lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <xmqq7cdavgqa.fsf@gitster.g>
Date: Wed, 24 Jul 2024 10:31:57 -0700
From: Junio C Hamano <gitster@...ox.com>
To: git@...r.kernel.org
Cc: Linux Kernel <linux-kernel@...r.kernel.org>,
    git-packagers@...glegroups.com
Subject: [ANNOUNCE] Git v2.46.0-rc2

A release candidate Git v2.46.0-rc2 is now available for testing at
the usual places.  Relative to -rc1, we fix a few recent small
regressions and nothing else.

The tarballs are found at:

    https://www.kernel.org/pub/software/scm/git/testing/

The following public repositories all have a copy of the
'v2.46.0-rc2' tag and the 'master' branch that the tag points at:

  url = https://git.kernel.org/pub/scm/git/git
  url = https://kernel.googlesource.com/pub/scm/git/git
  url = git://repo.or.cz/alt-git.git
  url = https://github.com/gitster/git

----------------------------------------------------------------

Git v2.46 Release Notes (draft)
===============================

UI, Workflows & Features

 * The "--rfc" option of "git format-patch" learned to take an
   optional string value to be used in place of "RFC" to tweak the
   "[PATCH]" on the subject header.

 * The credential helper protocol, together with the HTTP layer, have
   been enhanced to support authentication schemes different from
   username & password pair, like Bearer and NTLM.

 * Command line completion script (in contrib/) learned to complete
   "git symbolic-ref" a bit better (you need to enable plumbing
   commands to be completed with GIT_COMPLETION_SHOW_ALL_COMMANDS).

 * When the user responds to a prompt given by "git add -p" with an
   unsupported command, list of available commands were given, which
   was too much if the user knew what they wanted to type but merely
   made a typo.  Now the user gets a much shorter error message.

 * The color parsing code learned to handle 12-bit RGB colors, spelled
   as "#RGB" (in addition to "#RRGGBB" that is already supported).

 * The operation mode options (like "--get") the "git config" command
   uses have been deprecated and replaced with subcommands (like "git
   config get").

 * "git tag" learned the "--trailer" option to futz with the trailers
   in the same way as "git commit" does.

 * A new global "--no-advice" option can be used to disable all advice
   messages, which is meant to be used only in scripts.

 * Updates to symbolic refs can now be made as a part of ref
   transaction.

 * The trailer API has been reshuffled a bit.

 * Terminology to call various ref-like things are getting
   straightened out.

 * The command line completion script (in contrib/) has been adjusted
   to the recent update to "git config" that adopted subcommand based
   UI.

 * The knobs to tweak how reftable files are written have been made
   available as configuration variables.

 * When "git push" notices that the commit at the tip of the ref on
   the other side it is about to overwrite does not exist locally, it
   used to first try fetching it if the local repository is a partial
   clone. The command has been taught not to do so and immediately
   fail instead.

 * The promisor.quiet configuration knob can be set to true to make
   lazy fetching from promisor remotes silent.

 * The inter/range-diff output has been moved to the end of the patch
   when format-patch adds it to a single patch, instead of writing it
   before the patch text, to be consistent with what is done for a
   cover letter for a multi-patch series.

 * A new command has been added to migrate a repository that uses the
   files backend for its ref storage to use the reftable backend, with
   limitations.

 * "git diff --exit-code --ext-diff" learned to take the exit status
   of the external diff driver into account when deciding the exit
   status of the overall "git diff" invocation when configured to do
   so.

 * "git update-ref --stdin" learned to handle transactional updates of
   symbolic-refs.

 * "git format-patch --interdiff" for multi-patch series learned to
   turn on cover letters automatically (unless told never to enable
   cover letter with "--no-cover-letter" and such).

 * The "--heads" option of "ls-remote" and "show-ref" has been been
   deprecated; "--branches" replaces "--heads".

 * For over a year, setting add.interactive.useBuiltin configuration
   variable did nothing but giving a "this does not do anything"
   warning.  The warning has been removed.

 * The http transport can now be told to send request with
   authentication material without first getting a 401 response.

 * A handful of entries are added to the GitFAQ document.

 * "git var GIT_SHELL_PATH" should report the path to the shell used
   to spawn external commands, but it didn't do so on Windows, which
   has been corrected.


Performance, Internal Implementation, Development Support etc.

 * Advertise "git contacts", a tool for newcomers to find people to
   ask review for their patches, a bit more in our developer
   documentation.

 * In addition to building the objects needed, try to link the objects
   that are used in fuzzer tests, to make sure at least they build
   without bitrot, in Linux CI runs.

 * Code to write out reftable has seen some optimization and
   simplification.

 * Tests to ensure interoperability between reftable written by jgit
   and our code have been added and enabled in CI.

 * The singleton index_state instance "the_index" has been eliminated
   by always instantiating "the_repository" and replacing references
   to "the_index"  with references to its .index member.

 * Git-GUI has a new maintainer, Johannes Sixt.

 * The "test-tool" has been taught to run testsuite tests in parallel,
   bypassing the need to use the "prove" tool.

 * The "whitespace check" task that was enabled for GitHub Actions CI
   has been ported to GitLab CI.

 * The refs API lost functions that implicitly assumes to work on the
   primary ref_store by forcing the callers to pass a ref_store as an
   argument.

 * Code clean-up to reduce inter-function communication inside
   builtin/config.c done via the use of global variables.

 * The pack bitmap code saw some clean-up to prepare for a follow-up topic.

 * Preliminary code clean-up for "git send-email".

 * The default "creation-factor" used by "git format-patch" has been
   raised to make it more aggressively find matching commits.

 * Before discovering the repository details, We used to assume SHA-1
   as the "default" hash function, which has been corrected. Hopefully
   this will smoke out codepaths that rely on such an unwarranted
   assumptions.

 * The project decision making policy has been documented.

 * The strcmp-offset tests have been rewritten using the unit test
   framework.

 * "git add -p" learned to complain when an answer with more than one
   letter is given to a prompt that expects a single letter answer.

 * The alias-expanded command lines are logged to the trace output.

 * A new test was added to ensure git commands that are designed to
   run outside repositories do work.

 * A few tests in reftable library have been rewritten using the
   unit test framework.

 * A pair of test helpers that essentially are unit tests on hash
   algorithms have been rewritten using the unit-tests framework.

 * A test helper that essentially is unit tests on the "decorate"
   logic has been rewritten using the unit-tests framework.

 * Many memory leaks in the sparse-checkout code paths have been
   plugged.

 * "make check-docs" noticed problems and reported to its output but
   failed to signal its findings with its exit status, which has been
   corrected.

 * Building with "-Werror -Wwrite-strings" is now supported.

 * To help developers, the build procedure now allows builders to use
   CFLAGS_APPEND to specify additional CFLAGS.

 * "oidtree" tests were rewritten to use the unit test framework.

 * The structure of the document that records longer-term project
   decisions to deprecate/remove/update various behaviour has been
   outlined.

 * The pseudo-merge reachability bitmap to help more efficient storage
   of the reachability bitmap in a repository with too many refs has
   been added.

 * When "git merge" sees that the index cannot be refreshed (e.g. due
   to another process doing the same in the background), it died but
   after writing MERGE_HEAD etc. files, which was useless for the
   purpose to recover from the failure.

 * The output from "git cat-file --batch-check" and "--batch-command
   (info)" should not be unbuffered, for which some tests have been
   added.

 * A CPP macro USE_THE_REPOSITORY_VARIABLE is introduced to help
   transition the codebase to rely less on the availability of the
   singleton the_repository instance.

 * "git version --build-options" reports the version information of
   OpenSSL and other libraries (if used) in the build.

 * Memory ownership rules for the in-core representation of
   remote.*.url configuration values have been straightened out, which
   resulted in a few leak fixes and code clarification.

 * When bundleURI interface fetches multiple bundles, Git failed to
   take full advantage of all bundles and ended up slurping duplicated
   objects, which has been corrected.

 * The code to deal with modified paths that are out-of-cone in a
   sparsely checked out working tree has been optimized.

 * An existing test of oidmap API has been rewritten with the
   unit-test framework.

 * The "ort" merge backend saw one bugfix for a crash that happens
   when inner merge gets killed, and assorted code clean-ups.

 * A new warning message is issued when a command has to expand a
   sparse index to handle working tree cruft that are outside of the
   sparse checkout.

 * The test framework learned to take the test body not as a single
   string but as a here-document.

 * "git push '' HEAD:there" used to hit a BUG(); it has been corrected
   to die with "fatal: bad repository ''".

 * What happens when http.cookieFile gets the special value "" has
   been clarified in the documentation.


Fixes since v2.45
-----------------

 * "git rebase --signoff" used to forget that it needs to add a
   sign-off to the resulting commit when told to continue after a
   conflict stops its operation.

 * The procedure to build multi-pack-index got confused by the
   replace-refs mechanism, which has been corrected by disabling the
   latter.

 * The "-k" and "--rfc" options of "format-patch" will now error out
   when used together, as one tells us not to add anything to the
   title of the commit, and the other one tells us to add "RFC" in
   addition to "PATCH".

 * "git stash -S" did not handle binary files correctly, which has
   been corrected.

 * A scheduled "git maintenance" job is expected to work on all
   repositories it knows about, but it stopped at the first one that
   errored out.  Now it keeps going.

 * zsh can pretend to be a normal shell pretty well except for some
   glitches that we tickle in some of our scripts. Work them around
   so that "vimdiff" and our test suite works well enough with it.

 * Command line completion support for zsh (in contrib/) has been
   updated to stop exposing internal state to end-user shell
   interaction.

 * Tests that try to corrupt in-repository files in chunked format did
   not work well on macOS due to its broken "mv", which has been
   worked around.

 * The maximum size of attribute files is enforced more consistently.

 * Unbreak CI jobs so that we do not attempt to use Python 2 that has
   been removed from the platform.

 * Git 2.43 started using the tree of HEAD as the source of attributes
   in a bare repository, which has severe performance implications.
   For now, revert the change, without ripping out a more explicit
   support for the attr.tree configuration variable.

 * The "--exit-code" option of "git diff" command learned to work with
   the "--ext-diff" option.

 * Windows CI running in GitHub Actions started complaining about the
   order of arguments given to calloc(); the imported regex code uses
   the wrong order almost consistently, which has been corrected.

 * Expose "name conflict" error when a ref creation fails due to D/F
   conflict in the ref namespace, to improve an error message given by
   "git fetch".
   (merge 9339fca23e it/refs-name-conflict later to maint).

 * The SubmittingPatches document now refers folks to manpages
   translation project.

 * The documentation for "git diff --name-only" has been clarified
   that it is about showing the names in the post-image tree.

 * The credential helper that talks with osx keychain learned to avoid
   storing back the authentication material it just got received from
   the keychain.
   (merge e1ab45b2da kn/osxkeychain-skip-idempotent-store later to maint).

 * The chainlint script (invoked during "make test") did nothing when
   it failed to detect the number of available CPUs.  It now falls
   back to 1 CPU to avoid the problem.

 * Revert overly aggressive "layered defence" that went into 2.45.1
   and friends, which broke "git-lfs", "git-annex", and other use
   cases, so that we can rebuild necessary counterparts in the open.

 * "git init" in an already created directory, when the user
   configuration has includeif.onbranch, started to fail recently,
   which has been corrected.

 * Memory leaks in "git mv" has been plugged.

 * The safe.directory configuration knob has been updated to
   optionally allow leading path matches.

 * An overly large ".gitignore" files are now rejected silently.

 * Upon expiration event, the credential subsystem forgot to clear
   in-core authentication material other than password (whose support
   was added recently), which has been corrected.

 * Fix for an embarrassing typo that prevented Python2 tests from running
   anywhere.

 * Varargs functions that are unannotated as printf-like or execl-like
   have been annotated as such.

 * "git am" has a safety feature to prevent it from starting a new
   session when there already is a session going.  It reliably
   triggers when a mbox is given on the command line, but it has to
   rely on the tty-ness of the standard input.  Add an explicit way to
   opt out of this safety with a command line option.
   (merge 62c71ace44 jk/am-retry later to maint).

 * A leak in "git imap-send" that somehow escapes LSan has been
   plugged.

 * Setting core.abbrev too early before the repository set-up
   (typically in "git clone") caused segfault, which as been
   corrected.

 * When the user adds to "git rebase -i" instruction to "pick" a merge
   commit, the error experience is not pleasant.  Such an error is now
   caught earlier in the process that parses the todo list.

 * We forgot to normalize the result of getcwd() to NFC on macOS where
   all other paths are normalized, which has been corrected.  This still
   does not address the case where core.precomposeUnicode configuration
   is not defined globally.

 * Earlier we stopped using the tree of HEAD as the default source of
   attributes in a bare repository, but failed to document it.  This
   has been corrected.

 * "git update-server-info" and "git commit-graph --write" have been
   updated to use the tempfile API to avoid leaving cruft after
   failing.

 * An unused extern declaration for mingw has been removed to prevent
   it from causing build failure.

 * A helper function shared between two tests had a copy-paste bug,
   which has been corrected.

 * "git fetch-pack -k -k" without passing "--lock-pack" (which we
   never do ourselves) did not work at all, which has been corrected.

 * CI job to build minimum fuzzers learned to pass NO_CURL=NoThanks to
   the build procedure, as its build environment does not offer, or
   the rest of the build needs, anything cURL.
   (merge 4e66b5a990 jc/fuzz-sans-curl later to maint).

 * "git diff --no-ext-diff" when diff.external is configured ignored
   the "--color-moved" option.
   (merge 0f4b0d4cf0 rs/diff-color-moved-w-no-ext-diff-fix later to maint).

 * "git archive --add-virtual-file=<path>:<contents>" never paid
   attention to the --prefix=<prefix> option but the documentation
   said it would. The documentation has been corrected.
   (merge 72c282098d jc/archive-prefix-with-add-virtual-file later to maint).

 * When GIT_PAGER failed to spawn, depending on the code path taken,
   we failed immediately (correct) or just spew the payload to the
   standard output (incorrect).  The code now always fail immediately
   when GIT_PAGER fails.
   (merge 78f0a5d187 rj/pager-die-upon-exec-failure later to maint).

 * date parser updates to be more careful about underflowing epoch
   based timestamp.
   (merge 9d69789770 db/date-underflow-fix later to maint).

 * The Bloom filter used for path limited history traversal was broken
   on systems whose "char" is unsigned; update the implementation and
   bump the format version to 2.
   (merge 9c8a9ec787 tb/path-filter-fix later to maint).

 * Typofix.
   (merge 231cf7370e as/pathspec-h-typofix later to maint).

 * Code clean-up.
   (merge 4b837f821e rs/simplify-submodule-helper-super-prefix-invocation later to maint).

 * "git describe --dirty --broken" forgot to refresh the index before
   seeing if there is any chang, ("git describe --dirty" correctly did
   so), which has been corrected.
   (merge b8ae42e292 as/describe-broken-refresh-index-fix later to maint).

 * Test suite has been taught not to unnecessarily rely on DNS failing
   a bogus external name.
   (merge 407cdbd271 jk/tests-without-dns later to maint).

 * GitWeb update to use committer date consistently in rss/atom feeds.
   (merge cf6ead095b am/gitweb-feed-use-committer-date later to maint).

 * Custom control structures we invented more recently have been
   taught to the clang-format file.
   (merge 1457dff9be rs/clang-format-updates later to maint).

 * Developer build procedure fix.
   (merge df32729866 tb/dev-build-pedantic-fix later to maint).

 * "git push" that pushes only deletion gave an unnecessary and
   harmless error message when push negotiation is configured, which
   has been corrected.
   (merge 4d8ee0317f jc/disable-push-nego-for-deletion later to maint).

 * Address-looking strings found on the trailer are now placed on the
   Cc: list after running through sanitize_address by "git send-email".
   (merge c852531f45 cb/send-email-sanitize-trailer-addresses later to maint).

 * Tests that use GIT_TEST_SANITIZE_LEAK_LOG feature got their exit
   status inverted, which has been corrected.
   (merge 8c1d6691bc rj/test-sanitize-leak-log-fix later to maint).

 * The http.cookieFile and http.saveCookies configuration variables
   have a few values that need to be avoided, which are now ignored
   with warning messages.
   (merge 4f5822076f jc/http-cookiefile later to maint).

 * Repacking a repository with multi-pack index started making stupid
   pack selections in Git 2.45, which has been corrected.
   (merge 8fb6d11fad ds/midx-write-repack-fix later to maint).

 * Fix documentation mark-up regression in 2.45.
   (merge 6474da0aa4 ja/doc-markup-updates-fix later to maint).

 * Work around asciidoctor's css that renders `monospace` material
   in the SYNOPSIS section of manual pages as block elements.
   (merge d44ce6ddd5 js/doc-markup-updates-fix later to maint).

 * Other code cleanup, docfix, build fix, etc.
   (merge 493fdae046 ew/object-convert-leakfix later to maint).
   (merge 00f3661a0a ss/doc-eol-attr-fix later to maint).
   (merge 428c40da61 ri/doc-show-branch-fix later to maint).
   (merge 58696bfcaa jc/where-is-bash-for-ci later to maint).
   (merge 616e94ca24 tb/doc-max-tree-depth-fix later to maint).

----------------------------------------------------------------

Changes since v2.46.0-rc1 are as follows:

Derrick Stolee (2):
      t5319: add failing test case for repack/expire
      midx-write: revert use of --stdin-packs

Jean-Noël Avila (1):
      doc: git-clone fix discrepancy between asciidoc and asciidoctor

Johannes Schindelin (1):
      asciidoctor: fix `synopsis` rendering

Junio C Hamano (2):
      Doc: fix Asciidoctor css workaround
      Git 2.46-rc2

Patrick Steinhardt (1):
      refs: fix format migration on Cygwin


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ