I am sending it together with SRs for python-pygit2 and libgit2-glib.
- update to 1.9.0
* update TLS cipher selection to match the "compatibility" cipher
suite settings as documented by Mozilla.
* blame API now contains committer information and commit
summaries for blame hunks, and the ability to get information
about the line of text that was modified
* add blame, init commands to CLI
* ABI-breaking changes in blame hunk, checkout, configuration,
update_refs
* new API: git_signature_default_from_env
* packbuilder can now be interrupted from a callback
* honor the preciousObject repository extension
* Push status will be reported even when a push fails
* support generating think packs from a mempack instanct
* New LIBGIT2_VERSION_CHECK macro for version checking
* Custom X509 certificates can be added to OpenSSL's certificate
store using the GIT_OPT_ADD_SSL_X509_CERT option
* Bug fixes and documentation updates
OBS-URL: https://build.opensuse.org/request/show/1241223
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libgit2?expand=0&rev=68
- update to 1.8.1:
* In v1.8, libgit2 introduced the `report_unchanged ` member in
the `git_fetch_options` structure. We mistakenly introduced
this as a bitfield, which is not suitable for our public API.
To correct this mistake, we have _removed_ the
`report_unchanged ` member. To support the report unchanged
tips option, users can set the `update_fetchhead`
member to include the `GIT_REMOTE_UPDATE_REPORT_UNCHANGED`
value.
* The libgit2 projects regrets the API change, but this was
required to support cross-platform compatibility.
* commit: Fix git_commit_create_from_stage without author and
* committer
* process.c: fix environ
* Bounds check for pack index read
* transport: provide a useful error message during cancellation
* transport: support sha256 oids
* Revparse: Correctly accept ref with '@' at the end
* remote: drop bitfields in git_remote_fetch_options
* examples: fix memory leak in for-each-ref.c
* xdiff: use proper free function
* rand: avoid uninitialized loadavg warnings
* cli: include alloca on illumos / solaris / sunos
* Update git_array allocator to obey strict aliasing rules
* tree: avoid mixed signedness comparison by @ethomson in
- require library required by pkg-config file
* fix out-of-bounds reads when processing smart-protocol "ng"
- Changed API:
- Fix license to be GPL-2.0-with-GCC-exception
OBS-URL: https://build.opensuse.org/request/show/1174831
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgit2?expand=0&rev=133
* This is a security release to address CVE-2023-22742: when compiled
using the optional, included libssh2 backend, libgit2 fails to verify
SSH keys by default.
* When using an SSH remote with the optional, included libssh2 backend,
libgit2 does not perform certificate checking by default. Prior versions
of libgit2 require the caller to set the `certificate_check` field of
libgit2's `git_remote_callbacks` structure - if a certificate check
callback is not set, libgit2 does not perform any certificate checking.
This means that by default - without configuring a certificate check
callback, clients will not perform validation on the server SSH keys and
may be subject to a man-in-the-middle attack.
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgit2?expand=0&rev=107
- update to 1.1.1:
* Fixes a bug where decompressing packfiles could fail in rare
instances.
* Ensure worktree paths are validated in more cases.
* Builds without thread-safety (`THREADSAFE=OFF`) are supported again.
* Builds without mmap (`NO_MMAP`) are supported again.
* mbedTLS is supported in non-default locations.
* Malformed branch names or missing branches on remotes are ignored.
* Use compiler intrinsics to detect arithmetic overflows in more cases.
* The configuration cache functions properly on systems with strict
alignment.
* A missing options initializer function (`git_blob_filter_options_init`)
was added for `git_blob_filter_options`.
* Several documentation fixes.
OBS-URL: https://build.opensuse.org/request/show/906736
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgit2?expand=0&rev=92
- Update to version 1.0.0:
* CMake was converted to make use of the GNUInstallDirs module
for both our pkgconfig and install targets in favor of our
custom build options BIN_INSTALL_DIR, LIB_INSTALL_DIR and
INCLUDE_INSTALL_DIR. Instead, you can now use CMakes standard
variables CMAKE_INSTALL_BINDIR, CMAKE_INSTALL_LIBDIR and
CMAKE_INSTALL_INCLUDEDIR.
* Some CMake build options accepted either a specific value or a
boolean value to disable the option altogether or use automatic
detection. We only accepted "ON" or "OFF", but none of the
other values CMake recognizes as boolean. This was aligned with
CMake's understanding of booleans.
* The installed pkgconfig file contained incorrect values for
both libdir and includedir variables.
* If using pcre2 for regular expressions, then we incorrectly
added "pcre2" instead of "pcre2-8" to our pkgconfig
dependencies, which was corrected.
* Fixed building the bundled ntlmclient dependency on FreeBSD,
OpenBSD and SunOS.
* When writing symlinks on Windows, we incorrectly handled
relative symlink targets, which was corrected.
* When using the HTTP protocol via macOS' SecureTransport
implementation, reads could stall at the end of the session and
only continue after a timeout of 60 seconds was reached.
* The filesystem-based reference callback didn't corectly
initialize the backend version.
* A segmentation fault was fixed when calling git_blame_buffer()
for files that were modified and added to the index.
* A backwards-incompatible change was introduced when we moved
some structures from "git2/credentials.h" into
"git2/sys/credentials.h". This was fixed in the case where you
do not use hard deprecation.
* Improved error handling in various places.
- Change sover define to 1_0 and in baselibs following upstream
changes.
OBS-URL: https://build.opensuse.org/request/show/796007
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgit2?expand=0&rev=84
- Update to 0.28.2:
* Fix include directory ordering when using bundled dependencies.
* Fix infinite loop when searching for a non-existing repository with
Windows-style paths including drive prefixes.
* Fix symlinks to directories on Windows.
* Fix paths with a trailing "/" not always being treated as
directories when computing ignores.
* Fix false negatives when computing ignores where ignore rules
that are a prefix to a negative ignore rule exist.
* Fix patches with CRLF line endings not being parsed correctly.
* Fix segfault when parsing patches with file addition (deletion)
where the added (deleted) file name contains a space.
* Fix assertion failure when trying to write to a non-existent
locked configuration file.
OBS-URL: https://build.opensuse.org/request/show/717802
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgit2?expand=0&rev=77
- Update to version 0.28.0:
* Changes or improvements:
- The library is now always built with cdecl calling
conventions on Windows; the ability to build a stdcall
library has been removed.
- Reference log creation now honors
core.logallrefupdates=always.
- Fix some issues with the error-reporting in the OpenSSL
backend.
- HTTP proxy support is now builtin; libcurl is no longer used
to support proxies and is removed as a dependency.
- Certificate and credential callbacks can now return
GIT_PASSTHROUGH to decline to act; libgit2 will behave as if
there was no callback set in the first place.
- The line-ending filtering logic - when checking out files -
has been updated to match newer git (>= git 2.9) for proper
interoperability.
- Symbolic links are now supported on Windows when
core.symlinks is set to true.
- Submodules with names which attempt to perform path traversal
now have their configuration ignored. Such names were blindly
appended to the $GIT_DIR/modules and a malicious name could
lead to an attacker writing to an arbitrary location. This
matches git's handling of CVE-2018-11235.
- Object validation is now performed during tree creation in
the git_index_write_tree_to API.
- Configuration variable may now be specified on the same line
as a section header; previously this was erroneously a parser
error.
- When an HTTP server supports both NTLM and Negotiate
authentication mechanisms, we would previously fail to
authenticate with any mechanism.
- The GIT_OPT_SET_PACK_MAX_OBJECTS option can now set the
maximum number of objects allowed in a packfile being
downloaded; this can help limit the maximum memory used when
fetching from an untrusted remote.
- Line numbers in diffs loaded from patch files were not being
populated; they are now included in the results.
- The repository's index is reloaded from disk at the beginning
of git_merge operations to ensure that it is up-to-date.
- Mailmap handling APIs have been introduced, and the new
commit APIs git_commit_committer_with_mailmap and
git_commit_author_with_mailmap will use the mailmap to
resolve the committer and author information. In addition,
blame will use the mailmap given when the
GIT_BLAME_USE_MAILMAP option.
- Ignore handling for files in ignored folders would be
ignored.
- Worktrees can now be backed by bare repositories.
- Trailing spaces are supported in .gitignore files, these
spaces were previously (and erroneously) treated as part of
the pattern.
- The library can now be built with mbedTLS support for HTTPS.
- The diff status character 'T' will now be presented by the
git_diff_status_char API for diff entries that change type.
- Revision walks previously would sometimes include commits
that should have been ignored; this is corrected.
- Revision walks are now more efficient when the output is
unsorted; we now avoid walking all the way to the beginning
of history unnecessarily.
- Error-handling around index extension loading has been fixed.
We were previously always misreporting a truncated index.
* API additions:
- The index may now be iterated atomically using
git_index_iterator.
- Remote objects can now be created with extended options using
the git_remote_create_with_opts API.
- Diff objects can now be applied as changes to the working
directory, index or both, emulating the git apply command.
Additionally, git_apply_to_tree can apply those changes to a
tree object as a fully in-memory operation.
- You can now swap out memory allocators via the
GIT_OPT_SET_ALLOCATOR option with git_libgit2_opts().
- You can now ensure that functions do not discard unwritten
changes to the index via the
GIT_OPT_ENABLE_UNSAVED_INDEX_SAFETY option to
git_libgit2_opts(). This will cause functions that implicitly
re-read the index (eg, git_checkout) to fail if you have
staged changes to the index but you have not written the
index to disk. (Unless the checkout has the FORCE flag
specified.)
- At present, this defaults to off, but we intend to enable
this more broadly in the future, as a warning or error. We
encourage you to examine your code to ensure that you are not
relying on the current behavior that implicitly removes
staged changes.
- Reference specifications can be parsed from an arbitrary
string with the git_refspec_parse API.
- You can now get the name and path of worktrees using the
git_worktree_name and git_worktree_path APIs, respectively.
- The ref field has been added to git_worktree_add_options to
enable the creation of a worktree from a pre-existing branch.
- It's now possible to analyze merge relationships between any
two references, not just against HEAD, using
git_merge_analysis_for_ref.
* API removals:
- The git_buf_free API is deprecated; it has been renamed to
git_buf_dispose for consistency. The git_buf_free API will be
retained for backward compatibility for the foreseeable
future.
- The git_otype enumeration and its members are deprecated and
have been renamed for consistency. The GIT_OBJ_ enumeration
values are now prefixed with GIT_OBJECT_. The old
enumerations and macros will be retained for backward
compatibility for the foreseeable future.
- Several index-related APIs have been renamed for consistency.
The GIT_IDXENTRY_ enumeration values and macros have been
renamed to be prefixed with GIT_INDEX_ENTRY_. The
GIT_INDEXCAP enumeration values are now prefixed with
GIT_INDEX_CAPABILITY_. The old enumerations and macros will
be retained for backward compatibility for the foreseeable
future.
- The error functions and enumeration values have been renamed
for consistency. The giterr_ functions and values prefix have
been renamed to be prefixed with git_error_; similarly,
the GITERR_ constants have been renamed to be prefixed with
GIT_ERROR_. The old enumerations and macros will be retained
for backward compatibility for the foreseeable future.
* Breaking API changes:
- The default checkout strategy changed from DRY_RUN to SAFE.
- Adding a symlink as .gitmodules into the index from the
workdir or checking out such files is not allowed as this can
make a Git implementation write outside of the repository and
bypass the fsck checks for CVE-2018-11235.
- Bump sover to 28 following upstreams changes.
OBS-URL: https://build.opensuse.org/request/show/674749
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgit2?expand=0&rev=74
- libgit2 0.27.3:
* CVE-2018-10887 (bsc#1100613), CVE-2018-10888 (bsc#1100612):
Specially crafted delta object in packfiles could trigger an
integer overflow, bypassing input validation and causing the
object database to contain copies of system memory. This may
allow denial of service or, potentially, an information leak
- includes changes from 0.27.2:
* various API and correctnes fixes
* Fixes related to handling of .gitmodules
- includes changes from 0.27.1:
* CVE-2018-11235: insufficient validation of submodule names from
.gitmodules allowed writes to arbitrary paths (bsc#1095219)
* disallow .gitmodules files as symlinks.
OBS-URL: https://build.opensuse.org/request/show/621935
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgit2?expand=0&rev=64
- update to 0.27.0:
- Changes or improvements
- Improved p_unlink in posix_w32.c to try and make a file
writable before sleeping in the retry loop to prevent
unnecessary calls to sleep.
- The CMake build infrastructure has been improved to speed up
building time.
- A new CMake option "-DUSE_HTTPS=" makes it possible to
explicitly choose an HTTP backend.
- A new CMake option "-DSHA1_BACKEND=" makes it possible to
explicitly choose an SHA1 backend. The collision-detecting
backend is now the default.
- A new CMake option "-DUSE_BUNDLED_ZLIB" makes it possible to
explicitly use the bundled zlib library.
- A new CMake option "-DENABLE_REPRODUCIBLE_BUILDS" makes it
possible to generate a reproducible static archive. This
requires support from your toolchain.
- The minimum required CMake version has been bumped to 2.8.11.
- Writing to a configuration file now preserves the case of the
key given by the caller for the case-insensitive portions of
the key (existing sections are used even if they don't
match).
- We now support conditional includes in configuration files.
- Fix for handling re-reading of configuration files with
includes.
- Fix for reading patches which contain exact renames only.
- Fix for reading patches with whitespace in the compared
files' paths.
- We will now fill FETCH_HEAD from all passed refspecs instead
of overwriting with the last one.
OBS-URL: https://build.opensuse.org/request/show/600302
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libgit2?expand=0&rev=30
- Update to 0.26.3:
* Fix cloning of the libgit2 project with git clone --recursive by removing an
invalid submodule from our testing data.
* Fix endianness of the port in p_getaddrinfo().
* Fix handling of negative gitignore rules with wildcards.
* Fix handling of case-insensitive negative gitignore rules.
* Fix resolving references to a tag if the reference is stored with its fully
resolved OID in the packed-refs file.
* Fix checkout not treating worktree files as modified when only their mode has
changed.
* Fix rename detection with GIT_DIFF_FIND_RENAMES_FROM_REWRITES.
* Fixes memory handling issues when reading crafted repository index files.
The issues allow for possible denial of service due to allocation of large
memory and out-of-bound reads.
(CVE-2018-8098 bnc#1085257 CVE-2018-8099 bnc#1085256)
* Updates the bundled zlib to 1.2.11. Users who build the bundled zlib are
vulnerable to security issues in the prior version.
OBS-URL: https://build.opensuse.org/request/show/586751
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgit2?expand=0&rev=56
libgit2 0.24.6, including the following security fixes:
* bsc#1019036: edge cases in the Git Smart Protocol can lead to
attempting to parse outside of the buffer
CVE-2016-10128,CVE-2016-10129
* bsc#1019037: MITM possible due to lack of parameter for
certificate parameter
CVE-2016-10130,CVE-2017-5338,CVE-2017-5339
- includes changes from 0.24.5:
* add support for OpenSSL 1.1.0 for BIO filter
OBS-URL: https://build.opensuse.org/request/show/449627
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgit2?expand=0&rev=46
- Update to version 0.20.0:
+ Blame APIs.
+ Filter APIs.
+ Public git_buffer APIs.
+ Merge conflict support in Checkout.
+ Simplified Clone options and git_clone_into.
+ Config iterator APIs and updated Config multivar API.
+ Diff API reorganization and renaming, with Patch API split off.
+ Indexer API renaming and improvements.
+ ODB backend API cleanup.
+ Improves progress callbacks for Packbuilder, Push, Fetch (and
any other Remote operation).
+ Public Pathspec matching APIs.
+ Reflog API and RefDB Backend API cleanup.
+ Remote API extensions.
+ SSH Transport configuration cleanup.
+ Submodule status improvements.
+ Pluggable Transport APIs.
+ Lots of other small features (e.g. decomposed unicode support on
MacOS, revwalk simplifying by first parent),
+ Bug fixes (e.g. junction support on Win32, redirect handling
in HTTP transport) and performance improvements.
+ Lots of new examples (init, status, log, blame, etc.) and
relicensing of example code under CC0 license. (forwarded request 208340 from dimstar)
OBS-URL: https://build.opensuse.org/request/show/208485
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libgit2?expand=0&rev=10
- Update to version 0.20.0:
+ Blame APIs.
+ Filter APIs.
+ Public git_buffer APIs.
+ Merge conflict support in Checkout.
+ Simplified Clone options and git_clone_into.
+ Config iterator APIs and updated Config multivar API.
+ Diff API reorganization and renaming, with Patch API split off.
+ Indexer API renaming and improvements.
+ ODB backend API cleanup.
+ Improves progress callbacks for Packbuilder, Push, Fetch (and
any other Remote operation).
+ Public Pathspec matching APIs.
+ Reflog API and RefDB Backend API cleanup.
+ Remote API extensions.
+ SSH Transport configuration cleanup.
+ Submodule status improvements.
+ Pluggable Transport APIs.
+ Lots of other small features (e.g. decomposed unicode support on
MacOS, revwalk simplifying by first parent),
+ Bug fixes (e.g. junction support on Win32, redirect handling
in HTTP transport) and performance improvements.
+ Lots of new examples (init, status, log, blame, etc.) and
relicensing of example code under CC0 license.
OBS-URL: https://build.opensuse.org/request/show/208340
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgit2?expand=0&rev=18
- Update to version 0.19.0:
+ New (threadsafe) cache for objects.
+ Iterator for Status.
+ New Merge APIs.
+ SSH support on *NIX.
+ Function context on diff.
+ Namespaces support.
+ Index add/update/remove with wildcard support.
+ Iterator for References.
+ Fetch and push refspecs for Remotes.
+ Rename support in Status.
+ New 'sys/` namespace for external headers with low-level APIs. (forwarded request 182548 from dimstar)
OBS-URL: https://build.opensuse.org/request/show/182589
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libgit2?expand=0&rev=8
- Update to version 0.19.0:
+ New (threadsafe) cache for objects.
+ Iterator for Status.
+ New Merge APIs.
+ SSH support on *NIX.
+ Function context on diff.
+ Namespaces support.
+ Index add/update/remove with wildcard support.
+ Iterator for References.
+ Fetch and push refspecs for Remotes.
+ Rename support in Status.
+ New 'sys/` namespace for external headers with low-level APIs.
OBS-URL: https://build.opensuse.org/request/show/182548
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgit2?expand=0&rev=16
- Fix license to be GPL-2.0-with-GCC-exception
- Update to 0.16.0
- Git Attributes support (see git2/attr.h)
There is now support to efficiently parse and retrieve information
from `.gitattribute` files in a repository. Note that this
information is not yet used e.g. when checking out files.
- .gitignore support
Likewise, all the operations that are affected by `.gitignore` files
now take into account the global, user and local ignores when
skipping the relevant files.
- Cleanup of the object ownership semantics
The ownership semantics for all repository subparts (index, odb,
config files, etc) has been redesigned. All these objects are now
reference counted, and can be hot-swapped in the middle of
execution, allowing for instance to add a working directory and an
index to a repository that was previously opened as bare, or to
change the source of the ODB objects after initialization.
Consequently, the repository API has been simplified to remove all
the `_openX` calls that allowed setting these subparts *before*
initialization.
- git_index_read_tree()
Git trees can now be read into the index.
- More reflog functionality
The reference log has been optimized, and new API calls to rename
and delete the logs for a reference have been added.
- Rewrite of the References code with explicit ownership semantics
The references code has been mostly rewritten to take into account
the cases where another Git application was modifying a repository's
references while the Library was running.
OBS-URL: https://build.opensuse.org/request/show/116631
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libgit2?expand=0&rev=3
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
