preserve-merges\", \"pull - -rebase=preserve\", and \"push --force-with-lease\" in the documentation was unclear.
* Tue Mar 24 2015 astiegerAATTsuse.com- git 2.3.4:
* The \'color.status.unmerged\' configuration was not described.
* \"git log --decorate\" did not reset colors correctly around the branch names.
* \"git -C \'\' subcmd\" refused to work in the current directory, unlike \"cd \'\'\" which silently behaves as a no-op.
* \"git imap-send\" learned to optionally talk with an IMAP server via libcURL; because there is no other option when Git is built with NO_OPENSSL option, use that codepath by default under such configuration.
* A workaround for certain build of GPG that triggered false breakage in a test has been added.
* \"git rebase -i\" recently started to include the number of commits in the insn sheet to be processed, but on a platform that prepends leading whitespaces to \"wc -l\" output, the numbers are shown with extra whitespaces that aren\'t necessary.
* We did not parse username followed by literal IPv6 address in SSH transport URLs, e.g. ssh://userAATT[2001:db8::1]:22/repo.git correctly.
* Sat Mar 14 2015 astiegerAATTsuse.com- git 2.3.3:
* A corrupt input to \"git diff -M\" used cause us to segfault.
* The borrowed code in kwset API did not follow our usual convention to use \"unsigned char\" to store values that range from 0-255.
* Description given by \"grep -h\" for its --exclude-standard option was phrased poorly.
* Documentaton for \"git remote add\" mentioned \"--tags\" and \"--no-tags\" and it was not clear that fetch from the remote in the future will use the default behaviour when neither is given to override it.
* \"git diff --shortstat --dirstat=changes\" showed a dirstat based on lines that was never asked by the end user in addition to the dirstat that the user asked for.
* The interaction between \"git submodule update\" and the submodule.
*.update configuration was not clearly documented.
* \"git apply\" was not very careful about reading from, removing, updating and creating paths outside the working tree (under - -index/--cached) or the current directory (when used as a replacement for GNU patch).
* \"git daemon\" looked up the hostname even when \"%CH\" and \"%IP\" interpolations are not requested, which was unnecessary.
* The \"interpolated-path\" option of \"git daemon\" inserted any string client declared on the \"host=\" capability request without checking. Sanitize and limit %H and %CH to a saner and a valid DNS name.
* Thu Mar 12 2015 tiwaiAATTsuse.de- Fix missing /usr/share/tcsh/git.complete (bnc#919105): git-tcsh-completion-fixes.diff was refreshed for generating the script correctly
* Sat Mar 07 2015 astiegerAATTsuse.com- git 2.3.2:
* \"update-index --refresh\" used to leak when an entry cannot be refreshed for whatever reason.
* \"git fast-import\" used to crash when it could not close and conclude the resulting packfile cleanly.
* \"git blame\" died, trying to free an uninitialized piece of memory.
* \"git merge-file\" did not work correctly in a subdirectory.
* \"git submodule add\" failed to squash \"path/to/././submodule\" to \"path/to/submodule\".
* In v2.2.0, we broke \"git prune\" that runs in a repository that borrows from an alternate object store.
* Certain older vintages of cURL give irregular output from \"curl-config --vernum\", which confused our build system.
* Longstanding configuration variable naming rules has been added to the documentation.
* Older GnuPG implementations may not correctly import the keyring material we prepare for the tests to use.
* Clarify in the documentation that \"remote..pushURL\" and \"remote..URL\" are there to name the same repository accessed via different transports, not two separate repositories.
* The pack bitmap support did not build with older versions of GCC.
* Reading configuration from a blob object, when it ends with a lone CR, use to confuse the configuration parser.
* We didn\'t format an integer that wouldn\'t fit in \"int\" but in \"uintmax_t\" correctly.
* \"git push --signed\" gave an incorrectly worded error message when the other side did not support the capability.
* \"git fetch\" over a remote-helper that cannot respond to \"list\" command could not fetch from a symbolic reference e.g. HEAD.
* The insn sheet \"git rebase -i\" creates did not fully honor core.abbrev settings.
* The tests that wanted to see that file becomes unreadable after running \"chmod a-r file\", and the tests that wanted to make sure it is not run as root, we used \"can we write into the / directory?\" as a cheap substitute, but on some platforms that is not a good heuristics. The tests and their prerequisites have been updated to check what they really require.
* The configuration variable \'mailinfo.scissors\' was hard to discover in the documentation.
* Correct a breakage to git-svn around v2.2 era that triggers premature closing of FileHandle.
* Even though we officially haven\'t dropped Perl 5.8 support, the Getopt::Long package that came with it does not support \"--no-\" prefix to negate a boolean option; manually add support to help people with older Getopt::Long package.
* Wed Mar 04 2015 schwabAATTlinux-m68k.org- Don\'t install dummy hg and bzr remote helpers
* Thu Feb 26 2015 astiegerAATTsuse.com- git 2.3.1:
* The interactive \"show a list and let the user choose from it\" interface \"add -i\" used showed and prompted to the user even when the candidate list was empty, against which the only \"choice\" the user could have made was to choose nothing.
* \"git apply --whitespace=fix\" used to under-allocate the memory when the fix resulted in a longer text than the original patch.
* \"git log --help\" used to show rev-list options that are irrelevant to the \"log\" command.
* The error message from \"git commit\", when a non-existing author name was given as value to the \"--author=\" parameter, has been reworded to avoid misunderstanding.
* A broken pack .idx file in the receiving repository prevented the dumb http transport from fetching a good copy of it from the other side.
* The documentation incorrectly said that C(opy) and R(ename) are the only ones that can be followed by the score number in the output in the --raw format.
* Fix a misspelled conditional that is always true.
* Code to read branch name from various files in .git/ directory would have misbehaved if the code to write them left an empty file.
* The \"git push\" documentation made the \"--repo=\" option easily misunderstood.
* After attempting and failing a password-less authentication (e.g. kerberos), libcURL refuses to fall back to password based Basic authentication without a bit of help/encouragement.
* Setting diff.submodule to \'log\' made \"git format-patch\" produce broken patches.
* \"git rerere\" (invoked internally from many mergy operations) did not correctly signal errors when told to update the working tree files and failed to do so for whatever reason.
* \"git blame HEAD -- missing\" failed to correctly say \"HEAD\" when it tried to say \"No such path \'missing\' in HEAD\".
* Fri Feb 06 2015 astiegerAATTsuse.com- git 2.3.0: Many small corrections and improvements.- UI, Workflows and Features:
* New GIT_SSH_COMMAND environment variable
* Can now store empty notes
* \"git interpret-trailers\" learned to properly handle the \"Conflicts:\" block at the end.
* \"git am\" learned \"--message-id\" option
* \"git clone --reference=\" learned the \"--dissociate\" option
* \"git send-email\" learned the \"--transfer-encoding\" option
* \"git send-email\" learned the \"--no-xmailer\" option
* \"git branch -d\" (delete) and \"git branch -m\" (move) learned to honor \"-f\" (force) flag
* \"git imap-send\" learned to take \"-v\" (verbose) and \"-q\" (quiet) command line options.
* Tue Jan 13 2015 andreas.stiegerAATTgmx.de- git 2.2.2: + \"git checkout $treeish $path\", when $path in the index and the working tree already matched what is in $treeish at the $path, still overwrote the $path unnecessarily. + \"git config --get-color\" did not parse its command line arguments carefully. + A few code paths used abs() when they should have used labs() on long integers. + \"gitweb\" used to depend on a behaviour recent CGI.pm deprecated. + \"git init\" (hence \"git clone\") initialized the per-repository configuration file .git/config with x-bit by mistake. + Git 2.0 was supposed to make the \"simple\" mode for the default of \"git push\", but it didn\'t. + \"Everyday\" document had a broken link. + The build procedure did not bother fixing perl and python scripts when NO_PERL and NO_PYTHON build-time configuration changed. + The code that reads the reflog from the newer to the older entries did not handle an entry that crosses a boundary of block it uses to read them correctly. + \"git apply\" was described in the documentation to take --ignore-date option, which it does not. + Traditionally we tried to avoid interpreting date strings given by the user as future dates, e.g. GIT_COMMITTER_DATE=2014-12-10 when used early November 2014 was taken as \"October 12, 2014\" because it is likely that a date in the future, December 10, is a mistake. This heuristics has been loosened to allow people to express future dates (most notably, --until= may want to be far in the future) and we no longer tiebreak by future-ness of the date when (1) ISO-like format is used, and (2) the string can make sense interpreted as both y-m-d and y-d-m. Git may still have to use the heuristics to tiebreak between dd/mm/yy and mm/dd/yy, though. + The code to abbreviate an object name to its short unique prefix has been optimized when no abbreviation was requested. + \"git add --ignore-errors ...\" did not ignore an error to give a file that did not exist. + Git did not correctly read an overlong refname from a packed refs file.
* Fri Dec 19 2014 andreas.stiegerAATTgmx.de- git 2.2.1 Fixes arbitrary command execution vulnerability on case- insensitive file systems. [boo#910756] [CVE-2014-9390] This is not a usual case on GNU/Linux, but this update prevents such commits to propagate to third parties (Windows, OS X) that may be vulnerable.
* Thu Nov 27 2014 andreas.stiegerAATTgmx.de- git 2.2.0: + improvements and updates to UI, Workflows, Features and options + better temporary file handling + API updates + bug fixes- package new git-subtree.html
* Tue Nov 18 2014 novellAATTmirell.de- Add git-credential-gnome-keyring subpackage for GNOME keyring credential storage support
* Mon Nov 17 2014 bwiedemannAATTsuse.com- Allow snapshot generation in apparmor profile (bnc#905707)
* Wed Oct 29 2014 andreas.stiegerAATTgmx.de- git 2.1.3:
* Some MUAs mangled a line in a message that begins with \"From \" to \">From \" when writing to a mailbox file and feeding such an input to \"git am\" used to lose such a line.
* \"git daemon\" (with NO_IPV6 build configuration) used to incorrectly use the hostname even when gethostbyname() reported that the given hostname is not found.
* Newer versions of \'meld\' breaks the auto-detection we use to see if they are new enough to support the `--output` option.
* \"git pack-objects\" forgot to disable the codepath to generate object recheability bitmap when it needs to split the resulting pack.
* \"gitweb\" used deprecated CGI::startfrom, which was removed from CGI.pm as of 4.04; use CGI::start_from instead.
* \"git log\" documentation had an example section marked up not quite correctly, which passed AsciiDoc but failed with AsciiDoctor.
* Also contains some documentation updates.
  
ICM