Sync from SUSE:SLFO:Main git revision 438920b4637916f777a5445a67dd5901

completion-wordbreaks.diff

@@ -2,11 +2,11 @@
  contrib/completion/git-completion.bash |   10 ++++++----
  1 file changed, 6 insertions(+), 4 deletions(-)
 
-Index: git-2.40.0/contrib/completion/git-completion.bash
+Index: git-2.43.1/contrib/completion/git-completion.bash
 ===================================================================
---- git-2.40.0.orig/contrib/completion/git-completion.bash
-+++ git-2.40.0/contrib/completion/git-completion.bash
-@@ -65,10 +65,12 @@
+--- git-2.43.1.orig/contrib/completion/git-completion.bash
++++ git-2.43.1/contrib/completion/git-completion.bash
+@@ -67,10 +67,12 @@
  #     case insensitively, even on systems with case sensitive file systems
  #     (e.g., completing tag name "FOO" on "git checkout f<TAB>").
  

git-prevent_xss-default.diff

@@ -12,11 +12,11 @@ Signed-off-by: Jakub Narebski <jnareb@...il.com>
  gitweb/gitweb.perl |    2 +-
  3 files changed, 8 insertions(+), 3 deletions(-)
 
-Index: git-2.11.0/git-instaweb.sh
+Index: git-2.43.1/git-instaweb.sh
 ===================================================================
---- git-2.11.0.orig/git-instaweb.sh
-+++ git-2.11.0/git-instaweb.sh
-@@ -598,6 +598,10 @@ our \$projectroot = "$(dirname "$fqgitdi
+--- git-2.43.1.orig/git-instaweb.sh
++++ git-2.43.1/git-instaweb.sh
+@@ -721,6 +721,10 @@ our \$projectroot = "$(dirname "$fqgitdi
  our \$git_temp = "$fqgitdir/gitweb/tmp";
  our \$projects_list = \$projectroot;
  
@@ -27,11 +27,11 @@ Index: git-2.11.0/git-instaweb.sh
  \$feature{'remote_heads'}{'default'} = [1];
  EOF
  }
-Index: git-2.11.0/gitweb/gitweb.perl
+Index: git-2.43.1/gitweb/gitweb.perl
 ===================================================================
---- git-2.11.0.orig/gitweb/gitweb.perl
-+++ git-2.11.0/gitweb/gitweb.perl
-@@ -190,7 +190,7 @@ our @diff_opts = ('-M'); # taken from gi
+--- git-2.43.1.orig/gitweb/gitweb.perl
++++ git-2.43.1/gitweb/gitweb.perl
+@@ -194,7 +194,7 @@ our @diff_opts = ('-M'); # taken from gi
  
  # Disables features that would allow repository owners to inject script into
  # the gitweb domain.
@@ -39,4 +39,4 @@ Index: git-2.11.0/gitweb/gitweb.perl
 +our $prevent_xss = 1;
  
  # Path to the highlight executable to use (must be the one from
- # http://www.andre-simon.de due to assumptions about parameters and output).
+ # http://andre-simon.de/zip/download.php due to assumptions about parameters and output).

git.changes

@@ -1,7 +1,180 @@
+-------------------------------------------------------------------
+Tue May 14 22:38:09 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- update to 2.45.1:
+ * CVE-2024-32002: recursive clones on case-insensitive
+   filesystems that support symbolic links are susceptible to case
+   confusion (boo#1224168)
+ * CVE-2024-32004: arbitrary code execution during local clones
+   (boo#1224170)
+ * CVE-2024-32020: file overwriting vulnerability during local
+   clones (boo#1224171)
+ * CVE-2024-32021: git may create hardlinks to arbitrary user-
+   readable files (boo#1224172)
+ * CVE-2024-32465: arbitrary code execution during clone operations
+   (boo#1224173)
+
+-------------------------------------------------------------------
+Wed May  1 16:47:14 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- update to 2.45.0:
+  * Improved efficiency managing repositories with many references
+    ("git init --ref-format=reftable")
+  * "git checkout -p" and friends learned that that "@" is a
+    synonym for "HEAD"
+  * cli improvements handling refs
+  * Expanded a number of commands and options, UI improvements
+  * status.showUntrackedFiles now accepts "true"
+  * git-cherry-pick(1) now automatically drops redundant commits
+    with new --empty option
+  * The userdiff patterns for C# has been updated.
+
+-------------------------------------------------------------------
+Sun Feb 25 08:07:01 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- update to 2.44.0:
+  * "git checkout -B <branch>" now longer allows switching to a
+    branch that is in use on another worktree. The users need to
+    use "--ignore-other-worktrees" option.
+  * Faster server-side rebases with git replay
+  * Faster pack generation with multi-pack reuse
+  * rebase auto-squashing now works in non-interactive mode
+  * pathspec now understands attr, e.g. ':(attr:~binary) for
+    selecting non-binaries, or builtin_objectmode for selecting
+    items by file mode or other properties
+  * Many other cli UI and internal improvements and extensions
+
+-------------------------------------------------------------------
+Tue Feb 20 09:56:30 UTC 2024 - Danilo Spinella <danilo.spinella@suse.com>
+
+- Do not replace apparmor configuration, fixes bsc#1216545
+
+-------------------------------------------------------------------
+Thu Feb 15 16:57:56 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- update to 2.43.2:
+  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.2.txt
+  * Update to a new feature recently added, "git show-ref --exists".
+  * Rename detection logic ignored the final line of a file if it
+    is an incomplete line.
+  * "git diff --no-rename A B" did not disable rename detection but
+    did not trigger an error from the command line parser.
+  * "git diff --no-index file1 file2" segfaulted while invoking the
+    external diff driver, which has been corrected.
+  * A failed "git tag -s" did not necessarily result in an error
+    depending on the crypto backend, which has been corrected.
+  * "git stash" sometimes was silent even when it failed due to
+    unwritable index file, which has been corrected.
+  * Recent conversion to allow more than 0/1 in GIT_FLUSH broke the
+    mechanism by flipping what yes/no means by mistake, which has
+    been corrected.
+
+-------------------------------------------------------------------
+Mon Feb 12 16:59:37 UTC 2024 - Dirk Müller <dmueller@suse.com>
+
+- update to 2.43.1:
+  * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.1.txt
+
+-------------------------------------------------------------------
+Tue Jan  9 21:02:19 UTC 2024 - Christian Boltz <suse-beta@cboltz.de>
+
+- gitweb AppArmor profile: allow reading etc/gitweb-common.conf
+  (boo#1218664)
+
+-------------------------------------------------------------------
+Mon Jan  8 18:43:24 UTC 2024 - Christian Boltz <suse-beta@cboltz.de>
+
+- git moved to /usr/libexec/git/git, update AppArmor profile
+  accordingly (boo#1218588)
+
+-------------------------------------------------------------------
+Tue Nov 21 14:52:03 UTC 2023 - Dirk Müller <dmueller@suse.com>
+
+- update to 2.43.0:
+ * The "--rfc" option of "git format-patch" used to be a valid way to
+   override an earlier "--subject-prefix=<something>" on the command
+   line and replace it with "[RFC PATCH]", but from this release, it
+   merely prefixes the string "RFC " in front of the given subject
+   prefix.  If you are negatively affected by this change, please use
+   "--subject-prefix=PATCH --rfc" as a replacement.
+ * In Git 2.42, "git rev-list --stdin" learned to take non-revisions
+   (like "--not") from the standard input, but the way such a "--not" was
+   handled was quite confusing, which has been rethought.  The updated
+   rule is that "--not" given from the command line only affects revs
+   given from the command line that comes but not revs read from the
+   standard input, and "--not" read from the standard input affects
+   revs given from the standard input and not revs given from the
+   command line.
+ * A message written in olden time prevented a branch from getting
+   checked out, saying it is already checked out elsewhere. But these
+   days, we treat a branch that is being bisected or rebased just like
+   a branch that is checked out and protect it from getting modified
+   with the same codepath.  The message has been rephrased to say that
+   the branch is "in use" to avoid confusion.
+ * Hourly and other schedules of "git maintenance" jobs are randomly
+   distributed now.
+ * "git cmd -h" learned to signal which options can be negated by
+   listing such options like "--[no-]opt".
+ * The way authentication related data other than passwords (e.g.,
+   oauth token and password expiration data) are stored in libsecret
+   keyrings has been rethought.
+ * Update the libsecret and wincred credential helpers to correctly
+   match which credential to erase; they erased the wrong entry in
+   some cases.
+ * Git GUI updates.
+ * "git format-patch" learned a new "--description-file" option that
+   lets cover letter description to be fed; this can be used on
+   detached HEAD where there is no branch description available, and
+   also can override the branch description if there is one.
+ * Use of the "--max-pack-size" option to allow multiple packfiles to
+   be created is now supported even when we are sending unreachable
+   objects to cruft packs.
+ * "git format-patch --rfc --subject-prefix=<foo>" used to ignore the
+   "--subject-prefix" option and used "[RFC PATCH]"; now we will add
+   "RFC" prefix to whatever subject prefix is specified.
+ * "git log --format" has been taught the %(decorate) placeholder for
+   further customization over what the "--decorate" option offers.
+ * The default log message created by "git revert", when reverting a
+   commit that records a revert, has been tweaked, to encourage people
+   to describe complex "revert of revert of revert" situations better in
+   their own words.
+ * The command-line completion support (in contrib/) learned to
+   complete "git commit --trailer=" for possible trailer keys.
+ * "git update-index" learned the "--show-index-version" option to
+   inspect the index format version used by the on-disk index file.
+ * "git diff" learned the "diff.statNameWidth" configuration variable,
+   to give the default width for the name part in the "--stat" output.
+ * "git range-diff --notes=foo" compared "log --notes=foo --notes" of
+   the two ranges, instead of using just the specified notes tree,
+   which has been corrected to use only the specified notes tree.
+ * The command line completion script (in contrib/) can be told to
+   complete aliases by including ": git <cmd> ;" in the alias to tell
+   it that the alias should be completed in a similar way to how "git
+   <cmd>" is completed.  The parsing code for the alias has been
+   loosened to allow ';' without an extra space before it.
+ * "git for-each-ref" and friends learned to apply mailmap to
+   authorname and other fields in a more flexible way than using
+   separate placeholder letters like %a[eElL] every time we want to
+   come up with small variants.
+ * "git repack" machinery learned to pay attention to the "--filter="
+   option.
+ * "git repack" learned the "--max-cruft-size" option to prevent cruft
+   packs from growing without bounds.
+ * "git merge-tree" learned to take strategy backend specific options
+   via the "-X" option, like "git merge" does.
+ * "git log" and friends learned the "--dd" option that is a
+   short-hand for "--diff-merges=first-parent -p".
+ * The attribute subsystem learned to honor the "attr.tree"
+   configuration variable that specifies which tree to read the
+   .gitattributes files from.
+ * "git merge-file" learns a mode to read three variants of the
+   contents to be merged from blob objects.
+ * see https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.0.txt
+
 -------------------------------------------------------------------
 Sat Nov  4 12:15:19 UTC 2023 - Andreas Stieger <andreas.stieger@gmx.de>
 
-- git 2.24.1:
+- git 2.42.1:
   * The usual number of bug fixes, including
   * Fix "git diff" exit code handling
   * Various fixes to the behavior of "rebase -i" when the command

git.spec

@@ -1,7 +1,8 @@
 #
 # spec file for package git
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2024 Andreas Stieger <Andreas.Stieger@gmx.de>
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -35,7 +36,7 @@
 %bcond_with    asciidoctor
 %endif
 Name:           git
-Version:        2.42.1
+Version:        2.45.1
 Release:        0
 Summary:        Fast, scalable, distributed revision control system
 License:        GPL-2.0-only
@@ -539,7 +540,8 @@ fi
 %dir %{_sysconfdir}/apache2/conf.d/
 %config(noreplace) %{_sysconfdir}/apache2/conf.d/gitweb.conf
 %{_datadir}/gitweb
-%{_sysconfdir}/apparmor.d
+%dir %{_sysconfdir}/apparmor.d
+%config(noreplace) %{_sysconfdir}/apparmor.d/usr.share.git-web.gitweb.cgi
 %{gitexecdir}//git-instaweb
 %{gitexecdir}//git-web--browse
 %{_mandir}/man1/*web*1%{?ext_man}

setup-don-t-fail-if-commondir-reference-is-deleted.patch

@@ -28,11 +28,11 @@ v3:
  setup.c | 16 +++++++++++-----
  1 file changed, 11 insertions(+), 5 deletions(-)
 
-diff --git a/setup.c b/setup.c
-index ca9e8a949ed8..49306e36990d 100644
---- a/setup.c
-+++ b/setup.c
-@@ -270,12 +270,20 @@ int get_common_dir_noenv(struct strbuf *sb, const char *gitdir)
+Index: git-2.43.1/setup.c
+===================================================================
+--- git-2.43.1.orig/setup.c
++++ git-2.43.1/setup.c
+@@ -316,12 +316,20 @@ int get_common_dir_noenv(struct strbuf *
  {
  	struct strbuf data = STRBUF_INIT;
  	struct strbuf path = STRBUF_INIT;
@@ -56,7 +56,7 @@ index ca9e8a949ed8..49306e36990d 100644
  		while (data.len && (data.buf[data.len - 1] == '\n' ||
  				    data.buf[data.len - 1] == '\r'))
  			data.len--;
-@@ -286,8 +294,6 @@ int get_common_dir_noenv(struct strbuf *sb, const char *gitdir)
+@@ -332,8 +340,6 @@ int get_common_dir_noenv(struct strbuf *
  		strbuf_addbuf(&path, &data);
  		strbuf_add_real_path(sb, path.buf);
  		ret = 1;
@@ -65,6 +65,3 @@ index ca9e8a949ed8..49306e36990d 100644
  	}
  
  	strbuf_release(&data);
--- 
-2.20.1
-

usr.share.git-web.gitweb.cgi

@@ -15,6 +15,7 @@ profile gitweb.cgi /usr/share/gitweb/gitweb.cgi {
   /usr/bin/zip rix,
   /dev/tty rw,
   /etc/gitweb.conf r,
+  /etc/gitweb-common.conf r,
   /etc/mime.types r,
   /proc/loadavg r,
   /proc/meminfo r,
@@ -22,7 +23,7 @@ profile gitweb.cgi /usr/share/gitweb/gitweb.cgi {
   /srv/git/ r,
   /srv/git/** r,
   /usr/bin/perl ix,
-  /usr/lib/git/git rix,
+  /usr/libexec/git/git rix,
   /usr/bin/git-receive-pack rix,
   /usr/share/gitweb/* r,
   /usr/share/gitweb/static/* r,