Hello community, here is the log from the commit of package libgit2 for openSUSE:Factory checked in at 2019-02-24 17:07:10 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libgit2 (Old) and /work/SRC/openSUSE:Factory/.libgit2.new.28833 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libgit2" Sun Feb 24 17:07:10 2019 rev:36 rq:676247 version:0.28.1 Changes: -------- --- /work/SRC/openSUSE:Factory/libgit2/libgit2.changes 2018-11-13 16:21:13.359118313 +0100 +++ /work/SRC/openSUSE:Factory/.libgit2.new.28833/libgit2.changes 2019-02-24 17:07:16.628569686 +0100 @@ -1,0 +2,139 @@ +Thu Feb 14 19:09:18 UTC 2019 - Marcus Rueckert <[email protected]> + +- Update to version 0.28.1: + - The deprecated functions (git_buf_free and the giterr_ family + of functions) are now exported properly. In the v0.28 release, + they were not given the correct external attributes and they + did not have the correct linkage visibility in the v0.28 + library. + +------------------------------------------------------------------- +Wed Feb 13 10:20:24 UTC 2019 - [email protected] + +- Update to version 0.28.0: + * Changes or improvements: + - The library is now always built with cdecl calling + conventions on Windows; the ability to build a stdcall + library has been removed. + - Reference log creation now honors + core.logallrefupdates=always. + - Fix some issues with the error-reporting in the OpenSSL + backend. + - HTTP proxy support is now builtin; libcurl is no longer used + to support proxies and is removed as a dependency. + - Certificate and credential callbacks can now return + GIT_PASSTHROUGH to decline to act; libgit2 will behave as if + there was no callback set in the first place. + - The line-ending filtering logic - when checking out files - + has been updated to match newer git (>= git 2.9) for proper + interoperability. + - Symbolic links are now supported on Windows when + core.symlinks is set to true. + - Submodules with names which attempt to perform path traversal + now have their configuration ignored. Such names were blindly + appended to the $GIT_DIR/modules and a malicious name could + lead to an attacker writing to an arbitrary location. This + matches git's handling of CVE-2018-11235. + - Object validation is now performed during tree creation in + the git_index_write_tree_to API. + - Configuration variable may now be specified on the same line + as a section header; previously this was erroneously a parser + error. + - When an HTTP server supports both NTLM and Negotiate + authentication mechanisms, we would previously fail to + authenticate with any mechanism. + - The GIT_OPT_SET_PACK_MAX_OBJECTS option can now set the + maximum number of objects allowed in a packfile being + downloaded; this can help limit the maximum memory used when + fetching from an untrusted remote. + - Line numbers in diffs loaded from patch files were not being + populated; they are now included in the results. + - The repository's index is reloaded from disk at the beginning + of git_merge operations to ensure that it is up-to-date. + - Mailmap handling APIs have been introduced, and the new + commit APIs git_commit_committer_with_mailmap and + git_commit_author_with_mailmap will use the mailmap to + resolve the committer and author information. In addition, + blame will use the mailmap given when the + GIT_BLAME_USE_MAILMAP option. + - Ignore handling for files in ignored folders would be + ignored. + - Worktrees can now be backed by bare repositories. + - Trailing spaces are supported in .gitignore files, these + spaces were previously (and erroneously) treated as part of + the pattern. + - The library can now be built with mbedTLS support for HTTPS. + - The diff status character 'T' will now be presented by the + git_diff_status_char API for diff entries that change type. + - Revision walks previously would sometimes include commits + that should have been ignored; this is corrected. + - Revision walks are now more efficient when the output is + unsorted; we now avoid walking all the way to the beginning + of history unnecessarily. + - Error-handling around index extension loading has been fixed. + We were previously always misreporting a truncated index. + * API additions: + - The index may now be iterated atomically using + git_index_iterator. + - Remote objects can now be created with extended options using + the git_remote_create_with_opts API. + - Diff objects can now be applied as changes to the working + directory, index or both, emulating the git apply command. + Additionally, git_apply_to_tree can apply those changes to a + tree object as a fully in-memory operation. + - You can now swap out memory allocators via the + GIT_OPT_SET_ALLOCATOR option with git_libgit2_opts(). + - You can now ensure that functions do not discard unwritten + changes to the index via the + GIT_OPT_ENABLE_UNSAVED_INDEX_SAFETY option to + git_libgit2_opts(). This will cause functions that implicitly + re-read the index (eg, git_checkout) to fail if you have + staged changes to the index but you have not written the + index to disk. (Unless the checkout has the FORCE flag + specified.) + - At present, this defaults to off, but we intend to enable + this more broadly in the future, as a warning or error. We + encourage you to examine your code to ensure that you are not + relying on the current behavior that implicitly removes + staged changes. + - Reference specifications can be parsed from an arbitrary + string with the git_refspec_parse API. + - You can now get the name and path of worktrees using the + git_worktree_name and git_worktree_path APIs, respectively. + - The ref field has been added to git_worktree_add_options to + enable the creation of a worktree from a pre-existing branch. + - It's now possible to analyze merge relationships between any + two references, not just against HEAD, using + git_merge_analysis_for_ref. + * API removals: + - The git_buf_free API is deprecated; it has been renamed to + git_buf_dispose for consistency. The git_buf_free API will be + retained for backward compatibility for the foreseeable + future. + - The git_otype enumeration and its members are deprecated and + have been renamed for consistency. The GIT_OBJ_ enumeration + values are now prefixed with GIT_OBJECT_. The old + enumerations and macros will be retained for backward + compatibility for the foreseeable future. + - Several index-related APIs have been renamed for consistency. + The GIT_IDXENTRY_ enumeration values and macros have been + renamed to be prefixed with GIT_INDEX_ENTRY_. The + GIT_INDEXCAP enumeration values are now prefixed with + GIT_INDEX_CAPABILITY_. The old enumerations and macros will + be retained for backward compatibility for the foreseeable + future. + - The error functions and enumeration values have been renamed + for consistency. The giterr_ functions and values prefix have + been renamed to be prefixed with git_error_; similarly, + the GITERR_ constants have been renamed to be prefixed with + GIT_ERROR_. The old enumerations and macros will be retained + for backward compatibility for the foreseeable future. + * Breaking API changes: + - The default checkout strategy changed from DRY_RUN to SAFE. + - Adding a symlink as .gitmodules into the index from the + workdir or checking out such files is not allowed as this can + make a Git implementation write outside of the repository and + bypass the fsck checks for CVE-2018-11235. +- Bump sover to 28 following upstreams changes. + +------------------------------------------------------------------- Old: ---- libgit2-0.27.7.tar.gz New: ---- libgit2-0.28.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libgit2.spec ++++++ --- /var/tmp/diff_new_pack.sahs58/_old 2019-02-24 17:07:17.108569458 +0100 +++ /var/tmp/diff_new_pack.sahs58/_new 2019-02-24 17:07:17.108569458 +0100 @@ -1,7 +1,7 @@ # # spec file for package libgit2 # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2011, Sascha Peilicke <[email protected]> # # All modifications and additions to the file contributed by third parties @@ -13,13 +13,13 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # -%define sover 27 +%define sover 28 Name: libgit2 -Version: 0.27.7 +Version: 0.28.1 Release: 0 Summary: C git library License: GPL-2.0 WITH GCC-exception-2.0 ++++++ baselibs.conf ++++++ --- /var/tmp/diff_new_pack.sahs58/_old 2019-02-24 17:07:17.136569445 +0100 +++ /var/tmp/diff_new_pack.sahs58/_new 2019-02-24 17:07:17.136569445 +0100 @@ -1 +1 @@ -libgit2-27 +libgit2-28 ++++++ libgit2-0.27.7.tar.gz -> libgit2-0.28.1.tar.gz ++++++ ++++ 135200 lines of diff (skipped)
