.git.metadata

@@ -1,2 +1,2 @@
-7577a22e233e892dba5cf19a3a57cef2062d01e6 SOURCES/git-2.43.5.tar.sign
+6ee94f976a315b7897a6e663d8e6e97283ff5adb SOURCES/git-2.47.1.tar.sign
-31decef72034ae36c8098a9e6bb13a7dd4859fd9 SOURCES/git-2.43.5.tar.xz
+63654fcfa1604c7470bcc9c4e2d1cdba218a8bc3 SOURCES/git-2.47.1.tar.xz

.gitignore

@@ -1,2 +1,2 @@
-SOURCES/git-2.43.5.tar.sign
+SOURCES/git-2.47.1.tar.sign
-SOURCES/git-2.43.5.tar.xz
+SOURCES/git-2.47.1.tar.xz

SOURCES/0001-Switch-git-instaweb-default-to-apache-2.26.2.patch

@@ -1,12 +0,0 @@
-diff -ur a/git-instaweb.sh b/git-instaweb.sh
---- a/git-instaweb.sh	2020-04-20 17:52:30.000000000 +0200
-+++ b/git-instaweb.sh	2020-05-27 12:36:20.725300334 +0200
-@@ -36,7 +36,7 @@
- # Defaults:
- 
- # if installed, it doesn't need further configuration (module_path)
--test -z "$httpd" && httpd='lighttpd -f'
-+test -z "$httpd" && httpd='httpd -f'
- 
- # Default is @@GITWEBDIR@@
- test -z "$root" && root='@@GITWEBDIR@@'

SOURCES/git-2.43.0-slow-shallow-clones.patch

@@ -1,115 +0,0 @@
-From 51441e6460b505c07b4a8a6deeaa7de4bf6e8e33 Mon Sep 17 00:00:00 2001
-From: Junio C Hamano <gitster@pobox.com>
-Date: Fri, 3 May 2024 08:34:27 -0700
-Subject: [PATCH] stop using HEAD for attributes in bare repository by default
-
-With 23865355 (attr: read attributes from HEAD when bare repo,
-2023-10-13), we started to use the HEAD tree as the default
-attribute source in a bare repository.  One argument for such a
-behaviour is that it would make things like "git archive" run in
-bare and non-bare repositories for the same commit consistent.
-This changes was merged to Git 2.43 but without an explicit mention
-in its release notes.
-
-It turns out that this change destroys performance of shallowly
-cloning from a bare repository.  As the "server" installations are
-expected to be mostly bare, and "git pack-objects", which is the
-core of driving the other side of "git clone" and "git fetch" wants
-to see if a path is set not to delta with blobs from other paths via
-the attribute system, the change forces the server side to traverse
-the tree of the HEAD commit needlessly to find if each and every
-paths the objects it sends out has the attribute that controls the
-deltification.  Given that (1) most projects do not configure such
-an attribute, and (2) it is dubious for the server side to honor
-such an end-user supplied attribute anyway, this was a poor choice
-of the default.
-
-To mitigate the current situation, let's revert the change that uses
-the tree of HEAD in a bare repository by default as the attribute
-source.  This will help most people who have been happy with the
-behaviour of Git 2.42 and before.
-
-Two things to note:
-
- * If you are stuck with versions of Git 2.43 or newer, that is
-   older than the release this fix appears in, you can explicitly
-   set the attr.tree configuration variable to point at an empty
-   tree object, i.e.
-
-	$ git config attr.tree 4b825dc642cb6eb9a060e54bf8d69288fbee4904
-
- * If you like the behaviour we are reverting, you can explicitly
-   set the attr.tree configuration variable to HEAD, i.e.
-
-	$ git config attr.tree HEAD
-
-The right fix for this is to optimize the code paths that allow
-accesses to attributes in tree objects, but that is a much more
-involved change and is left as a longer-term project, outside the
-scope of this "first step" fix.
-
-Signed-off-by: Junio C Hamano <gitster@pobox.com>
----
- attr.c                  |  7 -------
- t/t0003-attributes.sh   | 10 ++++++++--
- t/t5001-archive-attr.sh |  3 ++-
- 3 files changed, 10 insertions(+), 10 deletions(-)
-
-diff --git a/attr.c b/attr.c
-index e62876dfd3e9be..02ab8436266289 100644
---- a/attr.c
-+++ b/attr.c
-@@ -1213,13 +1213,6 @@ static void compute_default_attr_source(struct object_id *attr_source)
- 		ignore_bad_attr_tree = 1;
- 	}
- 
--	if (!default_attr_source_tree_object_name &&
--	    startup_info->have_repository &&
--	    is_bare_repository()) {
--		default_attr_source_tree_object_name = "HEAD";
--		ignore_bad_attr_tree = 1;
--	}
--
- 	if (!default_attr_source_tree_object_name || !is_null_oid(attr_source))
- 		return;
- 
-diff --git a/t/t0003-attributes.sh b/t/t0003-attributes.sh
-index aee2298f01331a..5de46ddf67f7ff 100755
---- a/t/t0003-attributes.sh
-+++ b/t/t0003-attributes.sh
-@@ -384,13 +384,19 @@ test_expect_success 'bad attr source defaults to reading .gitattributes file' '
- 	)
- '
- 
--test_expect_success 'bare repo defaults to reading .gitattributes from HEAD' '
-+test_expect_success 'bare repo no longer defaults to reading .gitattributes from HEAD' '
- 	test_when_finished rm -rf test bare_with_gitattribute &&
- 	git init test &&
- 	test_commit -C test gitattributes .gitattributes "f/path test=val" &&
- 	git clone --bare test bare_with_gitattribute &&
--	echo "f/path: test: val" >expect &&
-+
-+	echo "f/path: test: unspecified" >expect &&
- 	git -C bare_with_gitattribute check-attr test -- f/path >actual &&
-+	test_cmp expect actual &&
-+
-+	echo "f/path: test: val" >expect &&
-+	git -C bare_with_gitattribute -c attr.tree=HEAD \
-+		check-attr test -- f/path >actual &&
- 	test_cmp expect actual
- '
- 
-diff --git a/t/t5001-archive-attr.sh b/t/t5001-archive-attr.sh
-index eaf959d8f63f15..7310774af5efea 100755
---- a/t/t5001-archive-attr.sh
-+++ b/t/t5001-archive-attr.sh
-@@ -133,7 +133,8 @@ test_expect_success 'git archive vs. bare' '
- '
- 
- test_expect_success 'git archive with worktree attributes, bare' '
--	(cd bare && git archive --worktree-attributes HEAD) >bare-worktree.tar &&
-+	(cd bare &&
-+	git -c attr.tree=HEAD archive --worktree-attributes HEAD) >bare-worktree.tar &&
- 	(mkdir bare-worktree && cd bare-worktree && "$TAR" xf -) <bare-worktree.tar
- '
- 

SOURCES/git-2.43.5-sanitize-sideband-channel-messages.patch

@@ -1,219 +0,0 @@
-From 13bb730859857c97f298e9a8c7b68fe00074b3d0 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Ond=C5=99ej=20Poho=C5=99elsk=C3=BD?= <opohorel@redhat.com>
-Date: Thu, 3 Apr 2025 14:46:53 +0200
-Subject: [PATCH] Adds the option to sanitize sideband channel messages
-
-CVE-2024-52005 wasn't fixed by upstream. This patch adds the option
-to harden Git against it.
-The default behaviour of Git remains unchanged.
-
-Changes are taken from Git for Windows. The only differences are that
-by default we are allowing all control characters, the documentation
-reflects it and one of the tests has to be invoked with a config
-change: `sideband.allowControlCharacters=color`
-
-These commits can also be seen in this upstream PR:
-https://github.com/gitgitgadget/git/pull/1853
----
- Documentation/config.txt            |  2 +
- Documentation/config/sideband.txt   | 16 ++++++
- sideband.c                          | 78 ++++++++++++++++++++++++++++-
- t/t5409-colorize-remote-messages.sh | 30 +++++++++++
- 4 files changed, 124 insertions(+), 2 deletions(-)
- create mode 100644 Documentation/config/sideband.txt
-
-diff --git a/Documentation/config.txt b/Documentation/config.txt
-index e3a74dd1c1..5b8bbdee82 100644
---- a/Documentation/config.txt
-+++ b/Documentation/config.txt
-@@ -513,6 +513,8 @@ include::config/sequencer.txt[]
- 
- include::config/showbranch.txt[]
- 
-+include::config/sideband.txt[]
-+
- include::config/sparse.txt[]
- 
- include::config/splitindex.txt[]
-diff --git a/Documentation/config/sideband.txt b/Documentation/config/sideband.txt
-new file mode 100644
-index 0000000000..1adc831667
---- /dev/null
-+++ b/Documentation/config/sideband.txt
-@@ -0,0 +1,16 @@
-+sideband.allowControlCharacters::
-+	By default, control characters that are delivered via the sideband
-+	are NOT masked. Use this config setting to prevent potentially
-+	unwanted ANSI escape sequences from being sent to the terminal:
-++
-+--
-+	color::
-+		Allow ANSI color sequences, line feeds and horizontal tabs,
-+		but mask all other control characters.
-+	false::
-+		Mask all control characters other than line feeds and
-+		horizontal tabs.
-+	true::
-+		Allow all control characters to be sent to the terminal.
-+        This is the default.
-+--
-\ No newline at end of file
-diff --git a/sideband.c b/sideband.c
-index 266a67342b..316a401a5d 100644
---- a/sideband.c
-+++ b/sideband.c
-@@ -23,6 +23,12 @@ static struct keyword_entry keywords[] = {
- 	{ "error",	GIT_COLOR_BOLD_RED },
- };
- 
-+static enum {
-+	ALLOW_NO_CONTROL_CHARACTERS = 0,
-+	ALLOW_ALL_CONTROL_CHARACTERS = 1,
-+	ALLOW_ANSI_COLOR_SEQUENCES = 2
-+} allow_control_characters = ALLOW_ALL_CONTROL_CHARACTERS;
-+
- /* Returns a color setting (GIT_COLOR_NEVER, etc). */
- static int use_sideband_colors(void)
- {
-@@ -36,6 +42,25 @@ static int use_sideband_colors(void)
- 	if (use_sideband_colors_cached >= 0)
- 		return use_sideband_colors_cached;
- 
-+	switch (git_config_get_maybe_bool("sideband.allowcontrolcharacters", &i)) {
-+	case 0: /* Boolean value */
-+		allow_control_characters = i ? ALLOW_ALL_CONTROL_CHARACTERS :
-+			ALLOW_NO_CONTROL_CHARACTERS;
-+		break;
-+	case -1: /* non-Boolean value */
-+		if (git_config_get_string_tmp("sideband.allowcontrolcharacters",
-+							&value))
-+			; /* huh? `get_maybe_bool()` returned -1 */
-+		else if (!strcmp(value, "color"))
-+			allow_control_characters = ALLOW_ANSI_COLOR_SEQUENCES;
-+		else
-+			warning(_("unrecognized value for `sideband."
-+					"allowControlCharacters`: '%s'"), value);
-+		break;
-+	default:
-+		break; /* not configured */
-+	}
-+
- 	if (!git_config_get_string(key, &value)) {
- 		use_sideband_colors_cached = git_config_colorbool(key, value);
- 	} else if (!git_config_get_string("color.ui", &value)) {
-@@ -64,6 +89,55 @@ void list_config_color_sideband_slots(struct string_list *list, const char *pref
- 		list_config_item(list, prefix, keywords[i].keyword);
- }
- 
-+static int handle_ansi_color_sequence(struct strbuf *dest, const char *src, int n)
-+{
-+	int i;
-+
-+	/*
-+	 * Valid ANSI color sequences are of the form
-+	 *
-+	 * ESC [ [<n> [; <n>]*] m
-+	 */
-+
-+	if (allow_control_characters != ALLOW_ANSI_COLOR_SEQUENCES ||
-+	    n < 3 || src[0] != '\x1b' || src[1] != '[')
-+		return 0;
-+
-+	for (i = 2; i < n; i++) {
-+		if (src[i] == 'm') {
-+			strbuf_add(dest, src, i + 1);
-+			return i;
-+		}
-+		if (!isdigit(src[i]) && src[i] != ';')
-+			break;
-+	}
-+
-+	return 0;
-+}
-+
-+static void strbuf_add_sanitized(struct strbuf *dest, const char *src, int n)
-+{
-+	int i;
-+
-+	if (allow_control_characters == ALLOW_ALL_CONTROL_CHARACTERS) {
-+			strbuf_add(dest, src, n);
-+			return;
-+		}
-+	
-+	strbuf_grow(dest, n);
-+	for (; n && *src; src++, n--) {
-+		if (!iscntrl(*src) || *src == '\t' || *src == '\n')
-+			strbuf_addch(dest, *src);
-+		else if ((i = handle_ansi_color_sequence(dest, src, n))) {
-+				src += i;
-+				n -= i;
-+		} else {
-+			strbuf_addch(dest, '^');
-+			strbuf_addch(dest, 0x40 + *src);
-+		}
-+	}
-+}
-+
- /*
-  * Optionally highlight one keyword in remote output if it appears at the start
-  * of the line. This should be called for a single line only, which is
-@@ -79,7 +153,7 @@ static void maybe_colorize_sideband(struct strbuf *dest, const char *src, int n)
- 	int i;
- 
- 	if (!want_color_stderr(use_sideband_colors())) {
--		strbuf_add(dest, src, n);
-+		strbuf_add_sanitized(dest, src, n);
- 		return;
- 	}
- 
-@@ -112,7 +186,7 @@ static void maybe_colorize_sideband(struct strbuf *dest, const char *src, int n)
- 		}
- 	}
- 
--	strbuf_add(dest, src, n);
-+	strbuf_add_sanitized(dest, src, n);
- }
- 
- 
-diff --git a/t/t5409-colorize-remote-messages.sh b/t/t5409-colorize-remote-messages.sh
-index fa5de4500a..3b5ff00363 100755
---- a/t/t5409-colorize-remote-messages.sh
-+++ b/t/t5409-colorize-remote-messages.sh
-@@ -98,4 +98,34 @@ test_expect_success 'fallback to color.ui' '
- 	grep "<BOLD;RED>error<RESET>: error" decoded
- '
- 
-+test_expect_success 'disallow (color) control sequences in sideband' '
-+	write_script .git/color-me-surprised <<-\EOF &&
-+	printf "error: Have you \\033[31mread\\033[m this?\\a\\n" >&2
-+	exec "$@"
-+	EOF
-+	test_config_global uploadPack.packObjectshook ./color-me-surprised &&
-+	test_commit need-at-least-one-commit &&
-+	git -c sideband.allowControlCharacters=color \
-+		clone --no-local . throw-away 2>stderr &&
-+	test_decode_color <stderr >decoded &&
-+	test_grep RED decoded &&
-+	test_grep "\\^G" stderr &&
-+	tr -dc "\\007" <stderr >actual &&
-+	test_must_be_empty actual &&
-+
-+	rm -rf throw-away &&
-+	git -c sideband.allowControlCharacters=false \
-+		clone --no-local . throw-away 2>stderr &&
-+	test_decode_color <stderr >decoded &&
-+	test_grep ! RED decoded &&
-+	test_grep "\\^G" stderr &&
-+
-+	rm -rf throw-away &&
-+	git -c sideband.allowControlCharacters clone --no-local . throw-away 2>stderr &&
-+	test_decode_color <stderr >decoded &&
-+	test_grep RED decoded &&
-+	tr -dc "\\007" <stderr >actual &&
-+	test_file_not_empty actual
-+'
-+
- test_done
--- 
-2.49.0
-

SOURCES/print-failed-test-output

@@ -3,11 +3,11 @@
 shopt -s failglob
 
 # Print output from failing tests
-dashes=$(printf "%80s" '' | tr ' ' '-')
+printf -v sep "%0.s-" {1..80}
 for exit_file in t/test-results/*.exit; do
-    [ "$(cat "$exit_file")" -eq 0 ] && continue
+    [ "$(< "$exit_file")" -eq 0 ] && continue
     out_file="${exit_file%exit}out"
-    printf '\n%s\n%s\n%s\n' "$dashes" "$out_file" "$dashes"
+    printf '\n%s\n%s\n%s\n' "$sep" "$out_file" "$sep"
     cat "$out_file"
 done
 exit 1