Mirror of https://git.kernel.org/pub/scm/git/git.git/ https://git.shady.money/git/atom?h=v2.18.2 2019-12-06T15:29:15Z 2019-12-06T15:29:15Z Johannes Schindelin johannes.schindelin@gmx.de 2019-12-04T21:21:20Z urn:sha1:14af7ed5a9c9c0ff2ea347bf54ed2af4b0e10cc2 * maint-2.17: (32 commits) Git 2.17.3 Git 2.16.6 test-drop-caches: use `has_dos_drive_prefix()` Git 2.15.4 Git 2.14.6 mingw: handle `subst`-ed "DOS drives" mingw: refuse to access paths with trailing spaces or periods mingw: refuse to access paths with illegal characters unpack-trees: let merged_entry() pass through do_add_entry()'s errors quote-stress-test: offer to test quoting arguments for MSYS2 sh t6130/t9350: prepare for stringent Win32 path validation quote-stress-test: allow skipping some trials quote-stress-test: accept arguments to test via the command-line tests: add a helper to stress test argument quoting mingw: fix quoting of arguments Disallow dubiously-nested submodule git directories protect_ntfs: turn on NTFS protection by default path: also guard `.gitmodules` against NTFS Alternate Data Streams is_ntfs_dotgit(): speed it up mingw: disallow backslash characters in tree objects' file names ... 2019-12-06T15:27:36Z Johannes Schindelin johannes.schindelin@gmx.de 2019-12-04T20:52:10Z urn:sha1:bdfef0492cada3fb36f454804796bf12c79a7136 * maint-2.16: (31 commits) Git 2.16.6 test-drop-caches: use `has_dos_drive_prefix()` Git 2.15.4 Git 2.14.6 mingw: handle `subst`-ed "DOS drives" mingw: refuse to access paths with trailing spaces or periods mingw: refuse to access paths with illegal characters unpack-trees: let merged_entry() pass through do_add_entry()'s errors quote-stress-test: offer to test quoting arguments for MSYS2 sh t6130/t9350: prepare for stringent Win32 path validation quote-stress-test: allow skipping some trials quote-stress-test: accept arguments to test via the command-line tests: add a helper to stress test argument quoting mingw: fix quoting of arguments Disallow dubiously-nested submodule git directories protect_ntfs: turn on NTFS protection by default path: also guard `.gitmodules` against NTFS Alternate Data Streams is_ntfs_dotgit(): speed it up mingw: disallow backslash characters in tree objects' file names path: safeguard `.git` against NTFS Alternate Streams Accesses ... 2019-12-06T15:27:18Z Johannes Schindelin johannes.schindelin@gmx.de 2019-12-04T20:38:25Z urn:sha1:9ac92fed5b63176e653c3c42e2b66cdd203c906f * maint-2.15: (29 commits) Git 2.15.4 Git 2.14.6 mingw: handle `subst`-ed "DOS drives" mingw: refuse to access paths with trailing spaces or periods mingw: refuse to access paths with illegal characters unpack-trees: let merged_entry() pass through do_add_entry()'s errors quote-stress-test: offer to test quoting arguments for MSYS2 sh t6130/t9350: prepare for stringent Win32 path validation quote-stress-test: allow skipping some trials quote-stress-test: accept arguments to test via the command-line tests: add a helper to stress test argument quoting mingw: fix quoting of arguments Disallow dubiously-nested submodule git directories protect_ntfs: turn on NTFS protection by default path: also guard `.gitmodules` against NTFS Alternate Data Streams is_ntfs_dotgit(): speed it up mingw: disallow backslash characters in tree objects' file names path: safeguard `.git` against NTFS Alternate Streams Accesses clone --recurse-submodules: prevent name squatting on Windows is_ntfs_dotgit(): only verify the leading segment ... 2019-12-06T15:26:55Z Johannes Schindelin johannes.schindelin@gmx.de 2019-12-04T20:26:31Z urn:sha1:d3ac8c3f27a507d0489d18b51d6deba6364a99ce * maint-2.14: (28 commits) Git 2.14.6 mingw: handle `subst`-ed "DOS drives" mingw: refuse to access paths with trailing spaces or periods mingw: refuse to access paths with illegal characters unpack-trees: let merged_entry() pass through do_add_entry()'s errors quote-stress-test: offer to test quoting arguments for MSYS2 sh t6130/t9350: prepare for stringent Win32 path validation quote-stress-test: allow skipping some trials quote-stress-test: accept arguments to test via the command-line tests: add a helper to stress test argument quoting mingw: fix quoting of arguments Disallow dubiously-nested submodule git directories protect_ntfs: turn on NTFS protection by default path: also guard `.gitmodules` against NTFS Alternate Data Streams is_ntfs_dotgit(): speed it up mingw: disallow backslash characters in tree objects' file names path: safeguard `.git` against NTFS Alternate Streams Accesses clone --recurse-submodules: prevent name squatting on Windows is_ntfs_dotgit(): only verify the leading segment test-path-utils: offer to run a protectNTFS/protectHFS benchmark ... 2019-12-05T14:36:51Z Johannes Schindelin johannes.schindelin@gmx.de 2019-10-01T21:27:18Z urn:sha1:a8dee3ca610f5a1d403634492136c887f83b59d2 Currently it is technically possible to let a submodule's git directory point right into the git dir of a sibling submodule. Example: the git directories of two submodules with the names `hippo` and `hippo/hooks` would be `.git/modules/hippo/` and `.git/modules/hippo/hooks/`, respectively, but the latter is already intended to house the former's hooks. In most cases, this is just confusing, but there is also a (quite contrived) attack vector where Git can be fooled into mistaking remote content for file contents it wrote itself during a recursive clone. Let's plug this bug. To do so, we introduce the new function `validate_submodule_git_dir()` which simply verifies that no git dir exists for any leading directories of the submodule name (if there are any). Note: this patch specifically continues to allow sibling modules names of the form `core/lib`, `core/doc`, etc, as long as `core` is not a submodule name. This fixes CVE-2019-1387. Reported-by: Nicolas Joly <Nicolas.Joly@microsoft.com> Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> 2018-06-04T12:39:48Z Junio C Hamano gitster@pobox.com 2018-06-04T12:39:48Z urn:sha1:f635b8d17b673ffb96c0f10d11751500e1892b2a "git pull -recurse-submodules --rebase", when the submodule repository's history did not have anything common between ours and the upstream's, failed to execute. We need to fetch from them to continue even in such a case. * jt/submodule-pull-recurse-rebase: submodule: do not pass null OID to setup_revisions 2018-05-30T12:51:27Z Junio C Hamano gitster@pobox.com 2018-05-30T12:51:27Z urn:sha1:0821b73063a6d4cfd2f61619b7afe01ce9c6d99e By code restructuring of submodule merge in merge-recursive, informational messages from the codepath are now given using the same mechanism as other output, and honor the merge.verbosity configuration. The code also learned to give a few new messages when a submodule three-way merge resolves cleanly when one side records a descendant of the commit chosen by the other side. * sb/submodule-merge-in-merge-recursive: merge-recursive: give notice when submodule commit gets fast-forwarded merge-recursive: i18n submodule merge output and respect verbosity submodule.c: move submodule merging to merge-recursive.c 2018-05-25T06:25:42Z Jonathan Tan jonathantanmy@google.com 2018-05-24T20:47:29Z urn:sha1:4d36f88be7401fb4ff225557aae05a458091b24b If "git pull --recurse-submodules --rebase" is invoked when the current branch and its corresponding remote-tracking branch have no merge base, a "bad object" fatal error occurs. This issue was introduced with commit a6d7eb2c7a ("pull: optionally rebase submodules (remote submodule changes only)", 2017-06-23), which also introduced this feature. This is because cmd_pull() in builtin/pull.c thus invokes submodule_touches_in_range() with a null OID as the first parameter. Ensure that this case works, and document what happens in this case. Signed-off-by: Jonathan Tan <jonathantanmy@google.com> Reviewed-by: Stefan Beller <sbeller@google.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> 2018-05-17T21:19:44Z Brandon Williams bmwill@google.com 2018-05-16T22:58:23Z urn:sha1:60fba4bf1670e6eabd61b04ebf86efedff866a50 Convert 'push_unpushed_submodules()' to take a 'struct refspec' as a parameter instead of an array of 'const char *'. Signed-off-by: Brandon Williams <bmwill@google.com> Signed-off-by: Junio C Hamano <gitster@pobox.com> 2018-05-16T01:08:43Z Stefan Beller sbeller@google.com 2018-05-15T20:00:28Z urn:sha1:18cfc0886617e28fb6d29d579bec0ffcdb439196 In a later patch we want to improve submodule merging by using the output() function in merge-recursive.c for submodule merges to deliver a consistent UI to users. To do so we could either make the output() function globally available so we can use it in submodule.c#merge_submodule(), or we could integrate the submodule merging into the merging code. Choose the later as we generally want to move submodules closer into the core. Therefore we move any function related to merging submodules (merge_submodule(), find_first_merges() and print_commit) to merge-recursive.c. We'll keep add_submodule_odb() in submodule.c as it is used by other submodule functions. While at it, add a TODO note that we do not really like the function add_submodule_odb(). This commit is best viewed with --color-moved. Signed-off-by: Stefan Beller <sbeller@google.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>