diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 12:47:08 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 12:47:08 +0000 |
commit | 29b5ab554790bb57337a3b6ab9dcd963cf69d22e (patch) | |
tree | be1456d2bc6c1fb078695fad7bc8f6b212062d3c /docs | |
parent | Initial commit. (diff) | |
download | libgit2-upstream/1.7.2+ds.tar.xz libgit2-upstream/1.7.2+ds.zip |
Adding upstream version 1.7.2+ds.upstream/1.7.2+ds
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | docs/api-stability.md | 63 | ||||
-rw-r--r-- | docs/buffers.md | 63 | ||||
-rw-r--r-- | docs/changelog.md | 2450 | ||||
-rw-r--r-- | docs/checkout-internals.md | 231 | ||||
-rw-r--r-- | docs/code_of_conduct.md | 75 | ||||
-rw-r--r-- | docs/coding-style.md | 364 | ||||
-rw-r--r-- | docs/contributing.md | 183 | ||||
-rw-r--r-- | docs/conventions.md | 266 | ||||
-rw-r--r-- | docs/diff-internals.md | 92 | ||||
-rw-r--r-- | docs/differences-from-git.md | 27 | ||||
-rw-r--r-- | docs/error-handling.md | 284 | ||||
-rw-r--r-- | docs/fuzzing.md | 72 | ||||
-rw-r--r-- | docs/merge-df_conflicts.txt | 41 | ||||
-rw-r--r-- | docs/projects.md | 93 | ||||
-rw-r--r-- | docs/release.md | 83 | ||||
-rw-r--r-- | docs/threading.md | 110 | ||||
-rw-r--r-- | docs/troubleshooting.md | 13 | ||||
-rw-r--r-- | docs/win32-longpaths.md | 36 |
18 files changed, 4546 insertions, 0 deletions
diff --git a/docs/api-stability.md b/docs/api-stability.md new file mode 100644 index 0000000..a02e864 --- /dev/null +++ b/docs/api-stability.md @@ -0,0 +1,63 @@ +The maintainers of the libgit2 project believe that having a stable API +to program against is important for our users and the ecosystem - whether +you're building against the libgit2 C APIs directly, creating a wrapper to +a managed language, or programming against one of those managed wrappers +like LibGit2Sharp or Rugged. + +Our API stability considerations are: + +* Our standard API is considered stable through a major release. + + * We define our "standard API" to be anything included in the "git2.h" + header - in other words, anything defined in a header in the `git2` + directory. + + * APIs will maintain their signature and will not be removed within a + major release, but new APIs may be added. + + * Any APIs may be marked as deprecated within a major release, but will + not be removed until the next major release (at the earliest). You + may define `GIT_DEPRECATE_HARD` to produce compiler warnings if you + target these deprecated APIs. + + * We consider API compatibility to be against the C APIs. That means + that we may use macros to keep API compatibility - for example, if we + rename a structure from `git_widget_options` to `git_foobar_options` + then we would `#define git_widget_options git_foobar_options` to retain + API compatibility. Note that this does _not_ provide ABI compatibility. + +* Our systems API is only considered stable through a _minor_ release. + + * We define our "systems API" to be anything included in the `git2/sys` + directory. These are not "standard" APIs but are mechanisms to extend + libgit2 by adding new extensions - for example, a custom HTTPS transport, + TLS engine, or merge strategy. + + * Additionally, the cmake options and the resulting constants that it + produces to be "systems API". + + * Generally these mechanism are well defined and will not need significant + changes, but are considered a part of the library itself and may need + + * Systems API changes will be noted specially within a release's changelog. + +* Our ABI is only considered stable through a _minor_ release. + + * Our ABI consists of actual symbol names in the library, the function + signatures, and the actual layout of structures. These are only + stable within minor releases, they are not stable within major releases + (yet). + + * Since many FFIs use ABIs directly (for example, .NET P/Invoke or Rust), + this instability is unfortunate. + + * In a future major release, we will begin providing ABI stability + throughout the major release cycle. + + * ABI changes will be noted specially within a release's changelog. + +* Point releases are _generally_ only for bugfixes, and generally do _not_ + include new features. This means that point releases generally do _not_ + include new APIs. Point releases will never break API, systems API or + ABI compatibility. + diff --git a/docs/buffers.md b/docs/buffers.md new file mode 100644 index 0000000..2f2148b --- /dev/null +++ b/docs/buffers.md @@ -0,0 +1,63 @@ +Memory allocation and ownership +------------------------------- + +Any library needs to _take_ data from users, and then _return_ data to +users. With some types this is simple - integer parameters and return +types are trivial. But with more complex data types, things are more +complicated. Even something seemingly simple, like a C string, requires +discipline: we cannot simple return an allocated hunk of memory for +callers to `free`, since some systems have multiple allocators and users +cannot necessarily reason about the allocator used and which corresponding +deallocation function to call to free the memory. + +## Objects + +Most types in libgit2 are "opaque" types, which we treat as "objects" (even +though C is "not an object oriented language"). You may create an object - +for example, with `git_odb_new`, or libgit2 may return you an object as an +"out" parameter - for example, with `git_repository_open`. With any of +these objects, you should call their corresponding `_free` function (for +example, `git_odb_free` or `git_repository_free`) when you are done using +them. + +## Structures + +libgit2 will often take _input_ as structures (for example, options +structures like `git_merge_options`). Rarely, libgit2 will return data in +a structure. This is typically used for simpler data types, like `git_buf` +and `git_strarray`. Users should allocate the structure themselves (either +on the stack or the heap) and pass a pointer to it. Since libgit2 does not +allocate the structure itself, only the data inside of it, the deallocation +functions are suffixed with `_dispose` instead of `_free`, since they only +free the data _inside_ the structure. + +## Strings or continuous memory buffers (`git_buf`) + +libgit2 typically _takes_ NUL-terminated strings ("C strings") with a +`const char *`, and typically _takes_ raw data with a `const char *` and a +corresponding `size_t` for its size. libgit2 typically _returns_ strings +or raw data in a `git_buf` structure. The given data buffer will always be +NUL terminated (even if it contains binary data) and the `size` member will +always contain the size (in bytes) of the contents of the pointer (excluding +the NUL terminator). + +In other words, if a `git_buf` contains the string `foo` then the memory +buffer will be { `f`, `o`, `o`, `\0` } and the size will be `3`. + +Callers _must_ initialize the buffer with `GIT_BUF_INIT` (or by setting +all the members to `0`) when it is created, before passing a pointer +to the buffer to libgit2 for the first time. + +Subsequent calls to libgit2 APIs that take a buffer can re-use a +buffer that was previously used. The buffer will be cleared and grown +to accommodate the new contents (if necessary). The new data will +written into the buffer, overwriting the previous contents. This +allows callers to reduce the number of allocations performed by the +library. + +Callers must call `git_buf_dispose` when they have finished. + +Note that the deprecated `git_diff_format_email` API does not follow +this behavior; subsequent calls will concatenate data to the buffer +instead of rewriting it. Users should move to the new `git_email` +APIs that follow the `git_buf` standards. diff --git a/docs/changelog.md b/docs/changelog.md new file mode 100644 index 0000000..1748309 --- /dev/null +++ b/docs/changelog.md @@ -0,0 +1,2450 @@ +v1.7.2 +------ + +## What's Changed + +This release fixes three bugs that can cause undefined behavior when given well-crafted inputs, either in input files or over network connections. These bugs may be able to be leveraged to cause denial of service attacks or unauthorized code execution. + +Two of these issues were discovered and reported by security engineers at Amazon Web Services. We thank the AWS Security team for their efforts to identify these issues, provide helpful reproduction cases, and responsibly disclose their findings. + +### Security fixes + +* transport: safely handle messages with no caps +* revparse: fix parsing bug for trailing `@` +* index: correct index has_dir_name check + +**Full Changelog**: https://github.com/libgit2/libgit2/compare/v1.7.1...v1.7.2 + +v1.7.1 +------ + +## What's Changed + +### Bug fixes + +* proxy: Return an error for invalid proxy URLs instead of crashing. by @lrm29 in https://github.com/libgit2/libgit2/pull/6597 +* ssh: fix known_hosts leak in _git_ssh_setup_conn by @steven9724 in https://github.com/libgit2/libgit2/pull/6599 +* repository: make cleanup safe for re-use with grafts by @carlosmn in https://github.com/libgit2/libgit2/pull/6600 +* fix: Add missing include for oidarray. by @dvzrv in https://github.com/libgit2/libgit2/pull/6608 +* Revert "CMake: Search for ssh2 instead of libssh2." by @ethomson in https://github.com/libgit2/libgit2/pull/6619 + +### Compatibility improvements + +* stransport: macOS: replace errSSLNetworkTimeout, with hard-coded value by @mascguy in https://github.com/libgit2/libgit2/pull/6610 + +## New Contributors +* @dvzrv made their first contribution in https://github.com/libgit2/libgit2/pull/6608 +* @steven9724 made their first contribution in https://github.com/libgit2/libgit2/pull/6599 + +**Full Changelog**: https://github.com/libgit2/libgit2/compare/v1.7.0...v1.7.1 + +v1.7 +---- + +This is release v1.7.0, "Kleine Raupe Nimmersatt". This release adds +shallow clone support, completes the experimental SHA256 support, +adds Schannel support for Windows, and includes many other new +features and bugfixes. + +## Major changes + +* **Shallow clone support** + libgit2 now supports shallow clone and shallow repositories, thanks + to a significant investment from many community members -- hundreds + of commits by many contributors. + + * Shallow (#6396) with some fixes from review by @ethomson in + https://github.com/libgit2/libgit2/pull/6557 + * Shallow Clone Support by @lya001 in + https://github.com/libgit2/libgit2/pull/6396 + * Shallow support v2 by @pks-t in + https://github.com/libgit2/libgit2/pull/5254 + +* **SHA256 support** + libgit2 should now support SHA256 repositories using the + `extensions.objectFormat` configuration option when the library is + built with `EXPERIMENTAL_SHA256=ON`. Users are encouraged to begin + testing their applications with this option and provide bug reports + and feedback. This _is_ a breaking API change; SHA256 support will + be enabled by default in libgit2 v2.0. + + * sha256: less hardcoded SHA1 types and lengths by @ethomson in + https://github.com/libgit2/libgit2/pull/6549 + * Support SHA256 in git_repository_wrap_odb by @ethomson in + https://github.com/libgit2/libgit2/pull/6556 + +* **Schannel and SSPI for Windows** + libgit2 now supports the Windows Schannel and SSPI APIs for HTTPS + support on Windows, when configured with `USE_HTTPS=Schannel`. + Setting this option will not use the existing WinHTTP support, but + will use libgit2's standard HTTP client stack with Windows TLS + primitives. Windows users are encouraged to begin testing their + applications with this option and provide bug reports and feedback. + This will be enabled by default in a future version of libgit2. + + * Introduce Schannel and SSPI for Windows by @ethomson in + https://github.com/libgit2/libgit2/pull/6533 + +## Breaking changes + +* **Simplify custom pluggable allocator** (System API / ABI breaking change) + The `git_allocator` structure (configurable by the + `GIT_OPT_SET_ALLOCATOR` option) now only contains `gmalloc`, + `grealloc` and `gfree` members. This simplifies both the work needed + by an implementer _and_ allows more flexibility and correctness in + libgit2 itself, especially during out-of-memory situations and + errors during bootstrapping. + + * tests: add allocator with limited number of bytes by @ethomson in + https://github.com/libgit2/libgit2/pull/6563 + +## Other changes + +### New features +* repo: honor environment variables for more scenarios by @ethomson in + https://github.com/libgit2/libgit2/pull/6544 +* Introduce timeouts on sockets by @ethomson in + https://github.com/libgit2/libgit2/pull/6535 + +### Performance improvements +* midx: do not try to look at every object in the index by @carlosmn in + https://github.com/libgit2/libgit2/pull/6585 +* Partial fix for #6532: insert-by-date order. by @arroz in + https://github.com/libgit2/libgit2/pull/6539 + +### Bug fixes +* repo: don't allow repeated extensions by @ethomson in + https://github.com/libgit2/libgit2/pull/6505 +* config: return `GIT_ENOTFOUND` for missing programdata by @ethomson in + https://github.com/libgit2/libgit2/pull/6547 +* Fix missing oid type for "fake" repositories by @oreiche in + https://github.com/libgit2/libgit2/pull/6554 +* Thread-local storage: handle failure cases by @ethomson in + https://github.com/libgit2/libgit2/pull/5722 +* midx: allow unknown chunk ids in multi-pack index files by @carlosmn in + https://github.com/libgit2/libgit2/pull/6583 +* pack: cast the number of objects to size_t by @carlosmn in + https://github.com/libgit2/libgit2/pull/6584 +* Fixes #6344: git_branch_move now renames the reflog instead of deleting + by @arroz in https://github.com/libgit2/libgit2/pull/6345 +* #6576 git_diff_index_to_workdir reverse now loads untracked content by + @arroz in https://github.com/libgit2/libgit2/pull/6577 + +### Build and CI improvements +* meta: the main branch is now v1.7.0 by @ethomson in + https://github.com/libgit2/libgit2/pull/6516 +* xdiff: move xdiff to 'deps' by @ethomson in + https://github.com/libgit2/libgit2/pull/6482 +* util: detect all possible qsort_r and qsort_s variants by + @DimitryAndric in https://github.com/libgit2/libgit2/pull/6555 +* Work around -Werror problems when detecting qsort variants by + @DimitryAndric in https://github.com/libgit2/libgit2/pull/6558 +* actions: simplify execution with composite action by @ethomson in + https://github.com/libgit2/libgit2/pull/6488 +* CMake: Search for ssh2 instead of libssh2. by @Faless in + https://github.com/libgit2/libgit2/pull/6586 + +### Documentation improvements +* docs: fix IRC server from freenode to libera by @vincenzopalazzo in + https://github.com/libgit2/libgit2/pull/6590 + +### Dependency upgrades +* Update xdiff to git 2.40.1's version by @ethomson in + https://github.com/libgit2/libgit2/pull/6561 +* deps: update pcre to 8.45 by @ethomson in + https://github.com/libgit2/libgit2/pull/6593 + +## New Contributors +* @oreiche made their first contribution in + https://github.com/libgit2/libgit2/pull/6554 +* @DimitryAndric made their first contribution in + https://github.com/libgit2/libgit2/pull/6555 +* @vincenzopalazzo made their first contribution in + https://github.com/libgit2/libgit2/pull/6590 +* @Faless made their first contribution in + https://github.com/libgit2/libgit2/pull/6586 + +**Full Changelog**: https://github.com/libgit2/libgit2/compare/v1.6.3...v1.7.0 + +v1.6.3 +------ + +## What's Changed + +### Bug fixes + +* odb: restore `git_odb_open` by @ethomson in https://github.com/libgit2/libgit2/pull/6520 +* Ensure that `git_index_add_all` handles ignored directories by @ethomson in https://github.com/libgit2/libgit2/pull/6521 +* pack: use 64 bits for the number of objects by @carlosmn in https://github.com/libgit2/libgit2/pull/6530 + +### Build and CI improvements + +* Remove unused wditer variable by @georgthegreat in https://github.com/libgit2/libgit2/pull/6518 +* fs_path: let root run the ownership tests by @ethomson in https://github.com/libgit2/libgit2/pull/6513 +* sysdir: Do not declare win32 functions on non-win32 platforms by @Batchyx in https://github.com/libgit2/libgit2/pull/6527 +* cmake: don't include `include/git2` by @ethomson in https://github.com/libgit2/libgit2/pull/6529 + +## New Contributors +* @georgthegreat made their first contribution in https://github.com/libgit2/libgit2/pull/6518 + +**Full Changelog**: https://github.com/libgit2/libgit2/compare/v1.6.2...v1.6.3 + +v1.6.2 +------ + +## What's Changed +### Bug fixes + +* remote: always populate old id in update tips by @ethomson in https://github.com/libgit2/libgit2/pull/6506 + The update tips callback would not always be properly provided with an empty (`0000000...`) OID for new refs. + +* Revert #6503 by @ethomson in https://github.com/libgit2/libgit2/pull/6511 + The certificate callback added port information for callbacks in #6503, but the format was ambiguous with IPv6 addresses. Revert this change temporarily. + +* Add `git_odb_backend_loose` back by @ethomson in https://github.com/libgit2/libgit2/pull/6512 + During SHA256 refactoring, the `git_odb_backend_loose` API was accidentally removed. Add it back. + +* meta: configure pkg-config .pc correctly by @ethomson in https://github.com/libgit2/libgit2/pull/6514 + During SHA256 refactoring, the pkg-config `.pc` file was erroneously renamed to `git2` instead of `libgit2`. Repair this. + +**Full Changelog**: https://github.com/libgit2/libgit2/compare/v1.6.1...v1.6.2 + +v1.6 +---- + +This is release v1.6.1, "Hubbeliges Krokodil". This release adds experimental SHA256 support and includes many new features and bugfixes. This release replaces libgit2 v1.6.0, which did not correctly update its version number(s). + +## What's Changed + +### New features + +* **Support for bare repositories with SHA256 support (experimental)** by @ethomson in https://github.com/libgit2/libgit2/pull/6191 + You can configure experimental SHA256 support in libgit2 with `cmake -DEXPERIMENTAL_SHA256=ON` during project setup. This is useful for considering future integrations, work on clients, and work on language bindings. At present, working with bare repositories should largely work, including remote operations. But many pieces of functionality - including working with the index - are not yet supported. As a result, **libgit2 with SHA256 support should not be used in production or released with package distribution.** + +* **Support the notion of a home directory separately from global configuration directory** by @ethomson in https://github.com/libgit2/libgit2/pull/6455 and https://github.com/libgit2/libgit2/pull/6456 + Callers and language bindings can now configure the home directory that libgit2 uses for file lookups (eg, the `.ssh` directory). This configuration is separate from the git global configuration path. + +* **stash: partial stash specific files** by @gitkraken-jacobw in https://github.com/libgit2/libgit2/pull/6330 + A stash can be created with only specific files, using a pathspec. This is similar to the `git stash push` command. + +* **push: revparse refspec source, so you can push things that are not refs** by @sven-of-cord in https://github.com/libgit2/libgit2/pull/6362 + Pushes can be performed using refspecs instead of only references. + +* **Support OpenSSL3** by @ethomson in https://github.com/libgit2/libgit2/pull/6464 and https://github.com/libgit2/libgit2/pull/6471 + OpenSSL 3 is now supported, both when compiled directly and dynamically loaded. + +### Bug fixes +* winhttp: support long custom headers by @kcsaul in https://github.com/libgit2/libgit2/pull/6363 +* Fix memory leak by @csware in https://github.com/libgit2/libgit2/pull/6382 +* Don't fail the whole clone if you can't find a default branch by @torvalds in https://github.com/libgit2/libgit2/pull/6369 +* #6366: When a worktree is missing, return `GIT_ENOTFOUND`. by @arroz in https://github.com/libgit2/libgit2/pull/6395 +* commit-graph: only verify csum on `git_commit_graph_open()`. by @derrickstolee in https://github.com/libgit2/libgit2/pull/6420 +* Ignore missing 'safe.directory' config during ownership checks by @kcsaul in https://github.com/libgit2/libgit2/pull/6408 +* Fix leak in `git_tag_create_from_buffer` by @julianmesa-gitkraken in https://github.com/libgit2/libgit2/pull/6421 +* http: Update httpclient options when reusing an existing connection. by @slackner in https://github.com/libgit2/libgit2/pull/6416 +* Add support for `safe.directory *` by @csware in https://github.com/libgit2/libgit2/pull/6429 +* URL parsing for google-compatible URLs by @ethomson in https://github.com/libgit2/libgit2/pull/6326 +* Fixes #6433: `git_submodule_update` fails to update configured but missing submodule by @tagesuhu in https://github.com/libgit2/libgit2/pull/6434 +* transport: fix capabilities calculation by @russell in https://github.com/libgit2/libgit2/pull/6435 +* push: use resolved oid as the source by @ethomson in https://github.com/libgit2/libgit2/pull/6452 +* Use `git_clone__submodule` to avoid file checks in workdir by @abizjak in https://github.com/libgit2/libgit2/pull/6444 +* #6422: handle dangling symbolic refs gracefully by @arroz in https://github.com/libgit2/libgit2/pull/6423 +* `diff_file`: Fix crash when freeing a patch representing an empty untracked file by @jorio in https://github.com/libgit2/libgit2/pull/6475 +* clone: clean up options on failure by @ethomson in https://github.com/libgit2/libgit2/pull/6479 +* stash: update strarray usage by @ethomson in https://github.com/libgit2/libgit2/pull/6487 +* #6491: Sets `oid_type` on repos open with `git_repository_open_bare` by @arroz in https://github.com/libgit2/libgit2/pull/6492 +* Handle Win32 shares by @ethomson in https://github.com/libgit2/libgit2/pull/6493 +* Make failure to connect to ssh-agent non-fatal by @fxcoudert in https://github.com/libgit2/libgit2/pull/6497 +* odb: don't unconditionally add `oid_type` to stream by @ethomson in https://github.com/libgit2/libgit2/pull/6499 +* Pass hostkey & port to host verify callback by @fxcoudert in https://github.com/libgit2/libgit2/pull/6503 + +### Code cleanups +* meta: update version number to v1.6.0-alpha by @ethomson in https://github.com/libgit2/libgit2/pull/6352 +* sha256: indirection for experimental functions by @ethomson in https://github.com/libgit2/libgit2/pull/6354 +* Delete `create.c.bak` by @lrm29 in https://github.com/libgit2/libgit2/pull/6398 +* Support non-cmake builds with an in-tree `experimental.h` by @ethomson in https://github.com/libgit2/libgit2/pull/6405 + +### Build and CI improvements +* tests: skip flaky-ass googlesource tests by @ethomson in https://github.com/libgit2/libgit2/pull/6353 +* clar: remove ftrunacte from libgit2 tests by @boretrk in https://github.com/libgit2/libgit2/pull/6357 +* CI Improvements by @ethomson in https://github.com/libgit2/libgit2/pull/6403 +* fix compile on Windows with `-DWIN32_LEAN_AND_MEAN` by @christoph-cullmann in https://github.com/libgit2/libgit2/pull/6373 +* Fixes #6365 : Uppercase windows.h include fails build in case-sensitive OS by @Vinz2008 in https://github.com/libgit2/libgit2/pull/6377 +* ci: update version numbers of actions by @ethomson in https://github.com/libgit2/libgit2/pull/6448 +* thread: avoid warnings when building without threads by @ethomson in https://github.com/libgit2/libgit2/pull/6432 +* src: hide unused hmac() prototype by @0-wiz-0 in https://github.com/libgit2/libgit2/pull/6458 +* tests: update clar test runner by @ethomson in https://github.com/libgit2/libgit2/pull/6459 +* ci: always create test summaries, even on failure by @ethomson in https://github.com/libgit2/libgit2/pull/6460 +* Fix build failure with `-DEMBED_SSH_PATH` by @vicr123 in https://github.com/libgit2/libgit2/pull/6374 +* Define correct `off64_t` for AIX by @bzEq in https://github.com/libgit2/libgit2/pull/6376 +* Fix some warnings in main by @ethomson in https://github.com/libgit2/libgit2/pull/6480 +* strarray: remove deprecated declaration by @ethomson in https://github.com/libgit2/libgit2/pull/6486 +* tests: always unset `HTTP_PROXY` before starting tests by @ethomson in https://github.com/libgit2/libgit2/pull/6498 + +### Documentation improvements +* add 2-clause BSD license to COPYING by @martinvonz in https://github.com/libgit2/libgit2/pull/6413 +* Add new PHP bindings project to language bindings section of README.md by @RogerGee in https://github.com/libgit2/libgit2/pull/6473 +* README: clarify the linking exception by @ethomson in https://github.com/libgit2/libgit2/pull/6494 +* Correct the definition of "empty" in the docs for `git_repository_is_empty` by @timrogers in https://github.com/libgit2/libgit2/pull/6500 + +## New Contributors +* @christoph-cullmann made their first contribution in https://github.com/libgit2/libgit2/pull/6373 +* @Vinz2008 made their first contribution in https://github.com/libgit2/libgit2/pull/6377 +* @torvalds made their first contribution in https://github.com/libgit2/libgit2/pull/6369 +* @derrickstolee made their first contribution in https://github.com/libgit2/libgit2/pull/6420 +* @julianmesa-gitkraken made their first contribution in https://github.com/libgit2/libgit2/pull/6421 +* @slackner made their first contribution in https://github.com/libgit2/libgit2/pull/6416 +* @martinvonz made their first contribution in https://github.com/libgit2/libgit2/pull/6413 +* @tagesuhu made their first contribution in https://github.com/libgit2/libgit2/pull/6434 +* @russell made their first contribution in https://github.com/libgit2/libgit2/pull/6435 +* @sven-of-cord made their first contribution in https://github.com/libgit2/libgit2/pull/6362 +* @0-wiz-0 made their first contribution in https://github.com/libgit2/libgit2/pull/6458 +* @abizjak made their first contribution in https://github.com/libgit2/libgit2/pull/6444 +* @vicr123 made their first contribution in https://github.com/libgit2/libgit2/pull/6374 +* @bzEq made their first contribution in https://github.com/libgit2/libgit2/pull/6376 +* @gitkraken-jacobw made their first contribution in https://github.com/libgit2/libgit2/pull/6330 +* @fxcoudert made their first contribution in https://github.com/libgit2/libgit2/pull/6497 +* @timrogers made their first contribution in https://github.com/libgit2/libgit2/pull/6500 + +**Full Changelog**: https://github.com/libgit2/libgit2/compare/v1.5.0...v1.6.0 + +v1.5 +---- + +This is release v1.5.0, "Stubentiger". This release adds the basis for an experimental CLI, continues preparing for SHA256 support, adds a benchmarking utility, and has numerous new features and bugfixes. + +## What's Changed +### New features +* The beginnings of a git-compatible CLI for testing and benchmarking by @ethomson in https://github.com/libgit2/libgit2/pull/6133 +* Add `clone` support to the CLI @ethomson in https://github.com/libgit2/libgit2/pull/6274 +* A benchmarking suite to compare libgit2 functionality against git by @ethomson in https://github.com/libgit2/libgit2/pull/6235 +* SHA256: add a SHA256 implementation backend by @ethomson in https://github.com/libgit2/libgit2/pull/6144 +* SHA256: support dynamically loaded openssl by @ethomson in https://github.com/libgit2/libgit2/pull/6258 +* Transport: introduce `git_transport_smart_remote_connect_options` by @lhchavez in https://github.com/libgit2/libgit2/pull/6278 +### Bug fixes +* Free parent and ref in lg2_commit before returning. by @apnadkarni in https://github.com/libgit2/libgit2/pull/6219 +* xdiff: use xdl_free not free by @ethomson in https://github.com/libgit2/libgit2/pull/6223 +* remote: do store the update_tips callback error value by @carlosmn in https://github.com/libgit2/libgit2/pull/6226 +* win32: `find_system_dirs` does not return `GIT_ENOTFOUND` by @ethomson in https://github.com/libgit2/libgit2/pull/6228 +* Some minor fixes for issues discovered by coverity by @ethomson in https://github.com/libgit2/libgit2/pull/6238 +* Fix a string concatenation bug when validating extensions by @bierbaum in https://github.com/libgit2/libgit2/pull/6246 +* fetch: support OID refspec without dst by @ethomson in https://github.com/libgit2/libgit2/pull/6251 +* Fix crash when regenerating a patch with unquoted spaces in filename by @jorio in https://github.com/libgit2/libgit2/pull/6244 +* midx: Fix an undefined behavior (left-shift signed overflow) by @lhchavez in https://github.com/libgit2/libgit2/pull/6260 +* Validate repository directory ownership by @ethomson in https://github.com/libgit2/libgit2/pull/6266 +* midx: fix large offset table check. by @ccstolley in https://github.com/libgit2/libgit2/pull/6309 +* midx: do not verify the checksum on load by @carlosmn in https://github.com/libgit2/libgit2/pull/6291 +* revparse: Remove error-prone, redundant test by @dongcarl in https://github.com/libgit2/libgit2/pull/6299 +* refs: fix missing error message by @zawata in https://github.com/libgit2/libgit2/pull/6305 +* CLI: progress updates by @ethomson in https://github.com/libgit2/libgit2/pull/6319 +* A couple of simplications around mwindow by @carlosmn in https://github.com/libgit2/libgit2/pull/6288 +* config: update config entry iteration lifecycle by @ethomson in https://github.com/libgit2/libgit2/pull/6320 +* repo: allow administrator to own the configuration by @ethomson in https://github.com/libgit2/libgit2/pull/6321 +* filter: Fix Segfault by @zawata in https://github.com/libgit2/libgit2/pull/6303 +* ntlmclient: LibreSSL 3.5 removed HMAC_CTX_cleanup by @vishwin in https://github.com/libgit2/libgit2/pull/6340 +* Fix internal git_sysdir_find* function usage within public git_config_find* functions by @kcsaul in https://github.com/libgit2/libgit2/pull/6335 +* fix interactive rebase detect. by @i-tengfei in https://github.com/libgit2/libgit2/pull/6334 +* cmake: drop posix dependency from pcre* detection by @jpalus in https://github.com/libgit2/libgit2/pull/6333 +* Fix erroneously lax configuration ownership checks by @ethomson in https://github.com/libgit2/libgit2/pull/6341 +* pack: don't pretend we support pack files v3 by @ethomson in https://github.com/libgit2/libgit2/pull/6347 +* Fix creation of branches and tags with invalid names by @lya001 in https://github.com/libgit2/libgit2/pull/6348 +### Security fixes +* Fixes for CVE 2022-29187 by @ethomson in https://github.com/libgit2/libgit2/pull/6349 +* zlib: update bundled zlib to v1.2.12 by @ethomson in https://github.com/libgit2/libgit2/pull/6350 +### Code cleanups +* sha256: refactoring in preparation for sha256 by @ethomson in https://github.com/libgit2/libgit2/pull/6265 +* remote: Delete a now-inexistent API declaration by @lhchavez in https://github.com/libgit2/libgit2/pull/6276 +* Fix missing include by @cschlack in https://github.com/libgit2/libgit2/pull/6277 +### Build and CI improvements +* meta: show build status for v1.3 and v1.4 branches by @ethomson in https://github.com/libgit2/libgit2/pull/6216 +* cmake: Fix package name for system http-parser by @mgorny in https://github.com/libgit2/libgit2/pull/6217 +* meta: update version number to v1.5.0-alpha by @ethomson in https://github.com/libgit2/libgit2/pull/6220 +* cmake: export libraries needed to compile against libgit2 by @ethomson in https://github.com/libgit2/libgit2/pull/6239 +* clone: update bitbucket tests by @ethomson in https://github.com/libgit2/libgit2/pull/6252 +* diff: don't stat empty file on arm32 (flaky test) by @ethomson in https://github.com/libgit2/libgit2/pull/6259 +* tests: support flaky stat by @ethomson in https://github.com/libgit2/libgit2/pull/6262 +* Include test results data in CI by @ethomson in https://github.com/libgit2/libgit2/pull/6306 +* Add a .clang-format with our style by @ethomson in https://github.com/libgit2/libgit2/pull/6023 +* CI: limits actions scheduled workflows to the main repo by @ethomson in https://github.com/libgit2/libgit2/pull/6342 +* ci: update dockerfiles for mbedTLS new url by @ethomson in https://github.com/libgit2/libgit2/pull/6343 +### Documentation improvements +* Add Pharo to language bindings by @theseion in https://github.com/libgit2/libgit2/pull/6310 +* Add link to Tcl bindings for libgit2 by @apnadkarni in https://github.com/libgit2/libgit2/pull/6318 +* fix couple of typos by @SkinnyMind in https://github.com/libgit2/libgit2/pull/6287 +* update documentation for default status options by @ethomson in https://github.com/libgit2/libgit2/pull/6322 + +## New Contributors +* @bierbaum made their first contribution in https://github.com/libgit2/libgit2/pull/6246 +* @dongcarl made their first contribution in https://github.com/libgit2/libgit2/pull/6299 +* @SkinnyMind made their first contribution in https://github.com/libgit2/libgit2/pull/6287 +* @zawata made their first contribution in https://github.com/libgit2/libgit2/pull/6305 +* @vishwin made their first contribution in https://github.com/libgit2/libgit2/pull/6340 +* @i-tengfei made their first contribution in https://github.com/libgit2/libgit2/pull/6334 +* @jpalus made their first contribution in https://github.com/libgit2/libgit2/pull/6333 +* @lya001 made their first contribution in https://github.com/libgit2/libgit2/pull/6348 + +**Full Changelog**: https://github.com/libgit2/libgit2/compare/v1.4.0...v1.5.0 + +v1.4 +---- + +This is release v1.4.0, "Fisematenten". This release includes several new features and bugfixes, improves compatibility with git, and begins preparation for SHA256 support in a future release. + +## What's Changed +### New features +* diff: update rename limit to 1000 to match git's behavior by @ethomson in https://github.com/libgit2/libgit2/pull/6092 +* odb: support checking for object existence without refresh by @joshtriplett in https://github.com/libgit2/libgit2/pull/6107 +* object: provide a low-level mechanism to validate whether a raw object is valid (`git_object_rawcontent_is_valid`) by @ethomson in https://github.com/libgit2/libgit2/pull/6128 +* blob: provide a function to identify binary content by @ethomson in https://github.com/libgit2/libgit2/pull/6142 +* status: add `rename_threshold` to `git_status_options`. by @arroz in https://github.com/libgit2/libgit2/pull/6158 +* remote: support `http.followRedirects` (`false` and `initial`) and follow initial redirects by default by @ethomson in https://github.com/libgit2/libgit2/pull/6175 +* remote: support scp style paths with ports (`[git@github.com:22]:libgit2/libgit2`) by @ethomson in https://github.com/libgit2/libgit2/pull/6167 +* win32: update git for windows configuration file location compatibility by @csware in https://github.com/libgit2/libgit2/pull/6151 and @ethomson in https://github.com/libgit2/libgit2/pull/6180 +* refs: speed up packed reference lookups when packed refs are sorted by @ccstolley in https://github.com/libgit2/libgit2/pull/6138 +* merge: support zdiff3 conflict styles by @ethomson in https://github.com/libgit2/libgit2/pull/6195 +* remote: support fetching by object id (using "+oid:ref" refspec syntax) by @ethomson in https://github.com/libgit2/libgit2/pull/6203 +* merge: callers can specify virtual-base building behavior and to optionally accept conflict markers as a resolution by @boretrk in https://github.com/libgit2/libgit2/pull/6204 + +### Bug fixes +* Fix a gcc 11 warning in src/threadstate.c by @lhchavez in https://github.com/libgit2/libgit2/pull/6115 +* Fix a gcc 11 warning in src/thread.h by @lhchavez in https://github.com/libgit2/libgit2/pull/6116 +* cmake: re-enable WinHTTP by @ethomson in https://github.com/libgit2/libgit2/pull/6120 +* Fix repo init when template dir is non-existent by @ammgws in https://github.com/libgit2/libgit2/pull/6106 +* cmake: use project-specific root variable instead of CMAKE_SOURCE_DIR by @Qix- in https://github.com/libgit2/libgit2/pull/6146 +* Better revparse compatibility for at time notation by @yoichi in https://github.com/libgit2/libgit2/pull/6095 +* remotes: fix insteadOf/pushInsteadOf handling by @mkhl in https://github.com/libgit2/libgit2/pull/6101 +* git_commit_summary: ignore lines with spaces by @stforek in https://github.com/libgit2/libgit2/pull/6125 +* Config parsing by @csware in https://github.com/libgit2/libgit2/pull/6124 +* config: handle empty conditional in includeIf by @ethomson in https://github.com/libgit2/libgit2/pull/6165 +* #6154 git_status_list_new case insensitive fix by @arroz in https://github.com/libgit2/libgit2/pull/6159 +* futils_mktmp: don't use umask by @boretrk in https://github.com/libgit2/libgit2/pull/6178 +* revparse: support bare '@' by @ethomson in https://github.com/libgit2/libgit2/pull/6196 +* odb: check for write failures by @ethomson in https://github.com/libgit2/libgit2/pull/6206 +* push: Prepare pack before sending pack header. by @ccstolley in https://github.com/libgit2/libgit2/pull/6205 +* mktmp: improve our temp file creation by @ethomson in https://github.com/libgit2/libgit2/pull/6207 +* diff_file: fix crash if size of diffed file changes in workdir by @jorio in https://github.com/libgit2/libgit2/pull/6208 +* merge: comment conflicts lines in MERGE_MSG by @ethomson in https://github.com/libgit2/libgit2/pull/6197 +* Fix crashes in example programs on Windows (sprintf_s not compatible with snprintf) by @apnadkarni in https://github.com/libgit2/libgit2/pull/6212 + +### Code cleanups +* Introduce `git_remote_connect_options` by @ethomson in https://github.com/libgit2/libgit2/pull/6161 +* hash: separate hashes and git_oid by @ethomson in https://github.com/libgit2/libgit2/pull/6082 +* `git_buf`: now a public-only API (`git_str` is our internal API) by @ethomson in https://github.com/libgit2/libgit2/pull/6078 +* cmake: cleanups and consistency by @ethomson in https://github.com/libgit2/libgit2/pull/6084 +* path: refactor utility path functions by @ethomson in https://github.com/libgit2/libgit2/pull/6104 +* str: git_str_free is never a function by @ethomson in https://github.com/libgit2/libgit2/pull/6111 +* cmake refactorings by @ethomson in https://github.com/libgit2/libgit2/pull/6112 +* Add missing-declarations warning globally by @ethomson in https://github.com/libgit2/libgit2/pull/6113 +* cmake: further refactorings by @ethomson in https://github.com/libgit2/libgit2/pull/6114 +* tag: set validity to 0 by default by @ethomson in https://github.com/libgit2/libgit2/pull/6119 +* util: minor cleanup and refactoring to the date class by @ethomson in https://github.com/libgit2/libgit2/pull/6121 +* Minor code cleanups by @ethomson in https://github.com/libgit2/libgit2/pull/6122 +* Fix a long long that crept past by @NattyNarwhal in https://github.com/libgit2/libgit2/pull/6094 +* remote: refactor insteadof application by @ethomson in https://github.com/libgit2/libgit2/pull/6147 +* ntmlclient: fix linking with libressl by @boretrk in https://github.com/libgit2/libgit2/pull/6157 +* c99: change single bit flags to unsigned by @boretrk in https://github.com/libgit2/libgit2/pull/6179 +* Fix typos by @rex4539 in https://github.com/libgit2/libgit2/pull/6164 +* diff_driver: split global_drivers array into separate elements by @boretrk in https://github.com/libgit2/libgit2/pull/6184 +* cmake: disable some gnu extensions by @boretrk in https://github.com/libgit2/libgit2/pull/6185 +* Disabling setting `CMAKE_FIND_LIBRARY_SUFFIXES` on Apple platforms. by @arroz in https://github.com/libgit2/libgit2/pull/6153 +* C90: add inline macro to xdiff and mbedtls by @boretrk in https://github.com/libgit2/libgit2/pull/6200 +* SHA256: early preparation by @ethomson in https://github.com/libgit2/libgit2/pull/6192 + +### CI improvements +* tests: rename test runner to `libgit2_tests`, build option to `BUILD_TESTS`. by @ethomson in https://github.com/libgit2/libgit2/pull/6083 +* ci: only update docs on push by @ethomson in https://github.com/libgit2/libgit2/pull/6108 +* Pedantic header test by @boretrk in https://github.com/libgit2/libgit2/pull/6086 +* ci: build with ssh on nightly by @ethomson in https://github.com/libgit2/libgit2/pull/6148 +* ci: improve the name in CI runs by @ethomson in https://github.com/libgit2/libgit2/pull/6198 + +### Documentation improvements +* Document that `git_odb` is thread-safe by @joshtriplett in https://github.com/libgit2/libgit2/pull/6109 +* Improve documentation by @punkymaniac in https://github.com/libgit2/libgit2/pull/6168 + +### Other changes +* libgit2_clar is now libgit2_tests by @mkhl in https://github.com/libgit2/libgit2/pull/6100 +* Remove PSGit from Language Bindings section of README by @cestrand in https://github.com/libgit2/libgit2/pull/6150 +* COPYING: remove regex copyright, add PCRE copyright by @ethomson in https://github.com/libgit2/libgit2/pull/6187 +* meta: add a release configuration file by @ethomson in https://github.com/libgit2/libgit2/pull/6211 + +## New Contributors +* @mkhl made their first contribution in https://github.com/libgit2/libgit2/pull/6100 +* @ammgws made their first contribution in https://github.com/libgit2/libgit2/pull/6106 +* @yoichi made their first contribution in https://github.com/libgit2/libgit2/pull/6095 +* @stforek made their first contribution in https://github.com/libgit2/libgit2/pull/6125 +* @cestrand made their first contribution in https://github.com/libgit2/libgit2/pull/6150 +* @rex4539 made their first contribution in https://github.com/libgit2/libgit2/pull/6164 +* @jorio made their first contribution in https://github.com/libgit2/libgit2/pull/6208 + +**Full Changelog**: https://github.com/libgit2/libgit2/compare/v1.3.0...v1.4.0 + +v1.3 +---- + +This is release v1.3.0, "Zugunruhe". This release includes only minor new features that will be helpful for users to have an orderly transition to the v2.0 lineage. + +## New Features +* Support custom git extensions by @ethomson in https://github.com/libgit2/libgit2/pull/6031 +* Introduce `git_email_create`; deprecate `git_diff_format_email` by @ethomson in https://github.com/libgit2/libgit2/pull/6061 + +## Deprecated APIs +* `git_oidarray_free` is deprecated; callers should use `git_oidarray_dispose` + +## Bug fixes +* #6028: Check if `threadstate->error_t.message` is not `git_buf__initbuf` before freeing. by @arroz in https://github.com/libgit2/libgit2/pull/6029 +* remote: Mark `git_remote_name_is_valid` as `GIT_EXTERN` by @lhchavez in https://github.com/libgit2/libgit2/pull/6032 +* Fix config parsing for multiline with multiple quoted comment chars by @basile-henry in https://github.com/libgit2/libgit2/pull/6043 +* indexer: Avoid one `mmap(2)`/`munmap(2)` pair per `git_indexer_append` call by @lhchavez in https://github.com/libgit2/libgit2/pull/6039 +* merge: Check file mode when resolving renames by @ccstolley in https://github.com/libgit2/libgit2/pull/6060 +* Allow proxy options when connecting with a detached remote. by @lrm29 in https://github.com/libgit2/libgit2/pull/6058 +* win32: allow empty environment variables by @ethomson in https://github.com/libgit2/libgit2/pull/6063 +* Fixes for deprecated APIs by @ethomson in https://github.com/libgit2/libgit2/pull/6066 +* filter: use a `git_oid` in filter options, not a pointer by @ethomson in https://github.com/libgit2/libgit2/pull/6067 +* diff: update `GIT_DIFF_IGNORE_BLANK_LINES` by @ethomson in https://github.com/libgit2/libgit2/pull/6068 +* Attribute lookups are always on relative paths by @ethomson in https://github.com/libgit2/libgit2/pull/6073 +* Handle long paths when querying attributes by @ethomson in https://github.com/libgit2/libgit2/pull/6075 + +## Code cleanups +* notes: use a buffer internally by @ethomson in https://github.com/libgit2/libgit2/pull/6047 +* Fix coding style for pointer by @punkymaniac in https://github.com/libgit2/libgit2/pull/6045 +* Use __typeof__ GNUC keyword for ISO C compatibility by @duncanthomson in https://github.com/libgit2/libgit2/pull/6041 +* Discover libssh2 without pkg-config by @stac47 in https://github.com/libgit2/libgit2/pull/6053 +* Longpath filter bug by @lrm29 in https://github.com/libgit2/libgit2/pull/6055 +* Add test to ensure empty proxy env behaves like unset env by @sathieu in https://github.com/libgit2/libgit2/pull/6052 +* Stdint header condition has been reverted. by @lolgear in https://github.com/libgit2/libgit2/pull/6020 +* buf: `common_prefix` takes a string array by @ethomson in https://github.com/libgit2/libgit2/pull/6077 +* oidarray: introduce `git_oidarray_dispose` by @ethomson in https://github.com/libgit2/libgit2/pull/6076 +* examples: Free the git_config and git_config_entry after use by @257 in https://github.com/libgit2/libgit2/pull/6071 + +## CI Improvements +* ci: pull libssh2 from www.libssh2.org by @ethomson in https://github.com/libgit2/libgit2/pull/6064 + +## Documentation changes +* Update README.md by @shijinglu in https://github.com/libgit2/libgit2/pull/6050 + +## New Contributors +* @basile-henry made their first contribution in https://github.com/libgit2/libgit2/pull/6043 +* @duncanthomson made their first contribution in https://github.com/libgit2/libgit2/pull/6041 +* @stac47 made their first contribution in https://github.com/libgit2/libgit2/pull/6053 +* @shijinglu made their first contribution in https://github.com/libgit2/libgit2/pull/6050 +* @ccstolley made their first contribution in https://github.com/libgit2/libgit2/pull/6060 +* @sathieu made their first contribution in https://github.com/libgit2/libgit2/pull/6052 +* @257 made their first contribution in https://github.com/libgit2/libgit2/pull/6071 + +**Full Changelog**: https://github.com/libgit2/libgit2/compare/v1.2.0...v1.3.0 + +--------------------------------------------------------------------- + +v1.2 +----- + +This is release v1.2.0, "Absacker". This release includes many new features: in particular, support for commit graphs, multi-pack indexes, and `core.longpaths` support. + +This is meant to be the final minor release in the v1 lineage. v2.0 will be the next major release and will remove deprecated APIs and may include breaking changes. + +## Deprecated APIs + +* revspec: rename git_revparse_mode_t to git_revspec_t by @ethomson in https://github.com/libgit2/libgit2/pull/5786 +* tree: deprecate `git_treebuilder_write_with_buffer` by @ethomson in https://github.com/libgit2/libgit2/pull/5815 +* Deprecate `is_valid_name` functions; replace with `name_is_valid` functions by @ethomson in https://github.com/libgit2/libgit2/pull/5659 +* filter: stop taking git_buf as user input by @ethomson in https://github.com/libgit2/libgit2/pull/5859 +* remote: introduce remote_ready_cb, deprecate resolve_url callback by @ethomson in https://github.com/libgit2/libgit2/pull/6012 +* Introduce `create_commit_cb`, deprecate `signing_cb` by @ethomson in https://github.com/libgit2/libgit2/pull/6016 +* filter: filter drivers stop taking git_buf as user input by @ethomson in https://github.com/libgit2/libgit2/pull/6011 +* buf: deprecate public git_buf writing functions by @ethomson in https://github.com/libgit2/libgit2/pull/6017 + +## New features + +* winhttp: support optional client cert by @ianhattendorf in https://github.com/libgit2/libgit2/pull/5384 +* Add support for additional SSH hostkey types. by @arroz in https://github.com/libgit2/libgit2/pull/5750 +* Handle ipv6 addresses by @ethomson in https://github.com/libgit2/libgit2/pull/5741 +* zlib: Add support for building with Chromium's zlib implementation by @lhchavez in https://github.com/libgit2/libgit2/pull/5748 +* commit-graph: Introduce a parser for commit-graph files by @lhchavez in https://github.com/libgit2/libgit2/pull/5762 +* patch: add owner accessor by @KOLANICH in https://github.com/libgit2/libgit2/pull/5731 +* commit-graph: Support lookups of entries in a commit-graph by @lhchavez in https://github.com/libgit2/libgit2/pull/5763 +* commit-graph: Introduce `git_commit_graph_needs_refresh()` by @lhchavez in https://github.com/libgit2/libgit2/pull/5764 +* Working directory path validation by @ethomson in https://github.com/libgit2/libgit2/pull/5823 +* Support `core.longpaths` on Windows by @ethomson in https://github.com/libgit2/libgit2/pull/5857 +* git_reference_create_matching: Treat all-zero OID as "must be absent" by @novalis in https://github.com/libgit2/libgit2/pull/5842 +* diff:add option to ignore blank line changes by @yuuri in https://github.com/libgit2/libgit2/pull/5853 +* [Submodule] Git submodule dup by @lolgear in https://github.com/libgit2/libgit2/pull/5890 +* commit-graph: Use the commit-graph in revwalks by @lhchavez in https://github.com/libgit2/libgit2/pull/5765 +* commit-graph: Introduce `git_commit_list_generation_cmp` by @lhchavez in https://github.com/libgit2/libgit2/pull/5766 +* graph: Create `git_graph_reachable_from_any()` by @lhchavez in https://github.com/libgit2/libgit2/pull/5767 +* Support reading attributes from a specific commit by @ethomson in https://github.com/libgit2/libgit2/pull/5952 +* [Branch] Branch upstream with format by @lolgear in https://github.com/libgit2/libgit2/pull/5861 +* Dynamically load OpenSSL (optionally) by @ethomson in https://github.com/libgit2/libgit2/pull/5974 +* Set refs/remotes/origin/HEAD to default branch when branch is specified by @A-Ovchinnikov-mx in https://github.com/libgit2/libgit2/pull/6010 +* midx: Add a way to write multi-pack-index files by @lhchavez in https://github.com/libgit2/libgit2/pull/5404 +* Use error code GIT_EAUTH for authentication failures by @josharian in https://github.com/libgit2/libgit2/pull/5395 +* midx: Introduce git_odb_write_multi_pack_index() by @lhchavez in https://github.com/libgit2/libgit2/pull/5405 +* Checkout dry-run by @J0Nes90 in https://github.com/libgit2/libgit2/pull/5841 +* mbedTLS: Fix setting certificate directory by @mikezackles in https://github.com/libgit2/libgit2/pull/6004 +* remote: introduce remote_ready_cb, deprecate resolve_url callback by @ethomson in https://github.com/libgit2/libgit2/pull/6012 +* Introduce `create_commit_cb`, deprecate `signing_cb` by @ethomson in https://github.com/libgit2/libgit2/pull/6016 +* commit-graph: Add a way to write commit-graph files by @lhchavez in https://github.com/libgit2/libgit2/pull/5778 + +## Bug fixes + +* Define `git___load` when building with `-DTHREADSAFE=OFF` by @lhchavez in https://github.com/libgit2/libgit2/pull/5664 +* Make the Windows leak detection more robust by @lhchavez in https://github.com/libgit2/libgit2/pull/5661 +* Refactor "global" state by @ethomson in https://github.com/libgit2/libgit2/pull/5546 +* threadstate: rename tlsdata when building w/o threads by @ethomson in https://github.com/libgit2/libgit2/pull/5668 +* Include `${MBEDTLS_INCLUDE_DIR}` when compiling `crypt_mbedtls.c` by @staticfloat in https://github.com/libgit2/libgit2/pull/5685 +* Fix the `-DTHREADSAFE=OFF` build by @lhchavez in https://github.com/libgit2/libgit2/pull/5690 +* Add missing worktree_dir check and test case by @rbmclean in https://github.com/libgit2/libgit2/pull/5692 +* msvc crtdbg -> win32 leakcheck by @ethomson in https://github.com/libgit2/libgit2/pull/5580 +* Introduce GIT_ASSERT macros by @ethomson in https://github.com/libgit2/libgit2/pull/5327 +* Also add the raw hostkey to `git_cert_hostkey` by @lhchavez in https://github.com/libgit2/libgit2/pull/5704 +* Make the odb race-free by @lhchavez in https://github.com/libgit2/libgit2/pull/5595 +* Make the pack and mwindow implementations data-race-free by @lhchavez in https://github.com/libgit2/libgit2/pull/5593 +* Thread-free implementation by @ethomson in https://github.com/libgit2/libgit2/pull/5719 +* Thread-local storage: a generic internal library (with no allocations) by @ethomson in https://github.com/libgit2/libgit2/pull/5720 +* Friendlier getting started in the lack of git_libgit2_init by @ethomson in https://github.com/libgit2/libgit2/pull/5578 +* Make git__strntol64() ~70%* faster by @lhchavez in https://github.com/libgit2/libgit2/pull/5735 +* Cache the parsed submodule config when diffing by @lhchavez in https://github.com/libgit2/libgit2/pull/5727 +* pack: continue zlib while we can make progress by @ethomson in https://github.com/libgit2/libgit2/pull/5740 +* Avoid using `__builtin_mul_overflow` with the clang+32-bit combo by @lhchavez in https://github.com/libgit2/libgit2/pull/5742 +* repository: use intptr_t's in the config map cache by @ethomson in https://github.com/libgit2/libgit2/pull/5746 +* Build with NO_MMAP by @0xdky in https://github.com/libgit2/libgit2/pull/5583 +* Add documentation for git_blob_filter_options.version by @JoshuaS3 in https://github.com/libgit2/libgit2/pull/5759 +* blob: fix name of `GIT_BLOB_FILTER_ATTRIBUTES_FROM_HEAD` by @ethomson in https://github.com/libgit2/libgit2/pull/5760 +* Cope with empty default branch by @ethomson in https://github.com/libgit2/libgit2/pull/5770 +* README: instructions for using libgit2 without compiling by @ethomson in https://github.com/libgit2/libgit2/pull/5772 +* Use `p_pwrite`/`p_pread` consistently throughout the codebase by @lhchavez in https://github.com/libgit2/libgit2/pull/5769 +* midx: Fix a bug in `git_midx_needs_refresh()` by @lhchavez in https://github.com/libgit2/libgit2/pull/5768 +* mwindow: Fix a bug in the LRU window finding code by @lhchavez in https://github.com/libgit2/libgit2/pull/5783 +* refdb_fs: Check git_sortedcache wlock/rlock errors by @mamapanda in https://github.com/libgit2/libgit2/pull/5800 +* index: Check git_vector_dup error in write_entries by @mamapanda in https://github.com/libgit2/libgit2/pull/5801 +* Fix documentation formating on repository.h by @punkymaniac in https://github.com/libgit2/libgit2/pull/5806 +* include: fix typos in comments by @tniessen in https://github.com/libgit2/libgit2/pull/5805 +* Fix some typos by @aaronfranke in https://github.com/libgit2/libgit2/pull/5797 +* Check git_signature_dup failure by @mamapanda in https://github.com/libgit2/libgit2/pull/5817 +* merge: Check insert_head_ids error in create_virtual_base by @mamapanda in https://github.com/libgit2/libgit2/pull/5818 +* winhttp: skip certificate check if unable to send request by @ianhattendorf in https://github.com/libgit2/libgit2/pull/5814 +* Default to GIT_BRANCH_DEFAULT if init.defaultBranch is empty string by @ianhattendorf in https://github.com/libgit2/libgit2/pull/5832 +* Fix diff_entrycount -> diff_num_deltas doc typo by @mjsir911 in https://github.com/libgit2/libgit2/pull/5838 +* repo: specify init.defaultbranch is meant to be a branch name by @carlosmn in https://github.com/libgit2/libgit2/pull/5835 +* repo: remove an inappropriate use of PASSTHROUGH by @carlosmn in https://github.com/libgit2/libgit2/pull/5834 +* src: fix typos in header files by @tniessen in https://github.com/libgit2/libgit2/pull/5843 +* test: clean up memory leaks by @ethomson in https://github.com/libgit2/libgit2/pull/5858 +* buf: remove unnecessary buf_text namespace by @ethomson in https://github.com/libgit2/libgit2/pull/5860 +* Fix bug in git_diff_find_similar. by @staktrace in https://github.com/libgit2/libgit2/pull/5839 +* Fix issues with Proxy Authentication after httpclient refactor by @implausible in https://github.com/libgit2/libgit2/pull/5852 +* tests: clean up memory leak, fail on leak for win32 by @ethomson in https://github.com/libgit2/libgit2/pull/5892 +* Tolerate readlink size less than st_size by @dtolnay in https://github.com/libgit2/libgit2/pull/5900 +* Define WINHTTP_NO_CLIENT_CERT_CONTEXT if needed by @jacquesg in https://github.com/libgit2/libgit2/pull/5929 +* Update from regex to pcre licensing information in docs/contributing.md by @boretrk in https://github.com/libgit2/libgit2/pull/5916 +* Consider files executable only if the user can execute them by @novalis in https://github.com/libgit2/libgit2/pull/5915 +* git__timer: Limit ITimer usage to AmigaOS4 by @boretrk in https://github.com/libgit2/libgit2/pull/5936 +* Fix memory leak in git_smart__connect by @punkymaniac in https://github.com/libgit2/libgit2/pull/5908 +* config: fix included configs not refreshed more than once by @Batchyx in https://github.com/libgit2/libgit2/pull/5926 +* Fix wrong time_t used in function by @NattyNarwhal in https://github.com/libgit2/libgit2/pull/5938 +* fix check for ignoring of negate rules by @palmin in https://github.com/libgit2/libgit2/pull/5824 +* Make `FIND_PACKAGE(PythonInterp)` prefer `python3` by @lhchavez in https://github.com/libgit2/libgit2/pull/5913 +* git__timer: Allow compilation on systems without CLOCK_MONOTONIC by @boretrk in https://github.com/libgit2/libgit2/pull/5945 +* stdintification: use int64_t and INT64_C instead of long long by @NattyNarwhal in https://github.com/libgit2/libgit2/pull/5941 +* Optional stricter allocation checking (for `malloc(0)` cases) by @ethomson in https://github.com/libgit2/libgit2/pull/5951 +* Variadic arguments aren't in C89 by @NattyNarwhal in https://github.com/libgit2/libgit2/pull/5948 +* Fix typo in general.c by @Crayon2000 in https://github.com/libgit2/libgit2/pull/5954 +* common.h: use inline when compiling for C99 and later by @boretrk in https://github.com/libgit2/libgit2/pull/5953 +* Fix one memory leak in master by @lhchavez in https://github.com/libgit2/libgit2/pull/5957 +* tests: reset odb backend priority by @ethomson in https://github.com/libgit2/libgit2/pull/5961 +* cmake: extended futimens checking on macOS by @ethomson in https://github.com/libgit2/libgit2/pull/5962 +* amiga: use ';' as path list separator on AmigaOS by @boretrk in https://github.com/libgit2/libgit2/pull/5978 +* Respect the force flag on refspecs in git_remote_fetch by @alexjg in https://github.com/libgit2/libgit2/pull/5854 +* Fix LIBGIT2_FILENAME not being passed to the resource compiler by @jairbubbles in https://github.com/libgit2/libgit2/pull/5994 +* sha1dc: remove conditional for <sys/types.h> by @boretrk in https://github.com/libgit2/libgit2/pull/5997 +* openssl: don't fail when we can't customize allocators by @ethomson in https://github.com/libgit2/libgit2/pull/5999 +* C11 warnings by @boretrk in https://github.com/libgit2/libgit2/pull/6005 +* open: input validation for empty segments in path by @boretrk in https://github.com/libgit2/libgit2/pull/5950 +* Introduce GIT_WARN_UNUSED_RESULT by @lhchavez in https://github.com/libgit2/libgit2/pull/5802 +* GCC C11 warnings by @boretrk in https://github.com/libgit2/libgit2/pull/6006 +* array: check dereference from void * type by @boretrk in https://github.com/libgit2/libgit2/pull/6007 +* Homogenize semantics for atomic-related functions by @lhchavez in https://github.com/libgit2/libgit2/pull/5747 +* git_array_alloc: return objects of correct type by @boretrk in https://github.com/libgit2/libgit2/pull/6008 +* CMake. hash sha1 header has been added. by @lolgear in https://github.com/libgit2/libgit2/pull/6013 +* tests: change comments to c89 style by @boretrk in https://github.com/libgit2/libgit2/pull/6015 +* Set Host Header to match CONNECT authority target by @lollipopman in https://github.com/libgit2/libgit2/pull/6022 +* Fix worktree iteration when repository has no common directory by @kcsaul in https://github.com/libgit2/libgit2/pull/5943 + +## Documentation improvements + +* Update README.md for additional Delphi bindings by @todaysoftware in https://github.com/libgit2/libgit2/pull/5831 +* Fix documentation formatting by @punkymaniac in https://github.com/libgit2/libgit2/pull/5850 +* docs: fix incorrect comment marker by @tiennou in https://github.com/libgit2/libgit2/pull/5897 +* Patch documentation by @punkymaniac in https://github.com/libgit2/libgit2/pull/5903 +* Fix misleading doc for `git_index_find` by @arxanas in https://github.com/libgit2/libgit2/pull/5910 +* docs: stop mentioning libgit2's "master" branch by @Batchyx in https://github.com/libgit2/libgit2/pull/5925 +* docs: fix some missing includes that cause Docurium to error out by @tiennou in https://github.com/libgit2/libgit2/pull/5917 +* Patch documentation by @punkymaniac in https://github.com/libgit2/libgit2/pull/5940 + +## Development improvements + +* WIP: .devcontainer: settings for a codespace workflow by @ethomson in https://github.com/libgit2/libgit2/pull/5508 + +## CI Improvements + +* Add a ThreadSanitizer build by @lhchavez in https://github.com/libgit2/libgit2/pull/5597 +* ci: more GitHub Actions by @ethomson in https://github.com/libgit2/libgit2/pull/5706 +* ci: run coverity in the nightly builds by @ethomson in https://github.com/libgit2/libgit2/pull/5707 +* ci: only report main branch in README status by @ethomson in https://github.com/libgit2/libgit2/pull/5708 +* Fix the `ENABLE_WERROR=ON` build in Groovy Gorilla (gcc 10.2) by @lhchavez in https://github.com/libgit2/libgit2/pull/5715 +* Re-enable the RC4 test by @carlosmn in https://github.com/libgit2/libgit2/pull/4418 +* ci: run codeql by @ethomson in https://github.com/libgit2/libgit2/pull/5709 +* github-actions: Also rename the main branch here by @lhchavez in https://github.com/libgit2/libgit2/pull/5771 +* ci: don't use ninja on macOS by @ethomson in https://github.com/libgit2/libgit2/pull/5780 +* ci: use GitHub for storing mingw-w64 build dependency by @ethomson in https://github.com/libgit2/libgit2/pull/5855 +* docker: remove the entrypoint by @ethomson in https://github.com/libgit2/libgit2/pull/5980 +* http: don't require a password by @ethomson in https://github.com/libgit2/libgit2/pull/5972 +* ci: update nightly to use source path by @ethomson in https://github.com/libgit2/libgit2/pull/5989 +* ci: add centos 7 and centos 8 by @ethomson in https://github.com/libgit2/libgit2/pull/5992 +* ci: update centos builds by @ethomson in https://github.com/libgit2/libgit2/pull/5995 +* ci: tag new containers with the latest tag by @ethomson in https://github.com/libgit2/libgit2/pull/6000 + +## Dependency updates + +* ntlm: [ntlmclient](https://github.com/ethomson/ntlmclient) is now v0.9.1 + +**Full Changelog**: https://github.com/libgit2/libgit2/compare/v1.1.0...v1.2.0 + +--------------------------------------------------------------------- + +v1.1 +---- + +This is release v1.1, "Fernweh". + +### Changes or improvements + +* Our bundled PCRE dependency has been updated to 8.44. + +* The `refs/remotes/origin/HEAD` file will be created at clone time to + point to the origin's default branch. + +* libgit2 now uses the `__atomic_` intrinsics instead of `__sync_` + intrinsics on supported gcc and clang versions. + +* The `init.defaultBranch` setting is now respected and `master` is + no longer the hardcoded as the default branch name. + +* Patch files that do not contain an `index` line can now be parsed. + +* Configuration files with multi-line values can now contain quotes + split across multiple lines. + +* Windows clients now attempt to use TLS1.3 when available. + +* Servers that request an upgrade to a newer HTTP version are + silently ignored instead of erroneously failing. + +* Users can pass `NULL` to the options argument to + `git_describe_commit`. + +* Clones and fetches of very large packfiles now succeeds on 32-bit + platforms. + +* Custom reference database backends can now handle the repository's + `HEAD` correctly. + +* Repositories with a large number of packfiles no longer exhaust the + number of file descriptors. + +* The test framework now supports TAP output when the `-t` flag is + specified. + +* The test framework can now specify an exact match to a test + function using a trailing `$`. + +* All checkout types support `GIT_CHECKOUT_DISABLE_PATHSPEC_MATCH`. + +* `git_blame` now can ignore whitespace changes using the option + `GIT_BLAME_IGNORE_WHITESPACE`. + +* Several new examples have been created, including an examples for + commit, add and push. + +* Mode changes during rename are now supported in patch application. + +* `git_checkout_head` now correctly removes untracked files in a + subdirectory when the `FORCE | REMOVE_UNTRACKED` options are specified. + +v1.0.1 +------ + +This is a bugfix release with the following changes: + +- Calculating information about renamed files during merges is more + efficient because dissimilarity about files is now being cached and + no longer needs to be recomputed. + +- The `git_worktree_prune_init_options` has been correctly restored for + backward compatibility. In v1.0 it was incorrectly deprecated with a + typo. + +- The optional ntlmclient dependency now supports NetBSD. + +- A bug where attempting to stash on a bare repository may have failed + has been fixed. + +- Configuration files that are unreadable due to permissions are now + silently ignored, and treated as if they do not exist. This matches + git's behavior; previously this case would have been an error. + +- v4 index files are now correctly written; previously we would read + them correctly but would not write the prefix-compression accurately, + causing corruption. + +- A bug where the smart HTTP transport could not read large data packets + has been fixed. Previously, fetching from servers like Gerrit, that + sent large data packets, would error. + +--------------------------------------------------------------------- + +v1.0 +---- + +This is release v1.0 "Luftschloss", which is the first stabe release of +libgit2. The API will stay compatible across all releases of the same major +version. This release includes bugfixes only and supersedes v0.99, which will +stop being maintained. Both v0.27 and v0.28 stay supported in accordance with +our release policy. + +### Changes or improvements + +- CMake was converted to make use of the GNUInstallDirs module for both our + pkgconfig and install targets in favor of our custom build options + `BIN_INSTALL_DIR`, `LIB_INSTALL_DIR` and `INCLUDE_INSTALL_DIR`. Instead, you + can now use CMakes standard variables `CMAKE_INSTALL_BINDIR`, + `CMAKE_INSTALL_LIBDIR` and `CMAKE_INSTALL_INCLUDEDIR`. + +- Some CMake build options accepted either a specific value or a boolean value + to disable the option altogether or use automatic detection. We only accepted + "ON" or "OFF", but none of the other values CMake recognizes as boolean. This + was aligned with CMake's understanding of booleans. + +- The installed pkgconfig file contained incorrect values for both `libdir` and + `includedir` variables. + +- If using pcre2 for regular expressions, then we incorrectly added "pcre2" + instead of "pcre2-8" to our pkgconfig dependencies, which was corrected. + +- Fixed building the bundled ntlmclient dependency on FreeBSD, OpenBSD and + SunOS. + +- When writing symlinks on Windows, we incorrectly handled relative symlink + targets, which was corrected. + +- When using the HTTP protocol via macOS' SecureTransport implementation, reads + could stall at the end of the session and only continue after a timeout of 60 + seconds was reached. + +- The filesystem-based reference callback didn't corectly initialize the backend + version. + +- A segmentation fault was fixed when calling `git_blame_buffer()` for files + that were modified and added to the index. + +- A backwards-incompatible change was introduced when we moved some structures + from "git2/credentials.h" into "git2/sys/credentials.h". This was fixed in the + case where you do not use hard deprecation. + +- Improved error handling in various places. + + +v0.99 +----- + +This is v0.99 "Torschlusspanik". This will be the last minor release +before libgit2 v1.0. We expect to only respond to bugs in this release, +to stabilize it for next major release. + +It contains significant refactorings, but is expected to be API-compatible +with v0.28.0. + +### Changes or improvements + +* When fetching from an anonymous remote using a URL with authentication + information provided in the URL (eg `https://foo:bar@example.com/repo`), + we would erroneously include the literal URL in the FETCH_HEAD file. + We now remove that to match git's behavior. + +* Some credential structures, enums and values have been renamed: + `git_cred` is now `git_credential`. `git_credtype_t` is now + `git_credential_t`. Functions and types beginning with + `git_cred_` now begin with `git_credential`, and constants beginning + with `GIT_CREDTYPE` now begin with `GIT_CREDENTIAL`. The former names + are deprecated. + +* Several function signatures have been changed to return an `int` to + indicate error conditions. We encourage you to check them for errors + in the standard way. + + * `git_attr_cache_flush` + * `git_error_set_str` + * `git_index_name_clear` + * `git_index_reuc_clear` + * `git_libgit2_version` + * `git_mempack_reset` + * `git_oid_cpy` + * `git_oid_fmt` + * `git_oid_fromraw` + * `git_oid_nfmt` + * `git_oid_pathfmt` + * `git_remote_stop` + * `git_remote_disconnect` + * `git_repository__cleanup` + * `git_repository_set_config` + * `git_repository_set_index` + * `git_repository_set_odb` + * `git_repository_set_refdb` + * `git_revwalk_reset` + * `git_revwalk_simplify_first_parent` + * `git_revwalk_sorting` + * `git_treebuilder_clear` + * `git_treebuilder_filter` + +* The NTLM and Negotiate authentication mechanisms are now supported when + talking to git implementations hosted on Apache or nginx servers. + +* The `HEAD` symbolic reference can no longer be deleted. + +* `git_merge_driver_source_repo` no longer returns a `const git_repository *`, + it now returns a non-`const` `git_repository *`. + +* Relative symbolic links are now supported on Windows when `core.symlinks` + is enabled. + +* Servers that provide query parameters with a redirect are now supported. + +* `git_submodule_sync` will now resolve relative URLs. + +* When creating git endpoint URLs, double-slashes are no longer used when + the given git URL has a trailing slash. + +* On Windows, a `DllMain` function is no longer included and thread-local + storage has moved to fiber-local storage in order to prevent race + conditions during shutdown. + +* The tracing mechanism (`GIT_TRACE`) is now enabled by default and does + not need to be explicitly enabled in CMake. + +* The size of Git objects is now represented by `git_object_size_t` + instead of `off_t`. + +* Binary patches without data can now be parsed. + +* A configuration snapshot can now be created from another configuration + snapshot, not just a "true" configuration object. + +* The `git_commit_with_signature` API will now ensure that referenced + objects exist in the object database. + +* Stash messages containing newlines will now be replaced with spaces; + they will no longer be (erroneously) written to the repository. + +* `git_commit_create_with_signature` now verifies the commit information + to ensure that it points to a valid tree and valid parents. + +* `git_apply` has an option `GIT_APPLY_CHECK` that will only do a dry-run. + The index and working directory will remain unmodified, and application + will report if it would have worked. + +* Patches produced by Mercurial (those that lack some git extended headers) + can now be parsed and applied. + +* Reference locks are obeyed correctly on POSIX platforms, instead of + being removed. + +* Patches with empty new files can now be read and applied. + +* `git_apply_to_tree` can now correctly apply patches that add new files. + +* The program data configuration on Windows (`C:\ProgramData\Git\config`) + must be owned by an administrator, a system account or the current user + to be read. + +* `git_blob_filtered_content` is now deprecated in favor of `git_blob_filter`. + +* Configuration files can now be included conditionally using the + `onbranch` conditional. + +* Checkout can now properly create and remove symbolic links to directories + on Windows. + +* Stash no longer recomputes trees when committing a worktree, for + improved performance. + +* Repository templates can now include a `HEAD` file to default the + initial default branch. + +* Some configuration structures, enums and values have been renamed: + `git_cvar_map` is now `git_configmap`, `git_cvar_t` is now + `git_configmap_t`, `GIT_CVAR_FALSE` is now `GIT_CONFIGMAP_FALSE`, + `GIT_CVAR_TRUE` is now `GIT_CONFIGMAP_TRUE`, `GIT_CVAR_INT32` is now + `GIT_CONFIGMAP_INT32`, and `GIT_CVAR_STRING` is now `GIT_CONFIGMAP_STRING`. + The former names are deprecated. + +* Repositories can now be created at the root of a Windows drive. + +* Configuration lookups are now more efficiently cached. + +* `git_commit_create_with_signature` now supports a `NULL` signature, + which will create a commit without adding a signature. + +* When a repository lacks an `info` "common directory", we will no + longer erroneously return `GIT_ENOTFOUND` for all attribute lookups. + +* Several attribute macros have been renamed: `GIT_ATTR_TRUE` is now + `GIT_ATTR_IS_TRUE`, `GIT_ATTR_FALSE` is now `GIT_ATTR_IS_FALSE`, + `GIT_ATTR_UNSPECIFIED` is now `GIT_ATTR_IS_UNSPECIFIED`. The + attribute enum `git_attr_t` is now `git_attr_value_t` and its + values have been renamed: `GIT_ATTR_UNSPECIFIED_T` is now + `GIT_ATTR_VALUE_UNSPECIFIED`, `GIT_ATTR_TRUE_T` is now + `GIT_ATTR_VALUE_TRUE`, `GIT_ATTR_FALSE_T` is now `GIT_ATTR_VALUE_FALSE`, + and `GIT_ATTR_VALUE_T` is now `GIT_ATTR_VALUE_STRING`. The + former names are deprecated. + +* `git_object__size` is now `git_object_size`. The former name is + deprecated. + +* `git_tag_create_frombuffer` is now `git_tag_create_from_buffer`. The + former name is deprecated. + +* Several blob creation functions have been renamed: + `git_blob_create_frombuffer` is now named `git_blob_create_from_buffer`, + `git_blob_create_fromdisk` is now named `git_blob_create_from_disk`, + `git_blob_create_fromworkdir` is now named `git_blob_create_from_workdir`, + `git_blob_create_fromstream` is now named `git_blob_create_from_stream`, + and `git_blob_create_fromstream_commit` is now named + `git_blob_create_from_stream_commit`. The former names are deprecated. + +* The function `git_oid_iszero` is now named `git_oid_is_zero`. The + former name is deprecated. + +* Pattern matching is now done using `wildmatch` instead of `fnmatch` + for compatibility with git. + +* The option initialization functions suffixed by `init_options` are now + suffixed with `options_init`. (For example, `git_checkout_init_options` + is now `git_checkout_options_init`.) The former names are deprecated. + +* NTLM2 authentication is now supported on non-Windows platforms. + +* The `git_cred_sign_callback` callback is now named `git_cred_sign_cb`. + The `git_cred_ssh_interactive_callback` callback is now named + `git_cred_ssh_interactive_cb`. + +* Ignore files now: + + * honor escaped trailing whitespace. + * do not incorrectly negate sibling paths of a negated pattern. + * honor rules that stop ignoring files after a wildcard + +* Attribute files now: + + * honor leading and trailing whitespace. + * treat paths beginning with `\` as absolute only on Windows. + * properly handle escaped characters. + * stop reading macros defined in subdirectories + +* The C locale is now correctly used when parsing regular expressions. + +* The system PCRE2 or PCRE regular expression libraries are now used + when `regcomp_l` is not available on the system. If none of these + are available on the system, an included version of PCRE is used. + +* Wildcards in reference specifications are now supported beyond simply + a bare wildcard (`*`) for compatibility with git. + +* When `git_ignore_path_is_ignored` is provided a path with a trailing + slash (eg, `dir/`), it will now treat it as a directory for the + purposes of ignore matching. + +* Patches that add or remove a file with a space in the path can now + be correctly parsed. + +* The `git_remote_completion_type` type is now `git_remote_completion_t`. + The former name is deprecated. + +* The `git_odb_backend_malloc` is now `git_odb_backend_data_alloc`. The + former name is deprecated. + +* The `git_transfer_progress_cb` callback is now `git_indexer_progress_cb` + and the `git_transfer_progress` structure is now `git_indexer_progress`. + The former names are deprecated. + +* The example projects are now contained in a single `lg2` executable + for ease of use. + +* libgit2 now correctly handles more URLs, such as + `http://example.com:/repo.git` (colon but no port), + `http://example.com` (no path), + and `http://example.com:8080/` (path is /, nonstandard port). + +* A carefully constructed commit object with a very large number + of parents may lead to potential out-of-bounds writes or + potential denial of service. + +* The ProgramData configuration file is always read for compatibility + with Git for Windows and Portable Git installations. The ProgramData + location is not necessarily writable only by administrators, so we + now ensure that the configuration file is owned by the administrator + or the current user. + +### API additions + +* The SSH host key now supports SHA-256 when `GIT_CERT_SSH_SHA256` is set. + +* The diff format option `GIT_DIFF_FORMAT_PATCH_ID` can now be used to + emit an output like `git patch-id`. + +* The `git_apply_options_init` function will initialize a + `git_apply_options` structure. + +* The remote callbacks structure adds a `git_url_resolve_cb` callback + that is invoked when connecting to a server, so that applications + may edit or replace the URL before connection. + +* The information about the original `HEAD` in a rebase operation is + available with `git_rebase_orig_head_name`. Its ID is available with + `git_rebase_orig_head_id`. The `onto` reference name is available with + `git_rebase_onto_name` and its ID is available with `git_rebase_onto_id`. + +* ODB backends can now free backend data when an error occurs during its + backend data creation using `git_odb_backend_data_free`. + +* Options may be specified to `git_repository_foreach_head` to control + its behavior: `GIT_REPOSITORY_FOREACH_HEAD_SKIP_REPO` will not skip + the main repository's HEAD reference, while + `GIT_REPOSITORY_FOREACH_HEAD_SKIP_WORKTREES` will now skip the + worktree HEAD references. + +* The `GIT_OPT_DISABLE_PACK_KEEP_FILE_CHECKS` option can be specified to + `git_libgit2_opts()` to avoid looking for `.keep` files that correspond + to packfiles. This setting can improve performance when packfiles are + stored on high-latency filesystems like network filesystems. + +* Blobs can now be filtered with `git_blob_filter`, which allows for + options to be set with `git_blob_filter_options`, including + `GIT_FILTER_NO_SYSTEM_ATTRIBUTES` to disable filtering with system-level + attributes in `/etc/gitattributes` and `GIT_ATTR_CHECK_INCLUDE_HEAD` to + enable filtering with `.gitattributes` files in the HEAD revision. + +### API removals + +* The unused `git_headlist_cb` function declaration was removed. + +* The unused `git_time_monotonic` API is removed. + +* The erroneously exported `inttypes.h` header was removed. + +# Security Fixes + +- CVE-2019-1348: the fast-import stream command "feature + export-marks=path" allows writing to arbitrary file paths. As + libgit2 does not offer any interface for fast-import, it is not + susceptible to this vulnerability. + +- CVE-2019-1349: by using NTFS 8.3 short names, backslashes or + alternate filesystreams, it is possible to cause submodules to + be written into pre-existing directories during a recursive + clone using git. As libgit2 rejects cloning into non-empty + directories by default, it is not susceptible to this + vulnerability. + +- CVE-2019-1350: recursive clones may lead to arbitrary remote + code executing due to improper quoting of command line + arguments. As libgit2 uses libssh2, which does not require us + to perform command line parsing, it is not susceptible to this + vulnerability. + +- CVE-2019-1351: Windows provides the ability to substitute + drive letters with arbitrary letters, including multi-byte + Unicode letters. To fix any potential issues arising from + interpreting such paths as relative paths, we have extended + detection of DOS drive prefixes to accomodate for such cases. + +- CVE-2019-1352: by using NTFS-style alternative file streams for + the ".git" directory, it is possible to overwrite parts of the + repository. While this has been fixed in the past for Windows, + the same vulnerability may also exist on other systems that + write to NTFS filesystems. We now reject any paths starting + with ".git:" on all systems. + +- CVE-2019-1353: by using NTFS-style 8.3 short names, it was + possible to write to the ".git" directory and thus overwrite + parts of the repository, leading to possible remote code + execution. While this problem was already fixed in the past for + Windows, other systems accessing NTFS filesystems are + vulnerable to this issue too. We now enable NTFS protecions by + default on all systems to fix this attack vector. + +- CVE-2019-1354: on Windows, backslashes are not a valid part of + a filename but are instead interpreted as directory separators. + As other platforms allowed to use such paths, it was possible + to write such invalid entries into a Git repository and was + thus an attack vector to write into the ".git" dierctory. We + now reject any entries starting with ".git\" on all systems. + +- CVE-2019-1387: it is possible to let a submodule's git + directory point into a sibling's submodule directory, which may + result in overwriting parts of the Git repository and thus lead + to arbitrary command execution. As libgit2 doesn't provide any + way to do submodule clones natively, it is not susceptible to + this vulnerability. Users of libgit2 that have implemented + recursive submodule clones manually are encouraged to review + their implementation for this vulnerability. + +### Breaking API changes + +* The "private" implementation details of the `git_cred` structure have been + moved to a dedicated `git2/sys/cred.h` header, to clarify that the underlying + structures are only provided for custom transport implementers. + The breaking change is that the `username` member of the underlying struct + is now hidden, and a new `git_cred_get_username` function has been provided. + +* Some errors of class `GIT_ERROR_NET` now have class `GIT_ERROR_HTTP`. + Most authentication failures now have error code `GIT_EAUTH` instead of `GIT_ERROR`. + +### Breaking CMake configuration changes + +* The CMake option to use a system http-parser library, instead of the + bundled dependency, has changed. This is due to a deficiency in + http-parser that we have fixed in our implementation. The bundled + library is now the default, but if you wish to force the use of the + system http-parser implementation despite incompatibilities, you can + specify `-DUSE_HTTP_PARSER=system` to CMake. + +* The interactions between `USE_HTTPS` and `SHA1_BACKEND` have been + streamlined. The detection was moved to a new `USE_SHA1`, modeled after + `USE_HTTPS`, which takes the values "CollisionDetection/Backend/Generic", to + better match how the "hashing backend" is selected, the default (ON) being + "CollisionDetection". If you were using `SHA1_BACKEND` previously, you'll + need to check the value you've used, or switch to the autodetection. + +### Authors + +The following individuals provided changes that were included in this +release: + +* Aaron Patterson +* Alberto Fanjul +* Anders Borum +* Augie Fackler +* Augustin Fabre +* Ayush Shridhar +* brian m. carlson +* buddyspike +* Carlos MartÃn Nieto +* cheese1 +* Dan Skorupski +* Daniel Cohen Gindi +* Dave Lee +* David Brooks +* David Turner +* Denis Laxalde +* Dhruva Krishnamurthy +* Dominik Ritter +* Drew DeVault +* Edward Thomson +* Eric Huss +* Erik Aigner +* Etienne Samson +* Gregory Herrero +* Heiko Voigt +* Ian Hattendorf +* Jacques Germishuys +* Janardhan Pulivarthi +* Jason Haslam +* Johannes Schindelin +* Jordan Wallet +* Josh Bleecher Snyder +* kas +* kdj0c +* Laurence McGlashan +* lhchavez +* Lukas Berk +* Max Kostyukevich +* Patrick Steinhardt +* pcpthm +* Remy Suen +* Robert Coup +* romkatv +* Scott Furry +* Sebastian Henke +* Stefan Widgren +* Steve King Jr +* Sven Strickroth +* Tobias Nießen +* Tyler Ang-Wanek +* Tyler Wanek + +--------------------------------------------------------------------- + +v0.28 +----- + +### Changes or improvements + +* The library is now always built with cdecl calling conventions on + Windows; the ability to build a stdcall library has been removed. + +* Reference log creation now honors `core.logallrefupdates=always`. + +* Fix some issues with the error-reporting in the OpenSSL backend. + +* HTTP proxy support is now builtin; libcurl is no longer used to support + proxies and is removed as a dependency. + +* Certificate and credential callbacks can now return `GIT_PASSTHROUGH` + to decline to act; libgit2 will behave as if there was no callback set + in the first place. + +* The line-ending filtering logic - when checking out files - has been + updated to match newer git (>= git 2.9) for proper interoperability. + +* Symbolic links are now supported on Windows when `core.symlinks` is set + to `true`. + +* Submodules with names which attempt to perform path traversal now have their + configuration ignored. Such names were blindly appended to the + `$GIT_DIR/modules` and a malicious name could lead to an attacker writing to + an arbitrary location. This matches git's handling of CVE-2018-11235. + +* Object validation is now performed during tree creation in the + `git_index_write_tree_to` API. + +* Configuration variable may now be specified on the same line as a section + header; previously this was erroneously a parser error. + +* When an HTTP server supports both NTLM and Negotiate authentication + mechanisms, we would previously fail to authenticate with any mechanism. + +* The `GIT_OPT_SET_PACK_MAX_OBJECTS` option can now set the maximum + number of objects allowed in a packfile being downloaded; this can help + limit the maximum memory used when fetching from an untrusted remote. + +* Line numbers in diffs loaded from patch files were not being populated; + they are now included in the results. + +* The repository's index is reloaded from disk at the beginning of + `git_merge` operations to ensure that it is up-to-date. + +* Mailmap handling APIs have been introduced, and the new commit APIs + `git_commit_committer_with_mailmap` and `git_commit_author_with_mailmap` + will use the mailmap to resolve the committer and author information. + In addition, blame will use the mailmap given when the + `GIT_BLAME_USE_MAILMAP` option. + +* Ignore handling for files in ignored folders would be ignored. + +* Worktrees can now be backed by bare repositories. + +* Trailing spaces are supported in `.gitignore` files, these spaces were + previously (and erroneously) treated as part of the pattern. + +* The library can now be built with mbedTLS support for HTTPS. + +* The diff status character 'T' will now be presented by the + `git_diff_status_char` API for diff entries that change type. + +* Revision walks previously would sometimes include commits that should + have been ignored; this is corrected. + +* Revision walks are now more efficient when the output is unsorted; + we now avoid walking all the way to the beginning of history unnecessarily. + +* Error-handling around index extension loading has been fixed. We were + previously always misreporting a truncated index (#4858). + +### API additions + +* The index may now be iterated atomically using `git_index_iterator`. + +* Remote objects can now be created with extended options using the + `git_remote_create_with_opts` API. + +* Diff objects can now be applied as changes to the working directory, + index or both, emulating the `git apply` command. Additionally, + `git_apply_to_tree` can apply those changes to a tree object as a + fully in-memory operation. + +* You can now swap out memory allocators via the + `GIT_OPT_SET_ALLOCATOR` option with `git_libgit2_opts()`. + +* You can now ensure that functions do not discard unwritten changes to the + index via the `GIT_OPT_ENABLE_UNSAVED_INDEX_SAFETY` option to + `git_libgit2_opts()`. This will cause functions that implicitly re-read + the index (eg, `git_checkout`) to fail if you have staged changes to the + index but you have not written the index to disk. (Unless the checkout + has the FORCE flag specified.) + + At present, this defaults to off, but we intend to enable this more + broadly in the future, as a warning or error. We encourage you to + examine your code to ensure that you are not relying on the current + behavior that implicitly removes staged changes. + +* Reference specifications can be parsed from an arbitrary string with + the `git_refspec_parse` API. + +* You can now get the name and path of worktrees using the + `git_worktree_name` and `git_worktree_path` APIs, respectively. + +* The `ref` field has been added to `git_worktree_add_options` to enable + the creation of a worktree from a pre-existing branch. + +* It's now possible to analyze merge relationships between any two + references, not just against `HEAD`, using `git_merge_analysis_for_ref`. + +### API removals + +* The `git_buf_free` API is deprecated; it has been renamed to + `git_buf_dispose` for consistency. The `git_buf_free` API will be + retained for backward compatibility for the foreseeable future. + +* The `git_otype` enumeration and its members are deprecated and have + been renamed for consistency. The `GIT_OBJ_` enumeration values are + now prefixed with `GIT_OBJECT_`. The old enumerations and macros + will be retained for backward compatibility for the foreseeable future. + +* Several index-related APIs have been renamed for consistency. The + `GIT_IDXENTRY_` enumeration values and macros have been renamed to + be prefixed with `GIT_INDEX_ENTRY_`. The `GIT_INDEXCAP` enumeration + values are now prefixed with `GIT_INDEX_CAPABILITY_`. The old + enumerations and macros will be retained for backward compatibility + for the foreseeable future. + +* The error functions and enumeration values have been renamed for + consistency. The `giterr_` functions and values prefix have been + renamed to be prefixed with `git_error_`; similarly, the `GITERR_` + constants have been renamed to be prefixed with `GIT_ERROR_`. + The old enumerations and macros will be retained for backward + compatibility for the foreseeable future. + +### Breaking API changes + +* The default checkout strategy changed from `DRY_RUN` to `SAFE` (#4531). + +* Adding a symlink as .gitmodules into the index from the workdir or checking + out such files is not allowed as this can make a Git implementation write + outside of the repository and bypass the fsck checks for CVE-2018-11235. + +--------------------------------------------------------------------- + +v0.27 +--------- + +### Changes or improvements + +* Improved `p_unlink` in `posix_w32.c` to try and make a file writable + before sleeping in the retry loop to prevent unnecessary calls to sleep. + +* The CMake build infrastructure has been improved to speed up building time. + +* A new CMake option "-DUSE_HTTPS=<backend>" makes it possible to explicitly + choose an HTTP backend. + +* A new CMake option "-DSHA1_BACKEND=<backend>" makes it possible to explicitly + choose an SHA1 backend. The collision-detecting backend is now the default. + +* A new CMake option "-DUSE_BUNDLED_ZLIB" makes it possible to explicitly use + the bundled zlib library. + +* A new CMake option "-DENABLE_REPRODUCIBLE_BUILDS" makes it possible to + generate a reproducible static archive. This requires support from your + toolchain. + +* The minimum required CMake version has been bumped to 2.8.11. + +* Writing to a configuration file now preserves the case of the key given by the + caller for the case-insensitive portions of the key (existing sections are + used even if they don't match). + +* We now support conditional includes in configuration files. + +* Fix for handling re-reading of configuration files with includes. + +* Fix for reading patches which contain exact renames only. + +* Fix for reading patches with whitespace in the compared files' paths. + +* We will now fill `FETCH_HEAD` from all passed refspecs instead of overwriting + with the last one. + +* There is a new diff option, `GIT_DIFF_INDENT_HEURISTIC` which activates a + heuristic which takes into account whitespace and indentation in order to + produce better diffs when dealing with ambiguous diff hunks. + +* Fix for pattern-based ignore rules where files ignored by a rule cannot be + un-ignored by another rule. + +* Sockets opened by libgit2 are now being closed on exec(3) if the platform + supports it. + +* Fix for peeling annotated tags from packed-refs files. + +* Fix reading huge loose objects from the object database. + +* Fix files not being treated as modified when only the file mode has changed. + +* We now explicitly reject adding submodules to the index via + `git_index_add_frombuffer`. + +* Fix handling of `GIT_DIFF_FIND_RENAMES_FROM_REWRITES` raising `SIGABRT` when + one file has been deleted and another file has been rewritten. + +* Fix for WinHTTP not properly handling NTLM and Negotiate challenges. + +* When using SSH-based transports, we now repeatedly ask for the passphrase to + decrypt the private key in case a wrong passphrase is being provided. + +* When generating conflict markers, they will now use the same line endings as + the rest of the file. + +### API additions + +* The `git_merge_file_options` structure now contains a new setting, + `marker_size`. This allows users to set the size of markers that + delineate the sides of merged files in the output conflict file. + By default this is 7 (`GIT_MERGE_CONFLICT_MARKER_SIZE`), which + produces output markers like `<<<<<<<` and `>>>>>>>`. + +* `git_remote_create_detached()` creates a remote that is not associated + to any repository (and does not apply configuration like 'insteadof' rules). + This is mostly useful for e.g. emulating `git ls-remote` behavior. + +* `git_diff_patchid()` lets you generate patch IDs for diffs. + +* `git_status_options` now has an additional field `baseline` to allow creating + status lists against different trees. + +* New family of functions to allow creating notes for a specific notes commit + instead of for a notes reference. + +* New family of functions to allow parsing message trailers. This API is still + experimental and may change in future releases. + +### API removals + +### Breaking API changes + +* Signatures now distinguish between +0000 and -0000 UTC offsets. + +* The certificate check callback in the WinHTTP transport will now receive the + `message_cb_payload` instead of the `cred_acquire_payload`. + +* We are now reading symlinked directories under .git/refs. + +* We now refuse creating branches named "HEAD". + +* We now refuse reading and writing all-zero object IDs into the + object database. + +* We now read the effective user's configuration file instead of the real user's + configuration in case libgit2 runs as part of a setuid binary. + +* The `git_odb_open_rstream` function and its `readstream` callback in the + `git_odb_backend` interface have changed their signatures to allow providing + the object's size and type to the caller. + +--------------------------------------------------------------------- + +v0.26 +----- + +### Changes or improvements + +* Support for opening, creating and modifying worktrees. + +* We can now detect SHA1 collisions resulting from the SHAttered attack. These + checks can be enabled at build time via `-DUSE_SHA1DC`. + +* Fix for missing implementation of `git_merge_driver_source` getters. + +* Fix for installed pkg-config file being broken when the prefix contains + spaces. + +* We now detect when the hashsum of on-disk objects does not match their + expected hashsum. + +* We now support open-ended ranges (e.g. "master..", "...master") in our + revision range parsing code. + +* We now correctly compute ignores with leading "/" in subdirectories. + +* We now optionally call `fsync` on loose objects, packfiles and their indexes, + loose references and packed reference files. + +* We can now build against OpenSSL v1.1 and against LibreSSL. + +* `GIT_MERGE_OPTIONS_INIT` now includes a setting to perform rename detection. + This aligns this structure with the default by `git_merge` and + `git_merge_trees` when `NULL` was provided for the options. + +* Improvements for reading index v4 files. + +* Perform additional retries for filesystem operations on Windows when files + are temporarily locked by other processes. + +### API additions + +* New family of functions to handle worktrees: + + * `git_worktree_list()` lets you look up worktrees for a repository. + * `git_worktree_lookup()` lets you get a specific worktree. + * `git_worktree_open_from_repository()` lets you get the associated worktree + of a repository. + a worktree. + * `git_worktree_add` lets you create new worktrees. + * `git_worktree_prune` lets you remove worktrees from disk. + * `git_worktree_lock()` and `git_worktree_unlock()` let you lock + respectively unlock a worktree. + * `git_repository_open_from_worktree()` lets you open a repository via + * `git_repository_head_for_worktree()` lets you get the current `HEAD` for a + linked worktree. + * `git_repository_head_detached_for_worktree()` lets you check whether a + linked worktree is in detached HEAD mode. + +* `git_repository_item_path()` lets you retrieve paths for various repository + files. + +* `git_repository_commondir()` lets you retrieve the common directory of a + repository. + +* `git_branch_is_checked_out()` allows you to check whether a branch is checked + out in a repository or any of its worktrees. + +* `git_repository_submodule_cache_all()` and + `git_repository_submodule_cache_clear()` functions allow you to prime or clear + the submodule cache of a repository. + +* You can disable strict hash verifications via the + `GIT_OPT_ENABLE_STRICT_HASH_VERIFICATION` option with `git_libgit2_opts()`. + +* You can enable us calling `fsync` for various files inside the ".git" + directory by setting the `GIT_OPT_ENABLE_FSYNC_GITDIR` option with + `git_libgit2_opts()`. + +* You can now enable "offset deltas" when creating packfiles and negotiating + packfiles with a remote server by setting `GIT_OPT_ENABLE_OFS_DELTA` option + with `GIT_libgit2_opts()`. + +* You can now set the default share mode on Windows for opening files using + `GIT_OPT_SET_WINDOWS_SHAREMODE` option with `git_libgit2_opts()`. + You can query the current share mode with `GIT_OPT_GET_WINDOWS_SHAREMODE`. + +* `git_transport_smart_proxy_options()' enables you to get the proxy options for + smart transports. + +* The `GIT_FILTER_INIT` macro and the `git_filter_init` function are provided + to initialize a `git_filter` structure. + +### Breaking API changes + +* `clone_checkout_strategy` has been removed from + `git_submodule_update_option`. The checkout strategy used to clone will + be the same strategy specified in `checkout_opts`. + +v0.25 +------- + +### Changes or improvements + +* Fix repository discovery with `git_repository_discover` and + `git_repository_open_ext` to match git's handling of a ceiling + directory at the current directory. git only checks ceiling + directories when its search ascends to a parent directory. A ceiling + directory matching the starting directory will not prevent git from + finding a repository in the starting directory or a parent directory. + +* Do not fail when deleting remotes in the presence of broken + global configs which contain branches. + +* Support for reading and writing git index v4 files + +* Improve the performance of the revwalk and bring us closer to git's code. + +* The reference db has improved support for concurrency and returns `GIT_ELOCKED` + when an operation could not be performed due to locking. + +* Nanosecond resolution is now activated by default, following git's change to + do this. + +* We now restrict the set of ciphers we let OpenSSL use by default. + +* Users can now register their own merge drivers for use with `.gitattributes`. + The library also gained built-in support for the union merge driver. + +* The default for creating references is now to validate that the object does + exist. + +* Add `git_proxy_options` which is used by the different networking + implementations to let the caller specify the proxy settings instead of + relying on the environment variables. + +### API additions + +* You can now get the user-agent used by libgit2 using the + `GIT_OPT_GET_USER_AGENT` option with `git_libgit2_opts()`. + It is the counterpart to `GIT_OPT_SET_USER_AGENT`. + +* The `GIT_OPT_SET_SSL_CIPHERS` option for `git_libgit2_opts()` lets you specify + a custom list of ciphers to use for OpenSSL. + +* `git_commit_create_buffer()` creates a commit and writes it into a + user-provided buffer instead of writing it into the object db. Combine it with + `git_commit_create_with_signature()` in order to create a commit with a + cryptographic signature. + +* `git_blob_create_fromstream()` and + `git_blob_create_fromstream_commit()` allow you to create a blob by + writing into a stream. Useful when you do not know the final size or + want to copy the contents from another stream. + +* New flags for `git_repository_open_ext`: + + * `GIT_REPOSITORY_OPEN_NO_DOTGIT` - Do not check for a repository by + appending `/.git` to the `start_path`; only open the repository if + `start_path` itself points to the git directory. + * `GIT_REPOSITORY_OPEN_FROM_ENV` - Find and open a git repository, + respecting the environment variables used by the git command-line + tools. If set, `git_repository_open_ext` will ignore the other + flags and the `ceiling_dirs` argument, and will allow a NULL + `path` to use `GIT_DIR` or search from the current directory. The + search for a repository will respect `$GIT_CEILING_DIRECTORIES` + and `$GIT_DISCOVERY_ACROSS_FILESYSTEM`. The opened repository + will respect `$GIT_INDEX_FILE`, `$GIT_NAMESPACE`, + `$GIT_OBJECT_DIRECTORY`, and `$GIT_ALTERNATE_OBJECT_DIRECTORIES`. + In the future, this flag will also cause `git_repository_open_ext` + to respect `$GIT_WORK_TREE` and `$GIT_COMMON_DIR`; currently, + `git_repository_open_ext` with this flag will error out if either + `$GIT_WORK_TREE` or `$GIT_COMMON_DIR` is set. + +* `git_diff_from_buffer()` can create a `git_diff` object from the contents + of a git-style patch file. + +* `git_index_version()` and `git_index_set_version()` to get and set + the index version + +* `git_odb_expand_ids()` lets you check for the existence of multiple + objects at once. + +* The new `git_blob_dup()`, `git_commit_dup()`, `git_tag_dup()` and + `git_tree_dup()` functions provide type-specific wrappers for + `git_object_dup()` to reduce noise and increase type safety for callers. + +* `git_reference_dup()` lets you duplicate a reference to aid in ownership + management and cleanup. + +* `git_signature_from_buffer()` lets you create a signature from a string in the + format that appear in objects. + +* `git_tree_create_updated()` lets you create a tree based on another one + together with a list of updates. For the covered update cases, it's more + efficient than the `git_index` route. + +* `git_apply_patch()` applies hunks from a `git_patch` to a buffer. + +* `git_diff_to_buf()` lets you print an entire diff directory to a buffer, + similar to how `git_patch_to_buf()` works. + +* `git_proxy_init_options()` is added to initialize a `git_proxy_options` + structure at run-time. + +* `git_merge_driver_register()`, `git_merge_driver_unregister()` let you + register and unregister a custom merge driver to be used when `.gitattributes` + specifies it. + +* `git_merge_driver_lookup()` can be used to look up a merge driver by name. + +* `git_merge_driver_source_repo()`, `git_merge_driver_source_ancestor()`, + `git_merge_driver_source_ours()`, `git_merge_driver_source_theirs()`, + `git_merge_driver_source_file_options()` added as accessors to + `git_merge_driver_source`. + +### API removals + +* `git_blob_create_fromchunks()` has been removed in favour of + `git_blob_create_fromstream()`. + +### Breaking API changes + +* `git_packbuilder_object_count` and `git_packbuilder_written` now + return a `size_t` instead of a `uint32_t` for more thorough + compatibility with the rest of the library. + +* `git_packbuiler_progress` now provides explicitly sized `uint32_t` + values instead of `unsigned int`. + +* `git_diff_file` now includes an `id_abbrev` field that reflects the + number of nibbles set in the `id` field. + +* `git_odb_backend` now has a `freshen` function pointer. This optional + function pointer is similar to the `exists` function, but it will update + a last-used marker. For filesystem-based object databases, this updates + the timestamp of the file containing the object, to indicate "freshness". + If this is `NULL`, then it will not be called and the `exists` function + will be used instead. + +* `git_remote_connect()` now accepts `git_proxy_options` argument, and + `git_fetch_options` and `git_push_options` each have a `proxy_opts` field. + +* `git_merge_options` now provides a `default_driver` that can be used + to provide the name of a merge driver to be used to handle files changed + during a merge. + +--------------------------------------------------------------------- + +v0.24 +------- + +### Changes or improvements + +* Custom merge drivers can now be registered, which allows callers to + configure callbacks to honor `merge=driver` configuration in + `.gitattributes`. + +* Custom filters can now be registered with wildcard attributes, for + example `filter=*`. Consumers should examine the attributes parameter + of the `check` function for details. + +* Symlinks are now followed when locking a file, which can be + necessary when multiple worktrees share a base repository. + +* You can now set your own user-agent to be sent for HTTP requests by + using the `GIT_OPT_SET_USER_AGENT` with `git_libgit2_opts()`. + +* You can set custom HTTP header fields to be sent along with requests + by passing them in the fetch and push options. + +* Tree objects are now assumed to be sorted. If a tree is not + correctly formed, it will give bad results. This is the git approach + and cuts a significant amount of time when reading the trees. + +* Filter registration is now protected against concurrent + registration. + +* Filenames which are not valid on Windows in an index no longer cause + to fail to parse it on that OS. + +* Rebases can now be performed purely in-memory, without touching the + repository's workdir. + +* When adding objects to the index, or when creating new tree or commit + objects, the inputs are validated to ensure that the dependent objects + exist and are of the correct type. This object validation can be + disabled with the GIT_OPT_ENABLE_STRICT_OBJECT_CREATION option. + +* The WinHTTP transport's handling of bad credentials now behaves like + the others, asking for credentials again. + +### API additions + +* `git_config_lock()` has been added, which allow for + transactional/atomic complex updates to the configuration, removing + the opportunity for concurrent operations and not committing any + changes until the unlock. + +* `git_diff_options` added a new callback `progress_cb` to report on the + progress of the diff as files are being compared. The documentation of + the existing callback `notify_cb` was updated to reflect that it only + gets called when new deltas are added to the diff. + +* `git_fetch_options` and `git_push_options` have gained a `custom_headers` + field to set the extra HTTP header fields to send. + +* `git_stream_register_tls()` lets you register a callback to be used + as the constructor for a TLS stream instead of the libgit2 built-in + one. + +* `git_commit_header_field()` allows you to look up a specific header + field in a commit. + +* `git_commit_extract_signature()` extracts the signature from a + commit and gives you both the signature and the signed data so you + can verify it. + +### API removals + +* No APIs were removed in this version. + +### Breaking API changes + +* The `git_merge_tree_flag_t` is now `git_merge_flag_t`. Subsequently, + its members are no longer prefixed with `GIT_MERGE_TREE_FLAG` but are + now prefixed with `GIT_MERGE_FLAG`, and the `tree_flags` field of the + `git_merge_options` structure is now named `flags`. + +* The `git_merge_file_flags_t` enum is now `git_merge_file_flag_t` for + consistency with other enum type names. + +* `git_cert` descendent types now have a proper `parent` member + +* It is the responsibility of the refdb backend to decide what to do + with the reflog on ref deletion. The file-based backend must delete + it, a database-backed one may wish to archive it. + +* `git_config_backend` has gained two entries. `lock` and `unlock` + with which to implement the transactional/atomic semantics for the + configuration backend. + +* `git_index_add` and `git_index_conflict_add()` will now use the case + as provided by the caller on case insensitive systems. Previous + versions would keep the case as it existed in the index. This does + not affect the higher-level `git_index_add_bypath` or + `git_index_add_frombuffer` functions. + +* The `notify_payload` field of `git_diff_options` was renamed to `payload` + to reflect that it's also the payload for the new progress callback. + +* The `git_config_level_t` enum has gained a higher-priority value + `GIT_CONFIG_LEVEL_PROGRAMDATA` which represent a rough Windows equivalent + to the system level configuration. + +* `git_rebase_options` now has a `merge_options` field. + +* The index no longer performs locking itself. This is not something + users of the library should have been relying on as it's not part of + the concurrency guarantees. + +* `git_remote_connect()` now takes a `custom_headers` argument to set + the extra HTTP header fields to send. + +--------------------------------------------------------------------- + +v0.23 +------ + +### Changes or improvements + +* Patience and minimal diff drivers can now be used for merges. + +* Merges can now ignore whitespace changes. + +* Updated binary identification in CRLF filtering to avoid false positives in + UTF-8 files. + +* Rename and copy detection is enabled for small files. + +* Checkout can now handle an initial checkout of a repository, making + `GIT_CHECKOUT_SAFE_CREATE` unnecessary for users of clone. + +* The signature parameter in the ref-modifying functions has been + removed. Use `git_repository_set_ident()` and + `git_repository_ident()` to override the signature to be used. + +* The local transport now auto-scales the number of threads to use + when creating the packfile instead of sticking to one. + +* Reference renaming now uses the right id for the old value. + +* The annotated version of branch creation, HEAD detaching and reset + allow for specifying the expression from the user to be put into the + reflog. + +* `git_rebase_commit` now returns `GIT_EUNMERGED` when you attempt to + commit with unstaged changes. + +* On Mac OS X, we now use SecureTransport to provide the cryptographic + support for HTTPS connections insead of OpenSSL. + +* Checkout can now accept an index for the baseline computations via the + `baseline_index` member. + +* The configuration for fetching is no longer stored inside the + `git_remote` struct but has been moved to a `git_fetch_options`. The + remote functions now take these options or the callbacks instead of + setting them beforehand. + +* `git_submodule` instances are no longer cached or shared across + lookup. Each submodule represents the configuration at the time of + loading. + +* The index now uses diffs for `add_all()` and `update_all()` which + gives it a speed boost and closer semantics to git. + +* The ssh transport now reports the stderr output from the server as + the error message, which allows you to get the "repository not + found" messages. + +* `git_index_conflict_add()` will remove staged entries that exist for + conflicted paths. + +* The flags for a `git_diff_file` will now have the `GIT_DIFF_FLAG_EXISTS` + bit set when a file exists on that side of the diff. This is useful + for understanding whether a side of the diff exists in the presence of + a conflict. + +* The constructor for a write-stream into the odb now takes + `git_off_t` instead of `size_t` for the size of the blob, which + allows putting large files into the odb on 32-bit systems. + +* The remote's push and pull URLs now honor the url.$URL.insteadOf + configuration. This allows modifying URL prefixes to a custom + value via gitconfig. + +* `git_diff_foreach`, `git_diff_blobs`, `git_diff_blob_to_buffer`, + and `git_diff_buffers` now accept a new binary callback of type + `git_diff_binary_cb` that includes the binary diff information. + +* The race condition mitigations described in `racy-git.txt` have been + implemented. + +* If libcurl is installed, we will use it to connect to HTTP(S) + servers. + +### API additions + +* The `git_merge_options` gained a `file_flags` member. + +* Parsing and retrieving a configuration value as a path is exposed + via `git_config_parse_path()` and `git_config_get_path()` + respectively. + +* `git_repository_set_ident()` and `git_repository_ident()` serve to + set and query which identity will be used when writing to the + reflog. + +* `git_config_entry_free()` frees a config entry. + +* `git_config_get_string_buf()` provides a way to safely retrieve a + string from a non-snapshot configuration. + +* `git_annotated_commit_from_revspec()` allows to get an annotated + commit from an extended sha synatx string. + +* `git_repository_set_head_detached_from_annotated()`, + `git_branch_create_from_annotated()` and + `git_reset_from_annotated()` allow for the caller to provide an + annotated commit through which they can control what expression is + put into the reflog as the source/target. + +* `git_index_add_frombuffer()` can now create a blob from memory + buffer and add it to the index which is attached to a repository. + +* The structure `git_fetch_options` has been added to determine the + runtime configuration for fetching, such as callbacks, pruning and + autotag behaviour. It has the runtime initializer + `git_fetch_init_options()`. + +* The enum `git_fetch_prune_t` has been added, letting you specify the + pruning behaviour for a fetch. + +* A push operation will notify the caller of what updates it indends + to perform on the remote, which provides similar information to + git's pre-push hook. + +* `git_stash_apply()` can now apply a stashed state from the stash list, + placing the data into the working directory and index. + +* `git_stash_pop()` will apply a stashed state (like `git_stash_apply()`) + but will remove the stashed state after a successful application. + +* A new error code `GIT_EEOF` indicates an early EOF from the + server. This typically indicates an error with the URL or + configuration of the server, and tools can use this to show messages + about failing to communicate with the server. + +* A new error code `GIT_EINVALID` indicates that an argument to a + function is invalid, or an invalid operation was requested. + +* `git_diff_index_to_workdir()` and `git_diff_tree_to_index()` will now + produce deltas of type `GIT_DELTA_CONFLICTED` to indicate that the index + side of the delta is a conflict. + +* The `git_status` family of functions will now produce status of type + `GIT_STATUS_CONFLICTED` to indicate that a conflict exists for that file + in the index. + +* `git_index_entry_is_conflict()` is a utility function to determine if + a given index entry has a non-zero stage entry, indicating that it is + one side of a conflict. + +* It is now possible to pass a keypair via a buffer instead of a + path. For this, `GIT_CREDTYPE_SSH_MEMORY` and + `git_cred_ssh_key_memory_new()` have been added. + +* `git_filter_list_contains` will indicate whether a particular + filter will be run in the given filter list. + +* `git_commit_header_field()` has been added, which allows retrieving + the contents of an arbitrary header field. + +* `git_submodule_set_branch()` allows to set the configured branch for + a submodule. + +### API removals + +* `git_remote_save()` and `git_remote_clear_refspecs()` have been + removed. Remote's configuration is changed via the configuration + directly or through a convenience function which performs changes to + the configuration directly. + +* `git_remote_set_callbacks()`, `git_remote_get_callbacks()` and + `git_remote_set_transport()` have been removed and the remote no + longer stores this configuration. + +* `git_remote_set_fetch_refpecs()` and + `git_remote_set_push_refspecs()` have been removed. There is no + longer a way to set the base refspecs at run-time. + +* `git_submodule_save()` has been removed. The submodules are no + longer configured via the objects. + +* `git_submodule_reload_all()` has been removed as we no longer cache + submodules. + +### Breaking API changes + +* `git_smart_subtransport_cb` now has a `param` parameter. + +* The `git_merge_options` structure member `flags` has been renamed + to `tree_flags`. + +* The `git_merge_file_options` structure member `flags` is now + an unsigned int. It was previously a `git_merge_file_flags_t`. + +* `GIT_CHECKOUT_SAFE_CREATE` has been removed. Most users will generally + be able to switch to `GIT_CHECKOUT_SAFE`, but if you require missing + file handling during checkout, you may now use `GIT_CHECKOUT_SAFE | + GIT_CHECKOUT_RECREATE_MISSING`. + +* The `git_clone_options` and `git_submodule_update_options` + structures no longer have a `signature` field. + +* The following functions have removed the signature and/or log message + parameters in favour of git-emulating ones. + + * `git_branch_create()`, `git_branch_move()` + * `git_rebase_init()`, `git_rebase_abort()` + * `git_reference_symbolic_create_matching()`, + `git_reference_symbolic_create()`, `git_reference_create()`, + `git_reference_create_matching()`, + `git_reference_symbolic_set_target()`, + `git_reference_set_target()`, `git_reference_rename()` + * `git_remote_update_tips()`, `git_remote_fetch()`, `git_remote_push()` + * `git_repository_set_head()`, + `git_repository_set_head_detached()`, + `git_repository_detach_head()` + * `git_reset()` + +* `git_config_get_entry()` now gives back a ref-counted + `git_config_entry`. You must free it when you no longer need it. + +* `git_config_get_string()` will return an error if used on a + non-snapshot configuration, as there can be no guarantee that the + returned pointer is valid. + +* `git_note_default_ref()` now uses a `git_buf` to return the string, + as the string is otherwise not guaranteed to stay allocated. + +* `git_rebase_operation_current()` will return `GIT_REBASE_NO_OPERATION` + if it is called immediately after creating a rebase session but before + you have applied the first patch. + +* `git_rebase_options` now contains a `git_checkout_options` struct + that will be used for functions that modify the working directory, + namely `git_rebase_init`, `git_rebase_next` and + `git_rebase_abort`. As a result, `git_rebase_open` now also takes + a `git_rebase_options` and only the `git_rebase_init` and + `git_rebase_open` functions take a `git_rebase_options`, where they + will persist the options to subsequent `git_rebase` calls. + +* The `git_clone_options` struct now has fetch options in a + `fetch_opts` field instead of remote callbacks in + `remote_callbacks`. + +* The remote callbacks has gained a new member `push_negotiation` + which gets called before sending the update commands to the server. + +* The following functions no longer act on a remote instance but + change the repository's configuration. Their signatures have changed + accordingly: + + * `git_remote_set_url()`, `git_remote_seturl()` + * `git_remote_add_fetch()`, `git_remote_add_push()` and + * `git_remote_set_autotag()` + +* `git_remote_connect()` and `git_remote_prune()` now take a pointer + to the callbacks. + +* `git_remote_fetch()` and `git_remote_download()` now take a pointer + to fetch options which determine the runtime configuration. + +* The `git_remote_autotag_option_t` values have been changed. It has + gained a `_UNSPECIFIED` default value to specify no override for the + configured setting. + +* `git_remote_update_tips()` now takes a pointer to the callbacks as + well as a boolean whether to write `FETCH_HEAD` and the autotag + setting. + +* `git_remote_create_anonymous()` no longer takes a fetch refspec as + url-only remotes cannot have configured refspecs. + +* The `git_submodule_update_options` struct now has fetch options in + the `fetch_opts` field instead of callbacks in the + `remote_callbacks` field. + +* The following functions no longer act on a submodule instance but + change the repository's configuration. Their signatures have changed + accordingly: + + * `git_submodule_set_url()`, `git_submodule_set_ignore()`, + `git_submodule_set_update()`, + `git_submodule_set_fetch_recurse_submodules()`. + +* `git_submodule_status()` no longer takes a submodule instance but a + repsitory, a submodule name and an ignore setting. + +* The `push` function in the `git_transport` interface now takes a + pointer to the remote callbacks. + +* The `git_index_entry` struct's fields' types have been changed to + more accurately reflect what is in fact stored in the + index. Specifically, time and file size are 32 bits intead of 64, as + these values are truncated. + +* `GIT_EMERGECONFLICT` is now `GIT_ECONFLICT`, which more accurately + describes the nature of the error. + +* It is no longer allowed to call `git_buf_grow()` on buffers + borrowing the memory they point to. + +--------------------------------------------------------------------- + +v0.22 +------ + +### Changes or improvements + +* `git_signature_new()` now requires a non-empty email address. + +* Use CommonCrypto libraries for SHA-1 calculation on Mac OS X. + +* Disable SSL compression and SSLv2 and SSLv3 ciphers in favor of TLSv1 + in OpenSSL. + +* The fetch behavior of remotes with autotag set to `GIT_REMOTE_DOWNLOAD_TAGS_ALL` + has been changed to match git 1.9.0 and later. In this mode, libgit2 now + fetches all tags in addition to whatever else needs to be fetched. + +* `git_checkout()` now handles case-changing renames correctly on + case-insensitive filesystems; for example renaming "readme" to "README". + +* The search for libssh2 is now done via pkg-config instead of a + custom search of a few directories. + +* Add support for core.protectHFS and core.protectNTFS. Add more + validation for filenames which we write such as references. + +* The local transport now generates textual progress output like + git-upload-pack does ("counting objects"). + +* `git_checkout_index()` can now check out an in-memory index that is not + necessarily the repository's index, so you may check out an index + that was produced by git_merge and friends while retaining the cached + information. + +* Remove the default timeout for receiving / sending data over HTTP using + the WinHTTP transport layer. + +* Add SPNEGO (Kerberos) authentication using GSSAPI on Unix systems. + +* Provide built-in objects for the empty blob (e69de29) and empty + tree (4b825dc) objects. + +* The index' tree cache is now filled upon read-tree and write-tree + and the cache is written to disk. + +* LF -> CRLF filter refuses to handle mixed-EOL files + +* LF -> CRLF filter now runs when * text = auto (with Git for Windows 1.9.4) + +* File unlocks are atomic again via rename. Read-only files on Windows are + made read-write if necessary. + +* Share open packfiles across repositories to share descriptors and mmaps. + +* Use a map for the treebuilder, making insertion O(1) + +* The build system now accepts an option EMBED_SSH_PATH which when set + tells it to include a copy of libssh2 at the given location. This is + enabled for MSVC. + +* Add support for refspecs with the asterisk in the middle of a + pattern. + +* Fetching now performs opportunistic updates. To achieve this, we + introduce a difference between active and passive refspecs, which + make `git_remote_download()` and `git_remote_fetch()` to take a list of + resfpecs to be the active list, similarly to how git fetch accepts a + list on the command-line. + +* The THREADSAFE option to build libgit2 with threading support has + been flipped to be on by default. + +* The remote object has learnt to prune remote-tracking branches. If + the remote is configured to do so, this will happen via + `git_remote_fetch()`. You can also call `git_remote_prune()` after + connecting or fetching to perform the prune. + + +### API additions + +* Introduce `git_buf_text_is_binary()` and `git_buf_text_contains_nul()` for + consumers to perform binary detection on a git_buf. + +* `git_branch_upstream_remote()` has been introduced to provide the + branch.<name>.remote configuration value. + +* Introduce `git_describe_commit()` and `git_describe_workdir()` to provide + a description of the current commit (and working tree, respectively) + based on the nearest tag or reference + +* Introduce `git_merge_bases()` and the `git_oidarray` type to expose all + merge bases between two commits. + +* Introduce `git_merge_bases_many()` to expose all merge bases between + multiple commits. + +* Introduce rebase functionality (using the merge algorithm only). + Introduce `git_rebase_init()` to begin a new rebase session, + `git_rebase_open()` to open an in-progress rebase session, + `git_rebase_commit()` to commit the current rebase operation, + `git_rebase_next()` to apply the next rebase operation, + `git_rebase_abort()` to abort an in-progress rebase and `git_rebase_finish()` + to complete a rebase operation. + +* Introduce `git_note_author()` and `git_note_committer()` to get the author + and committer information on a `git_note`, respectively. + +* A factory function for ssh has been added which allows to change the + path of the programs to execute for receive-pack and upload-pack on + the server, `git_transport_ssh_with_paths()`. + +* The ssh transport supports asking the remote host for accepted + credential types as well as multiple challeges using a single + connection. This requires to know which username you want to connect + as, so this introduces the USERNAME credential type which the ssh + transport will use to ask for the username. + +* The `GIT_EPEEL` error code has been introduced when we cannot peel a tag + to the requested object type; if the given object otherwise cannot be + peeled, `GIT_EINVALIDSPEC` is returned. + +* Introduce `GIT_REPOSITORY_INIT_RELATIVE_GITLINK` to use relative paths + when writing gitlinks, as is used by git core for submodules. + +* `git_remote_prune()` has been added. See above for description. + + +* Introduce reference transactions, which allow multiple references to + be locked at the same time and updates be queued. This also allows + us to safely update a reflog with arbitrary contents, as we need to + do for stash. + +### API removals + +* `git_remote_supported_url()` and `git_remote_is_valid_url()` have been + removed as they have become essentially useless with rsync-style ssh paths. + +* `git_clone_into()` and `git_clone_local_into()` have been removed from the + public API in favour of `git_clone callbacks`. + +* The option to ignore certificate errors via `git_remote_cert_check()` + is no longer present. Instead, `git_remote_callbacks` has gained a new + entry which lets the user perform their own certificate checks. + +### Breaking API changes + +* `git_cherry_pick()` is now `git_cherrypick()`. + +* The `git_submodule_update()` function was renamed to + `git_submodule_update_strategy()`. `git_submodule_update()` is now used to + provide functionalty similar to "git submodule update". + +* `git_treebuilder_create()` was renamed to `git_treebuilder_new()` to better + reflect it being a constructor rather than something which writes to + disk. + +* `git_treebuilder_new()` (was `git_treebuilder_create()`) now takes a + repository so that it can query repository configuration. + Subsequently, `git_treebuilder_write()` no longer takes a repository. + +* `git_threads_init()` and `git_threads_shutdown()` have been renamed to + `git_libgit2_init()` and `git_libgit2_shutdown()` to better explain what + their purpose is, as it's grown to be more than just about threads. + +* `git_libgit2_init()` and `git_libgit2_shutdown()` now return the number of + initializations of the library, so consumers may schedule work on the + first initialization. + +* The `git_transport_register()` function no longer takes a priority and takes + a URL scheme name (eg "http") instead of a prefix like "http://" + +* `git_index_name_entrycount()` and `git_index_reuc_entrycount()` now + return size_t instead of unsigned int. + +* The `context_lines` and `interhunk_lines` fields in `git_diff`_options are + now `uint32_t` instead of `uint16_t`. This allows to set them to `UINT_MAX`, + in effect asking for "infinite" context e.g. to iterate over all the + unmodified lines of a diff. + +* `git_status_file()` now takes an exact path. Use `git_status_list_new()` if + pathspec searching is needed. + +* `git_note_create()` has changed the position of the notes reference + name to match `git_note_remove()`. + +* Rename `git_remote_load()` to `git_remote_lookup()` to bring it in line + with the rest of the lookup functions. + +* `git_remote_rename()` now takes the repository and the remote's + current name. Accepting a remote indicates we want to change it, + which we only did partially. It is much clearer if we accept a name + and no loaded objects are changed. + +* `git_remote_delete()` now accepts the repository and the remote's name + instead of a loaded remote. + +* `git_merge_head` is now `git_annotated_commit`, to better reflect its usage + for multiple functions (including rebase) + +* The `git_clone_options` struct no longer provides the `ignore_cert_errors` or + `remote_name` members for remote customization. + + Instead, the `git_clone_options` struct has two new members, `remote_cb` and + `remote_cb_payload`, which allow the caller to completely override the remote + creation process. If needed, the caller can use this callback to give their + remote a name other than the default (origin) or disable cert checking. + + The `remote_callbacks` member has been preserved for convenience, although it + is not used when a remote creation callback is supplied. + +* The `git_clone`_options struct now provides `repository_cb` and + `repository_cb_payload` to allow the user to create a repository with + custom options. + +* The `git_push` struct to perform a push has been replaced with + `git_remote_upload()`. The refspecs and options are passed as a + function argument. `git_push_update_tips()` is now also + `git_remote_update_tips()` and the callbacks are in the same struct as + the rest. + +* The `git_remote_set_transport()` function now sets a transport factory function, + rather than a pre-existing transport instance. + +* The `git_transport` structure definition has moved into the sys/transport.h + file. + +* libgit2 no longer automatically sets the OpenSSL locking + functions. This is not something which we can know to do. A + last-resort convenience function is provided in sys/openssl.h, + `git_openssl_set_locking()` which can be used to set the locking. + +* `git_reference_*()` functions use mmap() + binary search for packed + refs lookups when using the fs backend. Previously all entries were + read into a hashtable, which could be slow for repositories with a + large number of refs. diff --git a/docs/checkout-internals.md b/docs/checkout-internals.md new file mode 100644 index 0000000..e0b2583 --- /dev/null +++ b/docs/checkout-internals.md @@ -0,0 +1,231 @@ +Checkout Internals +================== + +Checkout has to handle a lot of different cases. It examines the +differences between the target tree, the baseline tree and the working +directory, plus the contents of the index, and groups files into five +categories: + +1. UNMODIFIED - Files that match in all places. +2. SAFE - Files where the working directory and the baseline content + match that can be safely updated to the target. +3. DIRTY/MISSING - Files where the working directory differs from the + baseline but there is no conflicting change with the target. One + example is a file that doesn't exist in the working directory - no + data would be lost as a result of writing this file. Which action + will be taken with these files depends on the options you use. +4. CONFLICTS - Files where changes in the working directory conflict + with changes to be applied by the target. If conflicts are found, + they prevent any other modifications from being made (although there + are options to override that and force the update, of course). +5. UNTRACKED/IGNORED - Files in the working directory that are untracked + or ignored (i.e. only in the working directory, not the other places). + +Right now, this classification is done via 3 iterators (for the three +trees), with a final lookup in the index. At some point, this may move to +a 4 iterator version to incorporate the index better. + +The actual checkout is done in five phases (at least right now). + +1. The diff between the baseline and the target tree is used as a base + list of possible updates to be applied. +2. Iterate through the diff and the working directory, building a list of + actions to be taken (and sending notifications about conflicts and + dirty files). +3. Remove any files / directories as needed (because alphabetical + iteration means that an untracked directory will end up sorted *after* + a blob that should be checked out with the same name). +4. Update all blobs. +5. Update all submodules (after 4 in case a new .gitmodules blob was + checked out) + +Checkout could be driven either off a target-to-workdir diff or a +baseline-to-target diff. There are pros and cons of each. + +Target-to-workdir means the diff includes every file that could be +modified, which simplifies bookkeeping, but the code to constantly refer +back to the baseline gets complicated. + +Baseline-to-target has simpler code because the diff defines the action to +take, but needs special handling for untracked and ignored files, if they +need to be removed. + +The current checkout implementation is based on a baseline-to-target diff. + + +Picking Actions +=============== + +The most interesting aspect of this is phase 2, picking the actions that +should be taken. There are a lot of corner cases, so it may be easier to +start by looking at the rules for a simple 2-iterator diff: + +Key +--- +- B1,B2,B3 - blobs with different SHAs, +- Bi - ignored blob (WD only) +- T1,T2,T3 - trees with different SHAs, +- Ti - ignored tree (WD only) +- S1,S2 - submodules with different SHAs +- Sd - dirty submodule (WD only) +- x - nothing + +Diff with 2 non-workdir iterators +--------------------------------- + +| | Old | New | | +|----|-----|-----|------------------------------------------------------------| +| 0 | x | x | nothing | +| 1 | x | B1 | added blob | +| 2 | x | T1 | added tree | +| 3 | B1 | x | removed blob | +| 4 | B1 | B1 | unmodified blob | +| 5 | B1 | B2 | modified blob | +| 6 | B1 | T1 | typechange blob -> tree | +| 7 | T1 | x | removed tree | +| 8 | T1 | B1 | typechange tree -> blob | +| 9 | T1 | T1 | unmodified tree | +| 10 | T1 | T2 | modified tree (implies modified/added/removed blob inside) | + + +Now, let's make the "New" iterator into a working directory iterator, so +we replace "added" items with either untracked or ignored, like this: + +Diff with non-work & workdir iterators +-------------------------------------- + +| | Old | New | | +|----|-----|-----|------------------------------------------------------------| +| 0 | x | x | nothing | +| 1 | x | B1 | untracked blob | +| 2 | x | Bi | ignored file | +| 3 | x | T1 | untracked tree | +| 4 | x | Ti | ignored tree | +| 5 | B1 | x | removed blob | +| 6 | B1 | B1 | unmodified blob | +| 7 | B1 | B2 | modified blob | +| 8 | B1 | T1 | typechange blob -> tree | +| 9 | B1 | Ti | removed blob AND ignored tree as separate items | +| 10 | T1 | x | removed tree | +| 11 | T1 | B1 | typechange tree -> blob | +| 12 | T1 | Bi | removed tree AND ignored blob as separate items | +| 13 | T1 | T1 | unmodified tree | +| 14 | T1 | T2 | modified tree (implies modified/added/removed blob inside) | + +Note: if there is a corresponding entry in the old tree, then a working +directory item won't be ignored (i.e. no Bi or Ti for tracked items). + + +Now, expand this to three iterators: a baseline tree, a target tree, and +an actual working directory tree: + +Checkout From 3 Iterators (2 not workdir, 1 workdir) +---------------------------------------------------- + +(base == old HEAD; target == what to checkout; actual == working dir) + +| |base | target | actual/workdir | | +|-----|-----|------- |----------------|--------------------------------------------------------------------| +| 0 | x | x | x | nothing | +| 1 | x | x | B1/Bi/T1/Ti | untracked/ignored blob/tree (SAFE) | +| 2+ | x | B1 | x | add blob (SAFE) | +| 3 | x | B1 | B1 | independently added blob (FORCEABLE-2) | +| 4* | x | B1 | B2/Bi/T1/Ti | add blob with content conflict (FORCEABLE-2) | +| 5+ | x | T1 | x | add tree (SAFE) | +| 6* | x | T1 | B1/Bi | add tree with blob conflict (FORCEABLE-2) | +| 7 | x | T1 | T1/i | independently added tree (SAFE+MISSING) | +| 8 | B1 | x | x | independently deleted blob (SAFE+MISSING) | +| 9- | B1 | x | B1 | delete blob (SAFE) | +| 10- | B1 | x | B2 | delete of modified blob (FORCEABLE-1) | +| 11 | B1 | x | T1/Ti | independently deleted blob AND untrack/ign tree (SAFE+MISSING !!!) | +| 12 | B1 | B1 | x | locally deleted blob (DIRTY || SAFE+CREATE) | +| 13+ | B1 | B2 | x | update to deleted blob (SAFE+MISSING) | +| 14 | B1 | B1 | B1 | unmodified file (SAFE) | +| 15 | B1 | B1 | B2 | locally modified file (DIRTY) | +| 16+ | B1 | B2 | B1 | update unmodified blob (SAFE) | +| 17 | B1 | B2 | B2 | independently updated blob (FORCEABLE-1) | +| 18+ | B1 | B2 | B3 | update to modified blob (FORCEABLE-1) | +| 19 | B1 | B1 | T1/Ti | locally deleted blob AND untrack/ign tree (DIRTY) | +| 20* | B1 | B2 | T1/Ti | update to deleted blob AND untrack/ign tree (F-1) | +| 21+ | B1 | T1 | x | add tree with locally deleted blob (SAFE+MISSING) | +| 22* | B1 | T1 | B1 | add tree AND deleted blob (SAFE) | +| 23* | B1 | T1 | B2 | add tree with delete of modified blob (F-1) | +| 24 | B1 | T1 | T1 | add tree with deleted blob (F-1) | +| 25 | T1 | x | x | independently deleted tree (SAFE+MISSING) | +| 26 | T1 | x | B1/Bi | independently deleted tree AND untrack/ign blob (F-1) | +| 27- | T1 | x | T1 | deleted tree (MAYBE SAFE) | +| 28+ | T1 | B1 | x | deleted tree AND added blob (SAFE+MISSING) | +| 29 | T1 | B1 | B1 | independently typechanged tree -> blob (F-1) | +| 30+ | T1 | B1 | B2 | typechange tree->blob with conflicting blob (F-1) | +| 31* | T1 | B1 | T1/T2 | typechange tree->blob (MAYBE SAFE) | +| 32+ | T1 | T1 | x | restore locally deleted tree (SAFE+MISSING) | +| 33 | T1 | T1 | B1/Bi | locally typechange tree->untrack/ign blob (DIRTY) | +| 34 | T1 | T1 | T1/T2 | unmodified tree (MAYBE SAFE) | +| 35+ | T1 | T2 | x | update locally deleted tree (SAFE+MISSING) | +| 36* | T1 | T2 | B1/Bi | update to tree with typechanged tree->blob conflict (F-1) | +| 37 | T1 | T2 | T1/T2/T3 | update to existing tree (MAYBE SAFE) | +| 38+ | x | S1 | x | add submodule (SAFE) | +| 39 | x | S1 | S1/Sd | independently added submodule (SUBMODULE) | +| 40* | x | S1 | B1 | add submodule with blob confilct (FORCEABLE) | +| 41* | x | S1 | T1 | add submodule with tree conflict (FORCEABLE) | +| 42 | S1 | x | S1/Sd | deleted submodule (SUBMODULE) | +| 43 | S1 | x | x | independently deleted submodule (SUBMODULE) | +| 44 | S1 | x | B1 | independently deleted submodule with added blob (SAFE+MISSING) | +| 45 | S1 | x | T1 | independently deleted submodule with added tree (SAFE+MISSING) | +| 46 | S1 | S1 | x | locally deleted submodule (SUBMODULE) | +| 47+ | S1 | S2 | x | update locally deleted submodule (SAFE) | +| 48 | S1 | S1 | S2 | locally updated submodule commit (SUBMODULE) | +| 49 | S1 | S2 | S1 | updated submodule commit (SUBMODULE) | +| 50+ | S1 | B1 | x | add blob with locally deleted submodule (SAFE+MISSING) | +| 51* | S1 | B1 | S1 | typechange submodule->blob (SAFE) | +| 52* | S1 | B1 | Sd | typechange dirty submodule->blob (SAFE!?!?) | +| 53+ | S1 | T1 | x | add tree with locally deleted submodule (SAFE+MISSING) | +| 54* | S1 | T1 | S1/Sd | typechange submodule->tree (MAYBE SAFE) | +| 55+ | B1 | S1 | x | add submodule with locally deleted blob (SAFE+MISSING) | +| 56* | B1 | S1 | B1 | typechange blob->submodule (SAFE) | +| 57+ | T1 | S1 | x | add submodule with locally deleted tree (SAFE+MISSING) | +| 58* | T1 | S1 | T1 | typechange tree->submodule (SAFE) | + + +The number is followed by ' ' if no change is needed or '+' if the case +needs to write to disk or '-' if something must be deleted and '*' if +there should be a delete followed by an write. + +There are four tiers of safe cases: + +* SAFE == completely safe to update +* SAFE+MISSING == safe except the workdir is missing the expect content +* MAYBE SAFE == safe if workdir tree matches (or is missing) baseline + content, which is unknown at this point +* FORCEABLE == conflict unless FORCE is given +* DIRTY == no conflict but change is not applied unless FORCE +* SUBMODULE == no conflict and no change is applied unless a deleted + submodule dir is empty + +Some slightly unusual circumstances: + +* 8 - parent dir is only deleted when file is, so parent will be left if + empty even though it would be deleted if the file were present +* 11 - core git does not consider this a conflict but attempts to delete T1 + and gives "unable to unlink file" error yet does not skip the rest + of the operation +* 12 - without FORCE file is left deleted (i.e. not restored) so new wd is + dirty (and warning message "D file" is printed), with FORCE, file is + restored. +* 24 - This should be considered MAYBE SAFE since effectively it is 7 and 8 + combined, but core git considers this a conflict unless forced. +* 26 - This combines two cases (1 & 25) (and also implied 8 for tree content) + which are ok on their own, but core git treat this as a conflict. + If not forced, this is a conflict. If forced, this actually doesn't + have to write anything and leaves the new blob as an untracked file. +* 32 - This is the only case where the baseline and target values match + and yet we will still write to the working directory. In all other + cases, if baseline == target, we don't touch the workdir (it is + either already right or is "dirty"). However, since this case also + implies that a ?/B1/x case will exist as well, it can be skipped. +* 41 - It's not clear how core git distinguishes this case from 39 (mode?). +* 52 - Core git makes destructive changes without any warning when the + submodule is dirty and the type changes to a blob. + +Cases 3, 17, 24, 26, and 29 are all considered conflicts even though +none of them will require making any updates to the working directory. diff --git a/docs/code_of_conduct.md b/docs/code_of_conduct.md new file mode 100644 index 0000000..0a0e4eb --- /dev/null +++ b/docs/code_of_conduct.md @@ -0,0 +1,75 @@ +# Contributor Covenant Code of Conduct + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as +contributors and maintainers pledge to making participation in our project and +our community a harassment-free experience for everyone, regardless of age, body +size, disability, ethnicity, gender identity and expression, level of experience, +nationality, personal appearance, race, religion, or sexual identity and +orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment +include: + +* Using welcoming and inclusive language +* Being respectful of differing viewpoints and experiences +* Gracefully accepting constructive criticism +* Focusing on what is best for the community +* Showing empathy towards other community members + +Examples of unacceptable behavior by participants include: + +* The use of sexualized language or imagery and unwelcome sexual attention or +advances +* Trolling, insulting/derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or electronic + address, without explicit permission +* Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Our Responsibilities + +Project maintainers are responsible for clarifying the standards of acceptable +behavior and are expected to take appropriate and fair corrective action in +response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, or +reject comments, commits, code, wiki edits, issues, and other contributions +that are not aligned to this Code of Conduct, or to ban temporarily or +permanently any contributor for other behaviors that they deem inappropriate, +threatening, offensive, or harmful. + +## Scope + +This Code of Conduct applies both within project spaces and in public spaces +when an individual is representing the project or its community. Examples of +representing a project or community include using an official project e-mail +address, posting via an official social media account, or acting as an appointed +representative at an online or offline event. Representation of a project may be +further defined and clarified by project maintainers. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported by contacting the project team at [libgit2@gmail.com][email]. All +complaints will be reviewed and investigated and will result in a response that +is deemed necessary and appropriate to the circumstances. The project team is +obligated to maintain confidentiality with regard to the reporter of an incident. +Further details of specific enforcement policies may be posted separately. + +Project maintainers who do not follow or enforce the Code of Conduct in good +faith may face temporary or permanent repercussions as determined by other +members of the project's leadership. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, +available at [http://contributor-covenant.org/version/1/4][version] + +[email]: mailto:libgit2@gmail.com +[homepage]: http://contributor-covenant.org +[version]: http://contributor-covenant.org/version/1/4/ diff --git a/docs/coding-style.md b/docs/coding-style.md new file mode 100644 index 0000000..b8b94d6 --- /dev/null +++ b/docs/coding-style.md @@ -0,0 +1,364 @@ +# libgit2 Coding Style + +This documentation describes the preferred coding style for the libgit2 project. +While not all parts of our code base conform to this coding style, the outlined +rules are what we aim for. + +Note that in no case do we accept changes that convert huge parts of the code +base to use our coding style. Instead, it is encouraged to modernize small parts +of code you're going to modify anyway for a given change you want to introduce. +A good rule to follow is the Boy Scout Rule: "Leave the campground cleaner than +you found it." + +## C Coding Style + +The following sections define the coding style for all code files and headers. + +### Indentation and Alignment + +Code is indented by tabs, where a tab is 8 spaces. Each opening scope increases +the indentation level. + +```c +int foobar(int void) +{ + if (condition) + doit(); + /* Body */ +} +``` + +Switch statements have their `case`s aligned with the `switch` keyword. Case +bodies are indented by an additional level. Case bodies should not open their +own scope to declare variables. + +```c +switch (c) { +case 'a': +case 'b': + return 0; +default: + return -1; +} +``` + +Multi-line conditions should be aligned with the opening brace of the current +statement: + +```c +if (one_very_long_condition(c) && + another_very_long_condition(c)) + doit(); +``` + +### Spaces + +There must be no space between the function and its arguments, arguments must be +separated by a space: + +```c +int doit(int first_arg, int second_arg); +doit(1, 2); +``` + +For any binary or ternary operators, the arguments and separator must be +separated by a space: + +```c +1 + 2; +x ? x : NULL; +``` + +Unary operators do not have a space between them and the argument they refer to: + +```c +*c +&c +``` + +The `sizeof` operator always must not have a space and must use braces around +the type: + +``` +sizeof(int) +``` + +There must be a space after the keywords `if`, `switch`, `case`, `do` and +`while`. + +### Braces + +Functions must have their opening brace on the following line: + +```c +void foobar(void) +{ + doit(); +} +``` + +For conditions, braces should be placed on the same line as the condition: + +```c +if (condition(c)) { + doit(); + dothat(); +} + +while (true) { + doit(); +} +``` + +In case a condition's body has a single line, only, it's allowed to omit braces, +except if any of its `else if` or `else` branches has more than one line: + +```c +if (condition(c)) + doit(); + +if (condition(c)) + doit(); +else if (other_condition(c)) + doit(); + +/* This example must use braces as the `else if` requires them. */ +if (condition(c)) { + doit(); +} else if (other_condition(c)) { + doit(); + dothat(); +} else { + abort(); +} +``` + +### Comments + +Comments must use C-style `/* */` comments. C++-style `// `comments are not +allowed in our codebase. This is a strict requirement as libgit2 tries to be +compliant with the ISO C90 standard, which only allows C-style comments. + +Single-line comments may have their opening and closing tag on the same line: + +```c +/* This is a short comment. */ +``` + +For multi-line comments, the opening and closing tag should be empty: + +```c +/* + * This is a rather long and potentially really unwiedly but informative + * multiline comment that helps quite a lot. + */ +``` + +Public functions must have documentation that explain their usage, internal +functions should have a comment. We use Docurium to generate documentation +derived from these comments, which uses syntax similar to Doxygen. The first +line should be a short summary of what the function does. More in-depth +explanation should be separated from that first line by an empty line. +Parameters and return values should be documented via `@return` and `@param` +tags: + +```c +/* + * Froznicate the string. + * + * Froznicate the string by foobaring its internal structure into a more obvious + * translation. Note that the returned string is a newly allocated string that + * shall be `free`d by the caller. + * + * @param s String to froznicate + * @return A newly allocated string or `NULL` in case an error occurred. + */ +char *froznicate(const char *s); +``` + +### Variables + +Variables must be declared at the beginning of their scope. This is a strict +requirement as libgit2 tries to be compliant with the ISO C90 standard, which +forbids mixed declarations and code: + +```c +void foobar(void) +{ + char *c = NULL; + int a, b; + + a = 0; + b = 1; + + return c; +} +``` + +### Naming + +Variables must have all-lowercase names. In case a variable name has multiple +words, words should be separated by an underscore `_` character. While +recommended to use descriptive naming, common variable names like `i` for +indices are allowed. + +All public functions must have a `git` prefix as well as a prefix indicating +their respective subsystem. E.g. a function that opens a repository should be +called `git_repository_open()`. Functions that are not public but declared in +an internal header file for use by other subsystems should follow the same +naming pattern. File-local static functions must not have a `git` prefix, but +should have a prefix indicating their respective subsystem. + +All structures declared in the libgit2 project must have a `typedef`, we do not +use `struct type` variables. Type names follow the same schema as functions. + +### Error Handling + +The libgit2 project mostly uses error codes to indicate errors. Error codes are +always of type `int`, where `0` indicates success and a negative error code +indicates an error case. In some cases, positive error codes may be used to +indicate special cases. Returned values that are not an error code should be +returned via an out parameter. Out parameters must always come first in the list +of arguments. + +```c +int doit(const char **out, int arg) +{ + if (!arg) + return -1; + *out = "Got an argument"; + return 0; +} +``` + +To avoid repetitive and fragile error handling in case a function has resources +that need to be free'd, we use `goto out`s: + +```c +int doit(char **out, int arg) +{ + int error = 0; + char *c; + + c = malloc(strlen("Got an argument") + 1); + if (!c) { + error = -1; + goto out; + } + + if (!arg) { + error = -1; + goto out; + } + + strcpy(c, "Got an argument") + *out = c; + +out: + if (error) + free(c); + return error; +} +``` + +When calling functions that return an error code, you should assign the error +code to an `error` variable and, in case an error case is indicated and no +custom error handling is required, return that error code: + +```c +int foobar(void) +{ + int error; + + if ((error = doit()) < 0) + return error; + + return 0; +} +``` + +When doing multiple function calls where all of the functions return an error +code, it's common practice to chain these calls together: + +```c +int doit(void) +{ + int error; + + if ((error = dothis()) < 0 || + (error = dothat()) < 0) + return error; + + return 0; +} +``` + +## CMake Coding Style + +The following section defines the coding style for our CMake build system. + +### Indentation + +Code is indented by tabs, where a tab is 8 spaces. Each opening scope increases +the indentation level. + +```cmake +if(CONDITION) + doit() +endif() +``` + +### Spaces + +There must be no space between keywords and their opening brace. While this is +the same as in our C codebase for function calls, this also applies to +conditional keywords. This is done to avoid the awkward-looking `else ()` +statement. + +```cmake +if(CONDITION) + doit() +else() + dothat() +endif() +``` + +### Case + +While CMake is completely case-insensitive when it comes to function calls, we +want to agree on a common coding style for this. To reduce the danger of +repetitive strain injuries, all function calls should be lower-case (NB: this is +not currently the case yet, but introduced as a new coding style by this +document). + +Variables are written all-uppercase. In contrast to functions, variables are +case-sensitive in CMake. As CMake itself uses upper-case variables in all +places, we should follow suit and do the same. + +Control flow keywords must be all lowercase. In contrast to that, test keywords +must be all uppercase: + +```cmake +if(NOT CONDITION) + doit() +elseif(FOO AND BAR) + dothat() +endif() +``` + +### Targets + +CMake code should not use functions that modify the global scope but prefer +their targeted equivalents, instead. E.g. instead of using +`include_directories()`, you must use `target_include_directories()`. An +exception to this rule is setting up global compiler flags like warnings or +flags required to set up the build type. + +### Dependencies + +Dependencies should not be discovered or set up in the main "CMakeLists.txt" +module. Instead, they should either have their own module in our top-level +"cmake/" directory or have a "CMakeLists.txt" in their respective "deps/" +directory in case it is a vendored library. All dependencies should expose +interface library targets that can be linked against with +`target_link_libraries()`. diff --git a/docs/contributing.md b/docs/contributing.md new file mode 100644 index 0000000..382d955 --- /dev/null +++ b/docs/contributing.md @@ -0,0 +1,183 @@ +# Welcome to libgit2! + +We're making it easy to do interesting things with git, and we'd love to have +your help. + +## Licensing + +By contributing to libgit2, you agree to release your contribution under +the terms of the license. Except for the `examples` and the +`deps` directories, all code is released under the [GPL v2 with +linking exception](../COPYING). + +The `examples` code is governed by the +[CC0 Public Domain Dedication](../examples/COPYING), so that you may copy +from them into your own application. + +The bundled dependencies in the `deps` directories are governed +by the following licenses: + +- http-parser is licensed under [MIT license](../deps/http-parser/COPYING) +- pcre is governed by [BSD license](../deps/pcre/LICENCE) +- winhttp is governed by [LGPL v2.1+](../deps/winhttp/COPYING.LGPL) and [GPL v2 with linking exception](../deps/winhttp/COPYING.GPL) +- zlib is governed by [zlib license](../deps/zlib/COPYING) + +## Discussion & Chat + +We hang out in the [#libgit2](https://web.libera.chat/#libgit2) channel on +[libera](https://libera.chat). + +Also, feel free to open an +[Issue](https://github.com/libgit2/libgit2/issues/new) to start a discussion +about any concerns you have. We like to use Issues for that so there is an +easily accessible permanent record of the conversation. + +## Libgit2 Versions + +The `main` branch is the main branch where development happens. +Releases are tagged +(e.g. [v0.21.0](https://github.com/libgit2/libgit2/releases/tag/v0.21.0) ) +and when a critical bug fix needs to be backported, it will be done on a +`<tag>-maint` maintenance branch. + +## Reporting Bugs + +First, know which version of libgit2 your problem is in and include it in +your bug report. This can either be a tag (e.g. +[v0.17.0](https://github.com/libgit2/libgit2/releases/tag/v0.17.0)) or a +commit SHA +(e.g. [01be7863](https://github.com/libgit2/libgit2/commit/01be7863)). +Using [`git describe`](http://git-scm.com/docs/git-describe) is a +great way to tell us what version you're working with. + +If you're not running against the latest `main` branch version, +please compile and test against that to avoid re-reporting an issue that's +already been fixed. + +It's *incredibly* helpful to be able to reproduce the problem. Please +include a list of steps, a bit of code, and/or a zipped repository (if +possible). Note that some of the libgit2 developers are employees of +GitHub, so if your repository is private, find us on IRC and we'll figure +out a way to help you. + +## Pull Requests + +Our work flow is a [typical GitHub +flow](https://guides.github.com/introduction/flow/index.html), where +contributors fork the [libgit2 repository](https://github.com/libgit2/libgit2), +make their changes on branch, and submit a +[Pull Request](https://help.github.com/articles/using-pull-requests) +(a.k.a. "PR"). Pull requests should usually be targeted at the `main` +branch. + +Life will be a lot easier for you (and us) if you follow this pattern +(i.e. fork, named branch, submit PR). If you use your fork's `main` +branch directly, things can get messy. + +Please include a nice description of your changes when you submit your PR; +if we have to read the whole diff to figure out why you're contributing +in the first place, you're less likely to get feedback and have your change +merged in. + +In addition to outlining your thought process in the PR's description, please +also try to document it in your commits. We welcome it if every commit has a +description of why you have been doing your changes alongside with your +reasoning why this is a good idea. The messages shall be written in +present-tense and in an imperative style (e.g. "Add feature foobar", not "Added +feature foobar" or "Adding feature foobar"). Lines should be wrapped at 80 +characters so people with small screens are able to read the commit messages in +their terminal without any problem. + +To make it easier to attribute commits to certain parts of our code base, we +also prefer to have the commit subject be prefixed with a "scope". E.g. if you +are changing code in our merging subsystem, make sure to prefix the subject with +"merge:". The first word following the colon shall start with an lowercase +letter. The maximum line length for the subject is 70 characters, preferably +shorter. + +If you are starting to work on a particular area, feel free to submit a PR +that highlights your work in progress (and note in the PR title that it's +not ready to merge). These early PRs are welcome and will help in getting +visibility for your fix, allow others to comment early on the changes and +also let others know that you are currently working on something. + +Before wrapping up a PR, you should be sure to: + +* Write tests to cover any functional changes +* Update documentation for any changed public APIs +* Add to the [`changelog.md`](changelog.md) file describing any major changes + +## Unit Tests + +We believe that our unit tests allow us to keep the quality of libgit2 +high: any new changes must not cause unit test failures, and new changes +should include unit tests that cover the bug fixes or new features. +For bug fixes, we prefer unit tests that illustrate the failure before +the change, but pass with your changes. + +In addition to new tests, please ensure that your changes do not cause +any other test failures. Running the entire test suite is helpful +before you submit a pull request. When you build libgit2, the test +suite will also be built. You can run most of the tests by simply running +the resultant `libgit2_tests` binary. If you want to run a specific +unit test, you can name it with the `-s` option. For example: + + libgit2_tests -sstatus::worktree::long_filenames + +Or you can run an entire class of tests. For example, to run all the +worktree status tests: + + libgit2_tests -sstatus::worktree + +The default test run is fairly exhaustive, but it will exclude some +unit tests by default: in particular, those that talk to network +servers and the tests that manipulate the filesystem in onerous +ways (and may need to have special privileges to run). To run the +network tests: + + libgit2_tests -ionline + +In addition, various tests may be enabled by environment variables, +like the ones that write exceptionally large repositories or manipulate +the filesystem structure in unexpected ways. These tests *may be +dangerous* to run on a normal machine and may harm your filesystem. It's +not recommended that you run these; instead, the continuous integration +servers will run these (in a sandbox). + +## Porting Code From Other Open-Source Projects + +`libgit2` is licensed under the terms of the GPL v2 with a linking +exception. Any code brought in must be compatible with those terms. + +The most common case is porting code from core Git. Git is a pure GPL +project, which means that in order to port code to this project, we need the +explicit permission of the author. Check the +[`git.git-authors`](https://github.com/libgit2/libgit2/blob/development/git.git-authors) +file for authors who have already consented. + +Other licenses have other requirements; check the license of the library +you're porting code *from* to see what you need to do. As a general rule, +MIT and BSD (3-clause) licenses are typically no problem. Apache 2.0 +license typically doesn't work due to GPL incompatibility. + +If your pull request uses code from core Git, another project, or code +from a forum / Stack Overflow, then *please* flag this in your PR and make +sure you've given proper credit to the original author in the code +snippet. + +## Style Guide + +The public API of `libgit2` is [ANSI C](http://en.wikipedia.org/wiki/ANSI_C) +(a.k.a. C89) compatible. Internally, `libgit2` is written using a portable +subset of C99 - in order to compile with GCC, Clang, MSVC, etc., we keep +local variable declarations at the tops of blocks only and avoid `//` style +comments. Additionally, `libgit2` follows some extra conventions for +function and type naming, code formatting, and testing. + +We like to keep the source code consistent and easy to read. Maintaining +this takes some discipline, but it's been more than worth it. Take a look +at the [conventions file](conventions.md). + +## Starter Projects + +See our [projects list](projects.md). diff --git a/docs/conventions.md b/docs/conventions.md new file mode 100644 index 0000000..a017db1 --- /dev/null +++ b/docs/conventions.md @@ -0,0 +1,266 @@ +# Libgit2 Conventions + +We like to keep the source consistent and readable. Herein are some +guidelines that should help with that. + +## External API + +We have a few rules to avoid surprising ways of calling functions and +some rules for consumers of the library to avoid stepping on each +other's toes. + + - Property accessors return the value directly (e.g. an `int` or + `const char *`) but if a function can fail, we return a `int` value + and the output parameters go first in the parameter list, followed + by the object that a function is operating on, and then any other + arguments the function may need. + + - If a function returns an object as a return value, that function is + a getter and the object's lifetime is tied to the parent + object. Objects which are returned as the first argument as a + pointer-to-pointer are owned by the caller and it is responsible + for freeing it. Strings are returned via `git_buf` in order to + allow for re-use and safe freeing. + + - Most of what libgit2 does relates to I/O so as a general rule + you should assume that any function can fail due to errors as even + getting data from the filesystem can result in all sorts of errors + and complex failure cases. + + - Paths inside the Git system are separated by a slash (0x2F). If a + function accepts a path on disk, then backslashes (0x5C) are also + accepted on Windows. + + - Do not mix allocators. If something has been allocated by libgit2, + you do not know which is the right free function in the general + case. Use the free functions provided for each object type. + +## Compatibility + +`libgit2` runs on many different platforms with many different compilers. + +The public API of `libgit2` is [ANSI C](http://en.wikipedia.org/wiki/ANSI_C) +(a.k.a. C89) compatible. + +Internally, `libgit2` is written using a portable subset of C99 - in order +to maximize compatibility (e.g. with MSVC) we avoid certain C99 +extensions. Specifically, we keep local variable declarations at the tops +of blocks only and we avoid `//` style comments. + +Also, to the greatest extent possible, we try to avoid lots of `#ifdef`s +inside the core code base. This is somewhat unavoidable, but since it can +really hamper maintainability, we keep it to a minimum. + +## Match Surrounding Code + +If there is one rule to take away from this document, it is *new code should +match the surrounding code in a way that makes it impossible to distinguish +the new from the old.* Consistency is more important to us than anyone's +personal opinion about where braces should be placed or spaces vs. tabs. + +If a section of code is being completely rewritten, it is okay to bring it +in line with the standards that are laid out here, but we will not accept +submissions that contain a large number of changes that are merely +reformatting. + +## Naming Things + +All external types and functions start with `git_` and all `#define` macros +start with `GIT_`. The `libgit2` API is mostly broken into related +functional modules each with a corresponding header. All functions in a +module should be named like `git_modulename_functioname()` +(e.g. `git_repository_open()`). + +Functions with a single output parameter should name that parameter `out`. +Multiple outputs should be named `foo_out`, `bar_out`, etc. + +Parameters of type `git_oid` should be named `id`, or `foo_id`. Calls that +return an OID should be named `git_foo_id`. + +Where a callback function is used, the function should also include a +user-supplied extra input that is a `void *` named "payload" that will be +passed through to the callback at each invocation. + +## Typedefs + +Wherever possible, use `typedef`. In some cases, if a structure is just a +collection of function pointers, the pointer types don't need to be +separately typedef'd, but loose function pointer types should be. + +## Exports + +All exported functions must be declared as: + +```c +GIT_EXTERN(result_type) git_modulename_functionname(arg_list); +``` + +## Internals + +Functions whose *modulename* is followed by two underscores, +for example `git_odb__read_packed`, are semi-private functions. +They are primarily intended for use within the library itself, +and may disappear or change their signature in a future release. + +## Parameters + +Out parameters come first. + +Whenever possible, pass argument pointers as `const`. Some structures (such +as `git_repository` and `git_index`) have mutable internal structure that +prevents this. + +Callbacks should always take a `void *` payload as their last parameter. +Callback pointers are grouped with their payloads, and typically come last +when passed as arguments: + +```c +int git_foo(git_repository *repo, git_foo_cb callback, void *payload); +``` + +## Memory Ownership + +Some APIs allocate memory which the caller is responsible for freeing; others +return a pointer into a buffer that's owned by some other object. Make this +explicit in the documentation. + +## Return codes + +Most public APIs should return an `int` error code. As is typical with most +C library functions, a zero value indicates success and a negative value +indicates failure. + +Some bindings will transform these returned error codes into exception +types, so returning a semantically appropriate error code is important. +Check +[`include/git2/errors.h`](https://github.com/libgit2/libgit2/blob/development/include/git2/errors.h) +for the return codes already defined. + +In your implementation, use `git_error_set()` to provide extended error +information to callers. + +If a `libgit2` function internally invokes another function that reports an +error, but the error is not propagated up, use `git_error_clear()` to prevent +callers from getting the wrong error message later on. + + +## Structs + +Most public types should be opaque, e.g.: + +```C +typedef struct git_odb git_odb; +``` + +...with allocation functions returning an "instance" created within +the library, and not within the application. This allows the type +to grow (or shrink) in size without rebuilding client code. + +To preserve ABI compatibility, include an `int version` field in all transparent +structures, and initialize to the latest version in the constructor call. +Increment the "latest" version whenever the structure changes, and try to only +append to the end of the structure. + +## Option Structures + +If a function's parameter count is too high, it may be desirable to package +up the options in a structure. Make them transparent, include a version +field, and provide an initializer constant or constructor. Using these +structures should be this easy: + +```C +git_foo_options opts = GIT_FOO_OPTIONS_INIT; +opts.baz = BAZ_OPTION_ONE; +git_foo(&opts); +``` + +## Enumerations + +Typedef all enumerated types. If each option stands alone, use the enum +type for passing them as parameters; if they are flags to be OR'ed together, +pass them as `unsigned int` or `uint32_t` or some appropriate type. + +## Code Layout + +Try to keep lines less than 80 characters long. This is a loose +requirement, but going significantly over 80 columns is not nice. + +Use common sense to wrap most code lines; public function declarations +can use a couple of different styles: + +```c +/** All on one line is okay if it fits */ +GIT_EXTERN(int) git_foo_simple(git_oid *id); + +/** Otherwise one argument per line is a good next step */ +GIT_EXTERN(int) git_foo_id( + git_oid **out, + int a, + int b); +``` + +Indent with tabs; set your editor's tab width to eight for best effect. + +Avoid trailing whitespace and only commit Unix-style newlines (i.e. no CRLF +in the repository - just set `core.autocrlf` to true if you are writing code +on a Windows machine). + +## Documentation + +All comments should conform to Doxygen "javadoc" style conventions for +formatting the public API documentation. Try to document every parameter, +and keep the comments up to date if you change the parameter list. + +## Public Header Template + +Use this template when creating a new public header. + +```C +#ifndef INCLUDE_git_${filename}_h__ +#define INCLUDE_git_${filename}_h__ + +#include "git/common.h" + +/** + * @file git/${filename}.h + * @brief Git some description + * @defgroup git_${filename} some description routines + * @ingroup Git + * @{ + */ +GIT_BEGIN_DECL + +/* ... definitions ... */ + +/** @} */ +GIT_END_DECL +#endif +``` + +## Inlined functions + +All inlined functions must be declared as: + +```C +GIT_INLINE(result_type) git_modulename_functionname(arg_list); +``` + +`GIT_INLINE` (or `inline`) should not be used in public headers in order +to preserve ANSI C compatibility. + +## Tests + +`libgit2` uses the [clar](https://github.com/vmg/clar) testing framework. + +All PRs should have corresponding tests. + +* If the PR fixes an existing issue, the test should fail prior to applying + the PR and succeed after applying it. +* If the PR is for new functionality, then the tests should exercise that + new functionality to a certain extent. We don't require 100% coverage + right now (although we are getting stricter over time). + +When adding new tests, we prefer if you attempt to reuse existing test data +(in `tests-clar/resources/`) if possible. If you are going to add new test +repositories, please try to strip them of unnecessary files (e.g. sample +hooks, etc). diff --git a/docs/diff-internals.md b/docs/diff-internals.md new file mode 100644 index 0000000..da4c5a1 --- /dev/null +++ b/docs/diff-internals.md @@ -0,0 +1,92 @@ +Diff is broken into four phases: + +1. Building a list of things that have changed. These changes are called + deltas (git_diff_delta objects) and are grouped into a git_diff_list. +2. Applying file similarity measurement for rename and copy detection (and + to potentially split files that have changed radically). This step is + optional. +3. Computing the textual diff for each delta. Not all deltas have a + meaningful textual diff. For those that do, the textual diff can + either be generated on the fly and passed to output callbacks or can be + turned into a git_diff_patch object. +4. Formatting the diff and/or patch into standard text formats (such as + patches, raw lists, etc). + +In the source code, step 1 is implemented in `src/diff.c`, step 2 in +`src/diff_tform.c`, step 3 in `src/diff_patch.c`, and step 4 in +`src/diff_print.c`. Additionally, when it comes to accessing file +content, everything goes through diff drivers that are implemented in +`src/diff_driver.c`. + +External Objects +---------------- + +* `git_diff_options` represents user choices about how a diff should be + performed and is passed to most diff generating functions. +* `git_diff_file` represents an item on one side of a possible delta +* `git_diff_delta` represents a pair of items that have changed in some + way - it contains two `git_diff_file` plus a status and other stuff. +* `git_diff_list` is a list of deltas along with information about how + those particular deltas were found. +* `git_diff_patch` represents the actual diff between a pair of items. In + some cases, a delta may not have a corresponding patch, if the objects + are binary, for example. The content of a patch will be a set of hunks + and lines. +* A `hunk` is range of lines described by a `git_diff_range` (i.e. "lines + 10-20 in the old file became lines 12-23 in the new"). It will have a + header that compactly represents that information, and it will have a + number of lines of context surrounding added and deleted lines. +* A `line` is simple a line of data along with a `git_diff_line_t` value + that tells how the data should be interpreted (e.g. context or added). + +Internal Objects +---------------- + +* `git_diff_file_content` is an internal structure that represents the + data on one side of an item to be diffed; it is an augmented + `git_diff_file` with more flags and the actual file data. + + * it is created from a repository plus a) a git_diff_file, b) a git_blob, + or c) raw data and size + * there are three main operations on git_diff_file_content: + + * _initialization_ sets up the data structure and does what it can up to, + but not including loading and looking at the actual data + * _loading_ loads the data, preprocesses it (i.e. applies filters) and + potentially analyzes it (to decide if binary) + * _free_ releases loaded data and frees any allocated memory + +* The internal structure of a `git_diff_patch` stores the actual diff + between a pair of `git_diff_file_content` items + + * it may be "unset" if the items are not diffable + * "empty" if the items are the same + * otherwise it will consist of a set of hunks each of which covers some + number of lines of context, additions and deletions + * a patch is created from two git_diff_file_content items + * a patch is fully instantiated in three phases: + + * initial creation and initialization + * loading of data and preliminary data examination + * diffing of data and optional storage of diffs + * (TBD) if a patch is asked to store the diffs and the size of the diff + is significantly smaller than the raw data of the two sides, then the + patch may be flattened using a pool of string data + +* `git_diff_output` is an internal structure that represents an output + target for a `git_diff_patch` + * It consists of file, hunk, and line callbacks, plus a payload + * There is a standard flattened output that can be used for plain text output + * Typically we use a `git_xdiff_output` which drives the callbacks via the + xdiff code taken from core Git. + +* `git_diff_driver` is an internal structure that encapsulates the logic + for a given type of file + * a driver is looked up based on the name and mode of a file. + * the driver can then be used to: + * determine if a file is binary (by attributes, by git_diff_options + settings, or by examining the content) + * give you a function pointer that is used to evaluate function context + for hunk headers + * At some point, the logic for getting a filtered version of file content + or calculating the OID of a file may be moved into the driver. diff --git a/docs/differences-from-git.md b/docs/differences-from-git.md new file mode 100644 index 0000000..3f46508 --- /dev/null +++ b/docs/differences-from-git.md @@ -0,0 +1,27 @@ +# Differences from Git + +In some instances, the functionality of libgit2 deviates slightly from Git. This can be because of technical limitations when developing a library, licensing limitations when converting functionality from Git to libgit2, or various other reasons. + +Repository and Workdir Path Reporting +------------------------------------- + +When asking Git for the absolute path of a repository via `git rev-parse --absolute-git-dir`, it will output the path to the ".git" folder without a trailing slash. In contrast to that, the call `git_repository_path(repo)` will return the path with a trailing slash: + +``` +git rev-parse --absolute-git-dir -> /home/user/projects/libgit2/.git +git_repository_path(repo) -> /home/user/projects/libgit2/.git/ +``` + +The same difference exists when listing worktrees: + +``` +git worktree list -> /home/user/projects/libgit2 +git_repository_workdir(repo) -> /home/user/projects/libgit2/ +``` + +Windows Junction Points +----------------------- + +In libgit2, junction points are treated like symbolic links. They're handled specially in `git_win32__file_attribute_to_stat` in `src/win/w32_util.h`. This means that libgit2 tracks the directory itself as a link. + +In Git for Windows, junction points are treated like regular directories. This means that Git for Windows tracks the contents of the directory. diff --git a/docs/error-handling.md b/docs/error-handling.md new file mode 100644 index 0000000..13ce78f --- /dev/null +++ b/docs/error-handling.md @@ -0,0 +1,284 @@ +Error reporting in libgit2 +========================== + +Libgit2 tries to follow the POSIX style: functions return an `int` value +with 0 (zero) indicating success and negative values indicating an error. +There are specific negative error codes for each "expected failure" +(e.g. `GIT_ENOTFOUND` for files that take a path which might be missing) +and a generic error code (-1) for all critical or non-specific failures +(e.g. running out of memory or system corruption). + +When a negative value is returned, an error message is also set. The +message can be accessed via the `git_error_last` function which will return a +pointer to a `git_error` structure containing the error message text and +the class of error (i.e. what part of the library generated the error). + +For instance: An object lookup by SHA prefix (`git_object_lookup_prefix`) +has two expected failure cases: the SHA is not found at all which returns +`GIT_ENOTFOUND` or the SHA prefix is ambiguous (i.e. two or more objects +share the prefix) which returns `GIT_EAMBIGUOUS`. There are any number of +critical failures (such as a packfile being corrupted, a loose object +having the wrong access permissions, etc.) all of which will return -1. +When the object lookup is successful, it will return 0. + +If libgit2 was compiled with threads enabled (`-DUSE_THREADS=ON` when using +CMake), then the error message will be kept in thread-local storage, so it +will not be modified by other threads. If threads are not enabled, then +the error message is in global data. + +All of the error return codes, the `git_error` type, the error access +functions, and the error classes are defined in `include/git2/errors.h`. +See the documentation there for details on the APIs for accessing, +clearing, and even setting error codes. + +When writing libgit2 code, please be smart and conservative when returning +error codes. Functions usually have a maximum of two or three "expected +errors" and in most cases only one. If you feel there are more possible +expected error scenarios, then the API you are writing may be at too high +a level for core libgit2. + +Example usage +------------- + +When using libgit2, you will typically capture the return value from +functions using an `int` variable and check to see if it is negative. +When that happens, you can, if you wish, look at the specific value or +look at the error message that was generated. + +~~~c +{ + git_repository *repo; + int error = git_repository_open(&repo, "path/to/repo"); + + if (error < 0) { + fprintf(stderr, "Could not open repository: %s\n", git_error_last()->message); + exit(1); + } + + ... use `repo` here ... + + git_repository_free(repo); /* void function - no error return code */ +} +~~~ + +Some of the error return values do have meaning. Optionally, you can look +at the specific error values to decide what to do. + +~~~c +{ + git_repository *repo; + const char *path = "path/to/repo"; + int error = git_repository_open(&repo, path); + + if (error < 0) { + if (error == GIT_ENOTFOUND) + fprintf(stderr, "Could not find repository at path '%s'\n", path); + else + fprintf(stderr, "Unable to open repository: %s\n", + git_error_last()->message); + exit(1); + } + + ... happy ... +} +~~~ + +Some of the higher-level language bindings may use a range of information +from libgit2 to convert error return codes into exceptions, including the +specific error return codes and even the class of error and the error +message returned by `git_error_last`, but the full range of that logic is +beyond the scope of this document. + +Example internal implementation +------------------------------- + +Internally, libgit2 detects error scenarios, records error messages, and +returns error values. Errors from low-level functions are generally +passed upwards (unless the higher level can either handle the error or +wants to translate the error into something more meaningful). + +~~~c +int git_repository_open(git_repository **repository, const char *path) +{ + /* perform some logic to open the repository */ + if (p_exists(path) < 0) { + git_error_set(GIT_ERROR_REPOSITORY, "The path '%s' doesn't exist", path); + return GIT_ENOTFOUND; + } + + ... +} +~~~ + +Note that some error codes have been defined with a specific meaning in the +context of callbacks: +- `GIT_EUSER` provides a way to bubble up a non libgit2-related failure, which + allows it to be preserved all the way up to the initial function call (a `git_cred` + setup trying to access an unavailable LDAP server for instance). +- `GIT_EPASSTHROUGH` provides a way to tell libgit2 that it should behave as if + no callback was provided. This is of special interest to bindings, which would + always provide a C function as a "trampoline", and decide at runtime what to do. + +The public error API +-------------------- + +- `const git_error *git_error_last(void)`: The main function used to look up + the last error. This may return NULL if no error has occurred. + Otherwise this should return a `git_error` object indicating the class + of error and the error message that was generated by the library. + Do not use this function unless the prior call to a libgit2 API + returned an error, as it can otherwise give misleading results. + libgit2's error strings are not cleared aggressively, + and this function may return an error string that reflects a prior error, + possibly even reflecting internal state. + + The last error is stored in thread-local storage when libgit2 is + compiled with thread support, so you do not have to worry about another + thread overwriting the value. When thread support is off, the last + error is a global value. + + _Note_ There are some known bugs in the library where this may return + NULL even when an error code was generated. Please report these as + bugs, but in the meantime, please code defensively and check for NULL + when calling this function. + +- `void git_error_clear(void)`: This function clears the last error. The + library will call this when an error is generated by low level function + and the higher level function handles the error. + + _Note_ There are some known bugs in the library where a low level + function's error message is not cleared by higher level code that + handles the error and returns zero. Please report these as bugs, but in + the meantime, a zero return value from a libgit2 API does not guarantee + that `git_error_last()` will return NULL. + +- `void git_error_set(int error_class, const char *message)`: This + function can be used when writing a custom backend module to set the + libgit2 error message. See the documentation on this function for its + use. Normal usage of libgit2 will probably never need to call this API. + +- `void git_error_set_oom(void)`: This is a standard function for reporting + an out-of-memory error. It is written in a manner that it doesn't have + to allocate any extra memory in order to record the error, so this is + the best way to report that scenario. + +Deviations from the standard +---------------------------- + +There are some public functions that do not return `int` values. There +are two primary cases: + +* `void` return values: If a function has a `void` return, then it will + never fail. This primary will be used for object destructors. + +* `git_xyz *` return values: These are simple accessor functions where the + only meaningful error would typically be looking something up by index + and having the index be out of bounds. In those cases, the function + will typically return NULL. + +* Boolean return values: There are some cases where a function cannot fail + and wants to return a boolean value. In those cases, we try to return 1 + for true and 0 for false. These cases are rare and the return value for + the function should probably be an `unsigned int` to denote these cases. + If you find an exception, please open an issue and let's fix it. + +There are a few other exceptions to these rules here and there in the +library, but those are extremely rare and should probably be converted +over to other to more standard patterns for usage. Feel free to open +issues pointing these out. + +There are some known bugs in the library where some functions may return a +negative value but not set an error message and some other functions may +return zero (no error) and yet leave an error message set. Please report +these cases as issues and they will be fixed. In the meanwhile, please +code defensively, checking that the return value of `git_error_last` is not +NULL before using it, and not relying on `git_error_last` to return NULL when +a function returns 0 for success. + +The internal error API +---------------------- + +- `void git_error_set(int error_class, const char *fmt, ...)`: This is the + main internal function for setting an error. It works like `printf` to + format the error message. See the notes of `git_error_set_str` for a + general description of how error messages are stored (and also about + special handling for `error_class` of `GIT_ERROR_OS`). + +Writing error messages +---------------------- + +Here are some guidelines when writing error messages: + +- Use proper English, and an impersonal or past tenses: *The given path + does not exist*, *Failed to lookup object in ODB* + +- Use short, direct and objective messages. **One line, max**. libgit2 is + a low level library: think that all the messages reported will be thrown + as Ruby or Python exceptions. Think how long are common exception + messages in those languages. + +- **Do not add redundant information to the error message**, specially + information that can be inferred from the context. + + E.g. in `git_repository_open`, do not report a message like "Failed to + open repository: path not found". Somebody is calling that + function. If it fails, they already know that the repository failed to + open! + +General guidelines for error reporting +-------------------------------------- + +- Libgit2 does not handle programming errors with these + functions. Programming errors are `assert`ed, and when their source is + internal, fixed as soon as possible. This is C, people. + + Example of programming errors that would **not** be handled: passing + NULL to a function that expects a valid pointer; passing a `git_tree` + to a function that expects a `git_commit`. All these cases need to be + identified with `assert` and fixed asap. + + Example of a runtime error: failing to parse a `git_tree` because it + contains invalid data. Failing to open a file because it doesn't exist + on disk. These errors are handled, a meaningful error message is set, + and an error code is returned. + +- In general, *do not* try to overwrite errors internally and *do* + propagate error codes from lower level functions to the higher level. + There are some cases where propagating an error code will be more + confusing rather than less, so there are some exceptions to this rule, + but the default behavior should be to simply clean up and pass the error + on up to the caller. + + **WRONG** + + ~~~c + int git_commit_parent(...) + { + ... + + if (git_commit_lookup(parent, repo, parent_id) < 0) { + git_error_set(GIT_ERROR_COMMIT, "Overwrite lookup error message"); + return -1; /* mask error code */ + } + + ... + } + ~~~ + + **RIGHT** + + ~~~c + int git_commit_parent(...) + { + ... + + error = git_commit_lookup(parent, repo, parent_id); + if (error < 0) { + /* cleanup intermediate objects if necessary */ + /* leave error message and propagate error code */ + return error; + } + + ... + } + ~~~ diff --git a/docs/fuzzing.md b/docs/fuzzing.md new file mode 100644 index 0000000..2bf4ccc --- /dev/null +++ b/docs/fuzzing.md @@ -0,0 +1,72 @@ +# Fuzzing + +libgit2 is currently using [libFuzzer](https://libfuzzer.info) to perform +automated fuzz testing. libFuzzer only works with clang. + +## Prerequisites for building fuzz targets: + +1. All the prerequisites for [building libgit2](https://github.com/libgit2/libgit2). +2. A recent version of clang. 6.0 is preferred. [pre-build Debian/Ubuntu + packages](https://github.com/libgit2/libgit2) + +## Build + +1. Create a build directory beneath the libgit2 source directory, and change + into it: `mkdir build && cd build` +2. Choose one sanitizers to add. The currently supported sanitizers are + [`address`](https://clang.llvm.org/docs/AddressSanitizer.html), + [`undefined`](https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html), + and [`leak`/`address,leak`](https://clang.llvm.org/docs/LeakSanitizer.html). +3. Create the cmake build environment and configure the build with the + sanitizer chosen: `CC=/usr/bin/clang-6.0 CFLAGS="-fsanitize=address" cmake + -DBUILD_TESTS=OFF -DBUILD_FUZZERS=ON -DCMAKE_BUILD_TYPE=RelWithDebInfo ..`. + Note that building the fuzzer targets is incompatible with the + tests and examples. +4. Build libgit2: `cmake --build .` +5. Exit the cmake build environment: `cd ..` + +## Run the fuzz targets + +1. `ASAN_SYMBOLIZER_PATH=/usr/bin/llvm-symbolize + LSAN_OPTIONS=allocator_may_return_null=1 + ASAN_OPTIONS=allocator_may_return_null=1 ./build/fuzzers/packfile_fuzzer + fuzzers/corpora/packfile/` + +The `LSAN_OPTIONS` and `ASAN_OPTIONS` are there to allow `malloc(3)` to return +`NULL`, which is expected if a huge chunk of memory is allocated. The +`LLVM_PROFILE_FILE` environment string can also be added to override the path +where libFuzzer will write the coverage report. + +## Get coverage + +In order to get coverage information, you need to add the "-fcoverage-mapping" +and "-fprofile-instr-generate CFLAGS, and then run the fuzz target with +`-runs=0`. That will produce a file called `default.profraw` (this behavior can +be overridden by setting the `LLVM_PROFILE_FILE="yourfile.profraw"` environment +variable). + +1. `llvm-profdata-6.0 merge -sparse default.profraw -o + fuzz_packfile_raw.profdata` transforms the data from a sparse representation + into a format that can be used by the other tools. +2. `llvm-cov-6.0 report ./build/fuzz/fuzz_packfile_raw + -instr-profile=fuzz_packfile_raw.profdata` shows a high-level per-file + coverage report. +3. `llvm-cov-6.0 show ./build/fuzz/fuzz_packfile_raw + -instr-profile=fuzz_packfile_raw.profdata [source file]` shows a line-by-line + coverage analysis of all the codebase (or a single source file). + +## Standalone mode + +In order to ensure that there are no regresions, each fuzzer target can be run +in a standalone mode. This can be done by passing `-DUSE_STANDALONE_FUZZERS=ON`. +This makes it compatible with gcc. This does not use the fuzzing engine, but +just invokes every file in the chosen corpus. + +In order to get full coverage, though, you might want to also enable one of the +sanitizers. You might need a recent version of clang to get full support. + +## References + +* [libFuzzer](https://llvm.org/docs/LibFuzzer.html) documentation. +* [Source-based Code + Coverage](https://clang.llvm.org/docs/SourceBasedCodeCoverage.html). diff --git a/docs/merge-df_conflicts.txt b/docs/merge-df_conflicts.txt new file mode 100644 index 0000000..09780ee --- /dev/null +++ b/docs/merge-df_conflicts.txt @@ -0,0 +1,41 @@ +Anc / Our / Thr represent the ancestor / ours / theirs side of a merge +from branch "branch" into HEAD. Workdir represents the expected files in +the working directory. Index represents the expected files in the index, +with stage markers. + + Anc Our Thr Workdir Index +1 D D + D/F D/F D/F [0] + +2 D D+ D~HEAD (mod/del) D/F [0] + D/F D/F D [1] + D [2] + +3 D D D/F D/F [0] + D/F + +4 D D+ D~branch (mod/del) D/F [0] + D/F D/F D [1] + D [3] + +5 D D/F (add/add) D/F [2] + D/F D/F [3] + D/F + +6 D/F D/F D D [0] + D + +7 D/F D/F+ D/F (mod/del) D/F [1] + D D~branch (fil/dir) D/F [2] + D [3] + +8 D/F D/F D D [0] + D + +9 D/F D/F+ D/F (mod/del) D/F [1] + D D~HEAD (fil/dir) D [2] + D/F [3] + +10 D/F D/F (fil/dir) D/F [0] + D D~HEAD D [2] + D diff --git a/docs/projects.md b/docs/projects.md new file mode 100644 index 0000000..1b9f476 --- /dev/null +++ b/docs/projects.md @@ -0,0 +1,93 @@ +Projects For LibGit2 +==================== + +So, you want to start helping out with `libgit2`? That's fantastic! We +welcome contributions and we promise we'll try to be nice. + +This is a list of libgit2 related projects that new contributors can take +on. It includes a number of good starter projects as well as some larger +ideas that no one is actively working on. + +## Before You Start + +Please start by reading the [README.md](../README.md), +[contributing.md](contributing.md), and [conventions.md](conventions.md) +files before diving into one of these projects. Those explain our work +flow and coding conventions to help ensure that your work will be easily +integrated into libgit2. + +Next, work through the build instructions and make sure you can clone the +repository, compile it, and run the tests successfully. That will make +sure that your development environment is set up correctly and you are +ready to start on libgit2 development. + +## Starter Projects + +These are good small projects to get started with libgit2. + +* Look at the `examples/` programs, find an existing one that mirrors a + core Git command and add a missing command-line option. There are many + gaps right now and this helps demonstrate how to use the library. Here + are some specific ideas (though there are many more): + * Fix the `examples/diff.c` implementation of the `-B` + (a.k.a. `--break-rewrites`) command line option to actually look for + the optional `[<n>][/<m>]` configuration values. There is an + existing comment that reads `/* TODO: parse thresholds */`. The + trick to this one will be doing it in a manner that is clean and + simple, but still handles the various cases correctly (e.g. `-B/70%` + is apparently a legal setting). + * As an extension to the matching idea for `examples/log.c`, add the + `-i` option to use `strcasestr()` for matches. + * For `examples/log.c`, implement the `--first-parent` option now that + libgit2 supports it in the revwalk API. +* Pick a Git command that is not already emulated in `examples/` and write + a new example that mirrors the behavior. Examples don't have to be + perfect emulations, but should demonstrate how to use the libgit2 APIs + to get results that are similar to Git commands. This lets you (and us) + easily exercise a particular facet of the API and measure compatibility + and feature parity with core git. +* Submit a PR to clarify documentation! While we do try to document all of + the APIs, your fresh eyes on the documentation will find areas that are + confusing much more easily. + +If none of these appeal to you, take a look at our issues list to see if +there are any unresolved issues you'd like to jump in on. + +## Larger Projects + +These are ideas for larger projects mostly taken from our backlog of +[Issues](https://github.com/libgit2/libgit2/issues). Please don't dive +into one of these as a first project for libgit2 - we'd rather get to +know you first by successfully shipping your work on one of the smaller +projects above. + +Some of these projects are broken down into subprojects and/or have +some incremental steps listed towards the larger goal. Those steps +might make good smaller projects by themselves. + +* Port part of the Git test suite to run against the command line emulation + in `examples/` + * Pick a Git command that is emulated in our `examples/` area + * Extract the Git tests that exercise that command + * Convert the tests to call our emulation + * These tests could go in `examples/tests/`... +* Add hooks API to enumerate and manage hooks (not run them at this point) + * Enumeration of available hooks + * Lookup API to see which hooks have a script and get the script + * Read/write API to load a hook script and write a hook script + * Eventually, callback API to invoke a hook callback when libgit2 + executes the action in question +* Isolate logic of ignore evaluation into a standalone API +* Upgrade internal libxdiff code to latest from core Git +* Tree builder improvements: + * Extend to allow building a tree hierarchy +* Apply-patch API +* Add a patch editing API to enable "git add -p" type operations +* Textconv API to filter binary data before generating diffs (something + like the current Filter API, probably). +* Performance profiling and improvement +* Support "git replace" ref replacements +* Include conflicts in diff results and in status + * GIT_DELTA_CONFLICT for items in conflict (with multiple files) + * Appropriate flags for status +* Support sparse checkout (i.e. "core.sparsecheckout" and ".git/info/sparse-checkout") diff --git a/docs/release.md b/docs/release.md new file mode 100644 index 0000000..87fccaa --- /dev/null +++ b/docs/release.md @@ -0,0 +1,83 @@ +# Releasing the library + +We have three kinds of releases: "full" releases, maintenance releases and security releases. Full ones release the state of the `main` branch whereas maintenance releases provide bugfixes building on top of the currently released series. Security releases are also for the current series but only contain security fixes on top of the previous release. + +## Full release + +We aim to release once every six months. We start the process by opening an issue. This is accompanied with a feature freeze. From now until the release, only bug fixes are to be merged. Use the following as a base for the issue + + Release v0.X + + Let's release v0.X, codenamed: <something witty> + + - [ ] Bump the versions in the headers (`include/git2/version.h`) + - [ ] Bump the versions in the clib manifest (`package.json`) + - [ ] Make a release candidate + - [ ] Plug any final leaks + - [ ] Fix any last-minute issues + - [ ] Make sure changelog.md reflects everything worth discussing + - [ ] Update the version in changelog.md and the header + - [ ] Produce a release candidate + - [ ] Tag + - [ ] Create maint/v0.X + - [ ] Update any bindings the core team works with + +We tag at least one release candidate. This RC must carry the new version in the headers, including the SOVERSION. If there are no significant issues found, we can go straight to the release after a single RC. This is up to the discretion of the release manager. There is no set time to have the candidate out, but we should we should give downstream projects at least a week to give feedback. + +Preparing the first release candidate includes updating the version number of libgit2 to the new version number. To do so, a pull request shall be submitted that adjusts the version number in the following places: + +- docs/changelog.md +- include/git2/version.h +- package.json + +As soon as the pull request is merged, the merge commit shall be tagged with a lightweight tag. + +The tagging happens via GitHub's "releases" tab which lets us attach release notes to a particular tag. In the description we include the changes in `docs/changelog.md` between the last full release. Use the following as a base for the release notes + + This is the first release of the v0.X series, <codename>. The changelog follows. + +followed by the three sections in the changelog. For release candidates we can avoid copying the full changelog and only include any new entries. + +During the freeze, and certainly after the first release candidate, any bindings the core team work with should be updated in order to discover any issues that might come up with the multitude of approaches to memory management, embedding or linking. + +Create a branch `maint/v0.X` at the current state of `main` after you've created the tag. This will be used for maintenance releases and lets our dependents track the latest state of the series. + +## Maintenance release + +Every once in a while, when we feel we've accumulated a significant amount of backportable fixes in the mainline branch, we produce a maintenance release in order to provide fixes or improvements for those who track the releases. This also lets our users and integrators receive updates without having to upgrade to the next full release. + +As a rule of thumb, it's a good idea to produce a maintenance release for the current series when we're getting ready for a full release. This gives the (still) current series a last round of fixes without having to upgrade (which with us potentially means adjusting to API changes). + +Start by opening an issue. Use the following as a base. + + Release v0.X.Y + + Enough fixes have accumulated, let's release v0.X.Y + + - [ ] Select the changes we want to backport + - [ ] Update maint/v0.X + - [ ] Tag + +The list of changes to backport does not need to be comprehensive and we might not backport something if the code in mainline has diverged significantly. These fixes do not include those which require API or ABI changes as we release under the same SOVERSION. + +Do not merge into the `maint/v0.X` until we are getting ready to produce a new release. There is always the possibility that we will need to produce a security release and those must only include the relevant security fixes and not arbitrary fixes we were planning on releasing at some point. + +Here we do not use release candidates as the changes are supposed to be small and proven. + +## Security releases + +This is the same as a maintenance release, except that the fix itself will most likely be developed in a private repository and will only be visible to a select group of people until the release. + +We have committed to providing security fixes for the latest two released versions. E.g. if the latest version is v0.28.x, then we will provide security fixes for both v0.28.x and v0.27.y. + +## Updating documentation + +We use docurium to generate our documentation. It is a tool written in ruby which leverages libclang's documentation parser. Install docurium + + gem install docurium + +and run it against our description file with the tip of `main` checked out. + + cm doc api.docurium + +It will start up a few processes and write out the results as a new commit onto the `gh-pages` branch. That can be pushed to GitHub to update what will show up on our documentation reference site. diff --git a/docs/threading.md b/docs/threading.md new file mode 100644 index 0000000..de085c8 --- /dev/null +++ b/docs/threading.md @@ -0,0 +1,110 @@ +Threading in libgit2 +================== + +Unless otherwise specified, libgit2 objects cannot be safely accessed by +multiple threads simultaneously. + +There are also caveats on the cryptographic libraries libgit2 or its +dependencies link to (more on this later). For libgit2 itself, +provided you take the following into consideration you won't run into +issues: + +Sharing objects +--------------- + +Use an object from a single thread at a time. Most data structures do +not guard against concurrent access themselves. This is because they +are rarely used in isolation and it makes more sense to synchronize +access via a larger lock or similar mechanism. + +There are some objects which are read-only/immutable and are thus safe +to share across threads, such as references and configuration +snapshots. + +The `git_odb` object uses locking internally, and is thread-safe to use from +multiple threads simultaneously. + +Error messages +-------------- + +The error message is thread-local. The `git_error_last()` call must +happen on the same thread as the error in order to get the +message. Often this will be the case regardless, but if you use +something like the [GCD](http://en.wikipedia.org/wiki/Grand_Central_Dispatch) +on macOS (where code is executed on an arbitrary thread), the code +must make sure to retrieve the error code on the thread where the error +happened. + +Threading and cryptographic libraries +======================================= + +On Windows +---------- + +When built as a native Windows DLL, libgit2 uses WinCNG and WinHTTP, +both of which are thread-safe. You do not need to do anything special. + +When using libssh2 which itself uses WinCNG, there are no special +steps necessary. If you are using a MinGW or similar environment where +libssh2 uses OpenSSL or libgcrypt, then the general case affects +you. + +On macOS +----------- + +By default we make use of CommonCrypto and SecureTransport for cryptographic +support. These are thread-safe and you do not need to do anything special. + +Note that libssh2 may still use OpenSSL itself. In that case, the +general case still affects you if you use ssh. + +General Case +------------ + +libgit2 will default to OpenSSL for HTTPS transport (except on Windows and +macOS, as mentioned above). On any system, mbedTLS _may_ be optionally +enabled as the security provider. OpenSSL is thread-safe starting at +version 1.1.0. If your copy of libgit2 is linked against that version, +you do not need to take any further steps. + +Older versions of OpenSSL are made to be thread-implementation agnostic, and the +users of the library must set which locking function it should use. libgit2 +cannot know what to set as the user of libgit2 may also be using OpenSSL independently and +the locking settings must then live outside the lifetime of libgit2. + +Even if libgit2 doesn't use OpenSSL directly, OpenSSL can still be used by +libssh2 depending on the configuration. If OpenSSL is used by +more than one library, you only need to set up threading for OpenSSL once. + +If libgit2 is linked against OpenSSL < 1.1.0, it provides a last-resort convenience function +`git_openssl_set_locking()` (available in `sys/openssl.h`) to use the +platform-native mutex mechanisms to perform the locking, which you can use +if you do not want to use OpenSSL outside of libgit2, or you +know that libgit2 will outlive the rest of the operations. It is then not +safe to use OpenSSL multi-threaded after libgit2's shutdown function +has been called. Note `git_openssl_set_locking()` only works if +libgit2 uses OpenSSL directly - if OpenSSL is only used as a dependency +of libssh2 as described above, `git_openssl_set_locking()` is a no-op. + +If your programming language offers a package/bindings for OpenSSL, +you should very strongly prefer to use that in order to set up +locking, as they provide a level of coordination which is impossible +when using this function. + +See the +[OpenSSL documentation](https://www.openssl.org/docs/crypto/threads.html) +on threading for more details, and http://trac.libssh2.org/wiki/MultiThreading +for a specific example of providing the threading callbacks. + +libssh2 may be linked against OpenSSL or libgcrypt. If it uses OpenSSL, +see the above paragraphs. If it uses libgcrypt, then you need to +set up its locking before using it multi-threaded. libgit2 has no +direct connection to libgcrypt and thus has no convenience functions for +it (but libgcrypt has macros). Read libgcrypt's +[threading documentation for more information](http://www.gnupg.org/documentation/manuals/gcrypt/Multi_002dThreading.html) + +It is your responsibility as an application author or packager to know +what your dependencies are linked against and to take the appropriate +steps to ensure the cryptographic libraries are thread-safe. We agree +that this situation is far from ideal but at this time it is something +the application authors need to deal with. diff --git a/docs/troubleshooting.md b/docs/troubleshooting.md new file mode 100644 index 0000000..085fff8 --- /dev/null +++ b/docs/troubleshooting.md @@ -0,0 +1,13 @@ +Troubleshooting libgit2 Problems +================================ + +CMake Failures +-------------- + +* **`Asked for OpenSSL TLS backend, but it wasn't found`** + CMake cannot find your SSL/TLS libraries. By default, libgit2 always + builds with HTTPS support, and you are encouraged to install the + OpenSSL libraries for your system (eg, `apt-get install libssl-dev`). + + For development, if you simply want to disable HTTPS support entirely, + pass the `-DUSE_HTTPS=OFF` argument to `cmake` when configuring it. diff --git a/docs/win32-longpaths.md b/docs/win32-longpaths.md new file mode 100644 index 0000000..a18152f --- /dev/null +++ b/docs/win32-longpaths.md @@ -0,0 +1,36 @@ +core.longpaths support +====================== + +Historically, Windows has limited absolute path lengths to `MAX_PATH` +(260) characters. + +Unfortunately, 260 characters is a punishing small maximum. This is +especially true for developers where dependencies may have dependencies +in a folder, each dependency themselves having dependencies in a +sub-folder, ad (seemingly) infinitum. + +So although the Windows APIs _by default_ honor this 260 character +maximum, you can get around this by using separate APIs. Git honors a +`core.longpaths` configuration option that allows some paths on Windows +to exceed these 260 character limits. + +And because they've gone and done it, that means that libgit2 has to +honor this value, too. + +Since `core.longpaths` is a _configuration option_ that means that we +need to be able to resolve a configuration - including in _the repository +itself_ in order to know whether long paths should be supported. + +Therefore, in libgit2, `core.longpaths` affects paths in working +directories _only_. Paths to the repository, and to items inside the +`.git` folder, must be no longer than 260 characters. + +This definition is required to avoid a paradoxical setting: if you +had a repository in a folder that was 280 characters long, how would +you know whether `core.longpaths` support should be enabled? Even if +`core.longpaths` was set to true in a system configuration file, the +repository itself may set `core.longpaths` to false in _its_ configuration +file, which you could only read if `core.longpaths` were set to true. + +Thus, `core.longpaths` must _only_ apply to working directory items, +and cannot apply to the `.git` folder or its contents. |