git - Debian Package Tracker

general

source: git (main)
version: 1:2.36.1-1
maintainer: Jonathan Nieder (DMD)
uploaders: Anders Kaseorg [DMD]
arch: all any
std-ver: 4.3.0.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1:2.11.0-3+deb9u7
o-o-sec: 1:2.11.0-3+deb9u7
o-o-bpo: 1:2.20.1-1~bpo9+1
oldstable: 1:2.20.1-2+deb10u3
old-sec: 1:2.20.1-2+deb10u3
old-bpo: 1:2.30.2-1~bpo10+1
stable: 1:2.30.2-1
stable-bpo: 1:2.34.1-1~bpo11+1
testing: 1:2.35.1-1
unstable: 1:2.36.1-1
exp: 1:2.36.1+next.20220505-1

versioned links

1:2.11.0-3+deb9u7: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.20.1-1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.20.1-2+deb10u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.30.2-1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.30.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.34.1-1~bpo11+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.35.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.36.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.36.1+next.20220505-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

git (257 bugs: 0, 114, 143, 0)
git-all (2 bugs: 0, 0, 2, 0)
git-cvs (9 bugs: 0, 4, 5, 0)
git-daemon-run (6 bugs: 1, 2, 3, 0)
git-daemon-sysvinit (7 bugs: 0, 2, 5, 0)
git-doc (7 bugs: 0, 1, 6, 0)
git-email (17 bugs: 0, 6, 11, 0)
git-gui (20 bugs: 0, 11, 9, 0)
git-man (24 bugs: 0, 6, 18, 0)
git-mediawiki
git-svn (27 bugs: 0, 10, 17, 0)
gitk (28 bugs: 0, 9, 19, 0)
gitweb (16 bugs: 0, 7, 9, 0)

action needed

Problems while searching for a new upstream version high

uscan had problems while searching for a new upstream version:

more than one main upstream tarballs listed.

Created: 2021-08-24 Last update: 2022-08-09 11:33

A new upstream version is available: 2.37.1 high

A new upstream version 2.37.1 is available, you should consider packaging it.

Created: 2022-07-01 Last update: 2022-08-09 11:33

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2022-29187: Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks.

Created: 2022-07-13 Last update: 2022-08-01 13:40

2 security issues in bookworm high

There are 2 open security issues in bookworm.

2 important issues:

CVE-2022-24765: Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder `C:\.git`, which would be picked up by Git operations run supposedly outside a repository while searching for a Git directory. Git would then respect any config in said Git directory. Git Bash users who set `GIT_PS1_SHOWDIRTYSTATE` are vulnerable as well. Users who installed posh-gitare vulnerable simply by starting a PowerShell. Users of IDEs such as Visual Studio are vulnerable: simply creating a new project would already read and respect the config specified in `C:\.git\config`. Users of the Microsoft fork of Git are vulnerable simply by starting a Git Bash. The problem has been patched in Git for Windows v2.35.2. Users unable to upgrade may create the folder `.git` on all drives where Git commands are run, and remove read/write access from those folders as a workaround. Alternatively, define or extend `GIT_CEILING_DIRECTORIES` to cover the _parent_ directory of the user profile, e.g. `C:\Users` if the user profile is located in `C:\Users\my-user-name`.
CVE-2022-29187: Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks.

Created: 2022-07-04 Last update: 2022-08-01 13:40

398 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit dae52b9cd76ad244fb48075f92282caf99087567
Merge: b22c9fcf02 7e925260d0
Author: Jonathan Nieder <jrnieder@gmail.com>
Date:   Mon May 9 12:48:15 2022 -0700

    Merge branch 'debian-sid' into debian-experimental
    
    * debian-sid:
      debian: new upstream point release
    
    Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
    Change-Id: I42937ba7b24426e4b30b6d89fcda28160d944ee2

commit 7e925260d0ad325f682aab34ff1891f8c3460ceb
Author: Jonathan Nieder <jrnieder@gmail.com>
Date:   Mon May 9 12:44:28 2022 -0700

    debian: new upstream point release
    
    Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>

commit f08afd4f0929bfec9f290c0c71df10dc913b6f38
Merge: 530a349eae e54793a95a
Author: Jonathan Nieder <jrnieder@gmail.com>
Date:   Mon May 9 12:42:23 2022 -0700

    Merge tag 'v2.36.1' into debian-sid
    
    Git 2.36.1
    
    Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>

commit b22c9fcf02ecf421768fd30dd689662aa60b3b92
Author: Jonathan Nieder <jrnieder@gmail.com>
Date:   Mon May 9 12:41:54 2022 -0700

    debian: new "next" snapshot
    
    Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
    Change-Id: Ia11e41c0a98e8d15fd6f12b08e7a653dfcbebecd

commit fea0acd2bb13a40e84cfcaea9357bb3cd1e904fd
Merge: 2f9ff9a618 7c58a9bb42
Author: Jonathan Nieder <jrnieder@gmail.com>
Date:   Mon May 9 12:40:53 2022 -0700

    Merge branch 'next' of https://kernel.googlesource.com/pub/scm/git/git into debian-experimental
    
    Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
    Change-Id: Ie63e4b96ae08c3c6db12ee55026f2ca7dc875b2e

commit 2f9ff9a618a8a46876af3a86f8127fb809ea3012
Author: Glen Choo <chooglen@google.com>
Date:   Fri May 6 17:13:03 2022 +0000

    debian: new "next" snapshot
    
    Signed-off-by: Glen Choo <chooglen@google.com>
    Change-Id: I6e9b22263b5acd96e0c5b11298065775d6d4242d

commit 6cc893d20583088696e0563e30a938a40e5d48a5
Merge: 7eceafdc64 b090851708
Author: Glen Choo <chooglen@google.com>
Date:   Fri May 6 17:12:23 2022 +0000

    Merge branch 'next' into debian-experimental
    
    Signed-off-by: Glen Choo <chooglen@google.com>
    Change-Id: I90ccada4172eda95f062c92a8b6a7abfb6c48331

commit 7c58a9bb42e7a3326f92385eb92bb0e04adc04ba
Merge: b090851708 e8005e4871
Author: Junio C Hamano <gitster@pobox.com>
Date:   Thu May 5 14:44:57 2022 -0700

    Sync with 'master'

commit e8005e4871f130c4e402ddca2032c111252f070a
Merge: f5aaf72f1b e54793a95a
Author: Junio C Hamano <gitster@pobox.com>
Date:   Thu May 5 14:39:03 2022 -0700

    Sync with v2.36.1

commit b09085170807c0234d945e787c60e6af100d2712
Merge: c40509b820 f5aaf72f1b
Author: Junio C Hamano <gitster@pobox.com>
Date:   Wed May 4 09:54:19 2022 -0700

    Sync with 'master'

commit f5aaf72f1b5aeb3b77bccabce014ea2590e823e2
Author: Junio C Hamano <gitster@pobox.com>
Date:   Wed May 4 09:51:39 2022 -0700

    A bit more regression fixes for 2.36
    
    Signed-off-by: Junio C Hamano <gitster@pobox.com>

commit 1c4411cce1bfc515cba4c1ca63b7d616e023b5e1
Merge: 73f96c9772 e6b2582da3
Author: Junio C Hamano <gitster@pobox.com>
Date:   Wed May 4 09:51:29 2022 -0700

    Merge branch 'cm/reftable-0-length-memset'
    
    Code clean-up.
    
    * cm/reftable-0-length-memset:
      reftable: avoid undefined behaviour breaking t0032

commit 73f96c977293a45688881e5de69c26f6f70942fd
Merge: 8b28e2e2e4 3506cae04f
Author: Junio C Hamano <gitster@pobox.com>
Date:   Wed May 4 09:51:29 2022 -0700

    Merge branch 'ab/cc-package-fixes'
    
    Correct choices of C compilers used in various CI jobs.
    
    * ab/cc-package-fixes:
      CI: select CC based on CC_PACKAGE (again)

commit 8b28e2e2e4abd0e9cffe0d85afd6f0c0346bb948
Merge: dcf1ac24a2 11f9e8de3d
Author: Junio C Hamano <gitster@pobox.com>
Date:   Wed May 4 09:51:29 2022 -0700

    Merge branch 'ds/midx-normalize-pathname-before-comparison'
    
    The path taken by "git multi-pack-index" command from the end user
    was compared with path internally prepared by the tool withut first
    normalizing, which lead to duplicated paths not being noticed,
    which has been corrected.
    
    * ds/midx-normalize-pathname-before-comparison:
      cache: use const char * for get_object_directory()
      multi-pack-index: use --object-dir real path
      midx: use real paths in lookup_multi_pack_index()

commit dcf1ac24a2ffd9014779fe5504e8f66539fff4bc
Merge: 8ed16bd600 08bdd3a185
Author: Junio C Hamano <gitster@pobox.com>
Date:   Wed May 4 09:51:28 2022 -0700

    Merge branch 'jc/cocci-xstrdup-or-null-fix'
    
    Get rid of a bogus and over-eager coccinelle rule.
    
    * jc/cocci-xstrdup-or-null-fix:
      cocci: drop bogus xstrdup_or_null() rule

commit 8ed16bd600b0fd8e0ac0090e0dc8375614cc0ba8
Merge: 5048b20d1c 6dfadc8981
Author: Junio C Hamano <gitster@pobox.com>
Date:   Wed May 4 09:51:28 2022 -0700

    Merge branch 'jc/clone-remote-name-leak-fix'
    
    "git clone --origin X" leaked piece of memory that held value read
    from the clone.defaultRemoteName configuration variable, which has
    been plugged.
    
    * jc/clone-remote-name-leak-fix:
      clone: plug a miniscule leak

commit 5048b20d1c2db7525e4739a75e2f89c1b96ad116
Merge: 2cc712324d 91f8f7e46f
Author: Junio C Hamano <gitster@pobox.com>
Date:   Wed May 4 09:51:28 2022 -0700

    Merge branch 'rs/format-patch-pathspec-fix'
    
    "git format-patch <args> -- <pathspec>" lost the pathspec when
    showing the second and subsequent commits, which has been
    corrected.
    
    * rs/format-patch-pathspec-fix:
      2.36 format-patch regression fix

commit 2cc712324d518b57ac895f22314ded09cc058621
Merge: d5a17b6665 d1c25272f5
Author: Junio C Hamano <gitster@pobox.com>
Date:   Wed May 4 09:51:28 2022 -0700

    Merge branch 'rs/fast-export-pathspec-fix'
    
    "git fast-export -- <pathspec>" lost the pathspec when showing the
    second and subsequent commits, which has been corrected.
    
    * rs/fast-export-pathspec-fix:
      2.36 fast-export regression fix

commit d5a17b6665cd79a7bce54e8cde974503d0e8ddc6
Merge: 0f828332d5 5cdb38458e
Author: Junio C Hamano <gitster@pobox.com>
Date:   Wed May 4 09:51:28 2022 -0700

    Merge branch 'jc/show-pathspec-fix'
    
    "git show <commit1> <commit2>... -- <pathspec>" lost the pathspec
    when showing the second and subsequent commits, which has been
    corrected.
    
    * jc/show-pathspec-fix:
      2.36 show regression fix

commit c40509b820722113bd0ed388e35ab3d1c0f13f11
Merge: a25766055f 84792322ed
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon May 2 11:20:21 2022 -0700

    Merge branch 'rs/commit-summary-wo-break-rewrite' into next
    
    The commit summary shown after making a commit is matched to what
    is given in "git status" not to use the break-rewrite heuristics.
    
    * rs/commit-summary-wo-break-rewrite:
      commit, sequencer: turn off break_opt for commit summary

commit a25766055f4c0cfeecda76cfc039569ef73d2148
Merge: 781715e2b7 067109a5e7
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon May 2 11:20:21 2022 -0700

    Merge branch 'pw/test-malloc-with-sanitize-address' into next
    
    Avoid problems from interaction between malloc_check and address
    sanitizer.
    
    * pw/test-malloc-with-sanitize-address:
      tests: make SANITIZE=address imply TEST_NO_MALLOC_CHECK

commit 781715e2b7cb28bb46c88fd92b9b1c693ba9252e
Merge: 88ed49c2d0 e6b2582da3
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon May 2 11:20:21 2022 -0700

    Merge branch 'cm/reftable-0-length-memset' into next
    
    Code clean-up.
    
    * cm/reftable-0-length-memset:
      reftable: avoid undefined behaviour breaking t0032

commit 88ed49c2d038a4ec476bb96265f44f2752932eeb
Merge: c3bcb92518 52e1ab8a76
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon May 2 11:20:21 2022 -0700

    Merge branch 'ea/rebase-code-simplify' into next
    
    Code clean-up.
    
    * ea/rebase-code-simplify:
      rebase: simplify an assignment of options.type in cmd_rebase

commit c3bcb92518c72b3f34bee812d1d446ad0be75902
Merge: 8e6071e208 c0befa0c03
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon May 2 11:20:20 2022 -0700

    Merge branch 'kt/commit-graph-plug-fp-leak-on-error' into next
    
    Fix a leak of FILE * in an error codepath.
    
    * kt/commit-graph-plug-fp-leak-on-error:
      commit-graph: close file before returning NULL

commit 8e6071e2086ee4ca33a6375851fabaf9ee812138
Merge: 59e6137286 9e5ebe9668
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon May 2 11:20:20 2022 -0700

    Merge branch 'ah/rebase-keep-base-fix' into next
    
    "git rebase --keep-base <upstream> <branch-to-rebase>" computed the
    commit to rebase onto incorrectly, which has been corrected.
    
    * ah/rebase-keep-base-fix:
      rebase: use correct base for --keep-base when a branch is given

commit 59e6137286c5e79d924ae807f77b8f65338b0976
Merge: aba30d3c42 3506cae04f
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon May 2 11:20:20 2022 -0700

    Merge branch 'ab/cc-package-fixes' into next
    
    Correct choices of C compilers used in various CI jobs.
    
    * ab/cc-package-fixes:
      CI: select CC based on CC_PACKAGE (again)

commit aba30d3c4210bb647079fa89cf37b8600bc3d405
Merge: dda0f8bfce 11f9e8de3d
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon May 2 11:20:20 2022 -0700

    Merge branch 'ds/midx-normalize-pathname-before-comparison' into next
    
    The path taken by "git multi-pack-index" command from the end user
    was compared with path internally prepared by the tool withut first
    normalizing, which lead to duplicated paths not being noticed,
    which has been corrected.
    
    * ds/midx-normalize-pathname-before-comparison:
      cache: use const char * for get_object_directory()
      multi-pack-index: use --object-dir real path
      midx: use real paths in lookup_multi_pack_index()

commit dda0f8bfce121e9e13493edbcd443e3483321b11
Merge: 32a51558ea 08bdd3a185
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon May 2 11:20:20 2022 -0700

    Merge branch 'jc/cocci-xstrdup-or-null-fix' into next
    
    Get rid of a bogus and over-eager coccinelle rule.
    
    * jc/cocci-xstrdup-or-null-fix:
      cocci: drop bogus xstrdup_or_null() rule

commit 32a51558eae84d21a5d8dfaa6551ac4e5391a1e3
Merge: 1f0a9f982a 6dfadc8981
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon May 2 11:20:20 2022 -0700

    Merge branch 'jc/clone-remote-name-leak-fix' into next
    
    "git clone --origin X" leaked piece of memory that held value read
    from the clone.defaultRemoteName configuration variable, which has
    been plugged.
    
    * jc/clone-remote-name-leak-fix:
      clone: plug a miniscule leak

commit 1f0a9f982a86fc72ce9b917fabe4ec04ea0a13cb
Merge: 0fb97cb01d 91f8f7e46f
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon May 2 11:19:44 2022 -0700

    Merge branch 'rs/format-patch-pathspec-fix' into next
    
    "git format-patch <args> -- <pathspec>" lost the pathspec when
    showing the second and subsequent commits, which has been
    corrected.
    
    * rs/format-patch-pathspec-fix:
      2.36 format-patch regression fix

commit 0fb97cb01d2afff10fc3dbf77973ae4195506283
Merge: 7781c7b275 d1c25272f5
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon May 2 11:19:44 2022 -0700

    Merge branch 'rs/fast-export-pathspec-fix' into next
    
    "git fast-export -- <pathspec>" lost the pathspec when showing the
    second and subsequent commits, which has been corrected.
    
    * rs/fast-export-pathspec-fix:
      2.36 fast-export regression fix

commit 7781c7b275bacb0c6b6c260eb2d073ee4fba0049
Merge: e40c2bad7a 5cdb38458e
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon May 2 11:19:44 2022 -0700

    Merge branch 'jc/show-pathspec-fix' into next
    
    "git show <commit1> <commit2>... -- <pathspec>" lost the pathspec
    when showing the second and subsequent commits, which has been
    corrected.
    
    * jc/show-pathspec-fix:
      2.36 show regression fix

commit 6dfadc8981a3f2fd3fb552eb956fe12a542f8ee8
Author: Junio C Hamano <gitster@pobox.com>
Date:   Sat Apr 30 22:17:15 2022 -0700

    clone: plug a miniscule leak
    
    The remote_name variable is first assigned a copy of the value of
    the "clone.defaultremotename" configuration variable and then by the
    value of the "--origin" command line option.  The former is prepared
    to see multiple instances of the configuration variable by freeing
    the current value of the variable before a copy of the newly
    discovered value gets assigned to it.  The latter however blindly
    assigned a copy of the new value to the variable, thereby leaking
    the value read from the configuration variable.
    
    Signed-off-by: Junio C Hamano <gitster@pobox.com>

commit 7eceafdc64d44663c3c4b57cd760629d4ecdddf7
Author: Josh Steadmon <steadmon@google.com>
Date:   Fri Apr 29 14:09:36 2022 -0700

    debian: new "next" snapshot
    
    Signed-off-by: Josh Steadmon <steadmon@google.com>
    Change-Id: I11cdcddca308db5f6f31699250fd69cbd7c32fda

commit 8fb3a3b1061852d7e548b3ec0e6b3c111aabd2dd
Merge: 8ad6edc7fb e40c2bad7a
Author: Josh Steadmon <steadmon@google.com>
Date:   Fri Apr 29 14:09:04 2022 -0700

    Merge branch 'next' into debian-experimental
    
    Signed-off-by: Josh Steadmon <steadmon@google.com>
    Change-Id: I4e4156212db57124011d302ad945205db60da8a1

commit e40c2bad7a72449dac987539a750bfb48c4d77c8
Merge: 975e329ff9 0f828332d5
Author: Junio C Hamano <gitster@pobox.com>
Date:   Thu Apr 28 10:47:36 2022 -0700

    Sync with 'master'

commit 0f828332d5ac36fc63b7d8202652efa152809856
Author: Junio C Hamano <gitster@pobox.com>
Date:   Thu Apr 28 10:44:14 2022 -0700

    Some regression fixes for 2.36
    
    Signed-off-by: Junio C Hamano <gitster@pobox.com>

commit 096b082b2abe55672242d4ac1e469c8843fee21c
Merge: 3da993f2e6 45a14f578e
Author: Junio C Hamano <gitster@pobox.com>
Date:   Thu Apr 28 10:46:04 2022 -0700

    Merge branch 'rs/name-rev-fix-free-after-use'
    
    Regression fix for 2.36 where "git name-rev" started to sometimes
    reference strings after they are freed.
    
    * rs/name-rev-fix-free-after-use:
      Revert "name-rev: release unused name strings"

commit 3da993f2e63864668ca7ae1a91c351684aec319d
Merge: 740deeadd3 f8781bfda3
Author: Junio C Hamano <gitster@pobox.com>
Date:   Thu Apr 28 10:46:04 2022 -0700

    Merge branch 'jc/diff-tree-stdin-fix'
    
    "diff-tree --stdin" has been broken for about a year, but 2.36
    release broke it even worse by breaking running the command with
    <pathspec>, which in turn broke "gitk" and got noticed.  This has
    been corrected by aligning its behaviour to that of "log".
    
    * jc/diff-tree-stdin-fix:
      2.36 gitk/diff-tree --stdin regression fix

commit 740deeadd3d2c10b8a98573fdf65aa433a0bf816
Merge: 6cd33dceed 4f1ccef87c
Author: Junio C Hamano <gitster@pobox.com>
Date:   Thu Apr 28 10:46:04 2022 -0700

    Merge branch 'gc/submodule-update-part2'
    
    "git submodule update" without pathspec should silently skip an
    uninitialized submodule, but it started to become noisy by mistake.
    
    * gc/submodule-update-part2:
      submodule--helper: fix initialization of warn_if_uninitialized

commit 975e329ff960f1919c81a597fa4c2e3d7bd270fd
Merge: acf23a19ac 45a14f578e
Author: Junio C Hamano <gitster@pobox.com>
Date:   Tue Apr 26 11:16:38 2022 -0700

    Merge branch 'rs/name-rev-fix-free-after-use' into next
    
    Regression fix for 2.36 where "git name-rev" started to sometimes
    reference strings after they are freed.
    
    * rs/name-rev-fix-free-after-use:
      Revert "name-rev: release unused name strings"

commit acf23a19aca4bd3e5290e8e9e1f7d6eab8d24e0a
Merge: 673a597451 f8781bfda3
Author: Junio C Hamano <gitster@pobox.com>
Date:   Tue Apr 26 11:16:37 2022 -0700

    Merge branch 'jc/diff-tree-stdin-fix' into next
    
    "diff-tree --stdin" has been broken for about a year, but 2.36
    release broke it even worse by breaking running the command with
    <pathspec>, which in turn broke "gitk" and got noticed.  This has
    been corrected by aligning its behaviour to that of "log".
    
    * jc/diff-tree-stdin-fix:
      2.36 gitk/diff-tree --stdin regression fix

commit 673a597451faacd2b7a07a00d99760e85734ad8b
Merge: b9c8b46e94 4f1ccef87c
Author: Junio C Hamano <gitster@pobox.com>
Date:   Tue Apr 26 11:16:37 2022 -0700

    Merge branch 'gc/submodule-update-part2' into next
    
    "git submodule update" without pathspec should silently skip an
    uninitialized submodule, but it started to become noisy by mistake.
    
    * gc/submodule-update-part2:
      submodule--helper: fix initialization of warn_if_uninitialized

commit 11f9e8de3d1a3d484c452141f1fcdbd707457ec0
Author: Derrick Stolee <derrickstolee@github.com>
Date:   Mon Apr 25 18:27:14 2022 +0000

    cache: use const char * for get_object_directory()
    
    The get_object_directory() method returns the exact string stored at
    the_repository->objects->odb->path. The return type of "char *" implies
    that the caller must keep track of the buffer and free() it when
    complete. This causes significant problems later when the ODB is
    accessed.
    
    Use "const char *" as the return type to avoid this confusion. There are
    no current callers that care about the non-const definition.
    
    Signed-off-by: Derrick Stolee <derrickstolee@github.com>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>

commit b56166ca57678795b4159b6a48b64fbacb93e73d
Author: Derrick Stolee <derrickstolee@github.com>
Date:   Mon Apr 25 18:27:13 2022 +0000

    multi-pack-index: use --object-dir real path
    
    The --object-dir argument to 'git multi-pack-index' allows a user to
    specify an alternate to use instead of the local $GITDIR. This is used
    by third-party tools like VFS for Git to maintain the pack-files in a
    "shared object cache" used by multiple clones.
    
    On Windows, the user can specify a path using a Windows-style file path
    with backslashes such as "C:\Path\To\ObjectDir". This same path style is
    used in the .git/objects/info/alternates file, so it already matches the
    path of that alternate. However, find_odb() converts these paths to
    real-paths for the comparison, which use forward slashes. As of the
    previous change, lookup_multi_pack_index() uses real-paths, so it
    correctly finds the target multi-pack-index when given these paths.
    
    Some commands such as 'git multi-pack-index repack' call child processes
    using the object_dir value, so it can be helpful to convert the path to
    the real-path before sending it to those locations.
    
    Add a callback to convert the real path immediately upon parsing the
    argument. We need to be careful that we don't store the exact value out
    of get_object_directory() and free it, or we could corrupt a later use
    of the_repository->objects->odb->path.
    
    We don't use get_object_directory() for the initial instantiation in
    cmd_multi_pack_index() because we need 'git multi-pack-index -h' to work
    without a Git repository.
    
    Signed-off-by: Derrick Stolee <derrickstolee@github.com>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>

commit eafcc6de5296f6afc67fdc98101ae51959203ad8
Author: Derrick Stolee <derrickstolee@github.com>
Date:   Mon Apr 25 18:27:12 2022 +0000

    midx: use real paths in lookup_multi_pack_index()
    
    This helper looks for a parsed multi-pack-index whose object directory
    matches the given object_dir. Before going into the loop over the parsed
    multi-pack-indexes, it calls find_odb() to ensure that the given
    object_dir is actually a known object directory.
    
    However, find_odb() uses real-path manipulations to compare the input to
    the alternate directories. This same real-path comparison is not used in
    the loop, leading to potential issues with the strcmp().
    
    Update the method to use the real-path values instead.
    
    Signed-off-by: Derrick Stolee <derrickstolee@github.com>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>

commit 8ad6edc7fb67ffe960c726a6fe1eb517df08c7b5
Merge: c4b083f3e3 530a349eae
Author: Jonathan Nieder <jrnieder@gmail.com>
Date:   Fri Apr 22 16:52:26 2022 -0700

    Merge branch 'debian-sid' into debian-experimental
    
    * debian-sid:
      debian: new upstream release
    
    Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
    Change-Id: If46c692bda1650bcc875babd82eca3822264edcd

commit c4b083f3e3305d6d3569ae9bee83f8f055baf232
Author: Jonathan Nieder <jrnieder@gmail.com>
Date:   Fri Apr 22 16:50:58 2022 -0700

    debian: new "next" snapshot
    
    Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
    Change-Id: I0455a58e26eadb91ccf41a22b31a3f00bae18ef8

commit ef75d679dd8a9669655327a9ca0c6607885a93ed
Merge: 92dcadaac8 b9c8b46e94
Author: Jonathan Nieder <jrnieder@gmail.com>
Date:   Fri Apr 22 16:46:53 2022 -0700

    Merge branch 'next' of https://kernel.googlesource.com/pub/scm/git/git into debian-experimental
    
    Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
    Change-Id: I0d12d4f459f6b8fb11ad526c84bb0b58101d4979

commit 530a349eae1c8c3e2a706d7e250a2f2462e25bbe
Author: Jonathan Nieder <jrnieder@gmail.com>
Date:   Fri Apr 22 16:44:00 2022 -0700

    debian: new upstream release
    
    Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>

commit 2d32842984bf0f77d01612767e56a50ba7ddeaf4
Merge: fecb5d295c 6cd33dceed
Author: Jonathan Nieder <jrnieder@gmail.com>
Date:   Fri Apr 22 16:33:16 2022 -0700

    Merge tag 'v2.36.0' into debian-sid
    
    Git 2.36
    
    Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>

commit 9e5ebe9668a0f152757182b80bae9b66aad11952
Author: Alex Henrie <alexhenrie24@gmail.com>
Date:   Wed Apr 20 22:42:33 2022 -0600

    rebase: use correct base for --keep-base when a branch is given
    
    --keep-base rebases onto the merge base of the given upstream and the
    current HEAD regardless of whether a branch is given. This is contrary
    to the documentation and to the option's intended purpose. Instead,
    rebase onto the merge base of the given upstream and the given branch.
    
    Signed-off-by: Alex Henrie <alexhenrie24@gmail.com>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>

commit c0befa0c033b2754b93a666fe0e925c080b7d64b
Author: Kleber Tarcísio <klebertarcisio@yahoo.com.br>
Date:   Mon Apr 18 17:13:27 2022 +0000

    commit-graph: close file before returning NULL
    
    There are two reasons that we could return NULL early within
    load_commit_graph_chain():
    
     1. The file does not exist, so the file pointer is NULL.
     2. The file exists, but is too small to contain a single hash.
    
    These were grouped together when the function was first written in
    5c84b3396 (commit-graph: load commit-graph chains, 2019-06-18) in order
    to simplify how the 'chain_name' string is freed. However, the current
    code leaves a narrow window where the file pointer is not closed when
    the file exists, but is rejected for being too small.
    
    Split out these cases separately to ensure we close the file in this
    case.
    
    Signed-off-by: Kleber Tarcísio <klebertarcisio@yahoo.com.br>
    Signed-off-by: Derrick Stolee <derrickstolee@github.com>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>

commit 52e1ab8a7692c27c288a15da2604273b401063ac
Author: Edmundo Carmona Antoranz <eantoranz@gmail.com>
Date:   Mon Apr 18 19:27:21 2022 +0200

    rebase: simplify an assignment of options.type in cmd_rebase
    
    There is an if statement where both if and else have the same
    assignment of options.type to REBASE_MERGE. Simplify
    it by getting that assigmnent out of the if.
    
    Signed-off-by: Edmundo Carmona Antoranz <eantoranz@gmail.com>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>

commit b9c8b46e9451eb1f82393119d53aa151b6f7ff83
Merge: 48e68dd0fd 6cd33dceed
Author: Junio C Hamano <gitster@pobox.com>
Date:   Sun Apr 17 22:33:28 2022 -0700

    Sync with Git 2.36

commit 48e68dd0fdcb925f675af579a960b68b1bbf8dd4
Merge: 8af0fa9b8e 9c539d1027
Author: Junio C Hamano <gitster@pobox.com>
Date:   Fri Apr 15 16:48:39 2022 -0700

    Merge branch 'cb/buggy-gcc-12-workaround' into next
    
    A couple of work around for CI breaking warnings from gcc 12.
    
    * cb/buggy-gcc-12-workaround:
      config.mak.dev: alternative workaround to gcc 12 warning in http.c
      config.mak.dev: workaround gcc 12 bug affecting "pedantic" CI job

commit 92dcadaac815e61b0d6da533cad851ca09b8e7fd
Author: Calvin Wan <calvinwan@google.com>
Date:   Fri Apr 15 20:05:56 2022 +0000

    debian: new "next" snapshot
    
    Signed-off-by: Calvin Wan <calvinwan@google.com>
    Change-Id: Ia9224f91363c1a37957e1e89fbfa0fcd5eeb6117

commit 53368d531c8f9ca41c0c14dff07333fc8e247b7b
Merge: 1ebb5c521b 8af0fa9b8e
Author: Calvin Wan <calvinwan@google.com>
Date:   Fri Apr 15 20:05:18 2022 +0000

    Merge branch 'next' into debian-experimental
    
    Signed-off-by: Calvin Wan <calvinwan@google.com>
    Change-Id: I149af042610fa485610ae52cc715d1b77e010812

commit e6b2582da30b599d95f40510777c643b9fba9012
Author: Carlo Marcelo Arenas Belón <carenas@gmail.com>
Date:   Fri Apr 15 01:30:59 2022 -0700

    reftable: avoid undefined behaviour breaking t0032
    
    1214aa841bc (reftable: add blocksource, an abstraction for random
    access reads, 2021-10-07), makes the assumption that it is ok to
    free a reftable_block pointing to NULL if the size is also set to
    0, but implements that using a memset call that at least in glibc
    based system will trigger a runtime exception if called with a
    NULL pointer as its first parameter.
    
    Avoid doing so by adding a conditional to check for the size in all
    three identically looking functions that were affected, and therefore,
    still allow memset to help catch callers that might incorrectly pass
    a NULL pointer with a non zero size, but avoiding the exception for
    the valid cases.
    
    Signed-off-by: Carlo Marcelo Arenas Belón <carenas@gmail.com>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>

commit 8af0fa9b8e9e4d9f3a9661b1fd1f8c8822364ea5
Merge: 94ac0baec8 4027e30c53
Author: Junio C Hamano <gitster@pobox.com>
Date:   Thu Apr 14 14:24:36 2022 -0700

    Sync with 'master'

commit 94ac0baec83f6352e2a9619e6549112fe6957639
Merge: a19d9a5cc2 43159864b6
Author: Junio C Hamano <gitster@pobox.com>
Date:   Thu Apr 14 11:52:32 2022 -0700

    Merge branch 'jc/revert-ref-transaction-hook-changes' into next
    
    Revert the "deletion of a ref should not trigger transaction events
    for loose and packed ref backends separately" that regresses the
    behaviour when a ref is not modified since it was packed.
    
    * jc/revert-ref-transaction-hook-changes:
      RelNotes: revert the description on the reverted topics
      Revert "fetch: increase test coverage of fetches"
      Revert "Merge branch 'ps/avoid-unnecessary-hook-invocation-with-packed-refs'"

commit a19d9a5cc233fc762464f09ba477664a4276425d
Merge: 5071ed83ac 255ede9980
Author: Junio C Hamano <gitster@pobox.com>
Date:   Thu Apr 14 11:52:29 2022 -0700

    Merge branch 'jc/relnotes-updates' into next
    
    Wording updates for 2.36 release notes.
    
    * jc/relnotes-updates:
      RelNotes: mention safe.directory
      RelNotes: clarify "bisect run unexecutable" tweak

commit 5071ed83ac8bbde44ad4946183a24c1d5f4f51e2
Merge: 64f902a358 1ac7422e39
Author: Junio C Hamano <gitster@pobox.com>
Date:   Wed Apr 13 15:28:59 2022 -0700

    Sync with 'master'

commit 1ebb5c521b28da0461438f491380620551a36edb
Author: Jonathan Nieder <jrnieder@gmail.com>
Date:   Tue Apr 12 22:47:48 2022 -0700

    debian/patches: refresh 0001-record-version.diff
    
    Without this, "git version" doesn't reflect the last set of updates.
    I forgot to do this in 6b7a833609 (debian: new "next" snapshot,
    2022-04-12) --- sorry for the noise.
    
    Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
    Change-Id: I71f73a3533c2153276e34fb8f7075395c0c66bc9

commit 859e0d74619f1ac7a1c35ead3a66dc88c6e7f404
Merge: 6b7a833609 fecb5d295c
Author: Jonathan Nieder <jrnieder@gmail.com>
Date:   Tue Apr 12 22:31:20 2022 -0700

    Merge branch 'debian-sid' into debian-experimental
    
    * debian-sid:
      debian: new upstream point release
    
    Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
    Change-Id: Id5542d6fa38f333951f5b16b50b311ea27a7fab8

commit 6b7a83360985321a13fb3b0b1039ff77e062778e
Author: Jonathan Nieder <jrnieder@gmail.com>
Date:   Tue Apr 12 22:28:36 2022 -0700

    debian: new "next" snapshot
    
    Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
    Change-Id: Icffa91d4cdfddf9c8a14485833013ed874c8a09f

commit 758ddff4264c6528fabbe3199d20fa01eecb93a1
Merge: f8b0c14913 64f902a358
Author: Jonathan Nieder <jrnieder@gmail.com>
Date:   Tue Apr 12 22:19:15 2022 -0700

    Merge branch 'next' of https://kernel.googlesource.com/pub/scm/git/git into debian-experimental
    
    Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
    Change-Id: I3907a443d8a0b3bab11accb05d2e1ea5bb8f89a8

commit fecb5d295c461a9cb46d2b951779a1b04b241337
Author: Jonathan Nieder <jrnieder@gmail.com>
Date:   Tue Apr 12 21:30:51 2022 -0700

    debian: new upstream point release
    
    Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>

commit 9954af49db4114aba7760955b8eeb6d8b21901c3
Merge: c452695387 53ef17d3ee
Author: Jonathan Nieder <jrnieder@gmail.com>
Date:   Tue Apr 12 21:21:09 2022 -0700

    Merge tag 'v2.35.2' into debian-sid
    
    Git 2.35.2
    
    Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>

commit 64f902a358a9e80c900e2fb98bca7fe335154015
Merge: 0953a117dc 11cfe55261
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon Apr 11 21:47:58 2022 -0700

    Sync with Git 2.36-rc2

commit 0953a117dc553f3bc1e13144407c9822346a961b
Merge: be66c8963c af15f84da7
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon Apr 11 15:09:13 2022 -0700

    Merge branch 'ja/i18n-fix-for-2.36' into next
    
    Fixes to some localizable strings.
    
    * ja/i18n-fix-for-2.36:
      i18n: fix some badly formatted i18n strings

commit 067109a5e7db3fdffc25240bfc3b350962cd6bd6
Author: Phillip Wood <phillip.wood@dunelm.org.uk>
Date:   Sat Apr 9 12:28:37 2022 +0000

    tests: make SANITIZE=address imply TEST_NO_MALLOC_CHECK
    
    As the address sanitizer checks for a superset of the issues detected
    by setting MALLOC_CHECK_ (which tries to detect things like double
    frees and off-by-one errors) there is no need to set the latter when
    compiling with -fsanitize=address.
    
    This fixes a regression introduced by 131b94a10a ("test-lib.sh: Use
    GLIBC_TUNABLES instead of MALLOC_CHECK_ on glibc >= 2.34", 2022-03-04)
    which causes all the tests to fail with the message
    
        ASan runtime does not come first in initial library list;
        you should either link runtime to your application or
        manually preload it with LD_PRELOAD.
    
    when git is compiled with SANITIZE=address on systems with glibc >=
    2.34. I have tested SANITIZE=leak and SANITIZE=undefined and they do
    not suffer from this regression so the fix in this patch should be
    sufficient.
    
    Signed-off-by: Phillip Wood <phillip.wood@dunelm.org.uk>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>

commit be66c8963cc046090ab0eb1f750e71f594a2a4e4
Merge: 99b2d30bef ab1f2765f7
Author: Junio C Hamano <gitster@pobox.com>
Date:   Fri Apr 8 13:56:58 2022 -0700

    Sync with Git 2.36-rc1

commit f8b0c14913cfe417009c08e6dfe8634dc43b374d
Author: Josh Steadmon <steadmon@google.com>
Date:   Fri Apr 8 13:51:48 2022 -0700

    debian: new "next" snapshot
    
    Signed-off-by: Josh Steadmon <steadmon@google.com>
    Change-Id: Ibeffbb7657a6e6c4e1ffa38b7963f68fe3ee6a12

commit 6eaaa86641d1a8eafb3d59cb69f2ccdb4e971824
Merge: e6b80bfbbe d361397f0d
Author: Josh Steadmon <steadmon@google.com>
Date:   Fri Apr 8 13:49:26 2022 -0700

    Merge branch 'next' into debian-experimental
    
    Signed-off-by: Josh Steadmon <steadmon@google.com>
    Change-Id: I3879cec2396ea70a81b79c2691b3bd29b7f146de

commit 99b2d30bef21d78641c3ca2ea67838e0fd4e859c
Merge: dda41ca646 6d340dfaef
Author: Junio C Hamano <gitster@pobox.com>
Date:   Fri Apr 8 13:39:43 2022 -0700

    Merge branch 'ld/sparse-index-bash-completion' into next
    
    Test regression fix.
    
    * ld/sparse-index-bash-completion:
      t9902: split test to run on appropriate systems

commit dda41ca646bd9b9f79090cf1c8767fe3d94c1a7c
Merge: d361397f0d acd34fd5f6
Author: Junio C Hamano <gitster@pobox.com>
Date:   Fri Apr 8 13:39:42 2022 -0700

    Merge branch 'tl/ls-tree-oid-only' into next
    
    Docfix.
    
    * tl/ls-tree-oid-only:
      ls-tree doc: document interaction with submodules

commit d361397f0d5290990623b568eceddea2a712e3a5
Merge: 8ca530c2e3 bf23fe5c37
Author: Junio C Hamano <gitster@pobox.com>
Date:   Thu Apr 7 15:06:25 2022 -0700

    Sync with 'master'

commit 8ca530c2e3fc8d8372a822b0c02dba80651f0e60
Merge: a0696e66f4 07135d6be7
Author: Junio C Hamano <gitster@pobox.com>
Date:   Thu Apr 7 13:36:22 2022 -0700

    Sync with master

commit a0696e66f4226ac68ad3965dab6822004d9b4a1c
Merge: 1f800cad55 473fa2df08
Author: Junio C Hamano <gitster@pobox.com>
Date:   Thu Apr 7 13:34:41 2022 -0700

    Merge branch 'jc/cat-file-batch-commands' into next
    
    "git cat-file" learns "--batch-command" mode, which is a more
    flexible interface than the existing "--batch" or "--batch-check"
    modes, to allow different kinds of inquiries made.
    source: <pull.1212.v10.git.git.1645208594.gitgitgadget@gmail.com>
    
    * jc/cat-file-batch-commands:
      Documentation: add --batch-command to cat-file synopsis

commit 1f800cad55b27bc23dd6800a01aa5e0dde2eba34
Merge: 11fcccf1ad f3ea4bed2a
Author: Junio C Hamano <gitster@pobox.com>
Date:   Thu Apr 7 10:19:20 2022 -0700

    Merge branch 'tz/doc-litdd-fixes' into next
    
    * tz/doc-litdd-fixes:
      doc: replace "--" with {litdd} in credential-cache/fsmonitor

commit 11fcccf1ade3fa6a4d6377affb84630fbc6dc2d9
Merge: a680198afe 5da9560ebc
Author: Junio C Hamano <gitster@pobox.com>
Date:   Thu Apr 7 10:19:19 2022 -0700

    Merge branch 'js/apply-partial-clone-filters-recursively' into next
    
    "git clone --filter=... --recurse-submodules" only makes the
    top-level a partial clone, while submodules are fully cloned.  This
    behaviour is changed to pass the same filter down to the submodules.
    source: <690d2316ad518ea4551821b2b3aa652996858475.1644034886.git.steadmon@google.com>
    
    * js/apply-partial-clone-filters-recursively:
      submodule-helper: fix usage string

commit a680198afecc46d2f18d234b1637f8b0ece2f020
Merge: 7df8392d71 5e65dac9c8
Author: Junio C Hamano <gitster@pobox.com>
Date:   Thu Apr 7 10:19:19 2022 -0700

    Merge branch 'tl/ls-tree-oid-only' into next
    
    "git ls-tree" learns "--oid-only" option, similar to "--name-only",
    and more generalized "--format" option.
    source: <cover.1648026472.git.dyroneteng@gmail.com>
    
    * tl/ls-tree-oid-only:
      git-ls-tree.txt: fix the name of "%(objectsize:padded)"

commit 7df8392d71636297cce894db1baf60b6b7792769
Merge: f748c5af7a e5f5d7d42e
Author: Junio C Hamano <gitster@pobox.com>
Date:   Thu Apr 7 10:19:19 2022 -0700

    Merge branch 'ea/progress-partial-blame' into next
    
    The progress meter of "git blame" was showing incorrect numbers
    when processing only parts of the file.
    
    * ea/progress-partial-blame:
      blame: report correct number of lines in progress when using ranges

commit f748c5af7adbbc28de793572b96a8784c2fec8a6
Merge: 1a0ee253ff 07330a41d6
Author: Junio C Hamano <gitster@pobox.com>
Date:   Wed Apr 6 15:25:56 2022 -0700

    Sync with 'master'

commit 1a0ee253ff9b576ec0564f7f220d3739736aa3fe
Merge: 5510589561 350296cc78
Author: Junio C Hamano <gitster@pobox.com>
Date:   Wed Apr 6 14:08:58 2022 -0700

    Merge branch 'tl/ls-tree-oid-only' into next
    
    "git ls-tree" learns "--oid-only" option, similar to "--name-only",
    and more generalized "--format" option.
    source: <cover.1648026472.git.dyroneteng@gmail.com>
    
    * tl/ls-tree-oid-only:
      ls-tree: `-l` should not imply recursive listing

commit 5510589561178e675e034fe2e8a4e24948c0d7e9
Merge: 570c191824 5b52d9f15e
Author: Junio C Hamano <gitster@pobox.com>
Date:   Wed Apr 6 14:08:58 2022 -0700

    Merge branch 'bc/csprng-mktemps' into next
    
    Pick a better random number generator and use it when we prepare
    temporary filenames.
    source: <20220117215617.843190-1-sandals@crustytoothpaste.net>
    
    * bc/csprng-mktemps:
      git-compat-util: really support openssl as a source of entropy

commit 570c19182445cca1555855557d80eb309e5671a5
Merge: cf0026278d 2e37594797
Author: Junio C Hamano <gitster@pobox.com>
Date:   Wed Apr 6 14:08:58 2022 -0700

    Merge branch 'ns/core-fsyncmethod' into next
    
    A couple of fix-up to a topic that is now in 'master'.
    source: <pull.1193.git.1648663716891.gitgitgadget@gmail.com>
    
    * ns/core-fsyncmethod:
      configure.ac: fix HAVE_SYNC_FILE_RANGE definition

commit cf0026278d8303c36bdea7ab13abeca55c1a4cd6
Merge: 7b1312e21f f2a2876f5a
Author: Junio C Hamano <gitster@pobox.com>
Date:   Wed Apr 6 14:08:58 2022 -0700

    Merge branch 'ab/make-optim-noop' into next
    
    A micro fix to a topic earlier merged to 'master'
    source: <patch-1.1-05949221e3f-20220319T002715Z-avarab@gmail.com>
    
    * ab/make-optim-noop:
      contrib/scalar: fix 'all' target in Makefile
      Documentation/Makefile: fix "make info" regression in dad9cd7d518

commit e5f5d7d42effb1d0d404897ac782783f742e9daa
Author: Edmundo Carmona Antoranz <eantoranz@gmail.com>
Date:   Wed Apr 6 20:13:20 2022 +0200

    blame: report correct number of lines in progress when using ranges
    
    When using ranges, use the range sizes as the limit for progress
    instead of the size of the full file.
    
    Before:
    $ git blame --progress builtin/blame.c > /dev/null
    Blaming lines: 100% (1210/1210), done.
    $ git blame --progress -L 100,120 -L 200,300 builtin/blame.c > /dev/null
    Blaming lines:  10% (122/1210), done.
    $
    
    After:
    $ ./git blame --progress builtin/blame.c > /dev/null
    Blaming lines: 100% (1210/1210), done.
    $ ./git blame --progress -L 100,120 -L 200,300 builtin/blame.c > /dev/null
    Blaming lines: 100% (122/122), done.
    $
    
    Signed-off-by: Edmundo Carmona Antoranz <eantoranz@gmail.com>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>

commit 84792322ed9e79c3152d9443ab6609710db4b26a
Author: René Scharfe <l.s.r@web.de>
Date:   Mon Apr 4 23:08:26 2022 +0200

    commit, sequencer: turn off break_opt for commit summary
    
    dc6b1d92ca (wt-status: use settings from git_diff_ui_config, 2018-05-04)
    disabled diffopt.break_opt for diffstats shown by git status and in
    commit templates.  For git status there isn't even a way to enable it.
    Make the commit summary (shown after the commit) consistent by disabling
    it there as well.
    
    Reported-by: Laurent Lyaudet <laurent.lyaudet@gmail.com>
    Signed-off-by: René Scharfe <l.s.r@web.de>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>

commit 7b1312e21f5434e68922e4ff5aaf1a65af811c8e
Merge: 5d1c8197d0 faa21c10d4
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon Apr 4 11:02:39 2022 -0700

    Sync with Git 2.36-rc0

commit 5d1c8197d0f8ce072606658b7361f1ae34e6fe4e
Merge: 251b14976f 980145f747
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon Apr 4 10:30:56 2022 -0700

    Merge branch 'fr/vimdiff-layout' into next
    
    Reimplement "vimdiff[123]" mergetool drivers with a more generic
    layout mechanism.
    
    * fr/vimdiff-layout:
      mergetools: add description to all diff/merge tools
      vimdiff: add tool documentation
      vimdiff: integrate layout tests in the unit tests framework ('t' folder)
      vimdiff: new implementation with layout support

commit 251b14976fbbc37f8f6f6bd83a3fea41852d4b19
Merge: c5fb674865 4ff0108d9e
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon Apr 4 10:30:56 2022 -0700

    Merge branch 'jh/p4-various-fixups' into next
    
    Various cleanups to "git p4".
    
    * jh/p4-various-fixups: (22 commits)
      git-p4: sort imports
      git-p4: seperate multiple statements onto seperate lines
      git-p4: move inline comments to line above
      git-p4: only seperate code blocks by a single empty line
      git-p4: compare to singletons with "is" and "is not"
      git-p4: normalize indentation of lines in conditionals
      git-p4: ensure there is a single space around all operators
      git-p4: ensure every comment has a single #
      git-p4: remove spaces between dictionary keys and colons
      git-p4: remove redundant backslash-continuations inside brackets
      git-p4: remove extraneous spaces before function arguments
      git-p4: place a single space after every comma
      git-p4: removed brackets when assigning multiple return values
      git-p4: remove spaces around default arguments
      git-p4: remove padding from lists, tuples and function arguments
      git-p4: sort and de-duplcate pylint disable list
      git-p4: remove commented code
      git-p4: convert descriptive class and function comments into docstrings
      git-p4: improve consistency of docstring formatting
      git-p4: indent with 4-spaces
      ...

commit c5fb6748653905a58a1a650bf85772f22d11e900
Merge: 2e11f1ac0c 0b75e5bf22
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon Apr 4 10:30:56 2022 -0700

    Merge branch 'ab/misc-cleanup' into next
    
    Code clean-up.
    
    * ab/misc-cleanup:
      alloc.[ch]: remove alloc_report() function
      object-store.h: remove unused has_sha1_file*()
      pack-bitmap-write: remove unused bitmap_reset() function
      xdiff/xmacros.h: remove unused XDL_PTRFREE
      configure.ac: remove USE_PIC comment
      run-command.h: remove always unused "clean_on_exit_handler_cbdata"

commit 2e11f1ac0cc4e4cd9127ddd27de947581939bbb2
Merge: 043549e5b0 e6a653554b
Author: Junio C Hamano <gitster@pobox.com>
Date:   Mon Apr 4 10:30:55 2022 -0700

    Merge branch 'tk/untracked-cache-with-uall' into next
    
    The performance of the "untracked cache" feature has been improved
    when "--untracked-files=<mode>" and "status.showUntrackedFiles"
    are combined.
    
    * tk/untracked-cache-with-uall:
      untracked-cache: support '--untracked-files=all' if configured
      untracked-cache: test untracked-cache-bypassing behavior with -uall

commit 980145f7470e20826ca22d7343494712eda9c81d
Author: Fernando Ramos <greenfoo@u92.eu>
Date:   Wed Mar 30 21:19:09 2022 +0200

    mergetools: add description to all diff/merge tools
    
    The output of `git mergetool --tool-help` and `git difftool --tool-help`
    only showed the `alias` of each available merge/diff tool.
    
    It is not always obvious what tool these `aliases` end up using (ex:
    `opendiff` runs `FileMerge` and `bc` runs `Beyond Compare`).
    
    This commit adds a short description to each of them to help the user
    identify the `alias` they want.
    
    Signed-off-by: Fernando Ramos <greenfoo@u92.eu>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>

commit 7b5cf8be180940ce099c8413d02fb5707d900708
Author: Fernando Ramos <greenfoo@u92.eu>
Date:   Wed Mar 30 21:19:08 2022 +0200

    vimdiff: add tool documentation
    
    Running 'git {merge,diff}tool --tool-help' now also prints usage
    information about the vimdiff tool (and its variants) instead of just
    its name.
    
    Two new functions ('diff_cmd_help()' and 'merge_cmd_help()') have been
    added to the set of functions that each merge tool (ie. scripts found
    inside "mergetools/") can overwrite to provided tool specific
    information.
    
    Right now, only 'mergetools/vimdiff' implements these functions, but
    other tools are encouraged to do so in the future, specially if they
    take configuration options not explained anywhere else (as it is the
    case with the 'vimdiff' tool and the new 'layout' option)
    
    Note that the function 'show_tool_names', used in the implementation of
    'git mergetool --tool-help', is also used in Documentation/Makefile to
    generate the list of allowed values for the configuration variables
    '{diff,merge}.{gui,}tool'. Adjust the rule so its output is an Asciidoc
    "description list" instead of a plain list, with the tool name as the
    item and the newly added tool description as the description.
    
    In addition, a section has been added to
    "Documentation/git-mergetool.txt" to explain the new "layout"
    configuration option with examples.
    
    Helped-by: Philippe Blain <levraiphilippeblain@gmail.com>
    Signed-off-by: Fernando Ramos <greenfoo@u92.eu>
    Signed-off-by: Junio C Hamano <gitster@pobox.com>

commit e6b80bfbbee201711d7895a2198f6b9498c4aeb7
Author: Jonathan Nieder <jrnieder@gmail.com>
Date:   Fri Apr 1 13:24:37 2022 -0700

    debian: new "next" snapshot
    
    Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
    Change-Id: I28d7b736d2c268fc98d849bdd535812cc49840f1

commit b7637a58aee4230744e1e45eac9b2ea379af3e82
Merge: 5d3278d518 4f1659d476
Author: Jonathan Nieder <jrnieder@gmail.com>
Date:   Fri Apr 1 13:24:07 2022 -0700

    Merge branch 'next' into debian-experimental
    
    Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
    Change-Id: If1648a3dc2e4cbc4ee30e08409b993e6237188ed

Created: 2017-12-03 Last update: 2022-08-09 14:33

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 5-day delay is over. Check why.

Created: 2022-05-20 Last update: 2022-08-09 14:31

Depends on packages which need a new maintainer normal

The packages that git depends on which need a new maintainer are:

cvsps (#501257)
- Depends: cvsps
- Build-Depends: cvsps

Created: 2019-11-22 Last update: 2022-08-09 14:05

26 bugs tagged patch in the BTS normal

The BTS contains patches fixing 26 bugs (33 if counting merged bugs), consider including or untagging them.

Created: 2022-07-27 Last update: 2022-08-09 14:01

lintian reports 14 warnings normal

Lintian reports 14 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2022-01-01 Last update: 2022-07-30 12:13

piuparts found (un)installation error(s) normal

Piuparts stresses package installation, uninstallation, upgrade, ... While doing such tests, one or more errors were found for the following suites:

sid - piuparts

You should fix them.

Created: 2022-07-22 Last update: 2022-07-22 09:57

2 low-priority security issues in bullseye low

There are 2 open security issues in bullseye.

2 issues left for the package maintainer to handle:

CVE-2022-24765: (needs triaging) Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder `C:\.git`, which would be picked up by Git operations run supposedly outside a repository while searching for a Git directory. Git would then respect any config in said Git directory. Git Bash users who set `GIT_PS1_SHOWDIRTYSTATE` are vulnerable as well. Users who installed posh-gitare vulnerable simply by starting a PowerShell. Users of IDEs such as Visual Studio are vulnerable: simply creating a new project would already read and respect the config specified in `C:\.git\config`. Users of the Microsoft fork of Git are vulnerable simply by starting a Git Bash. The problem has been patched in Git for Windows v2.35.2. Users unable to upgrade may create the folder `.git` on all drives where Git commands are run, and remove read/write access from those folders as a workaround. Alternatively, define or extend `GIT_CEILING_DIRECTORIES` to cover the _parent_ directory of the user profile, e.g. `C:\Users` if the user profile is located in `C:\Users\my-user-name`.
CVE-2022-29187: (needs triaging) Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks.

You can find information about how to handle these issues in the security team's documentation.

Created: 2022-07-04 Last update: 2022-08-01 13:40

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2017-10-26 Last update: 2017-10-26 07:22

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.3.0.1).

Created: 2019-07-08 Last update: 2022-05-11 23:25

testing migrations

excuses:
- Migration status for git (1:2.35.1-1 to 1:2.36.1-1): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- ∙ ∙ Rejected due to piuparts regression - https://piuparts.debian.org/sid/source/g/git.html
- Additional info:
- ∙ ∙ Updating git will fix bugs in testing: #1012774
- ∙ ∙ 91 days old (needed 5 days)
- Not considered

news

[rss feed]

[2022-05-09] Accepted git 1:2.36.1+next.20220505-1 (source) into experimental (Jonathan Nieder)
[2022-05-09] Accepted git 1:2.36.1-1 (source) into unstable (Jonathan Nieder)
[2022-05-09] Accepted git 1:2.36.0+next.20220504-1 (source) into experimental (Glen Choo) (signed by: Jonathan Nieder)
[2022-05-02] Accepted git 1:2.36.0+next.20220428-1 (source) into experimental (Josh Steadmon) (signed by: Jonathan Nieder)
[2022-04-23] Accepted git 1:2.36.0+next.20220417-1 (source) into experimental (Jonathan Nieder)
[2022-04-23] Accepted git 1:2.36.0-1 (source) into unstable (Jonathan Nieder)
[2022-04-23] Accepted git 1:2.36.0~rc2+next.20220414-1 (source) into experimental (Calvin Wan) (signed by: Jonathan Nieder)
[2022-04-13] Accepted git 1:2.36.0~rc2+next.20220411-1 (source) into experimental (Jonathan Nieder)
[2022-04-13] Accepted git 1:2.35.2-1 (source) into unstable (Jonathan Nieder)
[2022-03-10] git 1:2.35.1-1 MIGRATED to testing (Debian testing watch)
[2022-02-19] Accepted git 1:2.35.1+next.20220211-1 (source) into experimental (Jonathan Nieder)
[2022-02-16] Accepted git 1:2.35.1+next.20220128-1 (source) into experimental (Jonathan Nieder)
[2022-02-16] Accepted git 1:2.35.1-1 (source) into unstable (Jonathan Nieder)
[2022-01-18] Accepted git 1:2.34.1-1~bpo11+1 (source all amd64) into bullseye-backports, bullseye-backports (Debian FTP Masters) (signed by: Roger Shimizu)
[2021-12-30] Accepted git 1:2.34.1+next.20211227-1 (source) into experimental (Jonathan Nieder)
[2021-12-23] Accepted git 1:2.34.1+next.20211221-1 (source) into experimental (Josh Steadmon) (signed by: Jonathan Nieder)
[2021-12-15] git 1:2.34.1-1 MIGRATED to testing (Debian testing watch)
[2021-12-03] Accepted git 1:2.34.1+next.20211202-1 (source) into experimental (Josh Steadmon) (signed by: Jonathan Nieder)
[2021-11-29] Accepted git 1:2.34.1+next.20211124-1 (source) into experimental (Jonathan Nieder)
[2021-11-29] Accepted git 1:2.34.1-1 (source) into unstable (Jonathan Nieder)
[2021-11-20] Accepted git 1:2.34.0+next.20211119-1 (source) into experimental (Jonathan Nieder)
[2021-11-20] Accepted git 1:2.34.0-1 (source) into unstable (Jonathan Nieder)
[2021-10-25] Accepted git 1:2.33.1+next.20211025-1 (source) into experimental (Jonathan Nieder)
[2021-10-25] Accepted git 1:2.33.1-1 (source) into unstable (Jonathan Nieder)
[2021-10-04] Accepted git 1:2.33.0+next.20210929-1 (source) into experimental (Jonathan Nieder)
[2021-09-09] Accepted git 1:2.33.0+next.20210901-1 (source) into experimental (Emily Shaffer) (signed by: Jonathan Nieder)
[2021-08-27] git 1:2.33.0-1 MIGRATED to testing (Debian testing watch)
[2021-08-17] Accepted git 1:2.33.0+next.20210816-1 (source) into experimental (Jonathan Nieder)
[2021-08-17] Accepted git 1:2.33.0-1 (source) into unstable (Jonathan Nieder)
[2021-08-16] git 1:2.32.0-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 429 444
RC: 1
I&N: 184 185
M&W: 244 258
F&P: 0
patch: 26 33

links

homepage
lintian (0, 14)
buildd: logs, exp, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (-, 92)

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1:2.36.1-1ubuntu2
81 bugs (2 patches)
patches for 1:2.36.1-1ubuntu2