Merging upstream version 1.74.1+dfsg1.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-05-30 18:31:36 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-05-30 18:31:36 +0000
commit: e02c5b5930c2c9ba3e5423fe12e2ef0155017297 (patch)
tree: fd60ebbbb5299e16e5fca8c773ddb74f764760db /vendor/gix-transport
parent: Adding debian version 1.73.0+dfsg1-1. (diff)
download: rustc-e02c5b5930c2c9ba3e5423fe12e2ef0155017297.tar.xz
rustc-e02c5b5930c2c9ba3e5423fe12e2ef0155017297.zip
16 files changed, 420 insertions, 59 deletions
diff --git a/vendor/gix-transport/.cargo-checksum.json b/vendor/gix-transport/.cargo-checksum.json
index 24fcaaab0..c8627fafd 100644
--- a/vendor/gix-transport/.cargo-checksum.json
+++ b/vendor/gix-transport/.cargo-checksum.json
@@ -1 +1 @@
-{"files":{"CHANGELOG.md":"f62eee0a65c00e91dcf1765ad19ae166a17234fa97d21a6c848bd65fa7158df7","Cargo.toml":"97027a5e91451a0eb68225d5a03f123d5fe52c1c446de4d9474c47a7de397d03","LICENSE-APACHE":"cb4780590812826851ba250f90bed0ed19506ec98f6865a0e2e20bbf62391ff9","LICENSE-MIT":"49df47913ab2beafe8dc45607877ae64198bf0eee64aaad3e82ed9e4d27424e8","src/client/async_io/bufread_ext.rs":"d9ef051c5bd1abd62ab43db6a50b4bdf163e1d50e8b25624e12aaed1bd8ece52","src/client/async_io/connect.rs":"d2f64a865612cdf2aefebc8c58c28b0d303e697819ae467b0145d18ab87fd359","src/client/async_io/mod.rs":"dbc880330eea5ab38d2ac7aa8d295352cac1011aa4f6c9d9216ccfb7fa79789d","src/client/async_io/request.rs":"6844d8804f1b99836994fdc2faa636542336b988b7ab15d118ea1aa24315cd65","src/client/async_io/traits.rs":"f0ec02bce105d138e438daa1397ff92b82230c19171039b12e995eb2011b8f1e","src/client/blocking_io/bufread_ext.rs":"ffb691bac5e4c7e35506f01aaee3560c80de8143e9eb5755cab2a3da545ed113","src/client/blocking_io/connect.rs":"e146594221beae80385b08094a128066a8772127b989bb63e8bb0b5d7dc7f82d","src/client/blocking_io/file.rs":"663e3a4b62c3860068c0c3fbc16adbb0d1535ee028c23d084f68a853a5bb2641","src/client/blocking_io/http/curl/mod.rs":"4fa0027b0aabdb71676c5267d8dab446ccd81863dd80dc9ac8f43e7710099ca4","src/client/blocking_io/http/curl/remote.rs":"957c511ed64d7c3fee886ef7d16f56e04bfd8ac266680f9c88907dd150c1b6da","src/client/blocking_io/http/mod.rs":"3a58753707f5ee2d7a59123d3a749bb17864ed70fe6c5b197174bc9b4861e691","src/client/blocking_io/http/redirect.rs":"1f6d57c8a87a9cb4c3699c53f5e05468d99b89d49532c1f805931dcdcff36c0b","src/client/blocking_io/http/reqwest/mod.rs":"08d09aefaddbd0049676bdbe403fca2282c9da4484a6d7cd8e84ec8a46060184","src/client/blocking_io/http/reqwest/remote.rs":"dfcebff86bbf77401e1f22152b570a125dc38c8e983df51e14f8bb1e2459586c","src/client/blocking_io/http/traits.rs":"520d9789ee9e5cee861a068f8ca0bd5309c853f288a065d3cfb86d8e0145942f","src/client/blocking_io/mod.rs":"b3b09948dcad91f5e9060875e5096c3d4155e3fdf33af0415b04f9c6246adec2","src/client/blocking_io/request.rs":"1602b053538b864557729fa6b3f74aa91020ead2bdcd55c86dd10c13c9168b94","src/client/blocking_io/ssh/mod.rs":"a2eb446804b7d377db8a0bae5d74936271dc7cdd71f12629eaf21a0c821453c8","src/client/blocking_io/ssh/program_kind.rs":"e573e45103ac3978da65cb87be3aac476fc40781a953d2c464f754fa79398cee","src/client/blocking_io/ssh/tests.rs":"309e795036635782a005cba1ddf0e8dcf7b1e1fea49429f644996c942cf7ccbe","src/client/blocking_io/traits.rs":"7e1ef1d6cd6c03f493fe55dd3ba6ad2a5059db16a22b9b75bbda8b055c207813","src/client/capabilities.rs":"fd74e87fd6b405de1613d9f5bec9fd6c0705e1ba1f2d2afdc349586af0190381","src/client/git/async_io.rs":"97b8dccc93bf5a62349aec7dc967acb59212ca66a49347564da50e4fc64864ec","src/client/git/blocking_io.rs":"42e3ee0f597cc31bd87027e21573ccfd4270b835795526f65ef193cff0da077c","src/client/git/mod.rs":"46d990e403f5f825fb0f9332d2ee1a3d8b33209d5a74fe8b473840bcf8e873c4","src/client/mod.rs":"563bb655c93af9dde121a6c8ddb94055aac862da5ac3e9d0420ca5eb21892387","src/client/non_io_types.rs":"ec10e9d7cf6270caf087643484dc4935b014124cf5b914f28eaa476a6869349a","src/client/traits.rs":"5c7b1f9d4b35ae049e81aa7aea09c0b142df023005d876765581b6b267a015d6","src/lib.rs":"c96d2ade712012d7babb19673c2097139036d6290b010828365da743700b65e2"},"package":"64a39ffed9a9078ed700605e064b15d7c6ae50aa65e7faa36ca6919e8081df15"}
-\ No newline at end of file
+{"files":{"CHANGELOG.md":"a1c54de10ea7fbb380ed09ae67e85e28d109945a57d9524f448bf619fadb2f9c","Cargo.toml":"e7237f1f668533b07c3dad7d0f54435534ff16cb93fd734769ceb11716c4cfe2","LICENSE-APACHE":"cb4780590812826851ba250f90bed0ed19506ec98f6865a0e2e20bbf62391ff9","LICENSE-MIT":"49df47913ab2beafe8dc45607877ae64198bf0eee64aaad3e82ed9e4d27424e8","src/client/async_io/bufread_ext.rs":"d9ef051c5bd1abd62ab43db6a50b4bdf163e1d50e8b25624e12aaed1bd8ece52","src/client/async_io/connect.rs":"012344d9e66b11e520f8c3bbb1f1d7fcb3553a8cbf26bb8eff417736a1c2315d","src/client/async_io/mod.rs":"5ddd26a991e7ff55b04730df0940047d68ca247c7c7d79d0f35f6731c704b121","src/client/async_io/request.rs":"6844d8804f1b99836994fdc2faa636542336b988b7ab15d118ea1aa24315cd65","src/client/async_io/traits.rs":"f0ec02bce105d138e438daa1397ff92b82230c19171039b12e995eb2011b8f1e","src/client/blocking_io/bufread_ext.rs":"ffb691bac5e4c7e35506f01aaee3560c80de8143e9eb5755cab2a3da545ed113","src/client/blocking_io/connect.rs":"e146594221beae80385b08094a128066a8772127b989bb63e8bb0b5d7dc7f82d","src/client/blocking_io/file.rs":"cbcaa7163ae67f75900156bbc328c7539efd20d58f1ec303978c3dabc94f2682","src/client/blocking_io/http/curl/mod.rs":"4fa0027b0aabdb71676c5267d8dab446ccd81863dd80dc9ac8f43e7710099ca4","src/client/blocking_io/http/curl/remote.rs":"3aa78601b3fead94434ee517713abae4c866060e3b5ab13cfa2e36ed4e84a05c","src/client/blocking_io/http/mod.rs":"77a9b103964334ec74ffa3799b918b5a91fca7c82c7a5365bbdbdc61029dd36d","src/client/blocking_io/http/redirect.rs":"1f6d57c8a87a9cb4c3699c53f5e05468d99b89d49532c1f805931dcdcff36c0b","src/client/blocking_io/http/reqwest/mod.rs":"08d09aefaddbd0049676bdbe403fca2282c9da4484a6d7cd8e84ec8a46060184","src/client/blocking_io/http/reqwest/remote.rs":"d77f98548c192df5f9f3685b41ff88fa5cd73452caeaac09e8606db03f632ec1","src/client/blocking_io/http/traits.rs":"520d9789ee9e5cee861a068f8ca0bd5309c853f288a065d3cfb86d8e0145942f","src/client/blocking_io/mod.rs":"b3b09948dcad91f5e9060875e5096c3d4155e3fdf33af0415b04f9c6246adec2","src/client/blocking_io/request.rs":"1602b053538b864557729fa6b3f74aa91020ead2bdcd55c86dd10c13c9168b94","src/client/blocking_io/ssh/mod.rs":"020c9f634dc45b27d345af14b00561670c86ea65bd833f35a797320b796defcd","src/client/blocking_io/ssh/program_kind.rs":"4ac6133bbd9ec0d9823ef25468a42d6f01cccd32bce8bdfe34aac6516e8dcfd7","src/client/blocking_io/ssh/tests.rs":"21836e0188548ea148775861771a7105091f5b0c432f5d84eeb1343b50ad20bd","src/client/blocking_io/traits.rs":"7e1ef1d6cd6c03f493fe55dd3ba6ad2a5059db16a22b9b75bbda8b055c207813","src/client/capabilities.rs":"fade3556cac458dfff1200d69bdaeefecef10fb4f9369df7991282b4f9a3560e","src/client/git/async_io.rs":"97b8dccc93bf5a62349aec7dc967acb59212ca66a49347564da50e4fc64864ec","src/client/git/blocking_io.rs":"42e3ee0f597cc31bd87027e21573ccfd4270b835795526f65ef193cff0da077c","src/client/git/mod.rs":"1c3ad5b754becfbca63b76fab85ebd97c2c5902f907fffbac994caffb82ee4a1","src/client/mod.rs":"563bb655c93af9dde121a6c8ddb94055aac862da5ac3e9d0420ca5eb21892387","src/client/non_io_types.rs":"9ea8334d6271118b1207634d425bf170ca93c221ab84072d7aa40576ea37ed24","src/client/traits.rs":"5c7b1f9d4b35ae049e81aa7aea09c0b142df023005d876765581b6b267a015d6","src/lib.rs":"7a3949cacacf1f9bbfbe0e4b8923d4fa9eb8deae953c547b270c7fb4aa83e74b"},"package":"b9ec726e6a245e68ace59a34126a1d679de60360676612985e70b0d3b102fb4e"}
+\ No newline at end of file
diff --git a/vendor/gix-transport/CHANGELOG.md b/vendor/gix-transport/CHANGELOG.md
index aef40f1f6..8d7be4632 100644
--- a/vendor/gix-transport/CHANGELOG.md
+++ b/vendor/gix-transport/CHANGELOG.md
@@ -5,6 +5,249 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## 0.37.0 (2023-09-24)
+
+### Bug Fixes
+
+ - <csr-id-b06a0dd781accad317fdec5f86f069df4c21875c/> prevent hosts or paths that look like arguments to be passed to invoked commands.
+   See https://secure.phabricator.com/T12961 for more details.
+
+### Commit Statistics
+
+<csr-read-only-do-not-edit/>
+
+ - 3 commits contributed to the release.
+ - 15 days passed between releases.
+ - 1 commit was understood as [conventional](https://www.conventionalcommits.org).
+ - 0 issues like '(#ID)' were seen in commit messages
+
+### Commit Details
+
+<csr-read-only-do-not-edit/>
+
+<details><summary>view details</summary>
+
+ * **Uncategorized**
+    - Prepare changelogs prior to release ([`8a60d5b`](https://github.com/Byron/gitoxide/commit/8a60d5b80877c213c3b646d3061e8a33e0e433ec))
+    - Merge branch 'fix-exploit' ([`c53bbd2`](https://github.com/Byron/gitoxide/commit/c53bbd265005c7eedc316205b217e137e2b9896e))
+    - Prevent hosts or paths that look like arguments to be passed to invoked commands. ([`b06a0dd`](https://github.com/Byron/gitoxide/commit/b06a0dd781accad317fdec5f86f069df4c21875c))
+</details>
+
+## 0.36.0 (2023-09-08)
+
+### Bug Fixes (BREAKING)
+
+ - <csr-id-072ee32f693a31161cd6a843da6582d13efbb20b/> use `dyn` trait where possible.
+   This reduces compile time due to avoiding duplication.
+
+### Commit Statistics
+
+<csr-read-only-do-not-edit/>
+
+ - 8 commits contributed to the release over the course of 17 calendar days.
+ - 17 days passed between releases.
+ - 1 commit was understood as [conventional](https://www.conventionalcommits.org).
+ - 0 issues like '(#ID)' were seen in commit messages
+
+### Commit Details
+
+<csr-read-only-do-not-edit/>
+
+<details><summary>view details</summary>
+
+ * **Uncategorized**
+    - Release gix-transport v0.36.0, gix-protocol v0.39.0, gix-revision v0.21.0, gix-refspec v0.17.0, gix-submodule v0.3.0, gix-worktree v0.25.0, gix-worktree-state v0.2.0, gix v0.53.0 ([`1ff3064`](https://github.com/Byron/gitoxide/commit/1ff30641b8724efd6699d8bef5c71d28454e98b9))
+    - Release gix-date v0.8.0, gix-hash v0.13.0, gix-features v0.34.0, gix-actor v0.26.0, gix-object v0.36.0, gix-path v0.10.0, gix-glob v0.12.0, gix-attributes v0.18.0, gix-packetline-blocking v0.16.6, gix-filter v0.4.0, gix-fs v0.6.0, gix-commitgraph v0.20.0, gix-hashtable v0.4.0, gix-revwalk v0.7.0, gix-traverse v0.32.0, gix-worktree-stream v0.4.0, gix-archive v0.4.0, gix-config-value v0.14.0, gix-tempfile v9.0.0, gix-lock v9.0.0, gix-ref v0.36.0, gix-sec v0.10.0, gix-config v0.29.0, gix-prompt v0.7.0, gix-url v0.23.0, gix-credentials v0.19.0, gix-diff v0.35.0, gix-discover v0.24.0, gix-ignore v0.7.0, gix-index v0.24.0, gix-macros v0.1.0, gix-mailmap v0.18.0, gix-negotiate v0.7.0, gix-pack v0.42.0, gix-odb v0.52.0, gix-pathspec v0.2.0, gix-packetline v0.16.6, gix-transport v0.36.0, gix-protocol v0.39.0, gix-revision v0.21.0, gix-refspec v0.17.0, gix-submodule v0.3.0, gix-worktree v0.25.0, gix-worktree-state v0.2.0, gix v0.53.0, safety bump 39 crates ([`8bd0456`](https://github.com/Byron/gitoxide/commit/8bd045676bb2cdc02624ab93e73ff8518064ca38))
+    - Prepare changelogs for release ([`375db06`](https://github.com/Byron/gitoxide/commit/375db06a8442378c3f7a922fae38e2a6694d9d04))
+    - Merge branch 'optimizations' ([`6135a5e`](https://github.com/Byron/gitoxide/commit/6135a5ea8709646f01da62939a59dd3a9750e007))
+    - Adapt to changes in features of `gix-pack` ([`6b27ffa`](https://github.com/Byron/gitoxide/commit/6b27ffa18f0049321e7c1837acc5467f0966fbb5))
+    - Merge branch `dyn`ification ([`f658fcc`](https://github.com/Byron/gitoxide/commit/f658fcc52dc2200ae34ca53dc10be97fb9012057))
+    - Use `dyn` trait where possible. ([`072ee32`](https://github.com/Byron/gitoxide/commit/072ee32f693a31161cd6a843da6582d13efbb20b))
+    - Merge branch 'gix-submodule' ([`363ee77`](https://github.com/Byron/gitoxide/commit/363ee77400805f473c9ad66eadad9214e7ab66f4))
+</details>
+
+## 0.35.0 (2023-08-22)
+
+<csr-id-229bd4899213f749a7cc124aa2b82a1368fba40f/>
+
+### Chore
+
+ - <csr-id-229bd4899213f749a7cc124aa2b82a1368fba40f/> don't call crate 'WIP' in manifest anymore.
+
+### Commit Statistics
+
+<csr-read-only-do-not-edit/>
+
+ - 8 commits contributed to the release over the course of 9 calendar days.
+ - 19 days passed between releases.
+ - 1 commit was understood as [conventional](https://www.conventionalcommits.org).
+ - 0 issues like '(#ID)' were seen in commit messages
+
+### Commit Details
+
+<csr-read-only-do-not-edit/>
+
+<details><summary>view details</summary>
+
+ * **Uncategorized**
+    - Release gix-url v0.22.0, gix-credentials v0.18.0, gix-diff v0.34.0, gix-discover v0.23.0, gix-ignore v0.6.0, gix-bitmap v0.2.7, gix-index v0.22.0, gix-mailmap v0.17.0, gix-negotiate v0.6.0, gix-pack v0.41.0, gix-odb v0.51.0, gix-pathspec v0.1.0, gix-packetline v0.16.5, gix-transport v0.35.0, gix-protocol v0.38.0, gix-revision v0.20.0, gix-refspec v0.16.0, gix-submodule v0.2.0, gix-worktree v0.24.0, gix-worktree-state v0.1.0, gix v0.52.0, gitoxide-core v0.31.0, gitoxide v0.29.0 ([`6c62e74`](https://github.com/Byron/gitoxide/commit/6c62e748240ac0980fc23fdf30f8477dea8b9bc3))
+    - Release gix-date v0.7.3, gix-hash v0.12.0, gix-features v0.33.0, gix-actor v0.25.0, gix-object v0.35.0, gix-path v0.9.0, gix-glob v0.11.0, gix-quote v0.4.7, gix-attributes v0.17.0, gix-command v0.2.9, gix-packetline-blocking v0.16.5, gix-filter v0.3.0, gix-fs v0.5.0, gix-commitgraph v0.19.0, gix-hashtable v0.3.0, gix-revwalk v0.6.0, gix-traverse v0.31.0, gix-worktree-stream v0.3.0, gix-archive v0.3.0, gix-config-value v0.13.0, gix-tempfile v8.0.0, gix-lock v8.0.0, gix-ref v0.35.0, gix-sec v0.9.0, gix-config v0.28.0, gix-prompt v0.6.0, gix-url v0.22.0, gix-credentials v0.18.0, gix-diff v0.34.0, gix-discover v0.23.0, gix-ignore v0.6.0, gix-bitmap v0.2.7, gix-index v0.22.0, gix-mailmap v0.17.0, gix-negotiate v0.6.0, gix-pack v0.41.0, gix-odb v0.51.0, gix-pathspec v0.1.0, gix-packetline v0.16.5, gix-transport v0.35.0, gix-protocol v0.38.0, gix-revision v0.20.0, gix-refspec v0.16.0, gix-submodule v0.2.0, gix-worktree v0.24.0, gix-worktree-state v0.1.0, gix v0.52.0, gitoxide-core v0.31.0, gitoxide v0.29.0, safety bump 41 crates ([`30b2761`](https://github.com/Byron/gitoxide/commit/30b27615047692d3ced1b2d9c2ac15a80f79fbee))
+    - Update changelogs prior to release ([`f23ea88`](https://github.com/Byron/gitoxide/commit/f23ea8828f2d9ba7559973daca388c9591bcc5fc))
+    - Don't call crate 'WIP' in manifest anymore. ([`229bd48`](https://github.com/Byron/gitoxide/commit/229bd4899213f749a7cc124aa2b82a1368fba40f))
+    - Merge branch 'fix-redirect' ([`e83c38f`](https://github.com/Byron/gitoxide/commit/e83c38fcc32687dff2ea79bbfae154c5b577e07a))
+    - Set maximum redirect limit to what curl seems to use by default ([`7663a48`](https://github.com/Byron/gitoxide/commit/7663a48b60d18884c04338608d49b0ba62d7cadc))
+    - Refactor ([`1bc42e9`](https://github.com/Byron/gitoxide/commit/1bc42e9d78f73bf54f8afb1706810814001916fa))
+    - Fix `git-transport` reqwest client: Support redirect ([`e642690`](https://github.com/Byron/gitoxide/commit/e6426902a0164edb8cdb55a4068891c5ee3e305d))
+</details>
+
+## 0.34.2 (2023-08-02)
+
+A maintenance release without user-facing changes.
+
+### Commit Statistics
+
+<csr-read-only-do-not-edit/>
+
+ - 5 commits contributed to the release over the course of 2 calendar days.
+ - 10 days passed between releases.
+ - 0 commits were understood as [conventional](https://www.conventionalcommits.org).
+ - 1 unique issue was worked on: [#923](https://github.com/Byron/gitoxide/issues/923)
+
+### Commit Details
+
+<csr-read-only-do-not-edit/>
+
+<details><summary>view details</summary>
+
+ * **[#923](https://github.com/Byron/gitoxide/issues/923)**
+    - Improve reqwest error handling ([`fadec77`](https://github.com/Byron/gitoxide/commit/fadec775c5cd0532ab76802f56349cebc4a90d72))
+ * **Uncategorized**
+    - Release gix-actor v0.24.2, gix-object v0.33.2, gix-ref v0.33.3, gix-config v0.26.2, gix-prompt v0.5.5, gix-odb v0.50.2, gix-transport v0.34.2, gix-protocol v0.37.0, gix-worktree v0.23.1, gix v0.51.0, safety bump 3 crates ([`231ac1c`](https://github.com/Byron/gitoxide/commit/231ac1c6ad5ca9a84dbeb0dee14bfbf2fef1ae1e))
+    - Prepare additional changelogs ([`db63815`](https://github.com/Byron/gitoxide/commit/db6381522395a0de047118e81df5cd3cbeb862b9))
+    - Prepare changelogs ([`e4d2890`](https://github.com/Byron/gitoxide/commit/e4d2890a85bf60e9cdb4016dddfab3c4dccbe75e))
+    - Merge branch 'fixes-and-improvements' ([`f8b1f55`](https://github.com/Byron/gitoxide/commit/f8b1f553371f25b1bea6bce7cbb2ff1f01194856))
+</details>
+
+## 0.34.1 (2023-07-22)
+
+A maintenance release without user-facing changes.
+
+### Commit Statistics
+
+<csr-read-only-do-not-edit/>
+
+ - 7 commits contributed to the release over the course of 1 calendar day.
+ - 3 days passed between releases.
+ - 0 commits were understood as [conventional](https://www.conventionalcommits.org).
+ - 0 issues like '(#ID)' were seen in commit messages
+
+### Commit Details
+
+<csr-read-only-do-not-edit/>
+
+<details><summary>view details</summary>
+
+ * **Uncategorized**
+    - Release gix-diff v0.33.1, gix-discover v0.22.1, gix-ignore v0.5.1, gix-bitmap v0.2.6, gix-index v0.21.1, gix-mailmap v0.16.1, gix-negotiate v0.5.1, gix-pack v0.40.1, gix-odb v0.50.1, gix-packetline v0.16.4, gix-transport v0.34.1, gix-protocol v0.36.1, gix-revision v0.18.1, gix-refspec v0.14.1, gix-worktree v0.23.0, gix v0.50.0 ([`0062971`](https://github.com/Byron/gitoxide/commit/00629710dffeb10fda340665530353703cf5d129))
+    - Release gix-tempfile v7.0.2, gix-utils v0.1.5, gix-lock v7.0.2, gix-ref v0.33.1, gix-sec v0.8.4, gix-prompt v0.5.4, gix-url v0.21.1, gix-credentials v0.17.1, gix-diff v0.33.1, gix-discover v0.22.1, gix-ignore v0.5.1, gix-bitmap v0.2.6, gix-index v0.21.1, gix-mailmap v0.16.1, gix-negotiate v0.5.1, gix-pack v0.40.1, gix-odb v0.50.1, gix-packetline v0.16.4, gix-transport v0.34.1, gix-protocol v0.36.1, gix-revision v0.18.1, gix-refspec v0.14.1, gix-worktree v0.23.0, gix v0.50.0 ([`107a64e`](https://github.com/Byron/gitoxide/commit/107a64e734580ad9e2c4142db96394529d8072df))
+    - Release gix-features v0.32.1, gix-actor v0.24.1, gix-validate v0.7.7, gix-object v0.33.1, gix-path v0.8.4, gix-glob v0.10.1, gix-quote v0.4.6, gix-attributes v0.16.0, gix-command v0.2.8, gix-packetline-blocking v0.16.4, gix-filter v0.2.0, gix-fs v0.4.1, gix-chunk v0.4.4, gix-commitgraph v0.18.1, gix-hashtable v0.2.4, gix-revwalk v0.4.1, gix-traverse v0.30.1, gix-worktree-stream v0.2.0, gix-archive v0.2.0, gix-config-value v0.12.5, gix-tempfile v7.0.1, gix-utils v0.1.5, gix-lock v7.0.2, gix-ref v0.33.1, gix-sec v0.8.4, gix-prompt v0.5.4, gix-url v0.21.1, gix-credentials v0.17.1, gix-diff v0.33.1, gix-discover v0.22.1, gix-ignore v0.5.1, gix-bitmap v0.2.6, gix-index v0.21.1, gix-mailmap v0.16.1, gix-negotiate v0.5.1, gix-pack v0.40.1, gix-odb v0.50.1, gix-packetline v0.16.4, gix-transport v0.34.1, gix-protocol v0.36.1, gix-revision v0.18.1, gix-refspec v0.14.1, gix-worktree v0.23.0, gix v0.50.0, safety bump 5 crates ([`16295b5`](https://github.com/Byron/gitoxide/commit/16295b58e2581d2e8b8b762816f52baabe871c75))
+    - Prepare more changelogs ([`c4cc5f2`](https://github.com/Byron/gitoxide/commit/c4cc5f261d29f712a101033a18293a97a9d4ae85))
+    - Release gix-date v0.7.1, gix-hash v0.11.4, gix-trace v0.1.3, gix-features v0.32.0, gix-actor v0.24.0, gix-validate v0.7.7, gix-object v0.33.0, gix-path v0.8.4, gix-glob v0.10.0, gix-quote v0.4.6, gix-attributes v0.15.0, gix-command v0.2.7, gix-packetline-blocking v0.16.3, gix-filter v0.1.0, gix-fs v0.4.0, gix-chunk v0.4.4, gix-commitgraph v0.18.0, gix-hashtable v0.2.4, gix-revwalk v0.4.0, gix-traverse v0.30.0, gix-worktree-stream v0.2.0, gix-archive v0.2.0, gix-config-value v0.12.4, gix-tempfile v7.0.1, gix-utils v0.1.5, gix-lock v7.0.2, gix-ref v0.33.0, gix-sec v0.8.4, gix-prompt v0.5.3, gix-url v0.21.0, gix-credentials v0.17.0, gix-diff v0.33.0, gix-discover v0.22.0, gix-ignore v0.5.0, gix-bitmap v0.2.6, gix-index v0.21.0, gix-mailmap v0.16.0, gix-negotiate v0.5.0, gix-pack v0.40.0, gix-odb v0.50.0, gix-packetline v0.16.4, gix-transport v0.34.0, gix-protocol v0.36.0, gix-revision v0.18.0, gix-refspec v0.14.0, gix-worktree v0.22.0, gix v0.49.1 ([`5cb3589`](https://github.com/Byron/gitoxide/commit/5cb3589b74fc5376e02cbfe151e71344e1c417fe))
+    - Update changelogs prior to release ([`2fc66b5`](https://github.com/Byron/gitoxide/commit/2fc66b55097ed494b72d1af939ba5561f71fde97))
+    - Update license field following SPDX 2.1 license expression standard ([`9064ea3`](https://github.com/Byron/gitoxide/commit/9064ea31fae4dc59a56bdd3a06c0ddc990ee689e))
+</details>
+
+## 0.34.0 (2023-07-19)
+
+A maintenance release without user-facing changes.
+
+### Commit Statistics
+
+<csr-read-only-do-not-edit/>
+
+ - 6 commits contributed to the release over the course of 4 calendar days.
+ - 19 days passed between releases.
+ - 0 commits were understood as [conventional](https://www.conventionalcommits.org).
+ - 0 issues like '(#ID)' were seen in commit messages
+
+### Thanks Clippy
+
+<csr-read-only-do-not-edit/>
+
+[Clippy](https://github.com/rust-lang/rust-clippy) helped 2 times to make code idiomatic. 
+
+### Commit Details
+
+<csr-read-only-do-not-edit/>
+
+<details><summary>view details</summary>
+
+ * **Uncategorized**
+    - Release gix-filter v0.1.0, gix-ignore v0.5.0, gix-revwalk v0.4.0, gix-traverse v0.30.0, gix-index v0.21.0, gix-mailmap v0.16.0, gix-negotiate v0.5.0, gix-pack v0.40.0, gix-odb v0.50.0, gix-transport v0.34.0, gix-protocol v0.36.0, gix-revision v0.18.0, gix-refspec v0.14.0, gix-worktree v0.22.0, gix v0.49.0 ([`4aca8c2`](https://github.com/Byron/gitoxide/commit/4aca8c2ae2ec588fb65ec4faa0c07c19d219569f))
+    - Release gix-features v0.32.0, gix-actor v0.24.0, gix-glob v0.10.0, gix-attributes v0.15.0, gix-commitgraph v0.18.0, gix-config-value v0.12.4, gix-fs v0.4.0, gix-object v0.33.0, gix-ref v0.33.0, gix-config v0.26.0, gix-command v0.2.7, gix-url v0.21.0, gix-credentials v0.17.0, gix-diff v0.33.0, gix-discover v0.22.0, gix-filter v0.1.0, gix-ignore v0.5.0, gix-revwalk v0.4.0, gix-traverse v0.30.0, gix-index v0.21.0, gix-mailmap v0.16.0, gix-negotiate v0.5.0, gix-pack v0.40.0, gix-odb v0.50.0, gix-transport v0.34.0, gix-protocol v0.36.0, gix-revision v0.18.0, gix-refspec v0.14.0, gix-worktree v0.22.0, gix v0.49.0 ([`68ae3ff`](https://github.com/Byron/gitoxide/commit/68ae3ff9d642ec56f088a6a682a073dc16f4e8ca))
+    - Adjust package versions (by cargo-smart-release) ([`c70e54f`](https://github.com/Byron/gitoxide/commit/c70e54f163c312c87753a506eeaad462e8579bfb))
+    - Prepare changelogs prior to release ([`e4dded0`](https://github.com/Byron/gitoxide/commit/e4dded05138562f9737a7dcfb60570c55769486d))
+    - Thanks clippy ([`9fbed4b`](https://github.com/Byron/gitoxide/commit/9fbed4b97cd31785d11cbc98c44a8332776a847c))
+    - Thanks clippy ([`3ef32af`](https://github.com/Byron/gitoxide/commit/3ef32af9bf477cbc60d24da8bb3f15d20976e9e0))
+</details>
+
+## 0.33.1 (2023-06-29)
+
+A maintenance release without user-facing changes.
+
+### Commit Statistics
+
+<csr-read-only-do-not-edit/>
+
+ - 3 commits contributed to the release.
+ - 6 days passed between releases.
+ - 0 commits were understood as [conventional](https://www.conventionalcommits.org).
+ - 0 issues like '(#ID)' were seen in commit messages
+
+### Commit Details
+
+<csr-read-only-do-not-edit/>
+
+<details><summary>view details</summary>
+
+ * **Uncategorized**
+    - Release gix-transport v0.33.1, gix v0.48.0 ([`f27ca12`](https://github.com/Byron/gitoxide/commit/f27ca128c5f109ad02e4e1a12dc14e93b07bbfcf))
+    - Prepare changelogs prior to release ([`4c2fb5f`](https://github.com/Byron/gitoxide/commit/4c2fb5f31c15c3510b55e1e8bbc14e9036a88daf))
+    - Align `gix-sec` version across all crates ([`7f80ab6`](https://github.com/Byron/gitoxide/commit/7f80ab66fb779b7858975b471cae8c592a3c0c67))
+</details>
+
+## 0.33.0 (2023-06-22)
+
+<csr-id-bcad5c22049d56a25ef69d6c7a3344e78f9a1d4d/>
+
+### Chore
+
+ - <csr-id-bcad5c22049d56a25ef69d6c7a3344e78f9a1d4d/> Add `clippy::redundant-closure-for-method-calls` lint
+
+### Commit Statistics
+
+<csr-read-only-do-not-edit/>
+
+ - 6 commits contributed to the release over the course of 10 calendar days.
+ - 15 days passed between releases.
+ - 1 commit was understood as [conventional](https://www.conventionalcommits.org).
+ - 0 issues like '(#ID)' were seen in commit messages
+
+### Commit Details
+
+<csr-read-only-do-not-edit/>
+
+<details><summary>view details</summary>
+
+ * **Uncategorized**
+    - Release gix-date v0.6.0, gix-hash v0.11.3, gix-trace v0.1.1, gix-features v0.31.0, gix-actor v0.22.0, gix-path v0.8.2, gix-glob v0.9.0, gix-quote v0.4.5, gix-attributes v0.14.0, gix-chunk v0.4.3, gix-commitgraph v0.17.0, gix-config-value v0.12.2, gix-fs v0.3.0, gix-tempfile v7.0.0, gix-utils v0.1.3, gix-lock v7.0.0, gix-validate v0.7.6, gix-object v0.31.0, gix-ref v0.31.0, gix-sec v0.8.2, gix-config v0.24.0, gix-command v0.2.6, gix-prompt v0.5.2, gix-url v0.20.0, gix-credentials v0.16.0, gix-diff v0.31.0, gix-discover v0.20.0, gix-hashtable v0.2.2, gix-ignore v0.4.0, gix-bitmap v0.2.5, gix-revwalk v0.2.0, gix-traverse v0.28.0, gix-index v0.19.0, gix-mailmap v0.14.0, gix-negotiate v0.3.0, gix-pack v0.38.0, gix-odb v0.48.0, gix-packetline v0.16.3, gix-transport v0.33.0, gix-protocol v0.34.0, gix-revision v0.16.0, gix-refspec v0.12.0, gix-worktree v0.20.0, gix v0.47.0, gitoxide-core v0.29.0, gitoxide v0.27.0, safety bump 30 crates ([`ea9f942`](https://github.com/Byron/gitoxide/commit/ea9f9424e777f10da0e33bb9ffbbefd01c4c5a74))
+    - Prepare changelogs prior to release ([`18b0a37`](https://github.com/Byron/gitoxide/commit/18b0a371941aa2d4d62512437d5daa351ba99ffd))
+    - Merge branch 'corpus' ([`aa16c8c`](https://github.com/Byron/gitoxide/commit/aa16c8ce91452a3e3063cf1cf0240b6014c4743f))
+    - Change MSRV to 1.65 ([`4f635fc`](https://github.com/Byron/gitoxide/commit/4f635fc4429350bae2582d25de86429969d28f30))
+    - Merge branch 'help-874-redundant-closures' ([`fe59956`](https://github.com/Byron/gitoxide/commit/fe59956ad667303a923d7cfd9ffd72283df41d78))
+    - Add `clippy::redundant-closure-for-method-calls` lint ([`bcad5c2`](https://github.com/Byron/gitoxide/commit/bcad5c22049d56a25ef69d6c7a3344e78f9a1d4d))
+</details>
+
 ## 0.32.0 (2023-06-06)
 
 ### Bug Fixes (BREAKING)
@@ -19,7 +262,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 <csr-read-only-do-not-edit/>
 
- - 15 commits contributed to the release over the course of 12 calendar days.
+ - 16 commits contributed to the release over the course of 12 calendar days.
  - 40 days passed between releases.
  - 1 commit was understood as [conventional](https://www.conventionalcommits.org).
  - 0 issues like '(#ID)' were seen in commit messages
@@ -37,6 +280,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 <details><summary>view details</summary>
 
  * **Uncategorized**
+    - Release gix-date v0.5.1, gix-hash v0.11.2, gix-features v0.30.0, gix-actor v0.21.0, gix-path v0.8.1, gix-glob v0.8.0, gix-quote v0.4.4, gix-attributes v0.13.0, gix-chunk v0.4.2, gix-commitgraph v0.16.0, gix-config-value v0.12.1, gix-fs v0.2.0, gix-tempfile v6.0.0, gix-utils v0.1.2, gix-lock v6.0.0, gix-validate v0.7.5, gix-object v0.30.0, gix-ref v0.30.0, gix-sec v0.8.1, gix-config v0.23.0, gix-command v0.2.5, gix-prompt v0.5.1, gix-url v0.19.0, gix-credentials v0.15.0, gix-diff v0.30.0, gix-discover v0.19.0, gix-hashtable v0.2.1, gix-ignore v0.3.0, gix-bitmap v0.2.4, gix-traverse v0.26.0, gix-index v0.17.0, gix-mailmap v0.13.0, gix-revision v0.15.0, gix-negotiate v0.2.0, gix-pack v0.36.0, gix-odb v0.46.0, gix-packetline v0.16.2, gix-transport v0.32.0, gix-protocol v0.33.0, gix-refspec v0.11.0, gix-worktree v0.18.0, gix v0.45.0, safety bump 29 crates ([`9a9fa96`](https://github.com/Byron/gitoxide/commit/9a9fa96fa8a722bddc5c3b2270b0edf8f6615141))
     - Prepare changelogs prior to release ([`8f15cec`](https://github.com/Byron/gitoxide/commit/8f15cec1ec7d5a9d56bb158f155011ef2bb3539b))
     - Merge branch 'integrate-gix-negotiate' ([`ae845de`](https://github.com/Byron/gitoxide/commit/ae845dea6cee6523c88a23d7a14293589cf8092f))
     - Parse 'handshake' of `file://` based protocol version 0. ([`aa2d064`](https://github.com/Byron/gitoxide/commit/aa2d0643a212a7a619890f3650c7d7005f8f8fd0))
diff --git a/vendor/gix-transport/Cargo.toml b/vendor/gix-transport/Cargo.toml
index d882d2891..b944afe63 100644
--- a/vendor/gix-transport/Cargo.toml
+++ b/vendor/gix-transport/Cargo.toml
@@ -11,17 +11,17 @@
 
 [package]
 edition = "2021"
-rust-version = "1.64"
+rust-version = "1.65"
 name = "gix-transport"
-version = "0.32.0"
+version = "0.37.0"
 authors = ["Sebastian Thiel <sebastian.thiel@icloud.com>"]
 include = [
     "src/**/*",
     "LICENSE-*",
     "CHANGELOG.md",
 ]
-description = "A WIP crate of the gitoxide project dedicated to implementing the git transport layer"
-license = "MIT/Apache-2.0"
+description = "A crate of the gitoxide project dedicated to implementing the git transport layer"
+license = "MIT OR Apache-2.0"
 repository = "https://github.com/Byron/gitoxide"
 
 [package.metadata.docs.rs]
@@ -96,26 +96,26 @@ version = "1.12.0"
 optional = true
 
 [dependencies.gix-command]
-version = "^0.2.5"
+version = "^0.2.9"
 
 [dependencies.gix-credentials]
-version = "^0.15.0"
+version = "^0.20.0"
 optional = true
 
 [dependencies.gix-features]
-version = "^0.30.0"
+version = "^0.35.0"
 
 [dependencies.gix-packetline]
-version = "^0.16.2"
+version = "^0.16.6"
 
 [dependencies.gix-quote]
-version = "^0.4.4"
+version = "^0.4.7"
 
 [dependencies.gix-sec]
-version = "^0.8.1"
+version = "^0.10.0"
 
 [dependencies.gix-url]
-version = "^0.19.0"
+version = "^0.24.0"
 
 [dependencies.pin-project-lite]
 version = "0.2.6"
diff --git a/vendor/gix-transport/src/client/async_io/connect.rs b/vendor/gix-transport/src/client/async_io/connect.rs
index fe2a5808e..67b20db03 100644
--- a/vendor/gix-transport/src/client/async_io/connect.rs
+++ b/vendor/gix-transport/src/client/async_io/connect.rs
@@ -1,6 +1,6 @@
 pub use crate::client::non_io_types::connect::{Error, Options};
 
-#[cfg(any(feature = "async-std"))]
+#[cfg(feature = "async-std")]
 pub(crate) mod function {
     use std::convert::TryInto;
 
diff --git a/vendor/gix-transport/src/client/async_io/mod.rs b/vendor/gix-transport/src/client/async_io/mod.rs
index 6cb1a500e..1ea85cdcf 100644
--- a/vendor/gix-transport/src/client/async_io/mod.rs
+++ b/vendor/gix-transport/src/client/async_io/mod.rs
@@ -9,5 +9,5 @@ pub use traits::{SetServiceResponse, Transport, TransportV2Ext};
 
 ///
 pub mod connect;
-#[cfg(any(feature = "async-std"))]
+#[cfg(feature = "async-std")]
 pub use connect::function::connect;
diff --git a/vendor/gix-transport/src/client/blocking_io/file.rs b/vendor/gix-transport/src/client/blocking_io/file.rs
index 599f56c23..613fd2357 100644
--- a/vendor/gix-transport/src/client/blocking_io/file.rs
+++ b/vendor/gix-transport/src/client/blocking_io/file.rs
@@ -211,6 +211,11 @@ impl client::Transport for SpawnProcessOnDemand {
         };
         cmd.stdin = Stdio::piped();
         cmd.stdout = Stdio::piped();
+        if self.path.first() == Some(&b'-') {
+            return Err(client::Error::AmbiguousPath {
+                path: self.path.clone(),
+            });
+        }
         let repo_path = if self.ssh_cmd.is_some() {
             cmd.args.push(service.as_str().into());
             gix_quote::single(self.path.as_ref()).to_os_str_lossy().into_owned()
@@ -225,6 +230,7 @@ impl client::Transport for SpawnProcessOnDemand {
         }
         cmd.envs(std::mem::take(&mut self.envs));
 
+        gix_features::trace::debug!(command = ?cmd, "gix_transport::SpawnProcessOnDemand");
         let mut child = cmd.spawn().map_err(|err| client::Error::InvokeProgram {
             source: err,
             command: cmd_name.into_owned(),
diff --git a/vendor/gix-transport/src/client/blocking_io/http/curl/remote.rs b/vendor/gix-transport/src/client/blocking_io/http/curl/remote.rs
index 3b435423d..e6b0bee03 100644
--- a/vendor/gix-transport/src/client/blocking_io/http/curl/remote.rs
+++ b/vendor/gix-transport/src/client/blocking_io/http/curl/remote.rs
@@ -269,7 +269,7 @@ pub fn new() -> (
                 handler.send_data = Some(send);
                 let (send, receive_headers) = pipe::unidirectional(1);
                 handler.send_header = Some(send);
-                let (send_body, receive_body) = pipe::unidirectional(None);
+                let (send_body, receive_body) = pipe::unidirectional(0);
                 (receive_data, receive_headers, send_body, receive_body)
             };
 
diff --git a/vendor/gix-transport/src/client/blocking_io/http/mod.rs b/vendor/gix-transport/src/client/blocking_io/http/mod.rs
index 64cc892d8..fb62b8f9a 100644
--- a/vendor/gix-transport/src/client/blocking_io/http/mod.rs
+++ b/vendor/gix-transport/src/client/blocking_io/http/mod.rs
@@ -517,5 +517,5 @@ pub fn connect(url: gix_url::Url, desired_version: Protocol) -> Transport<Impl>
 }
 
 ///
-#[cfg(feature = "http-client-curl")]
+#[cfg(any(feature = "http-client-curl", feature = "http-client-reqwest"))]
 pub mod redirect;
diff --git a/vendor/gix-transport/src/client/blocking_io/http/reqwest/remote.rs b/vendor/gix-transport/src/client/blocking_io/http/reqwest/remote.rs
index 724528ab9..7f8e82846 100644
--- a/vendor/gix-transport/src/client/blocking_io/http/reqwest/remote.rs
+++ b/vendor/gix-transport/src/client/blocking_io/http/reqwest/remote.rs
@@ -3,14 +3,12 @@ use std::{
     convert::TryFrom,
     io::{Read, Write},
     str::FromStr,
+    sync::{atomic, Arc},
 };
 
 use gix_features::io::pipe;
 
-use crate::client::{
-    http,
-    http::{reqwest::Remote, traits::PostBodyDataKind},
-};
+use crate::client::http::{self, options::FollowRedirects, redirect, reqwest::Remote, traits::PostBodyDataKind};
 
 /// The error returned by the 'remote' helper, a purely internal construct to perform http requests.
 #[derive(Debug, thiserror::Error)]
@@ -22,6 +20,8 @@ pub enum Error {
     ReadPostBody(#[from] std::io::Error),
     #[error("Request configuration failed")]
     ConfigureRequest(#[from] Box<dyn std::error::Error + Send + Sync + 'static>),
+    #[error(transparent)]
+    Redirect(#[from] redirect::Error),
 }
 
 impl crate::IsSpuriousError for Error {
@@ -40,23 +40,57 @@ impl Default for Remote {
         let (req_send, req_recv) = std::sync::mpsc::sync_channel(0);
         let (res_send, res_recv) = std::sync::mpsc::sync_channel(0);
         let handle = std::thread::spawn(move || -> Result<(), Error> {
+            let mut follow = None;
+            let mut redirected_base_url = None::<String>;
+            let allow_redirects = Arc::new(atomic::AtomicBool::new(false));
+
             // We may error while configuring, which is expected as part of the internal protocol. The error will be
             // received and the sender of the request might restart us.
             let client = reqwest::blocking::ClientBuilder::new()
                 .connect_timeout(std::time::Duration::from_secs(20))
                 .http1_title_case_headers()
+                .redirect(reqwest::redirect::Policy::custom({
+                    let allow_redirects = allow_redirects.clone();
+                    move |attempt| {
+                        if allow_redirects.load(atomic::Ordering::Relaxed) {
+                            let curr_url = attempt.url();
+                            let prev_urls = attempt.previous();
+
+                            match prev_urls.first() {
+                                Some(prev_url) if prev_url.host_str() != curr_url.host_str() => {
+                                    // git does not want to be redirected to a different host.
+                                    attempt.stop()
+                                }
+                                _ => {
+                                    // emulate default git behaviour which relies on curl default behaviour apparently.
+                                    const CURL_DEFAULT_REDIRS: usize = 50;
+                                    if prev_urls.len() >= CURL_DEFAULT_REDIRS {
+                                        attempt.error("too many redirects")
+                                    } else {
+                                        attempt.follow()
+                                    }
+                                }
+                            }
+                        } else {
+                            attempt.stop()
+                        }
+                    }
+                }))
                 .build()?;
+
             for Request {
                 url,
+                base_url,
                 headers,
                 upload_body_kind,
                 config,
             } in req_recv
             {
+                let effective_url = redirect::swap_tails(redirected_base_url.as_deref(), &base_url, url.clone());
                 let mut req_builder = if upload_body_kind.is_some() {
-                    client.post(url)
+                    client.post(&effective_url)
                 } else {
-                    client.get(url)
+                    client.get(&effective_url)
                 }
                 .headers(headers);
                 let (post_body_tx, mut post_body_rx) = pipe::unidirectional(0);
@@ -91,7 +125,21 @@ impl Default for Remote {
                         }
                     }
                 }
-                let mut res = match client.execute(req).and_then(|res| res.error_for_status()) {
+
+                let follow = follow.get_or_insert(config.follow_redirects);
+                allow_redirects.store(
+                    matches!(follow, FollowRedirects::Initial | FollowRedirects::All),
+                    atomic::Ordering::Relaxed,
+                );
+
+                if *follow == FollowRedirects::Initial {
+                    *follow = FollowRedirects::None;
+                }
+
+                let mut res = match client
+                    .execute(req)
+                    .and_then(reqwest::blocking::Response::error_for_status)
+                {
                     Ok(res) => res,
                     Err(err) => {
                         let (kind, err) = match err.status() {
@@ -113,6 +161,11 @@ impl Default for Remote {
                     }
                 };
 
+                let actual_url = res.url().as_str();
+                if actual_url != effective_url.as_str() {
+                    redirected_base_url = redirect::base_url(actual_url, &base_url, url)?.into();
+                }
+
                 let send_headers = {
                     let headers = res.headers();
                     move || -> std::io::Result<()> {
@@ -152,10 +205,24 @@ impl Default for Remote {
 
 /// utilities
 impl Remote {
+    fn restore_thread_after_failure(&mut self) -> http::Error {
+        let err_that_brought_thread_down = self
+            .handle
+            .take()
+            .expect("thread handle present")
+            .join()
+            .expect("handler thread should never panic")
+            .expect_err("something should have gone wrong with curl (we join on error only)");
+        *self = Remote::default();
+        http::Error::InitHttpClient {
+            source: Box::new(err_that_brought_thread_down),
+        }
+    }
+
     fn make_request(
         &mut self,
         url: &str,
-        _base_url: &str,
+        base_url: &str,
         headers: impl IntoIterator<Item = impl AsRef<str>>,
         upload_body_kind: Option<PostBodyDataKind>,
     ) -> Result<http::PostResponse<pipe::Reader, pipe::Reader, pipe::Writer>, http::Error> {
@@ -176,14 +243,19 @@ impl Remote {
                 None => continue,
             };
         }
-        self.request
+        if self
+            .request
             .send(Request {
                 url: url.to_owned(),
+                base_url: base_url.to_owned(),
                 headers: header_map,
                 upload_body_kind,
                 config: self.config.clone(),
             })
-            .expect("the remote cannot be down at this point");
+            .is_err()
+        {
+            return Err(self.restore_thread_after_failure());
+        }
 
         let Response {
             headers,
@@ -192,15 +264,7 @@ impl Remote {
         } = match self.response.recv() {
             Ok(res) => res,
             Err(_) => {
-                let err = self
-                    .handle
-                    .take()
-                    .expect("always present")
-                    .join()
-                    .expect("no panic")
-                    .expect_err("no receiver means thread is down with init error");
-                *self = Self::default();
-                return Err(http::Error::InitHttpClient { source: Box::new(err) });
+                return Err(self.restore_thread_after_failure());
             }
         };
 
@@ -246,6 +310,7 @@ impl http::Http for Remote {
 
 pub(crate) struct Request {
     pub url: String,
+    pub base_url: String,
     pub headers: reqwest::header::HeaderMap,
     pub upload_body_kind: Option<PostBodyDataKind>,
     pub config: http::Options,
diff --git a/vendor/gix-transport/src/client/blocking_io/ssh/mod.rs b/vendor/gix-transport/src/client/blocking_io/ssh/mod.rs
index 7c042dc28..642aab9fd 100644
--- a/vendor/gix-transport/src/client/blocking_io/ssh/mod.rs
+++ b/vendor/gix-transport/src/client/blocking_io/ssh/mod.rs
@@ -8,6 +8,8 @@ use crate::{client::blocking_io, Protocol};
 pub enum Error {
     #[error("The scheme in \"{}\" is not usable for an ssh connection", .0.to_bstring())]
     UnsupportedScheme(gix_url::Url),
+    #[error("Host name '{host}' could be mistaken for a command-line argument")]
+    AmbiguousHostName { host: String },
 }
 
 impl crate::IsSpuriousError for Error {}
@@ -37,12 +39,17 @@ pub mod invocation {
 
     /// The error returned when producing ssh invocation arguments based on a selected invocation kind.
     #[derive(Debug, thiserror::Error)]
-    #[error("The 'Simple' ssh variant doesn't support {function}")]
-    pub struct Error {
-        /// The simple command that should have been invoked.
-        pub command: OsString,
-        /// The function that was unsupported
-        pub function: &'static str,
+    #[allow(missing_docs)]
+    pub enum Error {
+        #[error("Host name '{host}' could be mistaken for a command-line argument")]
+        AmbiguousHostName { host: String },
+        #[error("The 'Simple' ssh variant doesn't support {function}")]
+        Unsupported {
+            /// The simple command that should have been invoked.
+            command: OsString,
+            /// The function that was unsupported
+            function: &'static str,
+        },
     }
 }
 
@@ -105,7 +112,9 @@ pub fn connect(
                 .stdin(Stdio::null())
                 .with_shell()
                 .arg("-G")
-                .arg(url.host().expect("always set for ssh urls")),
+                .arg(url.host_argument_safe().ok_or_else(|| Error::AmbiguousHostName {
+                    host: url.host().expect("set in ssh urls").into(),
+                })?),
         )
         .status()
         .ok()
diff --git a/vendor/gix-transport/src/client/blocking_io/ssh/program_kind.rs b/vendor/gix-transport/src/client/blocking_io/ssh/program_kind.rs
index 5e9d14a82..70905829f 100644
--- a/vendor/gix-transport/src/client/blocking_io/ssh/program_kind.rs
+++ b/vendor/gix-transport/src/client/blocking_io/ssh/program_kind.rs
@@ -31,7 +31,6 @@ impl ProgramKind {
         if disallow_shell {
             prepare.use_shell = false;
         }
-        let host = url.host().expect("present in ssh urls");
         match self {
             ProgramKind::Ssh => {
                 if desired_version != Protocol::V1 {
@@ -54,7 +53,7 @@ impl ProgramKind {
             }
             ProgramKind::Simple => {
                 if url.port.is_some() {
-                    return Err(ssh::invocation::Error {
+                    return Err(ssh::invocation::Error::Unsupported {
                         command: ssh_cmd.into(),
                         function: "setting the port",
                     });
@@ -62,8 +61,18 @@ impl ProgramKind {
             }
         };
         let host_as_ssh_arg = match url.user() {
-            Some(user) => format!("{user}@{host}"),
-            None => host.into(),
+            Some(user) => {
+                let host = url.host().expect("present in ssh urls");
+                format!("{user}@{host}")
+            }
+            None => {
+                let host = url
+                    .host_argument_safe()
+                    .ok_or_else(|| ssh::invocation::Error::AmbiguousHostName {
+                        host: url.host().expect("ssh host always set").into(),
+                    })?;
+                host.into()
+            }
         };
 
         // Try to force ssh to yield english messages (for parsing later)
@@ -107,7 +116,7 @@ impl ProgramKind {
 impl<'a> From<&'a OsStr> for ProgramKind {
     fn from(v: &'a OsStr) -> Self {
         let p = std::path::Path::new(v);
-        match p.file_stem().and_then(|s| s.to_str()) {
+        match p.file_stem().and_then(OsStr::to_str) {
             None => ProgramKind::Simple,
             Some(stem) => {
                 if stem.eq_ignore_ascii_case("ssh") {
diff --git a/vendor/gix-transport/src/client/blocking_io/ssh/tests.rs b/vendor/gix-transport/src/client/blocking_io/ssh/tests.rs
index f0820d14e..4e4da7807 100644
--- a/vendor/gix-transport/src/client/blocking_io/ssh/tests.rs
+++ b/vendor/gix-transport/src/client/blocking_io/ssh/tests.rs
@@ -144,13 +144,28 @@ mod program_kind {
                 assert!(call_args(kind, "ssh://user@host:43/p", Protocol::V2).ends_with("-P 43 user@host"));
             }
         }
+        #[test]
+        fn ambiguous_host_is_allowed_with_user() {
+            assert_eq!(
+                call_args(ProgramKind::Ssh, "ssh://user@-arg/p", Protocol::V2),
+                joined(&["ssh", "-o", "SendEnv=GIT_PROTOCOL", "user@-arg"])
+            );
+        }
+
+        #[test]
+        fn ambiguous_host_is_disallowed() {
+            assert!(matches!(
+                try_call(ProgramKind::Ssh, "ssh://-arg/p", Protocol::V2),
+                Err(ssh::invocation::Error::AmbiguousHostName { host }) if host == "-arg"
+            ));
+        }
 
         #[test]
         fn simple_cannot_handle_any_arguments() {
-            match try_call(ProgramKind::Simple, "ssh://user@host:42/p", Protocol::V2) {
-                Err(ssh::invocation::Error { .. }) => {}
-                _ => panic!("BUG: unexpected outcome"),
-            }
+            assert!(matches!(
+                try_call(ProgramKind::Simple, "ssh://user@host:42/p", Protocol::V2),
+                Err(ssh::invocation::Error::Unsupported { .. })
+            ));
             assert_eq!(
                 call_args(ProgramKind::Simple, "ssh://user@host/p", Protocol::V2),
                 joined(&["simple", "user@host"]),
diff --git a/vendor/gix-transport/src/client/capabilities.rs b/vendor/gix-transport/src/client/capabilities.rs
index 29b5504ba..21513ace6 100644
--- a/vendor/gix-transport/src/client/capabilities.rs
+++ b/vendor/gix-transport/src/client/capabilities.rs
@@ -65,11 +65,11 @@ impl<'a> Capability<'a> {
     /// Note that the caller must know whether a single or multiple values are expected, in which
     /// case [`values()`][Capability::values()] should be called.
     pub fn value(&self) -> Option<&'a BStr> {
-        self.0.splitn(2, |b| *b == b'=').nth(1).map(|s| s.as_bstr())
+        self.0.splitn(2, |b| *b == b'=').nth(1).map(ByteSlice::as_bstr)
     }
     /// Returns the values of a capability if its [`value()`][Capability::value()] is space separated.
     pub fn values(&self) -> Option<impl Iterator<Item = &'a BStr>> {
-        self.value().map(|v| v.split(|b| *b == b' ').map(|s| s.as_bstr()))
+        self.value().map(|v| v.split(|b| *b == b' ').map(ByteSlice::as_bstr))
     }
     /// Returns true if its space-separated [`value()`][Capability::value()] contains the given `want`ed capability.
     pub fn supports(&self, want: impl Into<&'a BStr>) -> Option<bool> {
diff --git a/vendor/gix-transport/src/client/git/mod.rs b/vendor/gix-transport/src/client/git/mod.rs
index 2b950b44a..d27f468ff 100644
--- a/vendor/gix-transport/src/client/git/mod.rs
+++ b/vendor/gix-transport/src/client/git/mod.rs
@@ -165,6 +165,21 @@ mod message {
                 "git-upload-pack hello\\world\0host=host:404\0"
             )
         }
+
+        #[test]
+        fn with_strange_host_and_port() {
+            assert_eq!(
+                git::message::connect(
+                    Service::UploadPack,
+                    Protocol::V1,
+                    b"--upload-pack=attack",
+                    Some(&("--proxy=other-attack".into(), Some(404))),
+                    &[]
+                ),
+                "git-upload-pack --upload-pack=attack\0host=--proxy=other-attack:404\0",
+                "we explicitly allow possible `-arg` arguments to be passed to the git daemon - the remote must protect against exploitation, we don't want to prevent legitimate cases"
+            )
+        }
     }
 }
 
diff --git a/vendor/gix-transport/src/client/non_io_types.rs b/vendor/gix-transport/src/client/non_io_types.rs
index 807b22a8f..a1dbb247c 100644
--- a/vendor/gix-transport/src/client/non_io_types.rs
+++ b/vendor/gix-transport/src/client/non_io_types.rs
@@ -138,6 +138,8 @@ mod error {
         Http(#[from] HttpError),
         #[error(transparent)]
         SshInvocation(SshInvocationError),
+        #[error("The repository path '{path}' could be mistaken for a command-line argument")]
+        AmbiguousPath { path: BString },
     }
 
     impl crate::IsSpuriousError for Error {
diff --git a/vendor/gix-transport/src/lib.rs b/vendor/gix-transport/src/lib.rs
index a098e635a..4ec2ea615 100644
--- a/vendor/gix-transport/src/lib.rs
+++ b/vendor/gix-transport/src/lib.rs
@@ -21,7 +21,6 @@ pub use gix_packetline as packetline;
 /// The version of the way client and server communicate.
 #[derive(Default, PartialEq, Eq, Debug, Hash, Ord, PartialOrd, Clone, Copy)]
 #[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
-#[allow(missing_docs)]
 pub enum Protocol {
     /// Version 0 is like V1, but doesn't show capabilities at all, at least when hosted without `git-daemon`.
     V0 = 0,
@@ -86,10 +85,7 @@ pub use traits::IsSpuriousError;
 pub mod client;
 
 #[doc(inline)]
-#[cfg(any(
-    feature = "blocking-client",
-    all(feature = "async-client", any(feature = "async-std"))
-))]
+#[cfg(any(feature = "blocking-client", all(feature = "async-client", feature = "async-std")))]
 pub use client::connect;
 
 #[cfg(all(feature = "async-client", feature = "blocking-client"))]
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-05-30 18:31:36 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-05-30 18:31:36 +0000
commit	e02c5b5930c2c9ba3e5423fe12e2ef0155017297 (patch)
tree	fd60ebbbb5299e16e5fca8c773ddb74f764760db /vendor/gix-transport
parent	Adding debian version 1.73.0+dfsg1-1. (diff)
download	rustc-e02c5b5930c2c9ba3e5423fe12e2ef0155017297.tar.xz rustc-e02c5b5930c2c9ba3e5423fe12e2ef0155017297.zip