Git with broken hash generation to generate collisions between object IDs. Don't use this! https://undefinedbehavior.de/posts/commit-vandalism/
Go to file
Junio C Hamano 3be4b61aa4 Link with -lcrypto instead of -lssl when using openssl libraries.
Mark Allen had trouble with building GIT on his Darwin and
posted a patch to link with -lcrypto instead of -lssl on Darwin.
Later Daniel Barkalow suggested to change it for everybody who
uses openssl, because the relevant functionality is in -lcrypto
not in -lssl, and the current linking happens to work only
because -lssl pulls in -lcrypto.

Signed-off-by: Junio C Hamano <junkio@cox.net>
2005-05-10 13:25:27 -07:00
Documentation Rename environment variables. 2005-05-09 17:57:56 -07:00
mozilla-sha1 Add support for alternate SHA1 library implementations. 2005-04-21 12:33:22 -07:00
ppc [PATCH] PPC assembly implementation of SHA1 2005-04-22 23:08:43 -07:00
blob.c [PATCH] don't load and decompress objects twice with parse_object() 2005-05-06 11:02:01 -07:00
blob.h [PATCH] don't load and decompress objects twice with parse_object() 2005-05-06 11:02:01 -07:00
cache.h Introduce GIT_DIR environment variable. 2005-05-09 22:57:58 -07:00
cat-file.c [PATCH] git-export complains about mising cat-file 2005-05-01 21:23:04 -07:00
check-files.c [PATCH] git and symlinks as tracked content 2005-05-05 08:23:01 -07:00
checkout-cache.c Date: Thu Apr 14 08:26:38 2005 +0200 2005-05-07 01:32:24 -07:00
commit-tree.c Rename environment variables. 2005-05-09 17:57:56 -07:00
commit.c [PATCH] don't load and decompress objects twice with parse_object() 2005-05-06 11:02:01 -07:00
commit.h [PATCH] don't load and decompress objects twice with parse_object() 2005-05-06 11:02:01 -07:00
convert-cache.c [PATCH] Fix warning in convert-cache 2005-05-02 14:56:39 -07:00
COPYING Add a COPYING notice, making it explicit that the license is GPLv2. 2005-04-11 10:18:16 -07:00
date.c date.c: add "show_date()" function. 2005-05-06 15:28:59 -07:00
diff-cache.c Fix usage string of git-diff-cache and add documentation of -m flag. 2005-05-07 01:11:00 -07:00
diff-files.c [PATCH] fix compare symlink against readlink not data 2005-05-06 08:41:12 -07:00
diff-tree-helper.c [PATCH] Add #include <limits.h> so that git compiles under Solaris 2005-05-07 12:32:21 -07:00
diff-tree.c diff-tree: add author/date information to the verbose output 2005-05-06 15:33:59 -07:00
diff.c Rename environment variables. 2005-05-09 17:57:56 -07:00
diff.h Optimize diff-cache -p --cached 2005-05-04 01:45:24 -07:00
export.c [PATCH] git-export complains about mising cat-file 2005-05-01 21:23:04 -07:00
fsck-cache.c Notice tree objects with duplicate entries. 2005-05-07 14:43:32 -07:00
get-tar-commit-id.c [PATCH] GIT: Create tar archives of tree on the fly 2005-04-29 19:51:04 -07:00
git-apply-patch-script Fix thinko in the logic to refuse unmerged path fed to git-apply-patch-script. 2005-05-07 00:48:00 -07:00
git-merge-one-file-script Use backticks in git-merge-one-file-script instead of $(command). 2005-05-07 12:26:15 -07:00
git-prune-script Introduce GIT_DIR environment variable. 2005-05-09 22:57:58 -07:00
git-pull-script Introduce GIT_DIR environment variable. 2005-05-09 22:57:58 -07:00
git-resolve-script Introduce GIT_DIR environment variable. 2005-05-09 22:57:58 -07:00
git-tag-script Introduce GIT_DIR environment variable. 2005-05-09 22:57:58 -07:00
gitenv.c Rename environment variables. 2005-05-09 17:57:56 -07:00
http-pull.c Implement -v (verbose) option for pull methods other than local transport. 2005-05-06 01:37:21 -07:00
init-db.c Introduce GIT_DIR environment variable. 2005-05-09 22:57:58 -07:00
local-pull.c Do not report size of the object that cannot be written in local-pull.c 2005-05-09 23:48:21 -07:00
ls-files.c Steal -t option to git-ls-files from Cogito fork. 2005-05-06 02:00:45 -07:00
ls-tree.c [PATCH] Do not initialize sha1_file_directory by hand. 2005-05-06 17:00:20 -07:00
Makefile Link with -lcrypto instead of -lssl when using openssl libraries. 2005-05-10 13:25:27 -07:00
merge-base.c Add "get_sha1()" helper function. 2005-05-01 16:36:56 -07:00
merge-cache.c [PATCH] make file merging respect permissions 2005-04-23 20:50:10 -07:00
mktag.c Rename git core commands to be "git-xxxx" to avoid name clashes. 2005-04-29 14:09:11 -07:00
object.c [PATCH] don't load and decompress objects twice with parse_object() 2005-05-06 11:02:01 -07:00
object.h [PATCH] Add function to parse an object of unspecified type (take 2) 2005-04-28 07:46:33 -07:00
pull.c Implement -v (verbose) option for pull methods other than local transport. 2005-05-06 01:37:21 -07:00
pull.h Implement -v (verbose) option for pull methods other than local transport. 2005-05-06 01:37:21 -07:00
read-cache.c A stylistic fix to read-cache.c 2005-05-08 14:02:19 -07:00
read-tree.c Add "get_sha1()" helper function. 2005-05-01 16:36:56 -07:00
README Rename environment variables. 2005-05-09 17:57:56 -07:00
rev-list.c [PATCH] control/limit output of git-rev-list 2005-05-06 09:01:27 -07:00
rev-tree.c Add "get_sha1()" helper function. 2005-05-01 16:36:56 -07:00
rpull.c Implement -v (verbose) option for pull methods other than local transport. 2005-05-06 01:37:21 -07:00
rpush.c [PATCH] Fix git rpush. 2005-05-05 07:36:54 -07:00
rsh.c Rename environment variables. 2005-05-09 17:57:56 -07:00
rsh.h [PATCH] Various transport programs 2005-04-23 18:47:23 -07:00
sha1_file.c Introduce GIT_DIR environment variable. 2005-05-09 22:57:58 -07:00
strbuf.c [PATCH] introduce xmalloc and xrealloc 2005-04-26 12:00:58 -07:00
strbuf.h [PATCH] Introduce diff-tree-helper. 2005-04-25 18:26:45 -07:00
tag.c [PATCH] don't load and decompress objects twice with parse_object() 2005-05-06 11:02:01 -07:00
tag.h [PATCH] don't load and decompress objects twice with parse_object() 2005-05-06 11:02:01 -07:00
tar-tree.c [PATCH] Lift path length limits from git-tar-tree. 2005-05-06 22:12:08 -07:00
test-date.c date handling: handle "AM"/"PM" on time 2005-05-01 12:34:56 -07:00
tree.c Add git-update-cache --replace option. 2005-05-07 21:55:21 -07:00
tree.h [PATCH] don't load and decompress objects twice with parse_object() 2005-05-06 11:02:01 -07:00
unpack-file.c Add "get_sha1()" helper function. 2005-05-01 16:36:56 -07:00
update-cache.c Fix git-update-cache --cacheinfo error message. 2005-05-08 15:31:33 -07:00
usage.c Split up read-cache.c into more logical clumps. 2005-04-18 13:04:43 -07:00
write-blob.c Add git-write-blob. 2005-05-01 23:45:49 -07:00
write-tree.c Notice index that has path and path/file and refuse to write such a tree. 2005-05-07 12:22:02 -07:00



	GIT - the stupid content tracker


"git" can mean anything, depending on your mood.

 - random three-letter combination that is pronounceable, and not
   actually used by any common UNIX command.  The fact that it is a
   mispronounciation of "get" may or may not be relevant.
 - stupid. contemptible and despicable. simple. Take your pick from the
   dictionary of slang.
 - "global information tracker": you're in a good mood, and it actually
   works for you. Angels sing, and a light suddenly fills the room. 
 - "goddamn idiotic truckload of sh*t": when it breaks

This is a stupid (but extremely fast) directory content manager.  It
doesn't do a whole lot, but what it _does_ do is track directory
contents efficiently. 

There are two object abstractions: the "object database", and the
"current directory cache" aka "index".



	The Object Database (GIT_OBJECT_DIRECTORY)


The object database is literally just a content-addressable collection
of objects.  All objects are named by their content, which is
approximated by the SHA1 hash of the object itself.  Objects may refer
to other objects (by referencing their SHA1 hash), and so you can build
up a hierarchy of objects. 

All objects have a statically determined "type" aka "tag", which is
determined at object creation time, and which identifies the format of
the object (ie how it is used, and how it can refer to other objects). 
There are currently three different object types: "blob", "tree" and
"commit". 

A "blob" object cannot refer to any other object, and is, like the tag
implies, a pure storage object containing some user data.  It is used to
actually store the file data, ie a blob object is associated with some
particular version of some file. 

A "tree" object is an object that ties one or more "blob" objects into a
directory structure. In addition, a tree object can refer to other tree
objects, thus creating a directory hierarchy. 

Finally, a "commit" object ties such directory hierarchies together into
a DAG of revisions - each "commit" is associated with exactly one tree
(the directory hierarchy at the time of the commit). In addition, a
"commit" refers to one or more "parent" commit objects that describe the
history of how we arrived at that directory hierarchy.

As a special case, a commit object with no parents is called the "root"
object, and is the point of an initial project commit.  Each project
must have at least one root, and while you can tie several different
root objects together into one project by creating a commit object which
has two or more separate roots as its ultimate parents, that's probably
just going to confuse people.  So aim for the notion of "one root object
per project", even if git itself does not enforce that. 

Regardless of object type, all objects are share the following
characteristics: they are all in deflated with zlib, and have a header
that not only specifies their tag, but also size information about the
data in the object.  It's worth noting that the SHA1 hash that is used
to name the object is always the hash of this _compressed_ object, not
the original data.

As a result, the general consistency of an object can always be tested
independently of the contents or the type of the object: all objects can
be validated by verifying that (a) their hashes match the content of the
file and (b) the object successfully inflates to a stream of bytes that
forms a sequence of <ascii tag without space> + <space> + <ascii decimal
size> + <byte\0> + <binary object data>. 

The structured objects can further have their structure and connectivity
to other objects verified. This is generally done with the "fsck-cache"
program, which generates a full dependency graph of all objects, and
verifies their internal consistency (in addition to just verifying their
superficial consistency through the hash).

The object types in some more detail:

  BLOB: A "blob" object is nothing but a binary blob of data, and
	doesn't refer to anything else.  There is no signature or any
	other verification of the data, so while the object is
	consistent (it _is_ indexed by its sha1 hash, so the data itself
	is certainly correct), it has absolutely no other attributes. 
	No name associations, no permissions.  It is purely a blob of
	data (ie normally "file contents"). 

	In particular, since the blob is entirely defined by its data,
	if two files in a directory tree (or in multiple different
	versions of the repository) have the same contents, they will
	share the same blob object. The object is toally independent
	of it's location in the directory tree, and renaming a file does
	not change the object that file is associated with in any way.

  TREE: The next hierarchical object type is the "tree" object.  A tree
	object is a list of mode/name/blob data, sorted by name. 
	Alternatively, the mode data may specify a directory mode, in
	which case instead of naming a blob, that name is associated
	with another TREE object. 

	Like the "blob" object, a tree object is uniquely determined by
	the set contents, and so two separate but identical trees will
	always share the exact same object. This is true at all levels,
	ie it's true for a "leaf" tree (which does not refer to any
	other trees, only blobs) as well as for a whole subdirectory.

	For that reason a "tree" object is just a pure data abstraction:
	it has no history, no signatures, no verification of validity,
	except that since the contents are again protected by the hash
	itself, we can trust that the tree is immutable and its contents
	never change. 

	So you can trust the contents of a tree to be valid, the same
	way you can trust the contents of a blob, but you don't know
	where those contents _came_ from.

	Side note on trees: since a "tree" object is a sorted list of
	"filename+content", you can create a diff between two trees
	without actually having to unpack two trees.  Just ignore all
	common parts, and your diff will look right.  In other words,
	you can effectively (and efficiently) tell the difference
	between any two random trees by O(n) where "n" is the size of
	the difference, rather than the size of the tree. 

	Side note 2 on trees: since the name of a "blob" depends
	entirely and exclusively on its contents (ie there are no names
	or permissions involved), you can see trivial renames or
	permission changes by noticing that the blob stayed the same. 
	However, renames with data changes need a smarter "diff" implementation. 

CHANGESET: The "changeset" object is an object that introduces the
	notion of history into the picture.  In contrast to the other
	objects, it doesn't just describe the physical state of a tree,
	it describes how we got there, and why. 

	A "changeset" is defined by the tree-object that it results in,
	the parent changesets (zero, one or more) that led up to that
	point, and a comment on what happened.  Again, a changeset is
	not trusted per se: the contents are well-defined and "safe" due
	to the cryptographically strong signatures at all levels, but
	there is no reason to believe that the tree is "good" or that
	the merge information makes sense.  The parents do not have to
	actually have any relationship with the result, for example. 

	Note on changesets: unlike real SCM's, changesets do not contain
	rename information or file mode chane information.  All of that
	is implicit in the trees involved (the result tree, and the
	result trees of the parents), and describing that makes no sense
	in this idiotic file manager. 

TRUST: The notion of "trust" is really outside the scope of "git", but
	it's worth noting a few things.  First off, since everything is
	hashed with SHA1, you _can_ trust that an object is intact and
	has not been messed with by external sources.  So the name of an
	object uniquely identifies a known state - just not a state that
	you may want to trust. 

	Furthermore, since the SHA1 signature of a changeset refers to
	the SHA1 signatures of the tree it is associated with and the
	signatures of the parent, a single named changeset specifies
	uniquely a whole set of history, with full contents.  You can't
	later fake any step of the way once you have the name of a
	changeset. 

	So to introduce some real trust in the system, the only thing
	you need to do is to digitally sign just _one_ special note,
	which includes the name of a top-level changeset.  Your digital
	signature shows others that you trust that changeset, and the
	immutability of the history of changesets tells others that they
	can trust the whole history. 

	In other words, you can easily validate a whole archive by just
	sending out a single email that tells the people the name (SHA1
	hash) of the top changeset, and digitally sign that email using
	something like GPG/PGP. 

	In particular, you can also have a separate archive of "trust
	points" or tags, which document your (and other peoples) trust. 
	You may, of course, archive these "certificates of trust" using
	"git" itself, but it's not something "git" does for you. 

Another way of saying the last point: "git" itself only handles content
integrity, the trust has to come from outside. 



	The "index" aka "Current Directory Cache" (".git/index")


The index is a simple binary file, which contains an efficient
representation of a virtual directory content at some random time.  It
does so by a simple array that associates a set of names, dates,
permissions and content (aka "blob") objects together.  The cache is
always kept ordered by name, and names are unique (with a few very
specific rules) at any point in time, but the cache has no long-term
meaning, and can be partially updated at any time. 

In particular, the index certainly does not need to be consistent with
the current directory contents (in fact, most operations will depend on
different ways to make the index _not_ be consistent with the directory
hierarchy), but it has three very important attributes:

 (a) it can re-generate the full state it caches (not just the directory
     structure: it contains pointers to the "blob" objects so that it
     can regenerate the data too)

     As a special case, there is a clear and unambiguous one-way mapping
     from a current directory cache to a "tree object", which can be
     efficiently created from just the current directory cache without
     actually looking at any other data.  So a directory cache at any
     one time uniquely specifies one and only one "tree" object (but
     has additional data to make it easy to match up that tree object
     with what has happened in the directory)

 (b) it has efficient methods for finding inconsistencies between that
     cached state ("tree object waiting to be instantiated") and the
     current state. 

 (c) it can additionally efficiently represent information about merge
     conflicts between different tree objects, allowing each pathname to
     be associated with sufficient information about the trees involved
     that you can create a three-way merge between them.

Those are the three ONLY things that the directory cache does.  It's a
cache, and the normal operation is to re-generate it completely from a
known tree object, or update/compare it with a live tree that is being
developed.  If you blow the directory cache away entirely, you generally
haven't lost any information as long as you have the name of the tree
that it described. 

At the same time, the directory index is at the same time also the
staging area for creating new trees, and creating a new tree always
involves a controlled modification of the index file.  In particular,
the index file can have the representation of an intermediate tree that
has not yet been instantiated.  So the index can be thought of as a
write-back cache, which can contain dirty information that has not yet
been written back to the backing store. 



	The Workflow


Generally, all "git" operations work on the index file. Some operations
work _purely_ on the index file (showing the current state of the
index), but most operations move data to and from the index file. Either
from the database or from the working directory. Thus there are four
main combinations: 

 1) working directory -> index

	You update the index with information from the working directory
	with the "update-cache" command.  You generally update the index
	information by just specifying the filename you want to update,
	like so:

		update-cache filename

	but to avoid common mistakes with filename globbing etc, the
	command will not normally add totally new entries or remove old
	entries, ie it will normally just update existing cache entryes.

	To tell git that yes, you really do realize that certain files
	no longer exist in the archive, or that new files should be
	added, you should use the "--remove" and "--add" flags
	respectively.

	NOTE! A "--remove" flag does _not_ mean that subsequent
	filenames will necessarily be removed: if the files still exist
	in your directory structure, the index will be updated with
	their new status, not removed. The only thing "--remove" means
	is that update-cache will be considering a removed file to be a
	valid thing, and if the file really does not exist any more, it
	will update the index accordingly. 

	As a special case, you can also do "update-cache --refresh",
	which will refresh the "stat" information of each index to match
	the current stat information. It will _not_ update the object
	status itself, and it wil only update the fields that are used
	to quickly test whether an object still matches its old backing
	store object.

 2) index -> object database

	You write your current index file to a "tree" object with the
	program

		write-tree

	that doesn't come with any options - it will just write out the
	current index into the set of tree objects that describe that
	state, and it will return the name of the resulting top-level
	tree. You can use that tree to re-generate the index at any time
	by going in the other direction:

 3) object database -> index

	You read a "tree" file from the object database, and use that to
	populate (and overwrite - don't do this if your index contains
	any unsaved state that you might want to restore later!) your
	current index.  Normal operation is just

		read-tree <sha1 of tree>

	and your index file will now be equivalent to the tree that you
	saved earlier. However, that is only your _index_ file: your
	working directory contents have not been modified.

 4) index -> working directory

	You update your working directory from the index by "checking
	out" files. This is not a very common operation, since normally
	you'd just keep your files updated, and rather than write to
	your working directory, you'd tell the index files about the
	changes in your working directory (ie "update-cache").

	However, if you decide to jump to a new version, or check out
	somebody elses version, or just restore a previous tree, you'd
	populate your index file with read-tree, and then you need to
	check out the result with

		checkout-cache filename

	or, if you want to check out all of the index, use "-a".

	NOTE! checkout-cache normally refuses to overwrite old files, so
	if you have an old version of the tree already checked out, you
	will need to use the "-f" flag (_before_ the "-a" flag or the
	filename) to _force_ the checkout.


Finally, there are a few odds and ends which are not purely moving from
one representation to the other:

 5) Tying it all together

	To commit a tree you have instantiated with "write-tree", you'd
	create a "commit" object that refers to that tree and the
	history behind it - most notably the "parent" commits that
	preceded it in history. 

	Normally a "commit" has one parent: the previous state of the
	tree before a certain change was made. However, sometimes it can
	have two or more parent commits, in which case we call it a
	"merge", due to the fact that such a commit brings together
	("merges") two or more previous states represented by other
	commits. 

	In other words, while a "tree" represents a particular directory
	state of a working directory, a "commit" represents that state
	in "time", and explains how we got there. 

	You create a commit object by giving it the tree that describes
	the state at the time of the commit, and a list of parents:

		commit-tree <tree> -p <parent> [-p <parent2> ..]

	and then giving the reason for the commit on stdin (either
	through redirection from a pipe or file, or by just typing it at
	the tty). 

	commit-tree will return the name of the object that represents
	that commit, and you should save it away for later use.
	Normally, you'd commit a new "HEAD" state, and while git doesn't
	care where you save the note about that state, in practice we
	tend to just write the result to the file ".git/HEAD", so that
	we can always see what the last committed state was.

 6) Examining the data

	You can examine the data represented in the object database and
	the index with various helper tools. For every object, you can
	use "cat-file" to examine details about the object:

		cat-file -t <objectname>

	shows the type of the object, and once you have the type (which
	is usually implicit in where you find the object), you can use

		cat-file blob|tree|commit <objectname>

	to show its contents. NOTE! Trees have binary content, and as a
	result there is a special helper for showing that content,
	called "ls-tree", which turns the binary content into a more
	easily readable form.

	It's especially instructive to look at "commit" objects, since
	those tend to be small and fairly self-explanatory. In
	particular, if you follow the convention of having the top
	commit name in ".git/HEAD", you can do

		cat-file commit $(cat .git/HEAD)

	to see what the top commit was.

 7) Merging multiple trees

	Git helps you do a three-way merge, which you can expand to
	n-way by repeating the merge procedure arbitrary times until you
	finally "commit" the state.  The normal situation is that you'd
	only do one three-way merge (two parents), and commit it, but if
	you like to, you can do multiple parents in one go.

	To do a three-way merge, you need the two sets of "commit"
	objects that you want to merge, use those to find the closest
	common parent (a third "commit" object), and then use those
	commit objects to find the state of the directory ("tree"
	object) at these points. 

	To get the "base" for the merge, you first look up the common
	parent of two commits with

		merge-base <commit1> <commit2>

	which will return you the commit they are both based on.  You
	should now look up the "tree" objects of those commits, which
	you can easily do with (for example)

		cat-file commit <commitname> | head -1

	since the tree object information is always the first line in a
	commit object. 

	Once you know the three trees you are going to merge (the one
	"original" tree, aka the common case, and the two "result" trees,
	aka the branches you want to merge), you do a "merge" read into
	the index. This will throw away your old index contents, so you
	should make sure that you've committed those - in fact you would
	normally always do a merge against your last commit (which
	should thus match what you have in your current index anyway).
	To do the merge, do

		read-tree -m <origtree> <target1tree> <target2tree>

	which will do all trivial merge operations for you directly in
	the index file, and you can just write the result out with
	"write-tree". 

	NOTE! Because the merge is done in the index file, and not in
	your working directory, your working directory will no longer
	match your index. You can use "checkout-cache -f -a" to make the
	effect of the merge be seen in your working directory.

	NOTE2! Sadly, many merges aren't trivial. If there are files
	that have been added.moved or removed, or if both branches have
	modified the same file, you will be left with an index tree that
	contains "merge entries" in it. Such an index tree can _NOT_ be
	written out to a tree object, and you will have to resolve any
	such merge clashes using other tools before you can write out
	the result.

	[ fixme: talk about resolving merges here ]