v2.4 [Jun 16, 2015]
In preparing security fixes for four CVEs, we made overly aggressive
"defense in depth" changes that broke legitimate use cases like 'git
lfs' and 'git annex.' This release is to revert these misguided, if
well-intentioned, changes that were shipped in 2.45.1 and were not
direct security fixes.
Jeff King (5):
send-email: drop FakeTerm hack
send-email: avoid creating more than one Term::ReadLine object
ci: drop mention of BREW_INSTALL_PACKAGES variable
ci: avoid bare "gcc" for osx-gcc job
ci: stop installing "gcc-13" for osx-gcc
Johannes Schindelin (6):
hook: plug a new memory leak
init: use the correct path of the templates directory again
Revert "core.hooksPath: add some protection while cloning"
tests: verify that `clone -c core.hooksPath=/dev/null` works again
clone: drop the protections where hooks aren't run
Revert "Add a helper function to compare file contents"
Junio C Hamano (1):
Revert "fsck: warn about symlink pointing inside a gitdir"
v2.2 [Dec 12, 2018]
-Historically, the "-m" (mainline) option can only be used for "git cherry-pick" and "git revert" when working with a merge commit. This version of Git no longer warns or errors out when working with a single-parent commit, as long as the argument to the "-m" option is 1 (i.e. it has only one parent, and the request is to pick or revert relative to that first parent). Scripts that relied on the behaviour may get broken with this change.
v2.1 [Sep 3, 2016]
The code that parses the format parameter of for-each-ref command has seen a micro-optimization.
The "graph" API used in "git log --graph" miscounted the number of output columns consumed so far when drawing a padding line, which has been fixed; this did not affect any existing code as nobody tried to write anything after the padding on such a line, though.
Almost everybody uses DEFAULT_ABBREV to refer to the default setting for the abbreviation, but "git blame" peeked into underlying variable bypassing the macro for no good reason.
Doc update to clarify what "log -3 --reverse" does.
An author name, that spelled a backslash-quoted double quote in the human readable part "My \"double quoted\" name", was not unquoted correctly while applying a patch from a piece of e-mail.
The original command line syntax for "git merge", which was "git merge HEAD ...", has been deprecated for quite some time, and "git gui" was the last in-tree user of the syntax. This is finally fixed, so that we can move forward with the deprecation.
Codepaths that read from an on-disk loose object were too loose in validating what they are reading is a proper object file and sometimes read past the data they read from the disk, which has been corrected. H/t to Gustavo Grieco for reporting.
"git worktree", even though it used the default_abbrev setting that ought to be affected by core.abbrev configuration variable, ignored the variable setting. The command has been taught to read the default set of configuration variables to correct this.
A low-level function verify_packfile() was meant to show errors that were detected without dying itself, but under some conditions it didn't and died instead, which has been fixed.
When "git fetch" tries to find where the history of the repository it runs in has diverged from what the other side has, it has a mechanism to avoid digging too deep into irrelevant side branches. This however did not work well over the "smart- http" transport due to a design bug, which has been fixed.
When we started cURL to talk to imap server when a new enough version of cURL library is available, we forgot to explicitly add imap(s):// before the destination. To some folks, that didn't work and the library tried to make HTTP(s) requests instead.
The ./configure script generated from configure.ac was taught how to detect support of SSL by libcurl better.
http.emptyauth configuration is a way to allow an empty username to pass when attempting to authenticate using mechanisms like Kerberos. We took an unspecified (NULL) username and sent ":" (i.e. no username, no password) to CURLOPT_USERPWD, but did not do the same when the username is explicitly set to an empty string.
"git clone" of a local repository can be done at the filesystem level, but the codepath did not check errors while copying and adjusting the file that lists alternate object stores.
Documentation for "git commit" was updated to clarify that "commit -p " adds to the current contents of the index to come up with what to commit.
A stray symbolic link in $GIT_DIR/refs/ directory could make name resolution loop forever, which has been corrected.
The "submodule..path" stored in .gitmodules is never copied to .git/config and such a key in .git/config has no meaning, but the documentation described it and submodule..url next to each other as if both belong to .git/config. This has been fixed.
Recent git allows submodule..branch to use a special token "." instead of the branch name; the documentation has been updated to describe it.
v1.9 [Feb 19, 2014]
New Features:
- Comes with Git 1.9.2 plus Windows-specific patches.
- Custom installer settings can be saved and loaded, for unsupervised installation on batches of machines (msysGit PR #168).
- Comes with VIM 7.4 (msysGit PR #170).
- Comes with ZLib 1.2.8.
- Comes with xargs 4.4.2.
Bugfixes:
- Work around stack limitations when listing an insane number of tags (PR #154).
- Assorted test fixes (PRs #156, #158).
- Compile warning fix in config.c (PR #159).
- Ships with actual dos2unix and unix2dos.
- The installer no longer recommends mixing with Cygwin.
- Fixes a regression in Git-Cheetah which froze the Explorer upon calling Git Bash from the context menu (Git-Cheetah PRs #14 and #15).
v1.8 [Oct 23, 2012]
--The attribute mechanism didn't allow limiting attributes to be
applied to only a single directory itself with "path/" like the
exclude mechanism does. The fix for this in 1.8.1.2 had
performance degradations.
--Command line completion code was inadvertently made incompatible with
older versions of bash by using a newer array notation.
--Scripts to test bash completion was inherently flaky as it was
affected by whatever random things the user may have on $PATH.
--A fix was added to the build procedure to work around buggy
versions of ccache broke the auto-generation of dependencies, which
unfortunately is still relevant because some people use ancient
distros.
--We used to stuff "user@" and then append what we read from
/etc/mailname to come up with a default e-mail ident, but a bug
lost the "user@" part.
--"git am" did not parse datestamp correctly from Hg generated patch,
when it is run in a locale outside C (or en).
--Attempt to "branch --edit-description" an existing branch, while
being on a detached HEAD, errored out.
--"git cherry-pick" did not replay a root commit to an unborn branch.
--We forgot to close the file descriptor reading from "gpg" output,
killing "git log --show-signature" on a long history.
--"git rebase --preserve-merges" lost empty merges in recent versions
of Git.
--Rebasing the history of superproject with change in the submodule
has been broken since v1.7.12.
--A failure to push due to non-ff while on an unborn branch
dereferenced a NULL pointer when showing an error message.
--Also contains various documentation fixes.