libgit2 v1.8.0

v1.8

This is release v1.8.0, "Das Fliegende Klassenzimmer". This release includes optional, experimental support for invoking OpenSSH to fetch and push, an easier mechanism to perform the default behavior of git commit, and has many improvements for worktrees. This release also includes many other new features and bugfixes.

Major changes

• Executable SSH (OpenSSH) support
  libgit2 can now invoke the command-line OpenSSH to fetch from and push to remotes over SSH. This support takes the place of libssh2 support. To use it, configure libgit2 with cmake -DUSE_SSH=exec, and please report any problems that you discover. By @ethomson in #6617

• Simplified commit creation
  The git_commit_create_from_stage API was introduced to allow users to better emulate the behavior of git commit without needing to provide unnecessary information. The current state of the index is committed to the current branch. By @ethomson in #6716

• Worktree improvements
  A number of worktree improvements have been made for better compatibility with core git. First, libgit2 now understands per-worktree references, thanks to @csware in #6387. Worktree-specific configuration is now supported, thanks to @vermiculus in #6202. And improved compatibility with git worktree add is now supported, thanks to @herrerog in #5319.

Breaking changes

• Adding WORKTREE configuration level (ABI breaking change)
  To support worktree configurations at the appropriate level (higher priority than local configuration, but lower priority than app-specific configuration), the GIT_CONFIG_LEVEL_WORKTREE level was introduced at priority 6. GIT_CONFIG_LEVEL_APP now begins at priority 7.

• Changes to git_config_entry (ABI breaking change) The git_config_entry structure now contains information about the backend_type and origin_path. The unused payload value has been removed.

• git_push_options includes remote push options (ABI breaking change)
  The git_push_options structure now contains a value for remote push options.

Other changes

New features

• config: provide an "origin" for config entries by @ethomson in #6615
• cli: add a git config command by @ethomson in #6616
• Add OpenSSH support by @ethomson in #6617
• remote: optionally report unchanged tips by @ethomson in #6645
• Support setting oid type for in-memory repositories by @kcsaul in #6671
• cli: add index-pack command by @ethomson in #6681
• Add git_repository_commit_parents to identify the parents of the next commit given the repository state by @ethomson in #6707
• commit: introduce git_commit_create_from_stage by @ethomson in #6716
• set SSH timeout by @vafada in #6721
• Implement push options on push by @russell in #6439
• Support index.skipHash true config by @parnic in #6738
• worktree: mimic 'git worktree add' behavior. by @herrerog in #5319
• Support the extension for worktree-specific config by @vermiculus in #6202
• Separate config reader and writer backend priorities (for worktree configs) by @ethomson in #6756
• fetch: enable deepening/shortening shallow clones by @kempniu in #6662

Bug fixes

• repository: make cleanup safe for re-use with grafts by @carlosmn in #6600
• fix: Add missing include for oidarray. by @dvzrv in #6608
• ssh: fix known_hosts leak in _git_ssh_setup_conn by @steven9724 in #6599
• proxy: Return an error for invalid proxy URLs instead of crashing. by @lrm29 in #6597
• errors: refactoring - never return NULL in git_error_last() by @ethomson in #6625
• Reject potential option injections over ssh by @carlosmn in #6636
• remote: fix memory leak in git_remote_download() by @7Ji in #6651
• git2: Fix crash when called w/o parameters by @csware in #6673
• Avoid macro redefinition of ENABLE_INTSAFE_SIGNED_FUNCTIONS by @csware in #6666
• util: suppress some uninitialized variable warnings by @boretrk in #6659
• fetch: enable deepening/shortening shallow clones by @kempniu in #6662
• push: set generic error in push_negotiation cb by @ethomson in #6675
• process: test /usr/bin/false on BSDs by @ethomson in #6677
• clone: don't mix up "http://url" with "http:/url" when figuring out if we should do a local clone by @boretrk in #6361
• Several compatibility fixes by @ethomson in #6678
• Git blame buffer gives the wrong result in many cases where there are… by @thosey in #6572
• Fix 'path cannot exist in repository' during diff for in-memory repository by @kcsaul in #6683
• process: don't try to close the status by @ethomson in #6693
• Minor bug fixes by @ethomson in #6695
• Bypass shallow clone support for in-memory repositories by @kcsaul in #6684
• examples: use unsigned int for bitfields by @ethomson in #6699
• Fix some bugs caught by UBscan by @ethomson in #6700
• git_diff_find_similar doesn't always remove unmodified deltas by @yori in #6642
• httpclient: clear client->parser.data after use by @ethomson in #6705
• Do not normalize safe.directory paths by @csware in #6668
• clone: don't swallow error in should_checkout by @ethomson in #6727
• Correct index add directory/file conflict detection by @ethomson in #6729
• Correct git_revparse_single and add revparse fuzzing by @ethomson in #6730
• config: properly delete or rename section containing multivars by @samueltardieu in #6723
• revparse: ensure bare '@' is truly bare by @ethomson in #6742
• repo: ensure we can initialize win32 paths by @ethomson in #6743
• Swap GIT_DIFF_LINE_(ADD|DEL)_EOFNL to match other Diffs by @xphoniex in #6240
• diff: fix test for SHA256 support in diff_from_buffer by @ethomson in #6745
• http: support empty http.proxy config setting by @ethomson in #6744
• More safe.directory improvements by @ethomson in #6739
• Ensure that completely ignored diff is empty by @ethomson in #5893
• Fix broken regexp that matches submodule names containing ".path" by @csware in #6749
• Fix memory leaks by @csware in #6748
• Make refdb_fs (hopefully) fully aware of per worktree refs by @csware in #6387
• fix log example by @albfan in #6359
• fetch: fail on depth for local transport by @ethomson in #6757
• Fix message trailer parsing by @ethomson in #6761
• config: correct fetching the HIGHEST_LEVEL config by @ethomson in #6766
• Avoid some API breaking changes in v1.8 by @ethomson in #6768

Build and CI improvements

• meta: update version numbers to v1.8 by @ethomson in #6596
• Revert "CMake: Search for ssh2 instead of libssh2." by @ethomson in #6619
• cmake: fix openssl build on win32 by @lazka in #6626
• ci: retry flaky online tests by @ethomson in #6628
• ci: update to macOS 12 by @ethomson in #6629
• Use #!/bin/bash for script with bash-specific commands by @roehling in #6581
• ci: overwrite nonsense in /usr/local during macOS setup by @ethomson in #6664
• release: add a compatibility label by @ethomson in #6676
• actions: set permissions by @ethomson in #6680
• cmake: rename FindIconv to avoid collision with cmake by @ethomson in #6682
• ci: allow workflows to read and write packages...

libgit2 v1.7.2

🔒 This is a security release with multiple changes.

• A bug in git_revparse_single is fixed that could have caused the function to enter an infinite loop given well-crafted inputs, potentially causing a Denial of Service attack in the calling application. This fixes CVE-2024-24575, which was discovered by researchers at Amazon AWS.

• A bug in git_index_add is fixed that could have caused the function to corrupt its heap and possibly lead to arbitrary code execution. This fixes CVE-2024-24577, which was discovered by researchers at Amazon AWS.

• A bug in the smart transport negotiation could have caused an out-of-bounds read when a remote server did not advertise capabilities.

The libgit2 project thanks the researchers and outreach team at AWS Security for finding the git_index_add and git_revparse_single bugs, and providing details and reproduction steps during their responsible disclosure.

All users of the v1.7 release line are recommended to upgrade.

libgit2 v1.6.5

🔒 This is a security release with multiple changes.

• A bug in git_revparse_single is fixed that could have caused the function to enter an infinite loop given well-crafted inputs, potentially causing a Denial of Service attack in the calling application. This fixes CVE-2024-24575, which was discovered by researchers at Amazon AWS.

• A bug in git_index_add is fixed that could have caused the function to corrupt its heap and possibly lead to arbitrary code execution. This fixes CVE-2024-24577, which was discovered by researchers at Amazon AWS.

• A bug in the smart transport negotiation could have caused an out-of-bounds read when a remote server did not advertise capabilities.

The libgit2 project thanks the researchers and outreach team at AWS Security for finding the git_index_add and git_revparse_single bugs, and providing details and reproduction steps during their responsible disclosure.

All users of the v1.6 release line are recommended to upgrade.

libgit2 v1.7.1

v1.7.1

What's Changed

Bug fixes

• proxy: Return an error for invalid proxy URLs instead of crashing. by @lrm29 in #6597
• ssh: fix known_hosts leak in _git_ssh_setup_conn by @steven9724 in #6599
• repository: make cleanup safe for re-use with grafts by @carlosmn in #6600
• fix: Add missing include for oidarray. by @dvzrv in #6608
• Revert "CMake: Search for ssh2 instead of libssh2." by @ethomson in #6619

Compatibility improvements

• stransport: macOS: replace errSSLNetworkTimeout, with hard-coded value by @mascguy in #6610

New Contributors

• @dvzrv made their first contribution in #6608
• @steven9724 made their first contribution in #6599

Full Changelog: v1.7.0...v1.7.1

libgit2 v1.7.0

This is release v1.7.0, "Kleine Raupe Nimmersatt". This release adds shallow clone support, completes the experimental SHA256 support, adds Schannel support for Windows, and includes many other newj features and bugfixes.

Major changes

• Shallow clone support
  libgit2 now supports shallow clone and shallow repositories, thanks to a significant investment from many community members -- hundreds of commits by many contributors.

  • Shallow (#6396) with some fixes from review by @ethomson in #6557
  • Shallow Clone Support by @lya001 in #6396
  • Shallow support v2 by @pks-t in #5254

• SHA256 support
  libgit2 should now support SHA256 repositories using the extensions.objectFormat configuration option when the library is built with EXPERIMENTAL_SHA256=ON. Users are encouraged to begin testing their applications with this option and provide bug reports and feedback. This is a breaking API change; SHA256 support will be enabled by default in libgit2 v2.0.

  • sha256: less hardcoded SHA1 types and lengths by @ethomson in #6549
  • Support SHA256 in git_repository_wrap_odb by @ethomson in #6556

• Schannel and SSPI for Windows
  libgit2 now supports the Windows Schannel and SSPI APIs for HTTPS support on Windows, when configured with USE_HTTPS=Schannel. Setting this option will not use the existing WinHTTP support, but will use libgit2's standard HTTP client stack with Windows TLS primitives. Windows users are encouraged to begin testing their applications with this option and provide bug reports and feedback. This will be enabled by default in a future version of libgit2.

  • Introduce Schannel and SSPI for Windows by @ethomson in #6533

Breaking changes

• Simplify custom pluggable allocator (System API / ABI breaking change)
  The git_allocator structure (configurable by the GIT_OPT_SET_ALLOCATOR option) now only contains gmalloc, grealloc and gfree members. This simplifies both the work needed by an implementer and allows more flexibility and correctness in libgit2 itself, especially during out-of-memory situations and errors during bootstrapping.

  • tests: add allocator with limited number of bytes by @ethomson in #6563

Other changes

New features

• repo: honor environment variables for more scenarios by @ethomson in #6544
• Introduce timeouts on sockets by @ethomson in #6535

Performance improvements

• midx: do not try to look at every object in the index by @carlosmn in #6585
• Partial fix for #6532: insert-by-date order. by @arroz in #6539

Bug fixes

• repo: don't allow repeated extensions by @ethomson in #6505
• config: return GIT_ENOTFOUND for missing programdata by @ethomson in #6547
• Fix missing oid type for "fake" repositories by @oreiche in #6554
• Thread-local storage: handle failure cases by @ethomson in #5722
• midx: allow unknown chunk ids in multi-pack index files by @carlosmn in #6583
• pack: cast the number of objects to size_t by @carlosmn in #6584
• Fixes #6344: git_branch_move now renames the reflog instead of deleting. by @arroz in #6345
• #6576 git_diff_index_to_workdir reverse now loads untracked content by @arroz in #6577

Build and CI improvements

• meta: the main branch is now v1.7.0 by @ethomson in #6516
• xdiff: move xdiff to 'deps' by @ethomson in #6482
• util: detect all possible qsort_r and qsort_s variants by @DimitryAndric in #6555
• Work around -Werror problems when detecting qsort variants by @DimitryAndric in #6558
• actions: simplify execution with composite action by @ethomson in #6488
• CMake: Search for ssh2 instead of libssh2. by @Faless in #6586

Documentation improvements

• docs: fix IRC server from freenode to libera by @vincenzopalazzo in #6590

Dependency upgrades

• Update xdiff to git 2.40.1's version by @ethomson in #6561
• deps: update pcre to 8.45 by @ethomson in #6593

New Contributors

• @oreiche made their first contribution in #6554
• @DimitryAndric made their first contribution in #6555
• @vincenzopalazzo made their first contribution in #6590
• @Faless made their first contribution in #6586

Full Changelog: v1.6.3...v1.7.0

libgit2 v1.6.4

What's Changed

Bug fixes

• config: return GIT_ENOTFOUND for missing programdata by @ethomson in #6547

Full Changelog: v1.6.3...v1.6.4

libgit2 v1.6.3

What's Changed

Bug fixes

• odb: restore git_odb_open by @ethomson in #6520
• Ensure that git_index_add_all handles ignored directories by @ethomson in #6521
• pack: use 64 bits for the number of objects by @carlosmn in #6530

Build and CI improvements

• Remove unused wditer variable by @georgthegreat in #6518
• fs_path: let root run the ownership tests by @ethomson in #6513
• sysdir: Do not declare win32 functions on non-win32 platforms by @Batchyx in #6527
• cmake: don't include include/git2 by @ethomson in #6529

New Contributors

• @georgthegreat made their first contribution in #6518

Full Changelog: v1.6.2...v1.6.3

libgit2 v1.6.2

What's Changed

Bug fixes

• remote: always populate old id in update tips by @ethomson in #6506
  The update tips callback would not always be properly provided with an empty (0000000...) OID for new refs.

• Revert #6503 by @ethomson in #6511
  The certificate callback added port information for callbacks in #6503, but the format was ambiguous with IPv6 addresses. Revert this change temporarily.

• Add git_odb_backend_loose back by @ethomson in #6512
  During SHA256 refactoring, the git_odb_backend_loose API was accidentally removed. Add it back.

• meta: configure pkg-config .pc correctly by @ethomson in #6514
  During SHA256 refactoring, the pkg-config .pc file was erroneously renamed to git2 instead of libgit2. Repair this.

Full Changelog: v1.6.1...v1.6.2

libgit2 v1.6.1

This is release v1.6.1, "Hubbeliges Krokodil". This release adds experimental SHA256 support and includes many new features and bugfixes. This release replaces libgit2 v1.6.0, which did not correctly update its version number(s).

What's Changed

New features

• Support for bare repositories with SHA256 support (experimental) by @ethomson in #6191
  You can configure experimental SHA256 support in libgit2 with cmake -DEXPERIMENTAL_SHA256=ON during project setup. This is useful for considering future integrations, work on clients, and work on language bindings. At present, working with bare repositories should largely work, including remote operations. But many pieces of functionality - including working with the index - are not yet supported. As a result, libgit2 with SHA256 support should not be used in production or released with package distribution.

• Support the notion of a home directory separately from global configuration directory by @ethomson in #6455 and #6456
  Callers and language bindings can now configure the home directory that libgit2 uses for file lookups (eg, the .ssh directory). This configuration is separate from the git global configuration path.

• stash: partial stash specific files by @gitkraken-jacobw in #6330
  A stash can be created with only specific files, using a pathspec. This is similar to the git stash push command.

• push: revparse refspec source, so you can push things that are not refs by @sven-of-cord in #6362
  Pushes can be performed using refspecs instead of only references.

• Support OpenSSL3 by @ethomson in #6464 and #6471
  OpenSSL 3 is now supported, both when compiled directly and dynamically loaded.

Bug fixes

• winhttp: support long custom headers by @kcsaul in #6363
• Fix memory leak by @csware in #6382
• Don't fail the whole clone if you can't find a default branch by @torvalds in #6369
• #6366: When a worktree is missing, return GIT_ENOTFOUND. by @arroz in #6395
• commit-graph: only verify csum on git_commit_graph_open(). by @derrickstolee in #6420
• Ignore missing 'safe.directory' config during ownership checks by @kcsaul in #6408
• Fix leak in git_tag_create_from_buffer by @julianmesa-gitkraken in #6421
• http: Update httpclient options when reusing an existing connection. by @slackner in #6416
• Add support for safe.directory * by @csware in #6429
• URL parsing for google-compatible URLs by @ethomson in #6326
• Fixes #6433: git_submodule_update fails to update configured but missing submodule by @tagesuhu in #6434
• transport: fix capabilities calculation by @russell in #6435
• push: use resolved oid as the source by @ethomson in #6452
• Use git_clone__submodule to avoid file checks in workdir by @abizjak in #6444
• #6422: handle dangling symbolic refs gracefully by @arroz in #6423
• diff_file: Fix crash when freeing a patch representing an empty untracked file by @jorio in #6475
• clone: clean up options on failure by @ethomson in #6479
• stash: update strarray usage by @ethomson in #6487
• #6491: Sets oid_type on repos open with git_repository_open_bare by @arroz in #6492
• Handle Win32 shares by @ethomson in #6493
• Make failure to connect to ssh-agent non-fatal by @fxcoudert in #6497
• odb: don't unconditionally add oid_type to stream by @ethomson in #6499
• Pass hostkey & port to host verify callback by @fxcoudert in #6503

Security fixes

Code cleanups

• meta: update version number to v1.6.0-alpha by @ethomson in #6352
• sha256: indirection for experimental functions by @ethomson in #6354
• Delete create.c.bak by @lrm29 in #6398
• Support non-cmake builds with an in-tree experimental.h by @ethomson in #6405

Build and CI improvements

• tests: skip flaky-ass googlesource tests by @ethomson in #6353
• clar: remove ftrunacte from libgit2 tests by @boretrk in #6357
• CI Improvements by @ethomson in #6403
• fix compile on Windows with -DWIN32_LEAN_AND_MEAN by @christoph-cullmann in #6373
• Fixes #6365 : Uppercase windows.h include fails build in case-sensitive OS by @Vinz2008 in #6377
• ci: update version numbers of actions by @ethomson in #6448
• thread: avoid warnings when building without threads by @ethomson in #6432
• src: hide unused hmac() prototype by @0-wiz-0 in #6458
• tests: update clar test runner by @ethomson in #6459
• ci: always create test summaries, even on failure by @ethomson in #6460
• Fix build failure with -DEMBED_SSH_PATH by @vicr123 in #6374
• Define correct off64_t for AIX by @bzEq in #6376
• Fix some warnings in main by @ethomson in #6480
• strarray: remove deprecated declaration by @ethomson in #6486
• tests: always unset HTTP_PROXY before starting tests by @ethomson in #6498

Documentation improvements

• add 2-clause BSD license to COPYING by @martinvonz in #6413
• Add new PHP bindings project to language bindings section of README.md by @RogerGee in #6473
• README: clarify the linking exception by @ethomson in #6494
• Correct the definition of "empty" in the docs for git_repository_is_empty by @timrogers in #6500

New Contributors

• @christoph-cullmann made their first contribution in #6373
• @Vinz2008 made their first contribution in #6377
• @torvalds made their first contribution in #6369
• @derrickstolee made their first contribution in #6420
• @julianmesa-gitkraken made their first contribution in #6421
• @slackner made their first contribution in #6416
• @martinvonz made their first contribution in #6413
• @tagesuhu made their first contribution in #6434
• @russell made their first contribution in #6435
• @sven-of-cord made their first contribution in #6362
• @0-wiz-0 made their first contribution in #6458
• @abizjak made their first contribution in #6444
• @vicr123 made their first contribution in #6374
• @bzEq made their first contribution in #6376
• @gitkraken-jacobw made their first contribution in #6330
• @fxcoudert made their first contribution in #6497

libgit2 v1.5.2

This is a bugfix release to improve the SSH key handling functionality that was introduced in v1.5.1.

• libgit2 can now read the known_hosts file on Windows.
• libgit2 will now examine all keys for a particular host in the known_hosts file for matches, to support remote hosts with multiple key types.

All users of the v1.5 release line are recommended to upgrade.