Commit Graph

67330 Commits

Author SHA1 Message Date
Jiang Xin
e7022fcdb5 Merge branch 'l10n/zh_TW/220623' of github.com:l10n-tw/git-po
* 'l10n/zh_TW/220623' of github.com:l10n-tw/git-po:
  l10n: zh_TW: v2.37.0 round 1
2022-06-26 13:54:26 +08:00
Yi-Jyun Pan
c9d5deafe2
l10n: zh_TW: v2.37.0 round 1
Signed-off-by: Yi-Jyun Pan <pan93412@gmail.com>
2022-06-25 21:21:57 +08:00
Jiang Xin
0015f897e5 Merge branch 'master' of github.com:vnwildman/git
* 'master' of github.com:vnwildman/git:
  l10n: vi(5367t): Updated translation
2022-06-25 11:01:20 +08:00
Tran Ngoc Quan
84189f4d15 l10n: vi(5367t): Updated translation
Signed-off-by: Tran Ngoc Quan <vnwildman@gmail.com>
2022-06-25 08:40:42 +07:00
Jean-Noël Avila
305136b4ff l10n: fr v2.37 round 1
Signed-off-by: Jean-Noël Avila <jn.avila@free.fr>
2022-06-24 21:59:53 +02:00
Jordi Mas
a54f9fb9f5 l10n: Update Catalan translation
Signed-off-by: Jordi Mas <jmas@softcatala.org>
2022-06-24 13:30:45 +02:00
Junio C Hamano
39c15e4855 Merge branch 'ab/credentials-in-url-more'
* ab/credentials-in-url-more:
  Documentation/config/transfer.txt: fix typo
2022-06-23 13:22:35 -07:00
Taylor Blau
bcb6cdfc03 Documentation/config/transfer.txt: fix typo
Commit 7281c196b1 (transfer doc: move fetch.credentialsInUrl to
"transfer" config namespace, 2022-06-15) propagates a typo from
6dcbdc0d66 (remote: create fetch.credentialsInUrl config, 2022-06-06),
where "other" is misspelled as "oher". Fix the typo accordingly.

Signed-off-by: Taylor Blau <me@ttaylorr.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2022-06-23 12:43:29 -07:00
Tao Klerks
8cdab69d96 rev-parse: documentation adjustment - mention remote tracking with @{u}
The documentation explained the conversion from remote branch path to
local tracking ref path for @{push}, but not for @{upstream}.

Add the explanation to @{upstream}, and reference it in @{push} to avoid
undue repetition.

Signed-off-by: Tao Klerks <tao@klerks.biz>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2022-06-23 08:35:09 -07:00
Jiang Xin
7d7192b91f Merge branch 'po-id' of github.com:bagasme/git-po
* 'po-id' of github.com:bagasme/git-po:
  l10n: po-id for 2.37 (first batch)
2022-06-23 21:01:47 +08:00
Johannes Schindelin
fd59c5bdee Git 2.36.2
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2022-06-23 12:40:44 +02:00
Johannes Schindelin
8f8eea8c3a Sync with 2.35.4
* maint-2.35:
  Git 2.35.4
  Git 2.34.4
  Git 2.33.4
  Git 2.32.3
  Git 2.31.4
  Git 2.30.5
  setup: tighten ownership checks post CVE-2022-24765
  git-compat-util: allow root to access both SUDO_UID and root owned
  t0034: add negative tests and allow git init to mostly work under sudo
  git-compat-util: avoid failing dir ownership checks if running privileged
  t: regression git needs safe.directory when using sudo
2022-06-23 12:36:12 +02:00
Johannes Schindelin
359da658ae Git 2.35.4
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2022-06-23 12:36:05 +02:00
Johannes Schindelin
aef3d5948c Sync with 2.34.4
* maint-2.34:
  Git 2.34.4
  Git 2.33.4
  Git 2.32.3
  Git 2.31.4
  Git 2.30.5
  setup: tighten ownership checks post CVE-2022-24765
  git-compat-util: allow root to access both SUDO_UID and root owned
  t0034: add negative tests and allow git init to mostly work under sudo
  git-compat-util: avoid failing dir ownership checks if running privileged
  t: regression git needs safe.directory when using sudo
2022-06-23 12:36:03 +02:00
Johannes Schindelin
f2eed22852 Git 2.34.4
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2022-06-23 12:35:49 +02:00
Johannes Schindelin
378eaded1a Sync with 2.33.4
* maint-2.33:
  Git 2.33.4
  Git 2.32.3
  Git 2.31.4
  Git 2.30.5
  setup: tighten ownership checks post CVE-2022-24765
  git-compat-util: allow root to access both SUDO_UID and root owned
  t0034: add negative tests and allow git init to mostly work under sudo
  git-compat-util: avoid failing dir ownership checks if running privileged
  t: regression git needs safe.directory when using sudo
2022-06-23 12:35:47 +02:00
Johannes Schindelin
80c525c4ac Git 2.33.4
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2022-06-23 12:35:41 +02:00
Johannes Schindelin
eebfde3f21 Sync with 2.32.3
* maint-2.32:
  Git 2.32.3
  Git 2.31.4
  Git 2.30.5
  setup: tighten ownership checks post CVE-2022-24765
  git-compat-util: allow root to access both SUDO_UID and root owned
  t0034: add negative tests and allow git init to mostly work under sudo
  git-compat-util: avoid failing dir ownership checks if running privileged
  t: regression git needs safe.directory when using sudo
2022-06-23 12:35:38 +02:00
Johannes Schindelin
656d9a24f6 Git 2.32.3
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2022-06-23 12:35:32 +02:00
Johannes Schindelin
fc0c773028 Sync with 2.31.4
* maint-2.31:
  Git 2.31.4
  Git 2.30.5
  setup: tighten ownership checks post CVE-2022-24765
  git-compat-util: allow root to access both SUDO_UID and root owned
  t0034: add negative tests and allow git init to mostly work under sudo
  git-compat-util: avoid failing dir ownership checks if running privileged
  t: regression git needs safe.directory when using sudo
2022-06-23 12:35:30 +02:00
Johannes Schindelin
5b1c746c35 Git 2.31.4
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2022-06-23 12:35:25 +02:00
Johannes Schindelin
2f8809f9a1 Sync with 2.30.5
* maint-2.30:
  Git 2.30.5
  setup: tighten ownership checks post CVE-2022-24765
  git-compat-util: allow root to access both SUDO_UID and root owned
  t0034: add negative tests and allow git init to mostly work under sudo
  git-compat-util: avoid failing dir ownership checks if running privileged
  t: regression git needs safe.directory when using sudo
2022-06-23 12:35:23 +02:00
Johannes Schindelin
88b7be68a4 Git 2.30.5
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2022-06-23 12:31:05 +02:00
Carlo Marcelo Arenas Belón
3b0bf27049 setup: tighten ownership checks post CVE-2022-24765
8959555cee (setup_git_directory(): add an owner check for the top-level
directory, 2022-03-02), adds a function to check for ownership of
repositories using a directory that is representative of it, and ways to
add exempt a specific repository from said check if needed, but that
check didn't account for owership of the gitdir, or (when used) the
gitfile that points to that gitdir.

An attacker could create a git repository in a directory that they can
write into but that is owned by the victim to work around the fix that
was introduced with CVE-2022-24765 to potentially run code as the
victim.

An example that could result in privilege escalation to root in *NIX would
be to set a repository in a shared tmp directory by doing (for example):

  $ git -C /tmp init

To avoid that, extend the ensure_valid_ownership function to be able to
check for all three paths.

This will have the side effect of tripling the number of stat() calls
when a repository is detected, but the effect is expected to be likely
minimal, as it is done only once during the directory walk in which Git
looks for a repository.

Additionally make sure to resolve the gitfile (if one was used) to find
the relevant gitdir for checking.

While at it change the message printed on failure so it is clear we are
referring to the repository by its worktree (or gitdir if it is bare) and
not to a specific directory.

Helped-by: Junio C Hamano <junio@pobox.com>
Helped-by: Johannes Schindelin <Johannes.Schindelin@gmx.de>
Signed-off-by: Carlo Marcelo Arenas Belón <carenas@gmail.com>
2022-06-23 12:31:05 +02:00
Junio C Hamano
b779214eaf Merge branch 'cb/path-owner-check-with-sudo'
With a recent update to refuse access to repositories of other
people by default, "sudo make install" and "sudo git describe"
stopped working.  This series intends to loosen it while keeping
the safety.

* cb/path-owner-check-with-sudo:
  t0034: add negative tests and allow git init to mostly work under sudo
  git-compat-util: avoid failing dir ownership checks if running privileged
  t: regression git needs safe.directory when using sudo

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2022-06-23 12:31:04 +02:00
Bagas Sanjaya
c38261e7d9 l10n: po-id for 2.37 (first batch)
Update following components:

  - apply.c
  - builtin/bisect--helper.c
  - builtin/fetch.c
  - builtin/fsck.c
  - builtin/log.c
  - builtin/notes.c
  - builtin/push.c
  - builtin/submodule--helper.c
  - builtin/worktree.c
  - index-pack.c
  - init-db.c
  - remote.c

Translate following new components:

  - attr.c
  - builtin/name-rev.c
  - builtin/pack-objects.c
  - builtin/pack-refs.c
  - builtin/prune.c
  - builtin/update-server-info.c
  - object-file.c
  - object-name.c
  - object.c
  - pack-bitmap.c
  - pack-mtimes.c
  - pack-revindex.c
  - pack-write.c
  - packfile.c

Besides above, fix minor grammatical issues.

Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
2022-06-23 15:46:02 +07:00
Emir SARI
160071c38f l10n: tr: v2.37.0 round #1
Signed-off-by: Emir SARI <emir_sari@icloud.com>
2022-06-23 09:47:23 +03:00
Jiang Xin
aa6bc5c581 Merge branch 'master' of github.com:ruester/git-po-de
* 'master' of github.com:ruester/git-po-de:
  l10n: TEAMS: Change German translation team leader
  l10n: de.po: Update German translation
2022-06-23 10:45:03 +08:00
Jiang Xin
241dd998bf Merge branch 'master' of github.com:alshopov/git-po
* 'master' of github.com:alshopov/git-po:
  l10n: bg.po: Updated Bulgarian translation (5367t)
2022-06-23 10:44:43 +08:00
Jiang Xin
bf34edf48c Merge branch 'fz/po-zh_CN' of github.com:fangyi-zhou/git-po
* 'fz/po-zh_CN' of github.com:fangyi-zhou/git-po:
  l10n: zh_CN: v2.37.0 round 1
2022-06-23 10:44:30 +08:00
Arthur Milchior
1b51ae591e l10n: README: fix typo
This 10-year old typo was introduced at 75b182ae (Update l10n guide:
change the repository URL, etc, 2012-03-02). The word "l10" should be
"l10n".

Signed-off-by: Arthur Milchior <arthur@milchior.fr>
Signed-off-by: Jiang Xin <worldhello.net@gmail.com>
2022-06-23 10:43:17 +08:00
Jeff King
5fd9d1738e revisions.txt: escape "..." to avoid asciidoc horizontal ellipsis
In asciidoc's HTML output of the "gitrevisions" and "git-rev-parse"
documentation, the header:

  The ... (three-dot) Symmetric Difference Notation

is rendered using "&8230;", a horizontal ellipsis. This is visually
ugly, but also hard to search for or cut-and-paste. We really mean three
ascii dots (0x2e) here, so let's make sure it renders as such.

The simplest way to do that is just escaping the leading dot, as the
instances in the rest of the section do. Arguably this should all be
converted to use backticks, which would let us drop the quoting here and
elsewhere (e.g., {carat}). But that does change the rendering slightly.
So let's fix the bug first, and we can decide on migrating the whole
section separately.

Note that this produces an empty doc-diff of the manpages. Curiously,
asciidoc produces the same ellipsis entity in the XML file, but docbook
then converts it back into three literal dots for the roff output! So
the roff manpages have been correct all along (which may be a reason
nobody noticed this until now).

Reported-by: Arthur Milchior
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2022-06-22 16:49:45 -07:00
Matthias Rüster
0411e8aa31 l10n: TEAMS: Change German translation team leader
Signed-off-by: Matthias Rüster <matthias.ruester@gmail.com>
Signed-off-by: Ralf Thielow <ralf.thielow@gmail.com>
2022-06-22 19:19:14 +02:00
Matthias Rüster
13608fdcfb l10n: de.po: Update German translation
Reviewed-by: Ralf Thielow <ralf.thielow@gmail.com>
Signed-off-by: Matthias Rüster <matthias.ruester@gmail.com>
2022-06-22 19:19:14 +02:00
Junio C Hamano
f770e9f396 Git 2.37-rc2
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2022-06-22 09:07:56 -07:00
Junio C Hamano
b9e4d89ca4 Merge branch 'tb/cruft-packs'
Docfix.

* tb/cruft-packs:
  gc: simplify --cruft description
2022-06-22 09:06:37 -07:00
Alexander Shopov
4ab814526e l10n: bg.po: Updated Bulgarian translation (5367t)
Signed-off-by: Alexander Shopov <ash@kambanaria.org>
2022-06-22 15:45:12 +02:00
Fangyi Zhou
db2558009c
l10n: zh_CN: v2.37.0 round 1
Reviewed-by: Jiang Xin <worldhello.net@gmail.com>
Signed-off-by: Fangyi Zhou <me@fangyi.io>
2022-06-22 10:28:36 +01:00
Jiang Xin
ce51ed5195 Merge branch 'master' of github.com:git/git
* 'master' of github.com:git/git:
  name-rev: prefix annotate-stdin with '--' in message
  git-prompt: fix expansion of branch colour codes
  git-prompt: make colourization consistent
2022-06-22 15:46:22 +08:00
Goss Geppert
d6c9a71755 dir: minor refactoring / clean-up
Narrow the scope of the `nested_repo` variable and conditional return
statement to the block where the variable is set.

Signed-off-by: Goss Geppert <ggossdev@gmail.com>
Reviewed-by: Elijah Newren <newren@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2022-06-21 22:47:33 -07:00
Goss Geppert
27128996b8 dir: traverse into repository
Since 8d92fb2927 (dir: replace exponential algorithm with a linear one,
2020-04-01) traversing into a repository's directory tree when the
traversal began outside the repository's standard location has failed
because the encountered repository was identified as a nested foreign
repository.

Prior to this commit, the failure to traverse into a repository's
default worktree location was observable from a user's perspective under
either of the following conditions (there may be others):

    1) Set the `core.worktree` location to a parent directory of the
       default worktree; or
    2) Use the `--git_dir` option while the working directory is outside
       the repository's default worktree location

Under either of these conditions, symptoms of the failure to traverse
into the repository's default worktree location include the inability to
add files to the index or get a list of untracked files via ls-files.

This commit adds a check to determine whether a nested repository that
is encountered in recursing a path is actually `the_repository`.  If so,
we simply treat the directory as if it doesn't contain a nested
repository.

The commit includes test-cases to reduce the likelihood of future
regressions.

Signed-off-by: Goss Geppert <ggossdev@gmail.com>
Reviewed-by: Elijah Newren <newren@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2022-06-21 22:47:33 -07:00
Derrick Stolee
2ffb7d13ee t5510: replace 'origin' with URL more carefully
The many test_configured_prune tests in t5510-fetch.sh test many
combinations of --prune, --prune-tags, and using 'origin' or an explicit
URL. Some machinery was introduced in e1790f9245 (fetch tests: fetch
<url> <spec> as well as fetch [<remote>], 2018-02-09) to replace
'origin' with this explicit URL. This URL is a "file:///" URL for the
root of the $TRASH_DIRECTORY.

However, if the current build tree has an '@' symbol, the
replacement using perl fails. It drops the '@' as well as anything
else in that directory name.  You can observe this locally by
cloning git.git into a "victim@03" directory and running the test
script.

As we are writing in Perl anyway, pass in the shell variables involved
to the script as arguments and perform necessary string transformations
inside it, instead of assuming that it is sufficient to enclose the
$remote_url variable inside a pair of single quotes.

Reported-by: Randall Becker <rsbecker@nexbridge.com>
Original-patch-by: Derrick Stolee <derrickstolee@github.com>
Helped-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2022-06-21 10:35:38 -07:00
Richard Oliver
817b0f6027 mktree: do not check type of remote objects
With 31c8221a (mktree: validate entry type in input, 2009-05-14), we
called the sha1_object_info() API to obtain the type information, but
allowed the call to silently fail when the object was missing locally,
so that we can sanity-check the types opportunistically when the
object did exist.

The implementation is understandable because back then there was no
lazy/on-demand downloading of individual objects from the promisor
remotes that causes a long delay and materializes the object, hence
defeating the point of using "--missing".  The design is hurting us
now.

We could bypass the opportunistic type/mode consistency check
altogether when "--missing" is given, but instead, use the
oid_object_info_extended() API and tell it that we are only interested
in objects that locally exist and are immediately available by passing
OBJECT_INFO_SKIP_FETCH_OBJECT bit to it.  That way, we will still
retain the cheap and opportunistic sanity check for local objects.

Signed-off-by: Richard Oliver <roliver@roku.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2022-06-21 10:12:15 -07:00
Junio C Hamano
ddbc07872e Merge branch 'jp/prompt-clear-before-upstream-mark'
Bash command line prompt (in contrib/) update.

* jp/prompt-clear-before-upstream-mark:
  git-prompt: fix expansion of branch colour codes
  git-prompt: make colourization consistent
2022-06-21 10:07:50 -07:00
Dimitriy Ryazantcev
a1fd2cf8cd i18n: mark message helpers prefix for translation
Some messages prefixes like 'usage:'/'fatal:'/'warning:'/'error:'
were not translated.

Signed-off-by: Dimiytriy Ryazantcev <dimitriy.ryazantcev@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2022-06-21 10:06:54 -07:00
René Scharfe
cfb19ae05f combine-diff: abort if --output is given
The code for combined diffs currently only writes to stdout.  Abort and
report that fact instead of silently ignoring the --output option.  The
(empty) output file has already been created at that point, though.

Reported-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: René Scharfe <l.s.r@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2022-06-21 09:56:33 -07:00
René Scharfe
e3d1be4237 combine-diff: abort if --ignore-matching-lines is given
The code for combined diffs doesn't currently support ignoring changes
that match a regex.  Abort and report that fact instead of running into
a segfault.

Signed-off-by: René Scharfe <l.s.r@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2022-06-21 09:56:30 -07:00
René Scharfe
378b51993a gc: simplify --cruft description
Remove duplicate "loose objects".

Signed-off-by: René Scharfe <l.s.r@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2022-06-21 08:58:04 -07:00
Alexander Shopov
325240dfd7 name-rev: prefix annotate-stdin with '--' in message
This is an option rather than command.  Make the message convey this
similar to the other messages in the file.

Signed-off-by: Alexander Shopov <ash@kambanaria.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2022-06-20 16:20:45 -07:00
Jiang Xin
74e34a0ee2 Merge branch 'master' of github.com:git/git
* 'master' of github.com:git/git: (22 commits)
  Git 2.37-rc1
  git-compat-util: allow root to access both SUDO_UID and root owned
  i18n: fix mismatched camelCase config variables
  Another batch of fixes before -rc1
  bug_fl(): correctly initialize trace2 va_list
  relative_url(): fix incorrect condition
  pack-mtimes: avoid closing a bogus file descriptor
  read_index_from(): avoid memory leak
  submodule--helper: avoid memory leak when fetching submodules
  submodule-config: avoid memory leak
  fsmonitor: avoid memory leak in `fsm_settings__get_incompatible_msg()`
  cache-tree: remove cache_tree_find_path()
  pack-write: drop always-NULL parameter
  t5329: test 'git gc --cruft' without '--prune=now'
  t2107: test 'git update-index --verbose'
  perf-lib: fix missing test titles in output
  transfer doc: move fetch.credentialsInUrl to "transfer" config namespace
  fetch doc: note "pushurl" caveat about "credentialsInUrl", elaborate
  ci(github): also mark up compile errors
  ci(github): use grouping also in the `win-build` job
  ...
2022-06-18 14:02:07 +08:00