gitweb.git
Merge branch 'rt/placeholder-in-usage' into maintJunio C Hamano Tue, 3 Nov 2015 23:32:37 +0000 (15:32 -0800)

Merge branch 'rt/placeholder-in-usage' into maint

A couple of commands still showed "[options]" in their usage string
to note where options should come on their command line, but we
spell that "[<options>]" in most places these days.

* rt/placeholder-in-usage:
am, credential-cache: add angle brackets to usage string

Merge branch 'dt/t7063-fix-flaky-test' into maintJunio C Hamano Tue, 3 Nov 2015 23:32:36 +0000 (15:32 -0800)

Merge branch 'dt/t7063-fix-flaky-test' into maint

* dt/t7063-fix-flaky-test:
t7063: fix flaky untracked-cache test

Merge branch 'mk/submodule-gitdir-path' into maintJunio C Hamano Tue, 3 Nov 2015 23:32:34 +0000 (15:32 -0800)

Merge branch 'mk/submodule-gitdir-path' into maint

The submodule code has been taught to work better with separate
work trees created via "git worktree add".

* mk/submodule-gitdir-path:
path: implement common_dir handling in git_pathdup_submodule()
submodule refactor: use strbuf_git_path_submodule() in add_submodule_odb()

Merge branch 'nd/gc-auto-background-fix' into maintJunio C Hamano Tue, 3 Nov 2015 23:32:33 +0000 (15:32 -0800)

Merge branch 'nd/gc-auto-background-fix' into maint

When "git gc --auto" is backgrounded, its diagnosis message is
lost. Save it to a file in $GIT_DIR and show it next time the "gc
--auto" is run.

* nd/gc-auto-background-fix:
gc: save log from daemonized gc --auto and print it next time

Merge branch 'ls/p4-translation-failure' into maintJunio C Hamano Tue, 3 Nov 2015 23:32:31 +0000 (15:32 -0800)

Merge branch 'ls/p4-translation-failure' into maint

Work around "git p4" failing when the P4 depot records the contents
in UTF-16 without UTF-16 BOM.

* ls/p4-translation-failure:
git-p4: handle "Translation of file content failed"
git-p4: add test case for "Translation of file content failed" error

Merge branch 'gr/rebase-i-drop-warn' into maintJunio C Hamano Tue, 3 Nov 2015 23:32:30 +0000 (15:32 -0800)

Merge branch 'gr/rebase-i-drop-warn' into maint

Recent update to "rebase -i" that tries to sanity check the edited
insn sheet before it uses it has become too picky on Windows where
CRLF left by the editor is turned into a trailing CR on the line
read via the "read" built-in command.

* gr/rebase-i-drop-warn:
rebase-i: work around Windows CRLF line endings
t3404: "rebase -i" gets broken when insn sheet uses CR/LF line endings

Merge branch 'js/clone-dissociate' into maintJunio C Hamano Tue, 3 Nov 2015 23:32:28 +0000 (15:32 -0800)

Merge branch 'js/clone-dissociate' into maint

"git clone --dissociate" runs a big "git repack" process at the
end, and it helps to close file descriptors that are open on the
packs and their idx files before doing so on filesystems that
cannot remove a file that is still open.

* js/clone-dissociate:
clone --dissociate: avoid locking pack files
sha1_file.c: add a function to release all packs
sha1_file: consolidate code to close a pack's file descriptor
t5700: demonstrate a Windows file locking issue with `git clone --dissociate`

Merge branch 'ld/p4-import-labels' into maintJunio C Hamano Tue, 3 Nov 2015 23:32:27 +0000 (15:32 -0800)

Merge branch 'ld/p4-import-labels' into maint

Correct "git p4 --detect-labels" so that it does not fail to create
a tag that points at a commit that is also being imported.

* ld/p4-import-labels:
git-p4: fix P4 label import for unprocessed commits
git-p4: do not terminate creating tag for unknown commit
git-p4: failing test for ignoring invalid p4 labels

Merge branch 'tk/stripspace' into maintJunio C Hamano Tue, 3 Nov 2015 23:32:26 +0000 (15:32 -0800)

Merge branch 'tk/stripspace' into maint

The internal stripspace() function has been moved to where it
logically belongs to, i.e. strbuf API, and the command line parser
of "git stripspace" has been updated to use the parse_options API.

* tk/stripspace:
stripspace: use parse-options for command-line parsing
strbuf: make stripspace() part of strbuf

Merge branch 'jk/repository-extension' into maintJunio C Hamano Tue, 3 Nov 2015 23:32:25 +0000 (15:32 -0800)

Merge branch 'jk/repository-extension' into maint

Prepare for Git on-disk repository representation to undergo
backward incompatible changes by introducing a new repository
format version "1", with an extension mechanism.

* jk/repository-extension:
introduce "preciousObjects" repository extension
introduce "extensions" form of core.repositoryformatversion

rebase-i: work around Windows CRLF line endingsJunio C Hamano Wed, 28 Oct 2015 14:54:48 +0000 (15:54 +0100)

rebase-i: work around Windows CRLF line endings

Editors on Windows can and do save text files with CRLF line
endings, which is the convention on the platform. We are seeing
reports that the "read" command in a port of bash to the environment
however does not strip the CRLF at the end, not adjusting for the
same convention on the platform.

This breaks the recently added sanity checks for the insn sheet fed
to "rebase -i"; instead of an empty line (hence nothing in $command),
the script was getting a lone CR in there.

Special case a lone CR and treat it the same way as an empty line to
work this around.

This patch (also) passes the test with Git for Windows, where the
issue was seen first.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

t3404: "rebase -i" gets broken when insn sheet uses... Johannes Schindelin Wed, 28 Oct 2015 14:54:21 +0000 (15:54 +0100)

t3404: "rebase -i" gets broken when insn sheet uses CR/LF line endings

Based on a bug report by Chad Boles.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

Merge branch 'js/gc-with-stale-symref' into maintJunio C Hamano Tue, 20 Oct 2015 22:22:41 +0000 (15:22 -0700)

Merge branch 'js/gc-with-stale-symref' into maint

"git gc" used to barf when a symbolic ref has gone dangling
(e.g. the branch that used to be your upstream's default when you
cloned from it is now gone, and you did "fetch --prune").

* js/gc-with-stale-symref:
pack-objects: do not get distracted by broken symrefs
gc: demonstrate failure with stale remote HEAD

Merge branch 'rd/test-path-utils' into maintJunio C Hamano Tue, 20 Oct 2015 22:22:40 +0000 (15:22 -0700)

Merge branch 'rd/test-path-utils' into maint

The normalize_ceiling_entry() function does not muck with the end
of the path it accepts, and the real world callers do rely on that,
but a test insisted that the function drops a trailing slash.

* rd/test-path-utils:
test-path-utils.c: remove incorrect assumption

Merge branch 'jc/doc-gc-prune-now' into maintJunio C Hamano Tue, 20 Oct 2015 22:22:40 +0000 (15:22 -0700)

Merge branch 'jc/doc-gc-prune-now' into maint

"git gc" is safe to run anytime only because it has the built-in
grace period to protect young objects. In order to run with no
grace period, the user must make sure that the repository is
quiescent.

* jc/doc-gc-prune-now:
Documentation/gc: warn against --prune=<now>

Merge branch 'jk/filter-branch-use-of-sed-on-incomplete... Junio C Hamano Tue, 20 Oct 2015 22:22:39 +0000 (15:22 -0700)

Merge branch 'jk/filter-branch-use-of-sed-on-incomplete-line' into maint

A recent "filter-branch --msg-filter" broke skipping of the commit
object header, which is fixed.

* jk/filter-branch-use-of-sed-on-incomplete-line:
filter-branch: remove multi-line headers in msg filter

t7063: fix flaky untracked-cache testDavid Turner Mon, 19 Oct 2015 19:48:15 +0000 (15:48 -0400)

t7063: fix flaky untracked-cache test

Dirty the test worktree's root directory, as the test expects.

When testing the untracked-cache, we previously assumed that checking
out master would be sufficient to mark the mtime of the worktree's
root directory as racily-dirty. But sometimes, the checkout would
happen at 12345.999 seconds and the status at 12346.001 seconds,
meaning that the worktree's root directory would not be racily-dirty.
And since it was not truly dirty, occasionally the test would fail.
By making the root truly dirty, the test will always succeed.

Tested by running a few hundred times.

Signed-off-by: David Turner <dturner@twopensource.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

Merge branch 'maint' of git://github.com/git-l10n/git... Junio C Hamano Mon, 19 Oct 2015 06:37:35 +0000 (23:37 -0700)

Merge branch 'maint' of git://github.com/git-l10n/git-po into maint

* 'maint' of git://github.com/git-l10n/git-po:
l10n: ru.po: update Russian translation

Git 2.6.2 v2.6.2Junio C Hamano Fri, 16 Oct 2015 21:40:04 +0000 (14:40 -0700)

Git 2.6.2

Signed-off-by: Junio C Hamano <gitster@pobox.com>

Merge branch 'cc/quote-comments' into maintJunio C Hamano Fri, 16 Oct 2015 21:32:58 +0000 (14:32 -0700)

Merge branch 'cc/quote-comments' into maint

A no-op code-health maintenance.

* cc/quote-comments:
quote: move comment before sq_quote_buf()
quote: fix broken sq_quote_buf() related comment

Merge branch 'es/worktree-add-cleanup' into maintJunio C Hamano Fri, 16 Oct 2015 21:32:57 +0000 (14:32 -0700)

Merge branch 'es/worktree-add-cleanup' into maint

A no-op code-health maintenance.

* es/worktree-add-cleanup:
t2026: rename worktree prune test

Merge branch 'tk/doc-interpret-trailers-grammo' into... Junio C Hamano Fri, 16 Oct 2015 21:32:56 +0000 (14:32 -0700)

Merge branch 'tk/doc-interpret-trailers-grammo' into maint

* tk/doc-interpret-trailers-grammo:
Documentation/interpret-trailers: Grammar fix

Merge branch 'tk/typofix-connect-unknown-proto-error... Junio C Hamano Fri, 16 Oct 2015 21:32:55 +0000 (14:32 -0700)

Merge branch 'tk/typofix-connect-unknown-proto-error' into maint

* tk/typofix-connect-unknown-proto-error:
connect: fix typo in result string of prot_name()

Merge branch 'jk/asciidoctor-section-heading-markup... Junio C Hamano Fri, 16 Oct 2015 21:32:53 +0000 (14:32 -0700)

Merge branch 'jk/asciidoctor-section-heading-markup-fix' into maint

* jk/asciidoctor-section-heading-markup-fix:
Documentation: fix section header mark-up

Merge branch 'nd/ls-remote-does-not-have-u-option'... Junio C Hamano Fri, 16 Oct 2015 21:32:52 +0000 (14:32 -0700)

Merge branch 'nd/ls-remote-does-not-have-u-option' into maint

* nd/ls-remote-does-not-have-u-option:
ls-remote.txt: delete unsupported option

Merge branch 'jc/fsck-dropped-errors' into maintJunio C Hamano Fri, 16 Oct 2015 21:32:50 +0000 (14:32 -0700)

Merge branch 'jc/fsck-dropped-errors' into maint

There were some classes of errors that "git fsck" diagnosed to its
standard error that did not cause it to exit with non-zero status.

* jc/fsck-dropped-errors:
fsck: exit with non-zero when problems are found

Merge branch 'sb/http-flaky-test-fix' into maintJunio C Hamano Fri, 16 Oct 2015 21:32:49 +0000 (14:32 -0700)

Merge branch 'sb/http-flaky-test-fix' into maint

A test script for the HTTP service had a timing dependent bug,
which was fixed.

* sb/http-flaky-test-fix:
t5561: get rid of racy appending to logfile

Merge branch 'sb/perf-without-installed-git' into maintJunio C Hamano Fri, 16 Oct 2015 21:32:47 +0000 (14:32 -0700)

Merge branch 'sb/perf-without-installed-git' into maint

Performance-measurement tests did not work without an installed Git.

* sb/perf-without-installed-git:
t/perf: make runner work even if Git is not installed

Merge branch 'js/icase-wt-detection' into maintJunio C Hamano Fri, 16 Oct 2015 21:32:46 +0000 (14:32 -0700)

Merge branch 'js/icase-wt-detection' into maint

On a case insensitive filesystems, setting GIT_WORK_TREE variable
using a random cases that does not agree with what the filesystem
thinks confused Git that it wasn't inside the working tree.

* js/icase-wt-detection:
setup: fix "inside work tree" detection on case-insensitive filesystems

Merge branch 'pt/am-builtin' into maintJunio C Hamano Fri, 16 Oct 2015 21:32:45 +0000 (14:32 -0700)

Merge branch 'pt/am-builtin' into maint

When "git am" was rewritten as a built-in, it stopped paying
attention to user.signingkey, which was fixed.

* pt/am-builtin:
am: configure gpg at startup

Merge branch 'mm/detach-at-HEAD-reflog' into maintJunio C Hamano Fri, 16 Oct 2015 21:32:44 +0000 (14:32 -0700)

Merge branch 'mm/detach-at-HEAD-reflog' into maint

After "git checkout --detach", "git status" reported a fairly
useless "HEAD detached at HEAD", instead of saying at which exact
commit.

* mm/detach-at-HEAD-reflog:
status: don't say 'HEAD detached at HEAD'
t3203: test 'detached at' after checkout --detach

Merge branch 'gr/rebase-i-drop-warn' into maintJunio C Hamano Fri, 16 Oct 2015 21:32:43 +0000 (14:32 -0700)

Merge branch 'gr/rebase-i-drop-warn' into maint

"git rebase -i" had a minor regression recently, which stopped
considering a line that begins with an indented '#' in its insn
sheet not a comment, which is now fixed.

* gr/rebase-i-drop-warn:
rebase-i: loosen over-eager check_bad_cmd check
rebase-i: explicitly accept tab as separator in commands

Merge branch 'dt/log-follow-config' into maintJunio C Hamano Fri, 16 Oct 2015 21:32:42 +0000 (14:32 -0700)

Merge branch 'dt/log-follow-config' into maint

Description of the "log.follow" configuration variable in "git log"
documentation is now also copied to "git config" documentation.

* dt/log-follow-config:
log: Update log.follow doc and add to config.txt

Merge branch 'ti/glibc-stdio-mutex-from-signal-handler... Junio C Hamano Fri, 16 Oct 2015 21:32:41 +0000 (14:32 -0700)

Merge branch 'ti/glibc-stdio-mutex-from-signal-handler' into maint

Allocation related functions and stdio are unsafe things to call
inside a signal handler, and indeed killing the pager can cause
glibc to deadlock waiting on allocation mutex as our signal handler
tries to free() some data structures in wait_for_pager(). Reduce
these unsafe calls.

* ti/glibc-stdio-mutex-from-signal-handler:
pager: don't use unsafe functions in signal handlers

Merge branch 'jk/notes-dwim-doc' into maintJunio C Hamano Fri, 16 Oct 2015 21:32:40 +0000 (14:32 -0700)

Merge branch 'jk/notes-dwim-doc' into maint

The way how --ref/--notes to specify the notes tree reference are
DWIMmed was not clearly documented.

* jk/notes-dwim-doc:
notes: correct documentation of DWIMery for notes references

Merge branch 'jk/make-findstring-makeflags-fix' into... Junio C Hamano Fri, 16 Oct 2015 21:32:38 +0000 (14:32 -0700)

Merge branch 'jk/make-findstring-makeflags-fix' into maint

Customization to change the behaviour with "make -w" and "make -s"
in our Makefile was broken when they were used together.

* jk/make-findstring-makeflags-fix:
Makefile: fix MAKEFLAGS tests with multiple flags

Merge branch 'jw/make-arflags-customizable' into maintJunio C Hamano Fri, 16 Oct 2015 21:32:36 +0000 (14:32 -0700)

Merge branch 'jw/make-arflags-customizable' into maint

The Makefile always runs the library archiver with hardcoded "crs"
options, which was inconvenient for exotic platforms on which
people want to use programs with totally different set of command
line options.

* jw/make-arflags-customizable:
Makefile: allow $(ARFLAGS) specified from the command line

Merge branch 'jk/connect-clear-env' into maintJunio C Hamano Fri, 16 Oct 2015 21:32:35 +0000 (14:32 -0700)

Merge branch 'jk/connect-clear-env' into maint

The ssh transport, just like any other transport over the network,
did not clear GIT_* environment variables, but it is possible to
use SendEnv and AcceptEnv to leak them to the remote invocation of
Git, which is not a good idea at all. Explicitly clear them just
like we do for the local transport.

* jk/connect-clear-env:
git_connect: clarify conn->use_shell flag
git_connect: clear GIT_* environment for ssh

Merge branch 'jk/blame-first-parent' into maintJunio C Hamano Fri, 16 Oct 2015 21:32:34 +0000 (14:32 -0700)

Merge branch 'jk/blame-first-parent' into maint

"git blame --first-parent v1.0..v2.0" was not rejected but did not
limit the blame to commits on the first parent chain.

* jk/blame-first-parent:
blame: handle --first-parent

Merge branch 'mm/keyid-docs' into maintJunio C Hamano Fri, 16 Oct 2015 21:32:33 +0000 (14:32 -0700)

Merge branch 'mm/keyid-docs' into maint

Very small number of options take a parameter that is optional
(which is not a great UI element as they can only appear at the end
of the command line). Add notice to documentation of each and
every one of them.

* mm/keyid-docs:
Documentation: explain optional arguments better
Documentation/grep: fix documentation of -O
Documentation: use 'keyid' consistently, not 'key-id'

Merge branch 'pt/pull-builtin' into maintJunio C Hamano Fri, 16 Oct 2015 21:32:32 +0000 (14:32 -0700)

Merge branch 'pt/pull-builtin' into maint

* pt/pull-builtin:
pull: enclose <options> in brackets in the usage string
merge: grammofix in please-commit-before-merge message

am, credential-cache: add angle brackets to usage stringRalf Thielow Fri, 16 Oct 2015 17:09:57 +0000 (19:09 +0200)

am, credential-cache: add angle brackets to usage string

Signed-off-by: Ralf Thielow <ralf.thielow@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

stripspace: use parse-options for command-line parsingTobias Klauser Fri, 16 Oct 2015 15:16:43 +0000 (17:16 +0200)

stripspace: use parse-options for command-line parsing

Use parse-options to parse command-line options instead of a
hand-crafted implementation. The users can now use a unique
prefix of the long option to say e.g. "git stripspace --strip".

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

strbuf: make stripspace() part of strbufTobias Klauser Fri, 16 Oct 2015 15:16:42 +0000 (17:16 +0200)

strbuf: make stripspace() part of strbuf

This function is also used in other builtins than stripspace, so it
makes sense to have it in a more generic place. Since it operates
on an strbuf and the function is declared in strbuf.h, move it to
strbuf.c and add the corresponding prefix to its name, just like
other API functions in the strbuf_* family.

Also switch all current users of stripspace() to the new function
name and keep a temporary wrapper inline function for any topic
branches still using stripspace().

Reviewed-by: Matthieu Moy <Matthieu.Moy@imag.fr>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

pull: enclose <options> in brackets in the usage stringAlex Henrie Fri, 16 Oct 2015 02:22:13 +0000 (20:22 -0600)

pull: enclose <options> in brackets in the usage string

All the other placeholders are already shown that way.

Signed-off-by: Alex Henrie <alexhenrie24@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

Documentation/gc: warn against --prune=<now>Junio C Hamano Wed, 14 Oct 2015 20:48:39 +0000 (13:48 -0700)

Documentation/gc: warn against --prune=<now>

"git gc" is safe to run anytime only because it has the built-in
grace period to protect objects that are created by other processes
that are waiting for ref updates to anchor them to the history. In
order to run with no grace period, the user must make sure that the
repository is quiescent.

Reviewed-by: Matthieu Moy <Matthieu.Moy@grenoble-inp.fr>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

filter-branch: remove multi-line headers in msg filterJames McCoy Fri, 9 Oct 2015 00:21:13 +0000 (20:21 -0400)

filter-branch: remove multi-line headers in msg filter

df062010 (filter-branch: avoid passing commit message through sed)
introduced a regression when filtering commits with multi-line headers,
if the header contains a blank line. An example of this is a gpg-signed
commit:

$ git cat-file commit signed-commit
tree 3d4038e029712da9fc59a72afbfcc90418451630
parent 110eac945dc1713b27bdf49e74e5805db66971f0
author A U Thor <author@example.com> 1112912413 -0700
committer C O Mitter <committer@example.com> 1112912413 -0700
gpgsig -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEABECAAYFAlYXADwACgkQE7b1Hs3eQw23CACgldB/InRyDgQwyiFyMMm3zFpj
pUsAnA+f3aMUsd9mNroloSmlOgL6jIMO
=0Hgm
-----END PGP SIGNATURE-----

Adding gpg

As a consequence, "filter-branch --msg-filter cat" (which should leave the
commit message unchanged) spills the signature (after the internal blank
line) into the original commit message.

The reason is that although the signature is indented, making the line a
whitespace only line, the "read" call is splitting the line based on
the shell's IFS, which defaults to <space><tab><newline>. The leading
space is consumed and $header_line is empty, causing the "skip header
lines" loop to exit.

The rest of the commit object is then re-used as the rewritten commit
message, causing the new message to include the signature of the
original commit.

Set IFS to an empty string for the "read" call, thus disabling the word
splitting, which causes $header_line to be set to the non-empty value ' '.
This allows the loop to fully consume the header lines before
emitting the original, intact commit message.

[jc: this is literally based on MJG's suggestion]

Signed-off-by: Michael J Gruber <git@drmicha.warpmail.net>
Signed-off-by: James McCoy <vega.james@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

test-path-utils.c: remove incorrect assumptionRay Donnelly Thu, 1 Oct 2015 19:04:17 +0000 (20:04 +0100)

test-path-utils.c: remove incorrect assumption

In normalize_ceiling_entry(), we test that normalized paths end with
slash, *unless* the path to be normalized was already the root
directory.

However, normalize_path_copy() does not even enforce this condition.

Even worse: on Windows, the root directory gets translated into a
Windows directory by the Bash before being passed to `git.exe` (or
`test-path-utils.exe`), which means that we cannot even know whether
the path that was passed to us was the root directory to begin with.

This issue has already caused endless hours of trying to "fix" the
MSYS2 runtime, only to break other things due to MSYS2 ensuring that
the converted path maintains the same state as the input path with
respect to any final '/'.

So let's just forget about this test. It is non-essential to Git's
operation, anyway.

Acked-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Ray Donnelly <mingw.android@gmail.com>

pack-objects: do not get distracted by broken symrefsJohannes Schindelin Mon, 28 Sep 2015 14:01:25 +0000 (16:01 +0200)

pack-objects: do not get distracted by broken symrefs

It is quite possible for, say, a remote HEAD to become broken, e.g.
when the default branch was renamed.

We should still be able to pack our objects when such a thing happens;
simply ignore broken symrefs (because they cannot matter for the packing
process anyway).

This fixes https://github.com/git-for-windows/git/issues/423

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

quote: move comment before sq_quote_buf()Christian Couder Wed, 7 Oct 2015 22:05:50 +0000 (00:05 +0200)

quote: move comment before sq_quote_buf()

A big comment at the beginning of quote.c is really
related to sq_quote_buf(), so let's move it in front
of this function.

Signed-off-by: Christian Couder <chriscool@tuxfamily.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

quote: fix broken sq_quote_buf() related commentChristian Couder Wed, 7 Oct 2015 22:05:49 +0000 (00:05 +0200)

quote: fix broken sq_quote_buf() related comment

Since 77d604c (Enhanced sq_quote(), 10 Oct 2005), the
comment at the beginning of quote.c is broken.
Let's fix it.

Signed-off-by: Christian Couder <chriscool@tuxfamily.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

Documentation/interpret-trailers: Grammar fixTobias Klauser Wed, 7 Oct 2015 16:46:22 +0000 (18:46 +0200)

Documentation/interpret-trailers: Grammar fix

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

clone --dissociate: avoid locking pack filesJohannes Schindelin Tue, 6 Oct 2015 13:18:47 +0000 (15:18 +0200)

clone --dissociate: avoid locking pack files

When `git clone` is asked to dissociate the repository from the
reference repository whose objects were used, it is quite possible that
the pack files need to be repacked. In that case, the pack files need to
be deleted that were originally hard-links to the reference repository's
pack files.

On platforms where a file cannot be deleted if another process still
holds a handle on it, we therefore need to take pains to release all
pack files and indexes before dissociating.

This fixes https://github.com/git-for-windows/git/issues/446

The test case to demonstrate the breakage technically does not need to
be run on Linux or MacOSX. It won't hurt, either, though.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

sha1_file.c: add a function to release all packsJohannes Schindelin Tue, 6 Oct 2015 13:18:34 +0000 (15:18 +0200)

sha1_file.c: add a function to release all packs

On Windows, files that are in use cannot be removed or renamed. That
means that we have to release pack files when we are about to, say,
repack them. Let's introduce a convenient function to close all the
pack files and their idx files.

While at it, we consolidate the close windows/close fd/close index
stanza in `free_pack_by_name()` into the `close_pack()` function that
is used by the new `close_all_packs()` function to avoid repeated code.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

t2026: rename worktree prune testMichael J Gruber Tue, 6 Oct 2015 10:12:21 +0000 (12:12 +0200)

t2026: rename worktree prune test

Linked checkouts are known under the name worktree, now. Rename the test
accordingly.

Specifically, this avoids the confusion that t2026 is actually not about
pruning in or with linked checkouts aka worktress but about pruning
worktrees, i.e. about "git worktree prune" rather than "git prune".

Signed-off-by: Michael J Gruber <git@drmicha.warpmail.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

log: Update log.follow doc and add to config.txtEric N. Vander Weele Wed, 7 Oct 2015 01:14:33 +0000 (21:14 -0400)

log: Update log.follow doc and add to config.txt

Documentation/config.txt does not include the documentation for
log.follow that is in Documentation/git-log.txt. This commit adds the
log.follow documentation to config.txt and also updates the wording to
be consistent with the format that is followed by other boolean
configuration variables.

Signed-off-by: Eric N. Vander Weele <ericvw@gmail.com>
Acked-by: David Turner <dturner@twopensource.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

rebase-i: loosen over-eager check_bad_cmd checkMatthieu Moy Thu, 1 Oct 2015 08:18:42 +0000 (10:18 +0200)

rebase-i: loosen over-eager check_bad_cmd check

804098bb (git rebase -i: add static check for commands and SHA-1,
2015-06-29) tried to check all insns before running any in the todo
list, but it did so by implementing its own parser that is a lot
stricter than necessary. We used to allow lines that are indented
(including comment lines), and we used to allow a whitespace between
the insn and the commit object name to be HT, among other things,
that are flagged as an invalid line by mistake.

Fix this by using the same tokenizer that is used to parse the todo
list file in the new check.

Whether it's a good thing to accept indented comments is
debatable (other commands like "git commit" do not accept them), but we
already accepted them in the past, and some people and scripts rely on
this behavior. Also, a line starting with space followed by a '#' cannot
have any meaning other than being a comment, hence it doesn't harm to
accept them as comments.

Largely based on patch by: Junio C Hamano <gitster@pobox.com>

[jc: updated test with quickfix from Torsten Bögershausen]

Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

gc: demonstrate failure with stale remote HEADJohannes Schindelin Mon, 28 Sep 2015 14:01:13 +0000 (16:01 +0200)

gc: demonstrate failure with stale remote HEAD

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

sha1_file: consolidate code to close a pack's file... Johannes Schindelin Mon, 5 Oct 2015 20:30:24 +0000 (22:30 +0200)

sha1_file: consolidate code to close a pack's file descriptor

There was a lot of repeated code to close the file descriptor of
a given pack. Let's just refactor this code into a single function.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

t5700: demonstrate a Windows file locking issue with... Johannes Schindelin Mon, 5 Oct 2015 20:29:59 +0000 (22:29 +0200)

t5700: demonstrate a Windows file locking issue with `git clone --dissociate`

On Windows, dissociating from a reference can fail very easily due to
pack files that are still in use when they want to be removed.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

merge: grammofix in please-commit-before-merge messageAlex Henrie Fri, 2 Oct 2015 04:25:33 +0000 (22:25 -0600)

merge: grammofix in please-commit-before-merge message

Signed-off-by: Alex Henrie <alexhenrie24@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

rebase-i: explicitly accept tab as separator in commandsMatthieu Moy Thu, 1 Oct 2015 08:18:41 +0000 (10:18 +0200)

rebase-i: explicitly accept tab as separator in commands

The git-rebase-todo is parsed several times with different parsers. In
principle, the user input is normalized by transform_todo_ids and
further parsing can be stricter.

In case the user wrote

pick deadbeef<TAB>commit message

the parser of transform_todo_ids was considering the sha1 to be
"deadbeef<TAB>commit", and was leaving the tab in the transformed sheet.
In practice, this went unnoticed since the actual command interpretation
was done later in do_next which did accept the tab as a separator.

Make it explicit in the code of transform_todo_ids that tabs are
accepted. This way, code that mimicks it will also accept tabs as
separator.

A similar construct appears in skip_unnecessary_picks, but this one
comes after transform_todo_ids, hence reads the normalized format, so it
needs not be changed.

Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

status: don't say 'HEAD detached at HEAD'Matthieu Moy Sun, 27 Sep 2015 15:13:42 +0000 (17:13 +0200)

status: don't say 'HEAD detached at HEAD'

After using "git checkout --detach", the reflog is left with an entry
like

checkout: moving from ... to HEAD

This message is parsed to generate the 'HEAD detached at' message in
'git branch' and 'git status', which leads to the not-so-useful message
'HEAD detached at HEAD'.

Instead, when parsing such reflog entry, resolve HEAD to the
corresponding commit in the reflog, so that the message becomes 'HEAD
detached at $sha1'.

Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

t3203: test 'detached at' after checkout --detachMatthieu Moy Sun, 27 Sep 2015 15:13:41 +0000 (17:13 +0200)

t3203: test 'detached at' after checkout --detach

This currently fails: the output is 'HEAD detached at HEAD'.

Signed-off-by: Matthieu Moy <Matthieu.Moy@imag.fr>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

am: configure gpg at startupRenee Margaret McConahy Wed, 30 Sep 2015 17:49:44 +0000 (13:49 -0400)

am: configure gpg at startup

The new builtin am ignores the user.signingkey variable: gpg is being
called with the committer details as the key ID, which may not be
correct. git_gpg_config is responsible for handling that variable and is
expected to be called on initialization by any modules that use gpg.

Signed-off-by: Renee Margaret McConahy <nepella@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

l10n: ru.po: update Russian translationDimitriy Ryazantcev Wed, 30 Sep 2015 15:01:23 +0000 (18:01 +0300)

l10n: ru.po: update Russian translation

Signed-off-by: Dimitriy Ryazantcev <dimitriy.ryazantcev@gmail.com>

Git 2.6.1 v2.6.1Junio C Hamano Tue, 29 Sep 2015 02:19:27 +0000 (19:19 -0700)

Git 2.6.1

Signed-off-by: Junio C Hamano <gitster@pobox.com>

Sync with v2.5.4Junio C Hamano Tue, 29 Sep 2015 02:16:54 +0000 (19:16 -0700)

Sync with v2.5.4

Git 2.5.4 v2.5.4Junio C Hamano Mon, 28 Sep 2015 22:26:49 +0000 (15:26 -0700)

Git 2.5.4

Signed-off-by: Junio C Hamano <gitster@pobox.com>

Sync with 2.4.10Junio C Hamano Mon, 28 Sep 2015 22:33:56 +0000 (15:33 -0700)

Sync with 2.4.10

Git 2.4.10 v2.4.10Junio C Hamano Mon, 28 Sep 2015 22:29:54 +0000 (15:29 -0700)

Git 2.4.10

Signed-off-by: Junio C Hamano <gitster@pobox.com>

Sync with 2.3.10Junio C Hamano Mon, 28 Sep 2015 22:28:26 +0000 (15:28 -0700)

Sync with 2.3.10

Git 2.3.10 v2.3.10Junio C Hamano Mon, 28 Sep 2015 22:00:37 +0000 (15:00 -0700)

Git 2.3.10

Signed-off-by: Junio C Hamano <gitster@pobox.com>

Merge branch 'jk/xdiff-memory-limits' into maint-2.3Junio C Hamano Mon, 28 Sep 2015 21:59:28 +0000 (14:59 -0700)

Merge branch 'jk/xdiff-memory-limits' into maint-2.3

merge-file: enforce MAX_XDIFF_SIZE on incoming filesJeff King Fri, 25 Sep 2015 21:58:09 +0000 (17:58 -0400)

merge-file: enforce MAX_XDIFF_SIZE on incoming files

The previous commit enforces MAX_XDIFF_SIZE at the
interfaces to xdiff: xdi_diff (which calls xdl_diff) and
ll_xdl_merge (which calls xdl_merge).

But we have another direct call to xdl_merge in
merge-file.c. If it were written today, this probably would
just use the ll_merge machinery. But it predates that code,
and uses slightly different options to xdl_merge (e.g.,
ZEALOUS_ALNUM).

We could try to abstract out an xdi_merge to match the
existing xdi_diff, but even that is difficult. Rather than
simply report error, we try to treat large files as binary,
and that distinction would happen outside of xdi_merge.

The simplest fix is to just replicate the MAX_XDIFF_SIZE
check in merge-file.c.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

xdiff: reject files larger than ~1GBJeff King Thu, 24 Sep 2015 23:12:45 +0000 (19:12 -0400)

xdiff: reject files larger than ~1GB

The xdiff code is not prepared to handle extremely large
files. It uses "int" in many places, which can overflow if
we have a very large number of lines or even bytes in our
input files. This can cause us to produce incorrect diffs,
with no indication that the output is wrong. Or worse, we
may even underallocate a buffer whose size is the result of
an overflowing addition.

We're much better off to tell the user that we cannot diff
or merge such a large file. This patch covers both cases,
but in slightly different ways:

1. For merging, we notice the large file and cleanly fall
back to a binary merge (which is effectively "we cannot
merge this").

2. For diffing, we make the binary/text distinction much
earlier, and in many different places. For this case,
we'll use the xdi_diff as our choke point, and reject
any diff there before it hits the xdiff code.

This means in most cases we'll die() immediately after.
That's not ideal, but in practice we shouldn't
generally hit this code path unless the user is trying
to do something tricky. We already consider files
larger than core.bigfilethreshold to be binary, so this
code would only kick in when that is circumvented
(either by bumping that value, or by using a
.gitattribute to mark a file as diffable).

In other words, we can avoid being "nice" here, because
there is already nice code that tries to do the right
thing. We are adding the suspenders to the nice code's
belt, so notice when it has been worked around (both to
protect the user from malicious inputs, and because it
is better to die() than generate bogus output).

The maximum size was chosen after experimenting with feeding
large files to the xdiff code. It's just under a gigabyte,
which leaves room for two obvious cases:

- a diff3 merge conflict result on files of maximum size X
could be 3*X plus the size of the markers, which would
still be only about 3G, which fits in a 32-bit int.

- some of the diff code allocates arrays of one int per
record. Even if each file consists only of blank lines,
then a file smaller than 1G will have fewer than 1G
records, and therefore the int array will fit in 4G.

Since the limit is arbitrary anyway, I chose to go under a
gigabyte, to leave a safety margin (e.g., we would not want
to overflow by allocating "(records + 1) * sizeof(int)" or
similar.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

react to errors in xdi_diffJeff King Thu, 24 Sep 2015 23:12:23 +0000 (19:12 -0400)

react to errors in xdi_diff

When we call into xdiff to perform a diff, we generally lose
the return code completely. Typically by ignoring the return
of our xdi_diff wrapper, but sometimes we even propagate
that return value up and then ignore it later. This can
lead to us silently producing incorrect diffs (e.g., "git
log" might produce no output at all, not even a diff header,
for a content-level diff).

In practice this does not happen very often, because the
typical reason for xdiff to report failure is that it
malloc() failed (it uses straight malloc, and not our
xmalloc wrapper). But it could also happen when xdiff
triggers one our callbacks, which returns an error (e.g.,
outf() in builtin/rerere.c tries to report a write failure
in this way). And the next patch also plans to add more
failure modes.

Let's notice an error return from xdiff and react
appropriately. In most of the diff.c code, we can simply
die(), which matches the surrounding code (e.g., that is
what we do if we fail to load a file for diffing in the
first place). This is not that elegant, but we are probably
better off dying to let the user know there was a problem,
rather than simply generating bogus output.

We could also just die() directly in xdi_diff, but the
callers typically have a bit more context, and can provide a
better message (and if we do later decide to pass errors up,
we're one step closer to doing so).

There is one interesting case, which is in diff_grep(). Here
if we cannot generate the diff, there is nothing to match,
and we silently return "no hits". This is actually what the
existing code does already, but we make it a little more
explicit.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

Merge branch 'jk/transfer-limit-redirection' into maint-2.3Junio C Hamano Mon, 28 Sep 2015 21:46:05 +0000 (14:46 -0700)

Merge branch 'jk/transfer-limit-redirection' into maint-2.3

Merge branch 'jk/transfer-limit-protocol' into maint-2.3Junio C Hamano Mon, 28 Sep 2015 21:33:27 +0000 (14:33 -0700)

Merge branch 'jk/transfer-limit-protocol' into maint-2.3

Git 2.6 v2.6.0Junio C Hamano Mon, 28 Sep 2015 20:18:01 +0000 (13:18 -0700)

Git 2.6

Signed-off-by: Junio C Hamano <gitster@pobox.com>

ls-remote.txt: delete unsupported optionNguyễn Thái Ngọc Duy Mon, 28 Sep 2015 12:30:17 +0000 (19:30 +0700)

ls-remote.txt: delete unsupported option

-u <exec> has never been supported, but it was mentioned since
0a2bb55 (git ls-remote: make usage string match manpage -
2008-11-11). Nobody has complained about it for seven years, it's
probably safe to say nobody cares. So let's remove "-u" in documents
instead of adding code to support it.

While at there, fix --upload-pack syntax too.

Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

setup: fix "inside work tree" detection on case-insensi... Johannes Schindelin Mon, 28 Sep 2015 16:12:18 +0000 (18:12 +0200)

setup: fix "inside work tree" detection on case-insensitive filesystems

Git has a config variable to indicate that it is operating on a file
system that is case-insensitive: core.ignoreCase. But the
`dir_inside_of()` function did not respect that. As a result, if Git's
idea of the current working directory disagreed in its upper/lower case
with the `GIT_WORK_TREE` variable (e.g. `C:\test` vs `c:\test`) the
user would be greeted by the error message

fatal: git-am cannot be used without a working tree.

when trying to run a rebase.

This fixes https://github.com/git-for-windows/git/issues/402 (reported by
Daniel Harding).

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

http: limit redirection depthBlake Burkhart Tue, 22 Sep 2015 22:06:20 +0000 (18:06 -0400)

http: limit redirection depth

By default, libcurl will follow circular http redirects
forever. Let's put a cap on this so that somebody who can
trigger an automated fetch of an arbitrary repository (e.g.,
for CI) cannot convince git to loop infinitely.

The value chosen is 20, which is the same default that
Firefox uses.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

http: limit redirection to protocol-whitelistBlake Burkhart Tue, 22 Sep 2015 22:06:04 +0000 (18:06 -0400)

http: limit redirection to protocol-whitelist

Previously, libcurl would follow redirection to any protocol
it was compiled for support with. This is desirable to allow
redirection from HTTP to HTTPS. However, it would even
successfully allow redirection from HTTP to SFTP, a protocol
that git does not otherwise support at all. Furthermore
git's new protocol-whitelisting could be bypassed by
following a redirect within the remote helper, as it was
only enforced at transport selection time.

This patch limits redirects within libcurl to HTTP, HTTPS,
FTP and FTPS. If there is a protocol-whitelist present, this
list is limited to those also allowed by the whitelist. As
redirection happens from within libcurl, it is impossible
for an HTTP redirect to a protocol implemented within
another remote helper.

When the curl version git was compiled with is too old to
support restrictions on protocol redirection, we warn the
user if GIT_ALLOW_PROTOCOL restrictions were requested. This
is a little inaccurate, as even without that variable in the
environment, we would still restrict SFTP, etc, and we do
not warn in that case. But anything else means we would
literally warn every time git accesses an http remote.

This commit includes a test, but it is not as robust as we
would hope. It redirects an http request to ftp, and checks
that curl complained about the protocol, which means that we
are relying on curl's specific error message to know what
happened. Ideally we would redirect to a working ftp server
and confirm that we can clone without protocol restrictions,
and not with them. But we do not have a portable way of
providing an ftp server, nor any other protocol that curl
supports (https is the closest, but we would have to deal
with certificates).

[jk: added test and version warning]

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

transport: refactor protocol whitelist codeJeff King Tue, 22 Sep 2015 22:03:49 +0000 (18:03 -0400)

transport: refactor protocol whitelist code

The current callers only want to die when their transport is
prohibited. But future callers want to query the mechanism
without dying.

Let's break out a few query functions, and also save the
results in a static list so we don't have to re-parse for
each query.

Based-on-a-patch-by: Blake Burkhart <bburky@bburky.com>
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

Documentation: fix section header mark-upJohn Keeping Fri, 25 Sep 2015 12:59:35 +0000 (13:59 +0100)

Documentation: fix section header mark-up

Asciidoctor is stricter than AsciiDoc when deciding if underlining
is a section title or the start of preformatted text. Make the
length of the underlining match the text to ensure that it renders
correctly in all implementations.

Signed-off-by: John Keeping <john@keeping.me.uk>
[jc: squashed in git-bisect one noticed by Michael J Gruber]
Signed-off-by: Junio C Hamano <gitster@pobox.com>

t/perf: make runner work even if Git is not installedStephan Beyer Fri, 25 Sep 2015 00:31:37 +0000 (02:31 +0200)

t/perf: make runner work even if Git is not installed

aggregate.perl did not work when Git.pm is not installed to a directory
contained in the default Perl library path list or PERLLIB.
This commit prepends the Perl library path of the current Git source
tree to enable this.

Note that this commit adds a hard-coded relative path

use lib '../../perl/blib/lib';

instead of the flexible environment-based variant

use lib (split(/:/, $ENV{GITPERLLIB}));

which is used in tests written in Perl.
The hard-coded variant is used because the whole performance test
framework does it that way (and GITPERLLIB is not set there).

Signed-off-by: Stephan Beyer <s-beyer@gmx.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

connect: fix typo in result string of prot_name()Tobias Klauser Thu, 24 Sep 2015 12:44:49 +0000 (14:44 +0200)

connect: fix typo in result string of prot_name()

Replace 'unkown' with 'unknown'.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

t5561: get rid of racy appending to logfileStephan Beyer Thu, 24 Sep 2015 18:12:22 +0000 (20:12 +0200)

t5561: get rid of racy appending to logfile

The definition of log_div() appended information to the web server's
logfile to make the test more readable. However, log_div() was called
right after a request is served (which is done by git-http-backend);
the web server waits for the git-http-backend process to exit before
it writes to the log file. When the duration between serving a request
and exiting was long, the log_div() output was written before the last
request's log, and the test failed. (This duration could become
especially long for PROFILE=GEN builds.)

To get rid of this behavior, we should not change the logfile at all.
This commit removes log_div() and its calls. The additional information
is kept in the test (for readability reasons) but filtered out before
comparing it to the actual logfile.

Signed-off-by: Stephan Beyer <s-beyer@gmx.net>
Reviewed-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

fsck: exit with non-zero when problems are foundJunio C Hamano Wed, 23 Sep 2015 20:46:39 +0000 (13:46 -0700)

fsck: exit with non-zero when problems are found

After finding some problems (e.g. a ref refs/heads/X points at an
object that is not a commit) and issuing an error message, the
program failed to signal the fact that it found an error by a
non-zero exit status.

Signed-off-by: Junio C Hamano <gitster@pobox.com>

submodule: allow only certain protocols for submodule... Jeff King Wed, 16 Sep 2015 17:13:12 +0000 (13:13 -0400)

submodule: allow only certain protocols for submodule fetches

Some protocols (like git-remote-ext) can execute arbitrary
code found in the URL. The URLs that submodules use may come
from arbitrary sources (e.g., .gitmodules files in a remote
repository). Let's restrict submodules to fetching from a
known-good subset of protocols.

Note that we apply this restriction to all submodule
commands, whether the URL comes from .gitmodules or not.
This is more restrictive than we need to be; for example, in
the tests we run:

git submodule add ext::...

which should be trusted, as the URL comes directly from the
command line provided by the user. But doing it this way is
simpler, and makes it much less likely that we would miss a
case. And since such protocols should be an exception
(especially because nobody who clones from them will be able
to update the submodules!), it's not likely to inconvenience
anyone in practice.

Reported-by: Blake Burkhart <bburky@bburky.com>
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

transport: add a protocol-whitelist environment variableJeff King Wed, 16 Sep 2015 17:12:52 +0000 (13:12 -0400)

transport: add a protocol-whitelist environment variable

If we are cloning an untrusted remote repository into a
sandbox, we may also want to fetch remote submodules in
order to get the complete view as intended by the other
side. However, that opens us up to attacks where a malicious
user gets us to clone something they would not otherwise
have access to (this is not necessarily a problem by itself,
but we may then act on the cloned contents in a way that
exposes them to the attacker).

Ideally such a setup would sandbox git entirely away from
high-value items, but this is not always practical or easy
to set up (e.g., OS network controls may block multiple
protocols, and we would want to enable some but not others).

We can help this case by providing a way to restrict
particular protocols. We use a whitelist in the environment.
This is more annoying to set up than a blacklist, but
defaults to safety if the set of protocols git supports
grows). If no whitelist is specified, we continue to default
to allowing all protocols (this is an "unsafe" default, but
since the minority of users will want this sandboxing
effect, it is the only sensible one).

A note on the tests: ideally these would all be in a single
test file, but the git-daemon and httpd test infrastructure
is an all-or-nothing proposition rather than a test-by-test
prerequisite. By putting them all together, we would be
unable to test the file-local code on machines without
apache.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

notes: correct documentation of DWIMery for notes refer... Jacob Keller Tue, 22 Sep 2015 22:15:03 +0000 (15:15 -0700)

notes: correct documentation of DWIMery for notes references

expand_notes_ref is used by --ref from git-notes(1) and --notes from the
git log to find the full refname of a notes reference. Previously the
documentation of these options was not clear about what sorts of
expansions would be performed. Fix the documentation to clearly and
accurately describe the behavior of the expansions.

Add a test for this expansion when using git notes get-ref in order to
prevent future patches from changing this behavior.

Signed-off-by: Jacob Keller <jacob.keller@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

git-p4: handle "Translation of file content failed"Lars Schneider Mon, 21 Sep 2015 10:01:41 +0000 (12:01 +0200)

git-p4: handle "Translation of file content failed"

A P4 repository can get into a state where it contains a file with
type UTF-16 that does not contain a valid UTF-16 BOM. If git-p4
attempts to retrieve the file then the process crashes with a
"Translation of file content failed" error.

More info here: http://answers.perforce.com/articles/KB/3117

Fix this by detecting this error and retrieving the file as binary
instead. The result in Git is the same.

Known issue: This works only if git-p4 is executed in verbose mode.
In normal mode no exceptions are thrown and git-p4 just exits.

Signed-off-by: Lars Schneider <larsxschneider@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

git-p4: add test case for "Translation of file content... Lars Schneider Mon, 21 Sep 2015 10:01:40 +0000 (12:01 +0200)

git-p4: add test case for "Translation of file content failed" error

A P4 repository can get into a state where it contains a file with
type UTF-16 that does not contain a valid UTF-16 BOM. If git-p4
attempts to retrieve the file then the process crashes with a
"Translation of file content failed" error.

More info here: http://answers.perforce.com/articles/KB/3117

Signed-off-by: Lars Schneider <larsxschneider@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

Git 2.6-rc3 v2.6.0-rc3Junio C Hamano Mon, 21 Sep 2015 20:26:13 +0000 (13:26 -0700)

Git 2.6-rc3

Signed-off-by: Junio C Hamano <gitster@pobox.com>

Merge branch 'rj/mailmap-ramsay'Junio C Hamano Mon, 21 Sep 2015 19:58:35 +0000 (12:58 -0700)

Merge branch 'rj/mailmap-ramsay'

* rj/mailmap-ramsay:
mailmap: update my entry with new email address

Merge branch 'bn/send-email-smtp-auth-error-message... Junio C Hamano Mon, 21 Sep 2015 19:27:15 +0000 (12:27 -0700)

Merge branch 'bn/send-email-smtp-auth-error-message-fix'

Fix a minor regression brought in to "git send-email" by a recent
addition of the "--smtp-auth" option.

* bn/send-email-smtp-auth-error-message-fix:
send-email: fix uninitialized var warning for $smtp_auth

Merge tag 'l10n-2.6.0-rnd2+de' of git://github.com... Junio C Hamano Mon, 21 Sep 2015 17:54:07 +0000 (10:54 -0700)

Merge tag 'l10n-2.6.0-rnd2+de' of git://github.com/git-l10n/git-po

l10n-2.6.0-rnd2 plus de

* tag 'l10n-2.6.0-rnd2+de' of git://github.com/git-l10n/git-po: (25 commits)
l10n: de.po: better language for one string
l10n: de.po: translate 2 messages
l10n: Update and review Vietnamese translation (2440t)
l10n: fr.po v2.6.0 round 2 (2440t)
l10n: zh_CN: for git v2.6.0 l10n round 2
l10n: ca.po: update translation
l10n: git.pot: v2.6.0 round 2 (3 improvements)
l10n: de.po: translate 123 new messages
l10n: fr.po v2.6.0 round 1 (2441t)
l10n: sv.po: Update Swedish translation (2441t0f0u)
l10n: zh_CN: for git v2.6.0 l10n round 1
l10n: Updated Vietnamese translation (2441t)
l10n: git.pot: v2.6.0 round 1 (123 new, 41 removed)
l10n: zh_CN: Update Git Glossary: "commit message"
l10n: zh_CN: Update Git Glossary: pickaxe
l10n: zh_CN: Update Git Glossary: fork
l10n: zh_CN: Update Git Glossary: tag
l10n: zh_CN: Update Git Glossary: "dumb", "smart"
l10n: zh_CN: Update Git Glossary: SHA-1
l10n: zh_CN: Add Surrounding Spaces
...

send-email: fix uninitialized var warning for $smtp_authBrian Norris Fri, 18 Sep 2015 22:12:50 +0000 (15:12 -0700)

send-email: fix uninitialized var warning for $smtp_auth

On the latest version of git-send-email, I see this error just before
running SMTP auth (I didn't provide any --smtp-auth= parameter):

Use of uninitialized value $smtp_auth in pattern match (m//) at \
/home/briannorris/git/git/git-send-email.perl line 1139.

Signed-off-by: Brian Norris <computersforpeace@gmail.com>
Reviewed-by: Eric Sunshine <sunshine@sunshineco.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>