Commit Graph

58798 Commits

Author SHA1 Message Date
Đoàn Trần Công Danh
3919997447 mailinfo: disallow NUL character in mail's header
Signed-off-by: Đoàn Trần Công Danh <congdanhqx@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2020-04-22 14:01:03 -07:00
Đoàn Trần Công Danh
2a2ff60396 mailinfo.c: avoid strlen on strings that can contains NUL
We're passing buffer from strbuf to reencode_string,
which will call strlen(3) on that buffer,
and discard the length of newly created buffer.
Then, we compute the length of the return buffer to attach to strbuf.

During this process, we introduce a discrimination between mail
originally written in utf-8 and other encoding.

* if the email was written in utf-8, we leave it as is. If there is
  a NUL character in that line, we complains loudly:

  	error: a NUL byte in commit log message not allowed.

* if the email was written in other encoding, we truncate the data as
  the NUL character in that line, then we used the truncated line for
  the metadata.

We can do better by reusing all the available information,
and call the underlying lower level function that will be called
indirectly by reencode_string. By doing this, we will also postpone
the NUL character processing to the commit step, which will
complains about the faulty metadata.

Signed-off-by: Đoàn Trần Công Danh <congdanhqx@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2020-04-22 14:01:02 -07:00
Đoàn Trần Công Danh
2ed282cc0d t4254: merge 2 steps of a single test
While we are at it, make sure we run a clean up after testing.
In a later patch, we will test for more corrupted patch.

Signed-off-by: Đoàn Trần Công Danh <congdanhqx@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2020-04-22 14:01:00 -07:00
Jonathan Nieder
af6b65d45e Git 2.26.2
This merges up the security fix from v2.17.5.

Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2020-04-19 16:32:24 -07:00
Jonathan Nieder
7397ca3373 Git 2.25.4
This merges up the security fix from v2.17.5.

Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2020-04-19 16:31:07 -07:00
Jonathan Nieder
b86a4be245 Git 2.24.3
This merges up the security fix from v2.17.5.

Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2020-04-19 16:30:34 -07:00
Jonathan Nieder
f2771efd07 Git 2.23.3
This merges up the security fix from v2.17.5.

Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2020-04-19 16:30:27 -07:00
Jonathan Nieder
c9808fa014 Git 2.22.4
This merges up the security fix from v2.17.5.

Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2020-04-19 16:30:19 -07:00
Jonathan Nieder
9206d27eb5 Git 2.21.3
This merges up the security fix from v2.17.5.

Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2020-04-19 16:30:08 -07:00
Jonathan Nieder
041bc65923 Git 2.20.4
This merges up the security fix from v2.17.5.

Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2020-04-19 16:28:57 -07:00
Jonathan Nieder
76b54ee9b9 Git 2.19.5
This merges up the security fix from v2.17.5.

Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2020-04-19 16:26:41 -07:00
Jonathan Nieder
ba6f0905fd Git 2.18.4
This merges up the security fix from v2.17.5.

Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2020-04-19 16:24:14 -07:00
Jeff King
df5be6dc3f Git 2.17.5
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2020-04-19 16:10:58 -07:00
Jonathan Nieder
1a3609e402 fsck: reject URL with empty host in .gitmodules
Git's URL parser interprets

	https:///example.com/repo.git

to have no host and a path of "example.com/repo.git".  Curl, on the
other hand, internally redirects it to https://example.com/repo.git.  As
a result, until "credential: parse URL without host as empty host, not
unset", tricking a user into fetching from such a URL would cause Git to
send credentials for another host to example.com.

Teach fsck to block and detect .gitmodules files using such a URL to
prevent sharing them with Git versions that are not yet protected.

A relative URL in a .gitmodules file could also be used to trigger this.
The relative URL resolver used for .gitmodules does not normalize
sequences of slashes and can follow ".." components out of the path part
and to the host part of a URL, meaning that such a relative URL can be
used to traverse from a https://foo.example.com/innocent superproject to
a https:///attacker.example.com/exploit submodule. Fortunately,
redundant extra slashes in .gitmodules are rare, so we can catch this by
detecting one after a leading sequence of "./" and "../" components.

Helped-by: Jeff King <peff@peff.net>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Reviewed-by: Jeff King <peff@peff.net>
2020-04-19 16:10:58 -07:00
Jonathan Nieder
e7fab62b73 credential: treat URL with empty scheme as invalid
Until "credential: refuse to operate when missing host or protocol",
Git's credential handling code interpreted URLs with empty scheme to
mean "give me credentials matching this host for any protocol".

Luckily libcurl does not recognize such URLs (it tries to look for a
protocol named "" and fails). Just in case that changes, let's reject
them within Git as well. This way, credential_from_url is guaranteed to
always produce a "struct credential" with protocol and host set.

Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2020-04-19 16:10:58 -07:00
Jonathan Nieder
c44088ecc4 credential: treat URL without scheme as invalid
libcurl permits making requests without a URL scheme specified.  In
this case, it guesses the URL from the hostname, so I can run

	git ls-remote http::ftp.example.com/path/to/repo

and it would make an FTP request.

Any user intentionally using such a URL is likely to have made a typo.
Unfortunately, credential_from_url is not able to determine the host and
protocol in order to determine appropriate credentials to send, and
until "credential: refuse to operate when missing host or protocol",
this resulted in another host's credentials being leaked to the named
host.

Teach credential_from_url_gently to consider such a URL to be invalid
so that fsck can detect and block gitmodules files with such URLs,
allowing server operators to avoid serving them to downstream users
running older versions of Git.

This also means that when such URLs are passed on the command line, Git
will print a clearer error so affected users can switch to the simpler
URL that explicitly specifies the host and protocol they intend.

One subtlety: .gitmodules files can contain relative URLs, representing
a URL relative to the URL they were cloned from.  The relative URL
resolver used for .gitmodules can follow ".." components out of the path
part and past the host part of a URL, meaning that such a relative URL
can be used to traverse from a https://foo.example.com/innocent
superproject to a https::attacker.example.com/exploit submodule.
Fortunately a leading ':' in the first path component after a series of
leading './' and '../' components is unlikely to show up in other
contexts, so we can catch this by detecting that pattern.

Reported-by: Jeff King <peff@peff.net>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Reviewed-by: Jeff King <peff@peff.net>
2020-04-19 16:10:58 -07:00
Jeff King
fe29a9b7b0 credential: die() when parsing invalid urls
When we try to initialize credential loading by URL and find that the
URL is invalid, we set all fields to NULL in order to avoid acting on
malicious input. Later when we request credentials, we diagonse the
erroneous input:

	fatal: refusing to work with credential missing host field

This is problematic in two ways:

- The message doesn't tell the user *why* we are missing the host
  field, so they can't tell from this message alone how to recover.
  There can be intervening messages after the original warning of
  bad input, so the user may not have the context to put two and two
  together.

- The error only occurs when we actually need to get a credential.  If
  the URL permits anonymous access, the only encouragement the user gets
  to correct their bogus URL is a quiet warning.

  This is inconsistent with the check we perform in fsck, where any use
  of such a URL as a submodule is an error.

When we see such a bogus URL, let's not try to be nice and continue
without helpers. Instead, die() immediately. This is simpler and
obviously safe. And there's very little chance of disrupting a normal
workflow.

It's _possible_ that somebody has a legitimate URL with a raw newline in
it. It already wouldn't work with credential helpers, so this patch
steps that up from an inconvenience to "we will refuse to work with it
at all". If such a case does exist, we should figure out a way to work
with it (especially if the newline is only in the path component, which
we normally don't even pass to helpers). But until we see a real report,
we're better off being defensive.

Reported-by: Carlo Arenas <carenas@gmail.com>
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2020-04-19 16:10:58 -07:00
Jonathan Nieder
a2b26ffb1a fsck: convert gitmodules url to URL passed to curl
In 07259e74ec (fsck: detect gitmodules URLs with embedded newlines,
2020-03-11), git fsck learned to check whether URLs in .gitmodules could
be understood by the credential machinery when they are handled by
git-remote-curl.

However, the check is overbroad: it checks all URLs instead of only
URLs that would be passed to git-remote-curl. In principle a git:// or
file:/// URL does not need to follow the same conventions as an http://
URL; in particular, git:// and file:// protocols are not succeptible to
issues in the credential API because they do not support attaching
credentials.

In the HTTP case, the URL in .gitmodules does not always match the URL
that would be passed to git-remote-curl and the credential machinery:
Git's URL syntax allows specifying a remote helper followed by a "::"
delimiter and a URL to be passed to it, so that

	git ls-remote http::https://example.com/repo.git

invokes git-remote-http with https://example.com/repo.git as its URL
argument. With today's checks, that distinction does not make a
difference, but for a check we are about to introduce (for empty URL
schemes) it will matter.

.gitmodules files also support relative URLs. To ensure coverage for the
https based embedded-newline attack, urldecode and check them directly
for embedded newlines.

Helped-by: Jeff King <peff@peff.net>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Reviewed-by: Jeff King <peff@peff.net>
2020-04-19 16:10:58 -07:00
Jeff King
8ba8ed568e credential: refuse to operate when missing host or protocol
The credential helper protocol was designed to be very flexible: the
fields it takes as input are treated as a pattern, and any missing
fields are taken as wildcards. This allows unusual things like:

  echo protocol=https | git credential reject

to delete all stored https credentials (assuming the helpers themselves
treat the input that way). But when helpers are invoked automatically by
Git, this flexibility works against us. If for whatever reason we don't
have a "host" field, then we'd match _any_ host. When you're filling a
credential to send to a remote server, this is almost certainly not what
you want.

Prevent this at the layer that writes to the credential helper. Add a
check to the credential API that the host and protocol are always passed
in, and add an assertion to the credential_write function that speaks
credential helper protocol to be doubly sure.

There are a few ways this can be triggered in practice:

  - the "git credential" command passes along arbitrary credential
    parameters it reads from stdin.

  - until the previous patch, when the host field of a URL is empty, we
    would leave it unset (rather than setting it to the empty string)

  - a URL like "example.com/foo.git" is treated by curl as if "http://"
    was present, but our parser sees it as a non-URL and leaves all
    fields unset

  - the recent fix for URLs with embedded newlines blanks the URL but
    otherwise continues. Rather than having the desired effect of
    looking up no credential at all, many helpers will return _any_
    credential

Our earlier test for an embedded newline didn't catch this because it
only checked that the credential was cleared, but didn't configure an
actual helper. Configuring the "verbatim" helper in the test would show
that it is invoked (it's obviously a silly helper which doesn't look at
its input, but the point is that it shouldn't be run at all). Since
we're switching this case to die(), we don't need to bother with a
helper. We can see the new behavior just by checking that the operation
fails.

We'll add new tests covering partial input as well (these can be
triggered through various means with url-parsing, but it's simpler to
just check them directly, as we know we are covered even if the url
parser changes behavior in the future).

[jn: changed to die() instead of logging and showing a manual
 username/password prompt]

Reported-by: Carlo Arenas <carenas@gmail.com>
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2020-04-19 16:10:58 -07:00
Jeff King
24036686c4 credential: parse URL without host as empty host, not unset
We may feed a URL like "cert:///path/to/cert.pem" into the credential
machinery to get the key for a client-side certificate. That
credential has no hostname field, which is about to be disallowed (to
avoid confusion with protocols where a helper _would_ expect a
hostname).

This means as of the next patch, credential helpers won't work for
unlocking certs. Let's fix that by doing two things:

  - when we parse a url with an empty host, set the host field to the
    empty string (asking only to match stored entries with an empty
    host) rather than NULL (asking to match _any_ host).

  - when we build a cert:// credential by hand, similarly assign an
    empty string

It's the latter that is more likely to impact real users in practice,
since it's what's used for http connections. But we don't have good
infrastructure to test it.

The url-parsing version will help anybody using git-credential in a
script, and is easy to test.

Signed-off-by: Jeff King <peff@peff.net>
Reviewed-by: Taylor Blau <me@ttaylorr.com>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2020-04-19 16:10:57 -07:00
Jeff King
73aafe9bc2 t0300: use more realistic inputs
Many of the tests in t0300 give partial inputs to git-credential,
omitting a protocol or hostname. We're checking only high-level things
like whether and how helpers are invoked at all, and we don't care about
specific hosts. However, in preparation for tightening up the rules
about when we're willing to run a helper, let's start using input that's
a bit more realistic: pretend as if http://example.com is being
examined.

This shouldn't change the point of any of the tests, but do note we have
to adjust the expected output to accommodate this (filling a credential
will repeat back the protocol/host fields to stdout, and the helper
debug messages and askpass prompt will change on stderr).

Signed-off-by: Jeff King <peff@peff.net>
Reviewed-by: Taylor Blau <me@ttaylorr.com>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2020-04-19 16:10:57 -07:00
Jeff King
a88dbd2f8c t0300: make "quit" helper more realistic
We test a toy credential helper that writes "quit=1" and confirms that
we stop running other helpers. However, that helper is unrealistic in
that it does not bother to read its stdin at all.

For now we don't send any input to it, because we feed git-credential a
blank credential. But that will change in the next patch, which will
cause this test to racily fail, as git-credential will get SIGPIPE
writing to the helper rather than exiting because it was asked to.

Let's make this one-off helper more like our other sample helpers, and
have it source the "dump" script. That will read stdin, fixing the
SIGPIPE problem. But it will also write what it sees to stderr. We can
make the test more robust by checking that output, which confirms that
we do run the quit helper, don't run any other helpers, and exit for the
reason we expected.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2020-04-19 16:10:52 -07:00
Junio C Hamano
de49261b05 Git 2.26.1
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2020-03-25 13:07:47 -07:00
Junio C Hamano
274b9cc253 Git 2.26
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2020-03-22 16:50:46 -07:00
Junio C Hamano
55a7568606 Merge branch 'en/rebase-backend'
Test fix.

* en/rebase-backend:
  t3419: prevent failure when run with EXPENSIVE
2020-03-21 13:48:54 -07:00
Junio C Hamano
c452dfa3f8 l10n-2.26.0-rnd2.1
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEET/4dIHc7EQTOoGRdx6TpG3VEeigFAl517OsACgkQx6TpG3VE
 eigLSBAAv4B4qaB2/yI+o9jXu8XympF4uwitPpDUNX7qHOw2or2aPUpft12YOaKW
 qnBZBMRJUrbVJ2DFOMfmCQQnla7D+11QxJlVmpApe2Wtz69OuELIobZW0vqTFtPy
 00ggqBsFEz3WJQF505XdfbZu3TuZQ+hCJ/os6Nb62upCxXs3t8o5Ay9oiDoGsbnK
 Xb2egRslqpCuEJ1fNuDGmepRQSPVKh707pF/SvLnYHECHO4/ywQBCIsp/i86UREc
 m2oGU1j6XlInXaY0N84adHL1MpOGMLm8CQTt4lUfiVbBoeU2flmLUFlJc2pnBBPJ
 Nmp5KO45WQWeo2jDejyTvrUPSZgSfb1gUreSoZwzBfQaUYBKp7H5Y1tIIZbHyVn9
 ItHpDP8XVk8vJOBz43+FUvIHHAgy60pS++zuJBTEqz61A32LLNEgT7pu47TwPirR
 wbO7fbqyaqBHN/aYwmnh5/IoczDbeIelca+dYsenv9jjKdA47r3OVYz7Qq5B4ooB
 7y+pNu+1dGm2RZOzyoI2Ja+JzzWxjR1XSFEvEUp5POa/bLILRbHLd3+g55QEbwCx
 sFAcJ5Kuj1ezgjrqf0Dgqnyo4HkfB5/dY6qT4UwRM5lGjYjXZ7ztIouyy23TuA7H
 43A2CuvGvV/if1Z2UIALuheRHklYG9gcl8TROchHeIGwa6QnyXM=
 =s7gJ
 -----END PGP SIGNATURE-----

Merge tag 'l10n-2.26.0-rnd2.1' of git://github.com/git-l10n/git-po.git

l10n-2.26.0-rnd2.1

* tag 'l10n-2.26.0-rnd2.1' of https://github.com/git-l10n/git-po: (28 commits)
  l10n: tr.po: change file mode to 644
  l10n: de.po: Update German translation for Git 2.26.0
  l10n: de.po: add missing space
  l10n: tr: Fix a couple of ambiguities
  l10n: Update Catalan translation
  l10n: sv.po: Update Swedish translation (4839t0f0u)
  l10n: zh_CN: Revise v2.26.0 translation
  l10n: zh_CN: for git v2.26.0 l10n round 1 and 2
  l10n: vi(4839t): Updated Vietnamese translation for v2.26.0
  l10n: vi: fix translation + grammar
  l10n: zh_TW.po: v2.26.0 round 2 (0 untranslated)
  l10n: zh_TW.po: v2.26.0 round 1 (11 untranslated)
  l10n: it.po: update the Italian translation for Git 2.26.0 round 2
  l10n: es: 2.26.0 round#2
  l10n: bg.po: Updated Bulgarian translation (4839t)
  l10n: tr: v2.26.0 round 2
  l10n: fr : v2.26.0 rnd 2
  l10n: git.pot: v2.26.0 round 2 (7 new, 2 removed)
  l10n: tr: Add glossary for Turkish translations
  l10n: sv.po: Update Swedish translation (4835t0f0u)
  ...
2020-03-21 12:12:28 -07:00
Jiang Xin
1557364fb4 l10n: tr.po: change file mode to 644
Signed-off-by: Jiang Xin <worldhello.net@gmail.com>
2020-03-21 18:26:56 +08:00
brian m. carlson
2da1b05674 t3419: prevent failure when run with EXPENSIVE
This test runs a function which itself runs several assertions.  The
last of these assertions cleans up the .git/rebase-apply directory,
since when run with EXPENSIVE set, the function is invoked a second time
to run the same tests with a larger data set.

However, as of 2ac0d6273f ("rebase: change the default backend from "am"
to "merge"", 2020-02-15), the default backend of rebase has changed, and
cleaning up the rebase-apply directory has no effect: it no longer
exists, since we're using rebase-merge instead.

Since we don't really care which rebase backend is in use, let's just
use the command "git rebase --quit", which will do the right thing
regardless.

Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2020-03-20 15:25:24 -07:00
Matthias Rüster
1ae3a389c7 l10n: de.po: Update German translation for Git 2.26.0
Signed-off-by: Matthias Rüster <matthias.ruester@gmail.com>
Reviewed-by: Ralf Thielow <ralf.thielow@gmail.com>
Reviewed-by: Phillip Szelat <phillip.szelat@gmail.com>
2020-03-20 12:19:22 +01:00
Ralf Thielow
5804c6ec40 l10n: de.po: add missing space
Signed-off-by: Ralf Thielow <ralf.thielow@gmail.com>
2020-03-20 10:45:37 +01:00
Junio C Hamano
98cedd0233 Merge https://github.com/prati0100/git-gui
* 'master' of https://github.com/prati0100/git-gui:
  git-gui: create a new namespace for chord script evaluation
  git-gui: reduce Tcl version requirement from 8.6 to 8.5
  git-gui--askpass: coerce answers to UTF-8 on Windows
  git-gui: fix error popup when doing blame -> "Show History Context"
  git-gui: add missing close bracket
  git-gui: update German translation
  git-gui: extend translation glossary template with more terms
  git-gui: update pot template and German translation to current source code
2020-03-19 16:06:51 -07:00
Emir Sarı
4914ba4bcf l10n: tr: Fix a couple of ambiguities
Signed-off-by: Emir Sarı <bitigchi@me.com>
2020-03-20 01:36:24 +03:00
Pratyush Yadav
a5728022e0 Merge branch 'py/remove-tcloo'
Reduce the Tcl version requirement to 8.5 to allow git-gui to run on
MacOS distributions like High Sierra. While here, fix a potential
variable name collision.

* py/remove-tcloo:
  git-gui: create a new namespace for chord script evaluation
  git-gui: reduce Tcl version requirement from 8.6 to 8.5
2020-03-19 21:29:19 +05:30
Elijah Newren
7fcb965970 RelNotes/2.26.0: fix various typos
Signed-off-by: Elijah Newren <newren@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2020-03-18 15:42:37 -07:00
Jordi Mas
f0c03bcf95 l10n: Update Catalan translation
Signed-off-by: Jordi Mas <jmas@softcatala.org>
2020-03-18 20:24:20 +01:00
Junio C Hamano
67b0a24910 Git 2.25.3
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2020-03-17 18:12:01 -07:00
Junio C Hamano
be8661a328 Git 2.25.2
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE4fA2sf7nIh/HeOzvsLXohpav5ssFAl5xSg0ACgkQsLXohpav
 5suNcw//cAfPWi2SU7zYNfylcBew7r21WQpqRvip+0s5vc5Pgj8tZEsFTDCl4ARR
 0W7yaAoR4te/imLkGnij6tvEmuJMb+McQJYKQA5EqrkigloEy36dCYrDbA/saRa1
 SSXp6P4zwl4iAPYa31AIZImhnI1a3pIzv3aYKEA3ecCG++vPxeW5a7frqIggvMJG
 g1SvCsjEqU6agRCePKjBZ6rbl7OJMnZGt+mfW1ymfCu+37NC5ubC3vSsAcy4SqVA
 KVmwe63NygnxczGvda/J4q2FO/Qb4OyvItdtrHMGwoy1MkldFCebmfkd+HBHHo5f
 Pg5lWcgf91YtEw98DSHRlFbXwMokxac8fiIX+X4m742Nu61BVgHff+EOJNeVuiV3
 xe1ks51BQP6S6IZBXNg0CndmfVls8lbnWomfuYpLPraLRAGHm7eoTJz6/J0FnbVt
 LkDvKG7kyYcqswAlMKcSjQkxdzYg9lJPxM7KOaNF6XmKDnV4KJNBeu+1q456c9OF
 e10tiqQRyXwPPXxJtLcCCiAtb1oua7D9OPmBSYxXvoTeOqq3HtVuOVdQGJXpYvqV
 oGjx738AvFPXnsSybca+gkxAWzC6fDbyIJfqFO3dIIgsHqbyYQPRlrUG+4vPG9wc
 UZdK3XMNQ3K+EPABV0LhbgC0B7dU2n5NmKLNWF4TsZ/If5cySiU=
 =RZCX
 -----END PGP SIGNATURE-----

Sync with Git 2.25.2

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2020-03-17 15:27:15 -07:00
Junio C Hamano
0822e66b5d Git 2.25.2
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2020-03-17 15:06:37 -07:00
Beat Bolli
65588b0b2e unicode: update the width tables to Unicode 13.0
Now that Unicode 13.0 has been announced[0], update the character
width tables to the new version.

[0] https://home.unicode.org/announcing-the-unicode-standard-version-13-0/

Signed-off-by: Beat Bolli <dev+git@drbeat.li>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2020-03-17 15:06:37 -07:00
Junio C Hamano
7be274b0ff Merge branch 'js/ci-windows-update' into maint
Updates to the CI settings.

* js/ci-windows-update:
  Azure Pipeline: switch to the latest agent pools
  ci: prevent `perforce` from being quarantined
  t/lib-httpd: avoid using macOS' sed
2020-03-17 15:02:26 -07:00
Junio C Hamano
9a75ecda1b Merge branch 'jk/run-command-formatfix' into maint
Code style cleanup.

* jk/run-command-formatfix:
  run-command.h: fix mis-indented struct member
2020-03-17 15:02:26 -07:00
Junio C Hamano
221887a492 Merge branch 'jk/doc-credential-helper' into maint
Docfix.

* jk/doc-credential-helper:
  doc: move credential helper info into gitcredentials(7)
2020-03-17 15:02:26 -07:00
Junio C Hamano
32fc2c6dd6 Merge branch 'js/mingw-open-in-gdb' into maint
Dev support.

* js/mingw-open-in-gdb:
  mingw: add a helper function to attach GDB to the current process
2020-03-17 15:02:25 -07:00
Junio C Hamano
fe0d2c8ddb Merge branch 'js/test-unc-fetch' into maint
Test updates.

* js/test-unc-fetch:
  t5580: test cloning without file://, test fetching via UNC paths
2020-03-17 15:02:25 -07:00
Junio C Hamano
618db3621a Merge branch 'js/test-write-junit-xml-fix' into maint
Testfix.

* js/test-write-junit-xml-fix:
  tests: fix --write-junit-xml with subshells
2020-03-17 15:02:25 -07:00
Junio C Hamano
50e1b4166f Merge branch 'en/simplify-check-updates-in-unpack-trees' into maint
Code simplification.

* en/simplify-check-updates-in-unpack-trees:
  unpack-trees: exit check_updates() early if updates are not wanted
2020-03-17 15:02:25 -07:00
Junio C Hamano
fda2baffd2 Merge branch 'jc/doc-single-h-is-for-help' into maint
Both "git ls-remote -h" and "git grep -h" give short usage help,
like any other Git subcommand, but it is not unreasonable to expect
that the former would behave the same as "git ls-remote --head"
(there is no other sensible behaviour for the latter).  The
documentation has been updated in an attempt to clarify this.

* jc/doc-single-h-is-for-help:
  Documentation: clarify that `-h` alone stands for `help`
2020-03-17 15:02:24 -07:00
Junio C Hamano
41d910ea6c Merge branch 'hd/show-one-mergetag-fix' into maint
"git show" and others gave an object name in raw format in its
error output, which has been corrected to give it in hex.

* hd/show-one-mergetag-fix:
  show_one_mergetag: print non-parent in hex form.
2020-03-17 15:02:24 -07:00
Junio C Hamano
2d7247af6f Merge branch 'am/mingw-poll-fix' into maint
MinGW's poll() emulation has been improved.

* am/mingw-poll-fix:
  mingw: workaround for hangs when sending STDIN
2020-03-17 15:02:24 -07:00
Junio C Hamano
4e730fcd18 Merge branch 'hi/gpg-use-check-signature' into maint
"git merge signed-tag" while lacking the public key started to say
"No signature", which was utterly wrong.  This regression has been
reverted.

* hi/gpg-use-check-signature:
  Revert "gpg-interface: prefer check_signature() for GPG verification"
2020-03-17 15:02:23 -07:00