git/gitk-git/gitk, branch v2.50.1

Sync with 2.49.1

2025-06-16T04:54:23Z

Sync with 2.48.2

2025-06-13T00:13:35Z

* maint-2.48: Git 2.48.2 Git 2.47.3 Git 2.46.4 Git 2.45.4 Git 2.44.4 Git 2.43.7 wincred: avoid buffer overflow in wcsncat() bundle-uri: fix arbitrary file writes via parameter injection config: quote values containing CR character git-gui: sanitize 'exec' arguments: convert new 'cygpath' calls git-gui: do not mistake command arguments as redirection operators git-gui: introduce function git_redir for git calls with redirections git-gui: pass redirections as separate argument to git_read git-gui: pass redirections as separate argument to _open_stdout_stderr git-gui: convert git_read*, git_write to be non-variadic git-gui: override exec and open only on Windows gitk: sanitize 'open' arguments: revisit recently updated 'open' calls git-gui: use git_read in githook_read git-gui: sanitize $PATH on all platforms git-gui: break out a separate function git_read_nice git-gui: assure PATH has only absolute elements. git-gui: remove option --stderr from git_read git-gui: cleanup git-bash menu item git-gui: sanitize 'exec' arguments: background git-gui: avoid auto_execok in do_windows_shortcut git-gui: sanitize 'exec' arguments: simple cases git-gui: avoid auto_execok for git-bash menu item git-gui: treat file names beginning with "|" as relative paths git-gui: remove unused proc is_shellscript git-gui: remove git config --list handling for git < 1.5.3 git-gui: remove special treatment of Windows from open_cmd_pipe git-gui: remove HEAD detachment implementation for git < 1.5.3 git-gui: use only the configured shell git-gui: remove Tcl 8.4 workaround on 2>@1 redirection git-gui: make _shellpath usable on startup git-gui: use [is_Windows], not bad _shellpath git-gui: _which, only add .exe suffix if not present gitk: encode arguments correctly with "open" gitk: sanitize 'open' arguments: command pipeline gitk: collect construction of blameargs into a single conditional gitk: sanitize 'open' arguments: simple commands, readable and writable gitk: sanitize 'open' arguments: simple commands with redirections gitk: sanitize 'open' arguments: simple commands gitk: sanitize 'exec' arguments: redirect to process gitk: sanitize 'exec' arguments: redirections and background gitk: sanitize 'exec' arguments: redirections gitk: sanitize 'exec' arguments: 'eval exec' gitk: sanitize 'exec' arguments: simple cases gitk: have callers of diffcmd supply pipe symbol when necessary gitk: treat file names beginning with "|" as relative paths Signed-off-by: Taylor Blau Signed-off-by: Junio C Hamano

Merge branch 'master' of https://github.com/j6t/gitk

2025-05-29T16:02:14Z

* 'master' of https://github.com/j6t/gitk: gitk: do not hard-code color of search results in commit list gitk: place file name arguments after options in msgfmt call gitk: Legacy widgets doesn't have combobox

Sync with 2.47.3

2025-05-28T19:17:05Z

* maint-2.47: Git 2.47.3 Git 2.46.4 Git 2.45.4 Git 2.44.4 Git 2.43.7 wincred: avoid buffer overflow in wcsncat() bundle-uri: fix arbitrary file writes via parameter injection config: quote values containing CR character git-gui: sanitize 'exec' arguments: convert new 'cygpath' calls git-gui: do not mistake command arguments as redirection operators git-gui: introduce function git_redir for git calls with redirections git-gui: pass redirections as separate argument to git_read git-gui: pass redirections as separate argument to _open_stdout_stderr git-gui: convert git_read*, git_write to be non-variadic git-gui: override exec and open only on Windows gitk: sanitize 'open' arguments: revisit recently updated 'open' calls git-gui: use git_read in githook_read git-gui: sanitize $PATH on all platforms git-gui: break out a separate function git_read_nice git-gui: assure PATH has only absolute elements. git-gui: remove option --stderr from git_read git-gui: cleanup git-bash menu item git-gui: sanitize 'exec' arguments: background git-gui: avoid auto_execok in do_windows_shortcut git-gui: sanitize 'exec' arguments: simple cases git-gui: avoid auto_execok for git-bash menu item git-gui: treat file names beginning with "|" as relative paths git-gui: remove unused proc is_shellscript git-gui: remove git config --list handling for git < 1.5.3 git-gui: remove special treatment of Windows from open_cmd_pipe git-gui: remove HEAD detachment implementation for git < 1.5.3 git-gui: use only the configured shell git-gui: remove Tcl 8.4 workaround on 2>@1 redirection git-gui: make _shellpath usable on startup git-gui: use [is_Windows], not bad _shellpath git-gui: _which, only add .exe suffix if not present gitk: encode arguments correctly with "open" gitk: sanitize 'open' arguments: command pipeline gitk: collect construction of blameargs into a single conditional gitk: sanitize 'open' arguments: simple commands, readable and writable gitk: sanitize 'open' arguments: simple commands with redirections gitk: sanitize 'open' arguments: simple commands gitk: sanitize 'exec' arguments: redirect to process gitk: sanitize 'exec' arguments: redirections and background gitk: sanitize 'exec' arguments: redirections gitk: sanitize 'exec' arguments: 'eval exec' gitk: sanitize 'exec' arguments: simple cases gitk: have callers of diffcmd supply pipe symbol when necessary gitk: treat file names beginning with "|" as relative paths

Merge branch 'js/fix-open-exec'

2025-05-23T21:04:30Z

This addresses CVE-2025-27613, Gitk can create and truncate a user's files: When a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option "Support per-file encoding" must have been enabled before in Gitk's Preferences. This option is disabled by default. The same happens when "Show origin of this line" is used in the main window (regardless of whether "Support per-file encoding" is enabled or not). Signed-off-by: Johannes Sixt

Merge branch 'ah/fix-open-with-stdin'

2025-05-23T21:04:30Z

This addresses CVE-2025-27614, Arbitrary command execution with Gitk: A Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script (e.g., Bourne shell, Perl, Python, ...) supplied by the attacker by invoking `gitk filename`, where `filename` has a particular structure. The script is run with the privileges of the user. Signed-off-by: Johannes Sixt

Merge branch 'master' of https://github.com/j6t/gitk

2025-05-09T20:16:51Z

* 'master' of https://github.com/j6t/gitk: gitk: add Tamil translation gitk: limit PATH search to bare executable names gitk: _search_exe is no longer needed gitk: override $PATH search only on Windows gitk: adjust indentation to match the style used in this script

Merge branch 'master' of https://github.com/j6t/gitk

2025-02-20T13:59:56Z

* 'master' of https://github.com/j6t/gitk: gitk: introduce support for the Meson build system gitk: extract script to build executable gitk: make the "list references" default window width wider gitk: fix arrow keys in input fields with Tcl/Tk >= 8.6 gitk: Use an external icon file on Windows gitk: Unicode file name support gitk(Windows): avoid inadvertently calling executables in the worktree

Merge https://github.com/j6t/gitk

2024-12-18T00:17:28Z

* 'master' of https://github.com/j6t/gitk: gitk: offer "Copy commit ID to X11 selection" only on X11 gitk: support auto-copy comit ID to primary clipboard gitk: prefs dialog: refine Auto-select UI gitk: UI text: change "SHA1 ID" to "Commit ID" gitk: add text wrapping preferences gitk: make headings of preferences bold gitk: check main window visibility before waiting for it to show gitk: sv.po: Update Swedish translation (323t)

doc: switch links to https

2023-11-26T01:07:05Z

These sites offer https versions of their content. Using the https versions provides some protection for users. Signed-off-by: Josh Soref Signed-off-by: Junio C Hamano