Up to [cvs.NetBSD.org] / pkgsrc / devel / libgit2
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.75 / (download) - annotate - [select for diffs], Wed Feb 7 13:22:04 2024 UTC (7 weeks ago) by adam
Branch: MAIN
CVS Tags: HEAD
Changes since 1.74: +2 -3
lines
Diff to previous 1.74 (colored) to selected 1.30 (colored)
libgit2: updated to 1.7.2 v1.7.2 ------ What's Changed This release fixes three bugs that can cause undefined behavior when given well-crafted inputs, either in input files or over network connections. These bugs may be able to be leveraged to cause denial of service attacks or unauthorized code execution. Two of these issues were discovered and reported by security engineers at Amazon Web Services. We thank the AWS Security team for their efforts to identify these issues, provide helpful reproduction cases, and responsibly disclose their findings. Security fixes * transport: safely handle messages with no caps * revparse: fix parsing bug for trailing `@` * index: correct index has_dir_name check
Revision 1.74 / (download) - annotate - [select for diffs], Thu Dec 14 11:29:19 2023 UTC (3 months, 1 week ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2023Q4-base,
pkgsrc-2023Q4
Changes since 1.73: +2 -2
lines
Diff to previous 1.73 (colored) to selected 1.30 (colored)
libgit2: update comment about test issue
Revision 1.73 / (download) - annotate - [select for diffs], Wed Nov 8 13:18:53 2023 UTC (4 months, 2 weeks ago) by wiz
Branch: MAIN
Changes since 1.72: +2 -2
lines
Diff to previous 1.72 (colored) to selected 1.30 (colored)
*: recursive bump for icu 74.1
Revision 1.72 / (download) - annotate - [select for diffs], Tue Oct 24 22:08:51 2023 UTC (5 months ago) by wiz
Branch: MAIN
Changes since 1.71: +2 -1
lines
Diff to previous 1.71 (colored) to selected 1.30 (colored)
*: bump for openssl 3
Revision 1.71 / (download) - annotate - [select for diffs], Thu Oct 19 07:19:44 2023 UTC (5 months, 1 week ago) by wiz
Branch: MAIN
Changes since 1.70: +4 -5
lines
Diff to previous 1.70 (colored) to selected 1.30 (colored)
libgit2: update to 1.7.1. 1.7.1 Bug fixes proxy: Return an error for invalid proxy URLs instead of crashing. by @lrm29 in #6597 ssh: fix known_hosts leak in _git_ssh_setup_conn by @steven9724 in #6599 repository: make cleanup safe for re-use with grafts by @carlosmn in #6600 fix: Add missing include for oidarray. by @dvzrv in #6608 Revert "CMake: Search for ssh2 instead of libssh2." by @ethomson in #6619 Compatibility improvements stransport: macOS: replace errSSLNetworkTimeout, with hard-coded value by @mascguy in #6610 1.7.0 This is release v1.7.0, "Kleine Raupe Nimmersatt". This release adds shallow clone support, completes the experimental SHA256 support, adds Schannel support for Windows, and includes many other new features and bugfixes.
Revision 1.70 / (download) - annotate - [select for diffs], Thu Aug 31 12:00:09 2023 UTC (6 months, 3 weeks ago) by pin
Branch: MAIN
CVS Tags: pkgsrc-2023Q3-base,
pkgsrc-2023Q3
Changes since 1.69: +3 -1
lines
Diff to previous 1.69 (colored) to selected 1.30 (colored)
Add warning about issue with Rust packages
Revision 1.69 / (download) - annotate - [select for diffs], Mon Aug 14 05:24:11 2023 UTC (7 months, 2 weeks ago) by wiz
Branch: MAIN
Changes since 1.68: +2 -2
lines
Diff to previous 1.68 (colored) to selected 1.30 (colored)
*: recursive bump for Python 3.11 as new default
Revision 1.68 / (download) - annotate - [select for diffs], Thu May 25 15:52:53 2023 UTC (10 months ago) by he
Branch: MAIN
CVS Tags: pkgsrc-2023Q2-base,
pkgsrc-2023Q2
Changes since 1.67: +2 -1
lines
Diff to previous 1.67 (colored) to selected 1.30 (colored)
libgit2: ensure proper value range for args to <ctype.h> functions. Submitted upstream, ref. https://github.com/libgit2/libgit2/pull/6569 Bump PKGREVISION.
Revision 1.67 / (download) - annotate - [select for diffs], Tue May 23 07:08:15 2023 UTC (10 months ago) by tnn
Branch: MAIN
Changes since 1.66: +3 -1
lines
Diff to previous 1.66 (colored) to selected 1.30 (colored)
libgit2: manually drop -Werror with BUILDLINK_TRANSFORM There is an ENABLE_WERROR cmake arg which is default OFF so I guess the package logic for this is broken.
Revision 1.66 / (download) - annotate - [select for diffs], Wed Apr 26 10:42:27 2023 UTC (11 months ago) by wiz
Branch: MAIN
Changes since 1.65: +2 -3
lines
Diff to previous 1.65 (colored) to selected 1.30 (colored)
libgit2: update to 1.6.4. 1.6.4 Bug fixes config: return GIT_ENOTFOUND for missing programdata by @ethomson in #6547 1.6.3 Bug fixes odb: restore git_odb_open by @ethomson in #6520 Ensure that git_index_add_all handles ignored directories by @ethomson in #6521 pack: use 64 bits for the number of objects by @carlosmn in #6530 Build and CI improvements Remove unused wditer variable by @georgthegreat in #6518 fs_path: let root run the ownership tests by @ethomson in #6513 sysdir: Do not declare win32 functions on non-win32 platforms by @Batchyx in #6527 cmake: don't include include/git2 by @ethomson in #6529 1.6.2 Bug fixes remote: always populate old id in update tips by @ethomson in #6506 The update tips callback would not always be properly provided with an empty (0000000...) OID for new refs. Revert #6503 by @ethomson in #6511 The certificate callback added port information for callbacks in #6503, but the format was ambiguous with IPv6 addresses. Revert this change temporarily. Add git_odb_backend_loose back by @ethomson in #6512 During SHA256 refactoring, the git_odb_backend_loose API was accidentally removed. Add it back. meta: configure pkg-config .pc correctly by @ethomson in #6514 During SHA256 refactoring, the pkg-config .pc file was erroneously renamed to git2 instead of libgit2. Repair this. 1.6.1 This is release v1.6.1, "Hubbeliges Krokodil". This release adds experimental SHA256 support and includes many new features and bugfixes. This release replaces libgit2 v1.6.0, which did not correctly update its version number(s).
Revision 1.65 / (download) - annotate - [select for diffs], Wed Apr 19 08:09:44 2023 UTC (11 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.64: +2 -2
lines
Diff to previous 1.64 (colored) to selected 1.30 (colored)
revbump after textproc/icu update
Revision 1.64 / (download) - annotate - [select for diffs], Thu Mar 2 08:34:23 2023 UTC (12 months, 3 weeks ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2023Q1-base,
pkgsrc-2023Q1
Changes since 1.63: +3 -2
lines
Diff to previous 1.63 (colored) to selected 1.30 (colored)
libgit2: downgrade to 1.5.1 keep the pkg-config file fix, bump PKGREVISION for that Wait for https://github.com/libgit2/libgit2/issues/6519 and https://github.com/rust-lang/git2-rs/issues/936 before upgrading.
Revision 1.63 / (download) - annotate - [select for diffs], Wed Mar 1 06:40:14 2023 UTC (12 months, 4 weeks ago) by wiz
Branch: MAIN
Changes since 1.62: +3 -3
lines
Diff to previous 1.62 (colored) to selected 1.30 (colored)
libgit2: update to 1.6.2. Bug fixes remote: always populate old id in update tips by @ethomson in #6506 The update tips callback would not always be properly provided with an empty (0000000...) OID for new refs. Revert #6503 by @ethomson in #6511 The certificate callback added port information for callbacks in #6503, but the format was ambiguous with IPv6 addresses. Revert this change temporarily. Add git_odb_backend_loose back by @ethomson in #6512 During SHA256 refactoring, the git_odb_backend_loose API was accidentally removed. Add it back. meta: configure pkg-config .pc correctly by @ethomson in #6514 During SHA256 refactoring, the pkg-config .pc file was erroneously renamed to git2 instead of libgit2. Repair this.
Revision 1.62 / (download) - annotate - [select for diffs], Sat Feb 25 17:28:45 2023 UTC (13 months ago) by wiz
Branch: MAIN
Changes since 1.61: +2 -2
lines
Diff to previous 1.61 (colored) to selected 1.30 (colored)
libgit2: update to 1.6.1. Note that libgit2 v1.6.0 has been unpublished. I missed a version number update. As a result, v1.6.1 has been published in its place
Revision 1.61 / (download) - annotate - [select for diffs], Sat Feb 25 11:05:14 2023 UTC (13 months ago) by wiz
Branch: MAIN
Changes since 1.60: +4 -3
lines
Diff to previous 1.60 (colored) to selected 1.30 (colored)
libgit2: update to 1.6.0. v1.6 ---- This is release v1.6.0, "Hubbeliges Krokodil". This release adds experimental SHA256 support and includes many new features and bugfixes. ## What's Changed ### New features * **Support for bare repositories with SHA256 support (experimental)** by @ethomson in https://github.com/libgit2/libgit2/pull/6191 You can configure experimental SHA256 support in libgit2 with `cmake -DEXPERIMENTAL_SHA256=ON` during project setup. This is useful for considering future integrations, work on clients, and work on language bindings. At present, working with bare repositories should largely work, including remote operations. But many pieces of functionality - including working with the index - are not yet supported. As a result, **libgit2 with SHA256 support should not be used in production or released with package distribution.** * **Support the notion of a home directory separately from global configuration directory** by @ethomson in https://github.com/libgit2/libgit2/pull/6455 and https://github.com/libgit2/libgit2/pull/6456 Callers and language bindings can now configure the home directory that libgit2 uses for file lookups (eg, the `.ssh` directory). This configuration is separate from the git global configuration path. * **stash: partial stash specific files** by @gitkraken-jacobw in https://github.com/libgit2/libgit2/pull/6330 A stash can be created with only specific files, using a pathspec. This is similar to the `git stash push` command. * **push: revparse refspec source, so you can push things that are not refs** by @sven-of-cord in https://github.com/libgit2/libgit2/pull/6362 Pushes can be performed using refspecs instead of only references. * **Support OpenSSL3** by @ethomson in https://github.com/libgit2/libgit2/pull/6464 and https://github.com/libgit2/libgit2/pull/6471 OpenSSL 3 is now supported, both when compiled directly and dynamically loaded. ### Bug fixes * winhttp: support long custom headers by @kcsaul in https://github.com/libgit2/libgit2/pull/6363 * Fix memory leak by @csware in https://github.com/libgit2/libgit2/pull/6382 * Don't fail the whole clone if you can't find a default branch by @torvalds in https://github.com/libgit2/libgit2/pull/6369 * #6366: When a worktree is missing, return `GIT_ENOTFOUND`. by @arroz in https://github.com/libgit2/libgit2/pull/6395 * commit-graph: only verify csum on `git_commit_graph_open()`. by @derrickstolee in https://github.com/libgit2/libgit2/pull/6420 * Ignore missing 'safe.directory' config during ownership checks by @kcsaul in https://github.com/libgit2/libgit2/pull/6408 * Fix leak in `git_tag_create_from_buffer` by @julianmesa-gitkraken in https://github.com/libgit2/libgit2/pull/6421 * http: Update httpclient options when reusing an existing connection. by @slackner in https://github.com/libgit2/libgit2/pull/6416 * Add support for `safe.directory *` by @csware in https://github.com/libgit2/libgit2/pull/6429 * URL parsing for google-compatible URLs by @ethomson in https://github.com/libgit2/libgit2/pull/6326 * Fixes #6433: `git_submodule_update` fails to update configured but missing submodule by @tagesuhu in https://github.com/libgit2/libgit2/pull/6434 * transport: fix capabilities calculation by @russell in https://github.com/libgit2/libgit2/pull/6435 * push: use resolved oid as the source by @ethomson in https://github.com/libgit2/libgit2/pull/6452 * Use `git_clone__submodule` to avoid file checks in workdir by @abizjak in https://github.com/libgit2/libgit2/pull/6444 * #6422: handle dangling symbolic refs gracefully by @arroz in https://github.com/libgit2/libgit2/pull/6423 * `diff_file`: Fix crash when freeing a patch representing an empty untracked file by @jorio in https://github.com/libgit2/libgit2/pull/6475 * clone: clean up options on failure by @ethomson in https://github.com/libgit2/libgit2/pull/6479 * stash: update strarray usage by @ethomson in https://github.com/libgit2/libgit2/pull/6487 * #6491: Sets `oid_type` on repos open with `git_repository_open_bare` by @arroz in https://github.com/libgit2/libgit2/pull/6492 * Handle Win32 shares by @ethomson in https://github.com/libgit2/libgit2/pull/6493 * Make failure to connect to ssh-agent non-fatal by @fxcoudert in https://github.com/libgit2/libgit2/pull/6497 * odb: don't unconditionally add `oid_type` to stream by @ethomson in https://github.com/libgit2/libgit2/pull/6499 * Pass hostkey & port to host verify callback by @fxcoudert in https://github.com/libgit2/libgit2/pull/6503 ### Security fixes ### Code cleanups * meta: update version number to v1.6.0-alpha by @ethomson in https://github.com/libgit2/libgit2/pull/6352 * sha256: indirection for experimental functions by @ethomson in https://github.com/libgit2/libgit2/pull/6354 * Delete `create.c.bak` by @lrm29 in https://github.com/libgit2/libgit2/pull/6398 * Support non-cmake builds with an in-tree `experimental.h` by @ethomson in https://github.com/libgit2/libgit2/pull/6405 ### Build and CI improvements * tests: skip flaky-ass googlesource tests by @ethomson in https://github.com/libgit2/libgit2/pull/6353 * clar: remove ftrunacte from libgit2 tests by @boretrk in https://github.com/libgit2/libgit2/pull/6357 * CI Improvements by @ethomson in https://github.com/libgit2/libgit2/pull/6403 * fix compile on Windows with `-DWIN32_LEAN_AND_MEAN` by @christoph-cullmann in https://github.com/libgit2/libgit2/pull/6373 * Fixes #6365 : Uppercase windows.h include fails build in case-sensitive OS by @Vinz2008 in https://github.com/libgit2/libgit2/pull/6377 * ci: update version numbers of actions by @ethomson in https://github.com/libgit2/libgit2/pull/6448 * thread: avoid warnings when building without threads by @ethomson in https://github.com/libgit2/libgit2/pull/6432 * src: hide unused hmac() prototype by @0-wiz-0 in https://github.com/libgit2/libgit2/pull/6458 * tests: update clar test runner by @ethomson in https://github.com/libgit2/libgit2/pull/6459 * ci: always create test summaries, even on failure by @ethomson in https://github.com/libgit2/libgit2/pull/6460 * Fix build failure with `-DEMBED_SSH_PATH` by @vicr123 in https://github.com/libgit2/libgit2/pull/6374 * Define correct `off64_t` for AIX by @bzEq in https://github.com/libgit2/libgit2/pull/6376 * Fix some warnings in main by @ethomson in https://github.com/libgit2/libgit2/pull/6480 * strarray: remove deprecated declaration by @ethomson in https://github.com/libgit2/libgit2/pull/6486 * tests: always unset `HTTP_PROXY` before starting tests by @ethomson in https://github.com/libgit2/libgit2/pull/6498 ### Documentation improvements * add 2-clause BSD license to COPYING by @martinvonz in https://github.com/libgit2/libgit2/pull/6413 * Add new PHP bindings project to language bindings section of README.md by @RogerGee in https://github.com/libgit2/libgit2/pull/6473 * README: clarify the linking exception by @ethomson in https://github.com/libgit2/libgit2/pull/6494 * Correct the definition of "empty" in the docs for `git_repository_is_empty` by @timrogers in https://github.com/libgit2/libgit2/pull/6500
Revision 1.60 / (download) - annotate - [select for diffs], Wed Jan 25 13:44:47 2023 UTC (14 months ago) by taca
Branch: MAIN
Changes since 1.59: +2 -3
lines
Diff to previous 1.59 (colored) to selected 1.30 (colored)
devel/libgit2: update to 1.5.1 1.5.1 (2023-01-20) libgit2, when compiled using the optional, included libssh2 backend, fails to verify SSH keys by default. Description When using an SSH remote with the optional, included libssh2 backend, libgit2 does not perform certificate checking by default. Prior versions of libgit2 require the caller to set the certificate_check field of libgit2's git_remote_callbacks structure - if a certificate check callback is not set, libgit2 does not perform any certificate checking. This means that by default - without configuring a certificate check callback, clients will not perform validation on the server SSH keys and may be subject to a man-in-the-middle attack. Beginning in libgit2 v1.4.5 and v1.5.1, libgit2 will now perform host key checking by default. Users can still override the default behavior using the certificate_check function. The libgit2 security team would like to thank the Julia and Rust security teams for responsibly disclosing this vulnerability and assisting with fixing the vulnerability. Users are encouraged to upgrade to v1.4.5 or v1.5.1.
Revision 1.59 / (download) - annotate - [select for diffs], Tue Jan 24 18:36:23 2023 UTC (14 months ago) by wiz
Branch: MAIN
Changes since 1.58: +3 -3
lines
Diff to previous 1.58 (colored) to selected 1.30 (colored)
*: convert to cmake/build.mk
Revision 1.58 / (download) - annotate - [select for diffs], Wed Oct 26 10:31:22 2022 UTC (17 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2022Q4-base,
pkgsrc-2022Q4
Changes since 1.57: +2 -1
lines
Diff to previous 1.57 (colored) to selected 1.30 (colored)
*: bump PKGREVISION for libunistring shlib major bump
Revision 1.57 / (download) - annotate - [select for diffs], Sat Sep 3 14:53:35 2022 UTC (18 months, 3 weeks ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2022Q3-base,
pkgsrc-2022Q3
Changes since 1.56: +2 -3
lines
Diff to previous 1.56 (colored) to selected 1.30 (colored)
devel/libgit2: update to 1.5.0 Update from 1.2.0 to 1.5.0 are too many write here, please refer: <https://github.com/libgit2/libgit2/releases>.
Revision 1.56 / (download) - annotate - [select for diffs], Thu Jun 30 11:18:15 2022 UTC (20 months, 4 weeks ago) by nia
Branch: MAIN
Changes since 1.55: +2 -1
lines
Diff to previous 1.55 (colored) to selected 1.30 (colored)
*: Revbump packages that use Python at runtime without a PKGNAME prefix
Revision 1.55 / (download) - annotate - [select for diffs], Sun Dec 12 14:48:44 2021 UTC (2 years, 3 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2022Q2-base,
pkgsrc-2022Q2,
pkgsrc-2022Q1-base,
pkgsrc-2022Q1,
pkgsrc-2021Q4-base,
pkgsrc-2021Q4
Changes since 1.54: +3 -4
lines
Diff to previous 1.54 (colored) to selected 1.30 (colored)
devel/libgit2: update to 1.2.0 libgit2 1.3.0 is already released, but I'm not sure ruby-rugged 1.2.0 support it. 1.2.0 (2021-09-02) Changes are too many to write here, please refer <https://github.com/libgit2/libgit2/releases/tag/v1.2.0>.
Revision 1.54 / (download) - annotate - [select for diffs], Wed Dec 8 16:04:01 2021 UTC (2 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.53: +2 -2
lines
Diff to previous 1.53 (colored) to selected 1.30 (colored)
revbump for icu and libffi
Revision 1.53 / (download) - annotate - [select for diffs], Wed Sep 29 19:00:32 2021 UTC (2 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.52: +2 -2
lines
Diff to previous 1.52 (colored) to selected 1.30 (colored)
revbump for boost-libs
Revision 1.52 / (download) - annotate - [select for diffs], Wed Apr 21 13:24:34 2021 UTC (2 years, 11 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q3-base,
pkgsrc-2021Q3,
pkgsrc-2021Q2-base,
pkgsrc-2021Q2
Changes since 1.51: +2 -1
lines
Diff to previous 1.51 (colored) to selected 1.30 (colored)
revbump for boost-libs
Revision 1.51 / (download) - annotate - [select for diffs], Mon Oct 19 17:53:40 2020 UTC (3 years, 5 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2021Q1-base,
pkgsrc-2021Q1,
pkgsrc-2020Q4-base,
pkgsrc-2020Q4
Changes since 1.50: +3 -3
lines
Diff to previous 1.50 (colored) to selected 1.30 (colored)
libgit2: Update to 1.1.0 v1.1 ---- This is release v1.1, "Fernweh". ### Changes or improvements * Our bundled PCRE dependency has been updated to 8.44. * The `refs/remotes/origin/HEAD` file will be created at clone time to point to the origin's default branch. * libgit2 now uses the `__atomic_` intrinsics instead of `__sync_` intrinsics on supported gcc and clang versions. * The `init.defaultBranch` setting is now respected and `master` is no longer the hardcoded as the default branch name. * Patch files that do not contain an `index` line can now be parsed. * Configuration files with multi-line values can now contain quotes split across multiple lines. * Windows clients now attempt to use TLS1.3 when available. * Servers that request an upgrade to a newer HTTP version are silently ignored instead of erroneously failing. * Users can pass `NULL` to the options argument to `git_describe_commit`. * Clones and fetches of very large packfiles now succeeds on 32-bit platforms. * Custom reference database backends can now handle the repository's `HEAD` correctly. * Repositories with a large number of packfiles no longer exhaust the number of file descriptors. * The test framework now supports TAP output when the `-t` flag is specified. * The test framework can now specify an exact match to a test function using a trailing `$`. * All checkout types support `GIT_CHECKOUT_DISABLE_PATHSPEC_MATCH`. * `git_blame` now can ignore whitespace changes using the option `GIT_BLAME_IGNORE_WHITESPACE`. * Several new examples have been created, including an examples for commit, add and push. * Mode changes during rename are now supported in patch application. * `git_checkout_head` now correctly removes untracked files in a subdirectory when the `FORCE | REMOVE_UNTRACKED` options are specified.
Revision 1.50 / (download) - annotate - [select for diffs], Tue Aug 25 16:21:58 2020 UTC (3 years, 7 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2020Q3-base,
pkgsrc-2020Q3
Changes since 1.49: +2 -1
lines
Diff to previous 1.49 (colored) to selected 1.30 (colored)
libgit2: Requires C99.
Revision 1.49 / (download) - annotate - [select for diffs], Tue Jun 9 11:04:56 2020 UTC (3 years, 9 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2020Q2-base,
pkgsrc-2020Q2
Changes since 1.48: +2 -5
lines
Diff to previous 1.48 (colored) to selected 1.30 (colored)
libgit2: Update to 1.0.1 v1.0.1 ------ This is a bugfix release with the following changes: - Calculating information about renamed files during merges is more efficient because dissimilarity about files is now being cached and no longer needs to be recomputed. - The `git_worktree_prune_init_options` has been correctly restored for backward compatibility. In v1.0 it was incorrectly deprecated with a typo. - The optional ntlmclient dependency now supports NetBSD. - A bug where attempting to stash on a bare repository may have failed has been fixed. - Configuration files that are unreadable due to permissions are now silently ignored, and treated as if they do not exist. This matches git's behavior; previously this case would have been an error. - v4 index files are now correctly written; previously we would read them correctly but would not write the prefix-compression accurately, causing corruption. - A bug where the smart HTTP transport could not read large data packets has been fixed. Previously, fetching from servers like Gerrit, that sent large data packets, would error.
Revision 1.48 / (download) - annotate - [select for diffs], Fri May 22 10:56:04 2020 UTC (3 years, 10 months ago) by adam
Branch: MAIN
Changes since 1.47: +2 -2
lines
Diff to previous 1.47 (colored) to selected 1.30 (colored)
revbump after updating security/nettle
Revision 1.47 / (download) - annotate - [select for diffs], Wed May 6 14:04:27 2020 UTC (3 years, 10 months ago) by adam
Branch: MAIN
Changes since 1.46: +2 -1
lines
Diff to previous 1.46 (colored) to selected 1.30 (colored)
revbump after boost update
Revision 1.46 / (download) - annotate - [select for diffs], Mon Apr 6 08:33:40 2020 UTC (3 years, 11 months ago) by wiz
Branch: MAIN
Changes since 1.45: +2 -3
lines
Diff to previous 1.45 (colored) to selected 1.30 (colored)
libgit2: update to 1.0.0. v1.0 ---- This is release v1.0 "Luftschloss", which is the first stabe release of libgit2. The API will stay compatible across all releases of the same major version. This release includes bugfixes only and supersedes v0.99, which will stop being maintained. Both v0.27 and v0.28 stay supported in accordance with our release policy. ### Changes or improvements - CMake was converted to make use of the GNUInstallDirs module for both our pkgconfig and install targets in favor of our custom build options `BIN_INSTALL_DIR`, `LIB_INSTALL_DIR` and `INCLUDE_INSTALL_DIR`. Instead, you can now use CMakes standard variables `CMAKE_INSTALL_BINDIR`, `CMAKE_INSTALL_LIBDIR` and `CMAKE_INSTALL_INCLUDEDIR`. - Some CMake build options accepted either a specific value or a boolean value to disable the option altogether or use automatic detection. We only accepted "ON" or "OFF", but none of the other values CMake recognizes as boolean. This was aligned with CMake's understanding of booleans. - The installed pkgconfig file contained incorrect values for both `libdir` and `includedir` variables. - If using pcre2 for regular expressions, then we incorrectly added "pcre2" instead of "pcre2-8" to our pkgconfig dependencies, which was corrected. - Fixed building the bundled ntlmclient dependency on FreeBSD, OpenBSD and SunOS. - When writing symlinks on Windows, we incorrectly handled relative symlink targets, which was corrected. - When using the HTTP protocol via macOS' SecureTransport implementation, reads could stall at the end of the session and only continue after a timeout of 60 seconds was reached. - The filesystem-based reference callback didn't corectly initialize the backend version. - A segmentation fault was fixed when calling `git_blame_buffer()` for files that were modified and added to the index. - A backwards-incompatible change was introduced when we moved some structures from "git2/credentials.h" into "git2/sys/credentials.h". This was fixed in the case where you do not use hard deprecation. - Improved error handling in various places.
Revision 1.45 / (download) - annotate - [select for diffs], Sun Mar 8 16:49:15 2020 UTC (4 years ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2020Q1-base,
pkgsrc-2020Q1
Changes since 1.44: +2 -1
lines
Diff to previous 1.44 (colored) to selected 1.30 (colored)
*: recursive bump for libffi
Revision 1.44 / (download) - annotate - [select for diffs], Sat Feb 29 11:39:53 2020 UTC (4 years ago) by nia
Branch: MAIN
Changes since 1.43: +5 -3
lines
Diff to previous 1.43 (colored) to selected 1.30 (colored)
libgit2: Update to 0.99.0 v0.99 ----- This is v0.99 "Torschlusspanik". This will be the last minor release before libgit2 v1.0. We expect to only respond to bugs in this release, to stabilize it for next major release. It contains significant refactorings, but is expected to be API-compatible with v0.28.0. ### Changes or improvements * When fetching from an anonymous remote using a URL with authentication information provided in the URL (eg `https://foo:bar@example.com/repo`), we would erroneously include the literal URL in the FETCH_HEAD file. We now remove that to match git's behavior. * Some credential structures, enums and values have been renamed: `git_cred` is now `git_credential`. `git_credtype_t` is now `git_credential_t`. Functions and types beginning with `git_cred_` now begin with `git_credential`, and constants beginning with `GIT_CREDTYPE` now begin with `GIT_CREDENTIAL`. The former names are deprecated. * Several function signatures have been changed to return an `int` to indicate error conditions. We encourage you to check them for errors in the standard way. * `git_attr_cache_flush` * `git_error_set_str` * `git_index_name_clear` * `git_index_reuc_clear` * `git_libgit2_version` * `git_mempack_reset` * `git_oid_cpy` * `git_oid_fmt` * `git_oid_fromraw` * `git_oid_nfmt` * `git_oid_pathfmt` * `git_remote_stop` * `git_remote_disconnect` * `git_repository__cleanup` * `git_repository_set_config` * `git_repository_set_index` * `git_repository_set_odb` * `git_repository_set_refdb` * `git_revwalk_reset` * `git_revwalk_simplify_first_parent` * `git_revwalk_sorting` * `git_treebuilder_clear` * `git_treebuilder_filter` * The NTLM and Negotiate authentication mechanisms are now supported when talking to git implementations hosted on Apache or nginx servers. * The `HEAD` symbolic reference can no longer be deleted. * `git_merge_driver_source_repo` no longer returns a `const git_repository *`, it now returns a non-`const` `git_repository *`. * Relative symbolic links are now supported on Windows when `core.symlinks` is enabled. * Servers that provide query parameters with a redirect are now supported. * `git_submodule_sync` will now resolve relative URLs. * When creating git endpoint URLs, double-slashes are no longer used when the given git URL has a trailing slash. * On Windows, a `DllMain` function is no longer included and thread-local storage has moved to fiber-local storage in order to prevent race conditions during shutdown. * The tracing mechanism (`GIT_TRACE`) is now enabled by default and does not need to be explicitly enabled in CMake. * The size of Git objects is now represented by `git_object_size_t` instead of `off_t`. * Binary patches without data can now be parsed. * A configuration snapshot can now be created from another configuration snapshot, not just a "true" configuration object. * The `git_commit_with_signature` API will now ensure that referenced objects exist in the object database. * Stash messages containing newlines will now be replaced with spaces; they will no longer be (erroneously) written to the repository. * `git_commit_create_with_signature` now verifies the commit information to ensure that it points to a valid tree and valid parents. * `git_apply` has an option `GIT_APPLY_CHECK` that will only do a dry-run. The index and working directory will remain unmodified, and application will report if it would have worked. * Patches produced by Mercurial (those that lack some git extended headers) can now be parsed and applied. * Reference locks are obeyed correctly on POSIX platforms, instead of being removed. * Patches with empty new files can now be read and applied. * `git_apply_to_tree` can now correctly apply patches that add new files. * The program data configuration on Windows (`C:\ProgramData\Git\config`) must be owned by an administrator, a system account or the current user to be read. * `git_blob_filtered_content` is now deprecated in favor of `git_blob_filter`. * Configuration files can now be included conditionally using the `onbranch` conditional. * Checkout can now properly create and remove symbolic links to directories on Windows. * Stash no longer recomputes trees when committing a worktree, for improved performance. * Repository templates can now include a `HEAD` file to default the initial default branch. * Some configuration structures, enums and values have been renamed: `git_cvar_map` is now `git_configmap`, `git_cvar_t` is now `git_configmap_t`, `GIT_CVAR_FALSE` is now `GIT_CONFIGMAP_FALSE`, `GIT_CVAR_TRUE` is now `GIT_CONFIGMAP_TRUE`, `GIT_CVAR_INT32` is now `GIT_CONFIGMAP_INT32`, and `GIT_CVAR_STRING` is now `GIT_CONFIGMAP_STRING`. The former names are deprecated. * Repositories can now be created at the root of a Windows drive. * Configuration lookups are now more efficiently cached. * `git_commit_create_with_signature` now supports a `NULL` signature, which will create a commit without adding a signature. * When a repository lacks an `info` "common directory", we will no longer erroneously return `GIT_ENOTFOUND` for all attribute lookups. * Several attribute macros have been renamed: `GIT_ATTR_TRUE` is now `GIT_ATTR_IS_TRUE`, `GIT_ATTR_FALSE` is now `GIT_ATTR_IS_FALSE`, `GIT_ATTR_UNSPECIFIED` is now `GIT_ATTR_IS_UNSPECIFIED`. The attribute enum `git_attr_t` is now `git_attr_value_t` and its values have been renamed: `GIT_ATTR_UNSPECIFIED_T` is now `GIT_ATTR_VALUE_UNSPECIFIED`, `GIT_ATTR_TRUE_T` is now `GIT_ATTR_VALUE_TRUE`, `GIT_ATTR_FALSE_T` is now `GIT_ATTR_VALUE_FALSE`, and `GIT_ATTR_VALUE_T` is now `GIT_ATTR_VALUE_STRING`. The former names are deprecated. * `git_object__size` is now `git_object_size`. The former name is deprecated. * `git_tag_create_frombuffer` is now `git_tag_create_from_buffer`. The former name is deprecated. * Several blob creation functions have been renamed: `git_blob_create_frombuffer` is now named `git_blob_create_from_buffer`, `git_blob_create_fromdisk` is now named `git_blob_create_from_disk`, `git_blob_create_fromworkdir` is now named `git_blob_create_from_workdir`, `git_blob_create_fromstream` is now named `git_blob_create_from_stream`, and `git_blob_create_fromstream_commit` is now named `git_blob_create_from_stream_commit`. The former names are deprecated. * The function `git_oid_iszero` is now named `git_oid_is_zero`. The former name is deprecated. * Pattern matching is now done using `wildmatch` instead of `fnmatch` for compatibility with git. * The option initialization functions suffixed by `init_options` are now suffixed with `options_init`. (For example, `git_checkout_init_options` is now `git_checkout_options_init`.) The former names are deprecated. * NTLM2 authentication is now supported on non-Windows platforms. * The `git_cred_sign_callback` callback is now named `git_cred_sign_cb`. The `git_cred_ssh_interactive_callback` callback is now named `git_cred_ssh_interactive_cb`. * Ignore files now: * honor escaped trailing whitespace. * do not incorrectly negate sibling paths of a negated pattern. * honor rules that stop ignoring files after a wildcard * Attribute files now: * honor leading and trailing whitespace. * treat paths beginning with `\` as absolute only on Windows. * properly handle escaped characters. * stop reading macros defined in subdirectories * The C locale is now correctly used when parsing regular expressions. * The system PCRE2 or PCRE regular expression libraries are now used when `regcomp_l` is not available on the system. If none of these are available on the system, an included version of PCRE is used. * Wildcards in reference specifications are now supported beyond simply a bare wildcard (`*`) for compatibility with git. * When `git_ignore_path_is_ignored` is provided a path with a trailing slash (eg, `dir/`), it will now treat it as a directory for the purposes of ignore matching. * Patches that add or remove a file with a space in the path can now be correctly parsed. * The `git_remote_completion_type` type is now `git_remote_completion_t`. The former name is deprecated. * The `git_odb_backend_malloc` is now `git_odb_backend_data_alloc`. The former name is deprecated. * The `git_transfer_progress_cb` callback is now `git_indexer_progress_cb` and the `git_transfer_progress` structure is now `git_indexer_progress`. The former names are deprecated. * The example projects are now contained in a single `lg2` executable for ease of use. * libgit2 now correctly handles more URLs, such as `http://example.com:/repo.git` (colon but no port), `http://example.com` (no path), and `http://example.com:8080/` (path is /, nonstandard port). * A carefully constructed commit object with a very large number of parents may lead to potential out-of-bounds writes or potential denial of service. * The ProgramData configuration file is always read for compatibility with Git for Windows and Portable Git installations. The ProgramData location is not necessarily writable only by administrators, so we now ensure that the configuration file is owned by the administrator or the current user. ### API additions * The SSH host key now supports SHA-256 when `GIT_CERT_SSH_SHA256` is set. * The diff format option `GIT_DIFF_FORMAT_PATCH_ID` can now be used to emit an output like `git patch-id`. * The `git_apply_options_init` function will initialize a `git_apply_options` structure. * The remote callbacks structure adds a `git_url_resolve_cb` callback that is invoked when connecting to a server, so that applications may edit or replace the URL before connection. * The information about the original `HEAD` in a rebase operation is available with `git_rebase_orig_head_name`. Its ID is available with `git_rebase_orig_head_id`. The `onto` reference name is available with `git_rebase_onto_name` and its ID is available with `git_rebase_onto_id`. * ODB backends can now free backend data when an error occurs during its backend data creation using `git_odb_backend_data_free`. * Options may be specified to `git_repository_foreach_head` to control its behavior: `GIT_REPOSITORY_FOREACH_HEAD_SKIP_REPO` will not skip the main repository's HEAD reference, while `GIT_REPOSITORY_FOREACH_HEAD_SKIP_WORKTREES` will now skip the worktree HEAD references. * The `GIT_OPT_DISABLE_PACK_KEEP_FILE_CHECKS` option can be specified to `git_libgit2_opts()` to avoid looking for `.keep` files that correspond to packfiles. This setting can improve performance when packfiles are stored on high-latency filesystems like network filesystems. * Blobs can now be filtered with `git_blob_filter`, which allows for options to be set with `git_blob_filter_options`, including `GIT_FILTER_NO_SYSTEM_ATTRIBUTES` to disable filtering with system-level attributes in `/etc/gitattributes` and `GIT_ATTR_CHECK_INCLUDE_HEAD` to enable filtering with `.gitattributes` files in the HEAD revision. ### API removals * The unused `git_headlist_cb` function declaration was removed. * The unused `git_time_monotonic` API is removed. * The erroneously exported `inttypes.h` header was removed. # Security Fixes - CVE-2019-1348: the fast-import stream command "feature export-marks=path" allows writing to arbitrary file paths. As libgit2 does not offer any interface for fast-import, it is not susceptible to this vulnerability. - CVE-2019-1349: by using NTFS 8.3 short names, backslashes or alternate filesystreams, it is possible to cause submodules to be written into pre-existing directories during a recursive clone using git. As libgit2 rejects cloning into non-empty directories by default, it is not susceptible to this vulnerability. - CVE-2019-1350: recursive clones may lead to arbitrary remote code executing due to improper quoting of command line arguments. As libgit2 uses libssh2, which does not require us to perform command line parsing, it is not susceptible to this vulnerability. - CVE-2019-1351: Windows provides the ability to substitute drive letters with arbitrary letters, including multi-byte Unicode letters. To fix any potential issues arising from interpreting such paths as relative paths, we have extended detection of DOS drive prefixes to accomodate for such cases. - CVE-2019-1352: by using NTFS-style alternative file streams for the ".git" directory, it is possible to overwrite parts of the repository. While this has been fixed in the past for Windows, the same vulnerability may also exist on other systems that write to NTFS filesystems. We now reject any paths starting with ".git:" on all systems. - CVE-2019-1353: by using NTFS-style 8.3 short names, it was possible to write to the ".git" directory and thus overwrite parts of the repository, leading to possible remote code execution. While this problem was already fixed in the past for Windows, other systems accessing NTFS filesystems are vulnerable to this issue too. We now enable NTFS protecions by default on all systems to fix this attack vector. - CVE-2019-1354: on Windows, backslashes are not a valid part of a filename but are instead interpreted as directory separators. As other platforms allowed to use such paths, it was possible to write such invalid entries into a Git repository and was thus an attack vector to write into the ".git" dierctory. We now reject any entries starting with ".git\" on all systems. - CVE-2019-1387: it is possible to let a submodule's git directory point into a sibling's submodule directory, which may result in overwriting parts of the Git repository and thus lead to arbitrary command execution. As libgit2 doesn't provide any way to do submodule clones natively, it is not susceptible to this vulnerability. Users of libgit2 that have implemented recursive submodule clones manually are encouraged to review their implementation for this vulnerability. ### Breaking API changes * The "private" implementation details of the `git_cred` structure have been moved to a dedicated `git2/sys/cred.h` header, to clarify that the underlying structures are only provided for custom transport implementers. The breaking change is that the `username` member of the underlying struct is now hidden, and a new `git_cred_get_username` function has been provided. ### Breaking CMake configuration changes * The CMake option to use a system http-parser library, instead of the bundled dependency, has changed. This is due to a deficiency in http-parser that we have fixed in our implementation. The bundled library is now the default, but if you wish to force the use of the system http-parser implementation despite incompatibilities, you can specify `-DUSE_HTTP_PARSER=system` to CMake. * The interactions between `USE_HTTPS` and `SHA1_BACKEND` have been streamlined. The detection was moved to a new `USE_SHA1`, modeled after `USE_HTTPS`, which takes the values "CollisionDetection/Backend/Generic", to better match how the "hashing backend" is selected, the default (ON) being "CollisionDetection". If you were using `SHA1_BACKEND` previously, you'll need to check the value you've used, or switch to the autodetection. ### Authors The following individuals provided changes that were included in this release: * Aaron Patterson * Alberto Fanjul * Anders Borum * Augie Fackler * Augustin Fabre * Ayush Shridhar * brian m. carlson * buddyspike * Carlos MartÃn Nieto * cheese1 * Dan Skorupski * Daniel Cohen Gindi * Dave Lee * David Brooks * David Turner * Denis Laxalde * Dhruva Krishnamurthy * Dominik Ritter * Drew DeVault * Edward Thomson * Eric Huss * Erik Aigner * Etienne Samson * Gregory Herrero * Heiko Voigt * Ian Hattendorf * Jacques Germishuys * Janardhan Pulivarthi * Jason Haslam * Johannes Schindelin * Jordan Wallet * Josh Bleecher Snyder * kas * kdj0c * Laurence McGlashan * lhchavez * Lukas Berk * Max Kostyukevich * Patrick Steinhardt * pcpthm * Remy Suen * Robert Coup * romkatv * Scott Furry * Sebastian Henke * Stefan Widgren * Steve King Jr * Sven Strickroth * Tobias Nieen * Tyler Ang-Wanek * Tyler Wanek
Revision 1.43 / (download) - annotate - [select for diffs], Sat Jan 18 21:49:11 2020 UTC (4 years, 2 months ago) by jperkin
Branch: MAIN
Changes since 1.42: +2 -2
lines
Diff to previous 1.42 (colored) to selected 1.30 (colored)
*: Recursive revision bump for openssl 1.1.1.
Revision 1.42 / (download) - annotate - [select for diffs], Sun Jan 12 20:20:11 2020 UTC (4 years, 2 months ago) by ryoon
Branch: MAIN
Changes since 1.41: +2 -1
lines
Diff to previous 1.41 (colored) to selected 1.30 (colored)
*: Recursive revbump from devel/boost-libs
Revision 1.39.2.2 / (download) - annotate - [select for diffs], Mon Dec 16 13:12:31 2019 UTC (4 years, 3 months ago) by bsiegert
Branch: pkgsrc-2019Q3
Changes since 1.39.2.1: +1 -1
lines
Diff to previous 1.39.2.1 (colored) to branchpoint 1.39 (colored) next main 1.40 (colored) to selected 1.30 (colored)
Pullup ticket #6102 - requested by nia devel/libgit2: security fix Revisions pulled up: - devel/libgit2/Makefile 1.41 - devel/libgit2/distinfo 1.19 --- Module Name: pkgsrc Committed By: nia Date: Sat Dec 14 02:57:02 UTC 2019 Modified Files: pkgsrc/devel/libgit2: Makefile distinfo Log Message: libgit2: Update to 0.28.4 v0.28.4 -------- This is a security release fixing the following issues: - CVE-2019-1348: the fast-import stream command "feature export-marks=path" allows writing to arbitrary file paths. As libgit2 does not offer any interface for fast-import, it is not susceptible to this vulnerability. - CVE-2019-1349: by using NTFS 8.3 short names, backslashes or alternate filesystreams, it is possible to cause submodules to be written into pre-existing directories during a recursive clone using git. As libgit2 rejects cloning into non-empty directories by default, it is not susceptible to this vulnerability. - CVE-2019-1350: recursive clones may lead to arbitrary remote code executing due to improper quoting of command line arguments. As libgit2 uses libssh2, which does not require us to perform command line parsing, it is not susceptible to this vulnerability. - CVE-2019-1351: Windows provides the ability to substitute drive letters with arbitrary letters, including multi-byte Unicode letters. To fix any potential issues arising from interpreting such paths as relative paths, we have extended detection of DOS drive prefixes to accomodate for such cases. - CVE-2019-1352: by using NTFS-style alternative file streams for the ".git" directory, it is possible to overwrite parts of the repository. While this has been fixed in the past for Windows, the same vulnerability may also exist on other systems that write to NTFS filesystems. We now reject any paths starting with ".git:" on all systems. - CVE-2019-1353: by using NTFS-style 8.3 short names, it was possible to write to the ".git" directory and thus overwrite parts of the repository, leading to possible remote code execution. While this problem was already fixed in the past for Windows, other systems accessing NTFS filesystems are vulnerable to this issue too. We now enable NTFS protecions by default on all systems to fix this attack vector. - CVE-2019-1354: on Windows, backslashes are not a valid part of a filename but are instead interpreted as directory separators. As other platforms allowed to use such paths, it was possible to write such invalid entries into a Git repository and was thus an attack vector to write into the ".git" dierctory. We now reject any entries starting with ".git\" on all systems. - CVE-2019-1387: it is possible to let a submodule's git directory point into a sibling's submodule directory, which may result in overwriting parts of the Git repository and thus lead to arbitrary command execution. As libgit2 doesn't provide any way to do submodule clones natively, it is not susceptible to this vulnerability. Users of libgit2 that have implemented recursive submodule clones manually are encouraged to review their implementation for this vulnerability.
Revision 1.41 / (download) - annotate - [select for diffs], Sat Dec 14 02:57:02 2019 UTC (4 years, 3 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base,
pkgsrc-2019Q4
Changes since 1.40: +2 -2
lines
Diff to previous 1.40 (colored) to selected 1.30 (colored)
libgit2: Update to 0.28.4 v0.28.4 -------- This is a security release fixing the following issues: - CVE-2019-1348: the fast-import stream command "feature export-marks=path" allows writing to arbitrary file paths. As libgit2 does not offer any interface for fast-import, it is not susceptible to this vulnerability. - CVE-2019-1349: by using NTFS 8.3 short names, backslashes or alternate filesystreams, it is possible to cause submodules to be written into pre-existing directories during a recursive clone using git. As libgit2 rejects cloning into non-empty directories by default, it is not susceptible to this vulnerability. - CVE-2019-1350: recursive clones may lead to arbitrary remote code executing due to improper quoting of command line arguments. As libgit2 uses libssh2, which does not require us to perform command line parsing, it is not susceptible to this vulnerability. - CVE-2019-1351: Windows provides the ability to substitute drive letters with arbitrary letters, including multi-byte Unicode letters. To fix any potential issues arising from interpreting such paths as relative paths, we have extended detection of DOS drive prefixes to accomodate for such cases. - CVE-2019-1352: by using NTFS-style alternative file streams for the ".git" directory, it is possible to overwrite parts of the repository. While this has been fixed in the past for Windows, the same vulnerability may also exist on other systems that write to NTFS filesystems. We now reject any paths starting with ".git:" on all systems. - CVE-2019-1353: by using NTFS-style 8.3 short names, it was possible to write to the ".git" directory and thus overwrite parts of the repository, leading to possible remote code execution. While this problem was already fixed in the past for Windows, other systems accessing NTFS filesystems are vulnerable to this issue too. We now enable NTFS protecions by default on all systems to fix this attack vector. - CVE-2019-1354: on Windows, backslashes are not a valid part of a filename but are instead interpreted as directory separators. As other platforms allowed to use such paths, it was possible to write such invalid entries into a Git repository and was thus an attack vector to write into the ".git" dierctory. We now reject any entries starting with ".git\" on all systems. - CVE-2019-1387: it is possible to let a submodule's git directory point into a sibling's submodule directory, which may result in overwriting parts of the Git repository and thus lead to arbitrary command execution. As libgit2 doesn't provide any way to do submodule clones natively, it is not susceptible to this vulnerability. Users of libgit2 that have implemented recursive submodule clones manually are encouraged to review their implementation for this vulnerability.
Revision 1.39.2.1 / (download) - annotate - [select for diffs], Mon Oct 7 09:14:47 2019 UTC (4 years, 5 months ago) by bsiegert
Branch: pkgsrc-2019Q3
Changes since 1.39: +2 -3
lines
Diff to previous 1.39 (colored) to selected 1.30 (colored)
Pullup ticket #6068 - requested by nia devel/libgit2: security fix Revisions pulled up: - devel/libgit2/Makefile 1.40 - devel/libgit2/distinfo 1.18 --- Module Name: pkgsrc Committed By: nia Date: Sun Oct 6 12:18:30 UTC 2019 Modified Files: pkgsrc/devel/libgit2: Makefile distinfo Log Message: libgit2: Update to 0.28.3 This is a security release fixing the following issues: A carefully constructed commit object with a very large number of parents may lead to potential out-of-bounds writes or potential denial of service. The ProgramData configuration file is always read for compatibility with Git for Windows and Portable Git installations. The ProgramData location is not necessarily writable only by administrators, so we now ensure that the configuration file is owned by the administrator or the current user.
Revision 1.40 / (download) - annotate - [select for diffs], Sun Oct 6 12:18:30 2019 UTC (4 years, 5 months ago) by nia
Branch: MAIN
Changes since 1.39: +2 -3
lines
Diff to previous 1.39 (colored) to selected 1.30 (colored)
libgit2: Update to 0.28.3 This is a security release fixing the following issues: A carefully constructed commit object with a very large number of parents may lead to potential out-of-bounds writes or potential denial of service. The ProgramData configuration file is always read for compatibility with Git for Windows and Portable Git installations. The ProgramData location is not necessarily writable only by administrators, so we now ensure that the configuration file is owned by the administrator or the current user.
Revision 1.39 / (download) - annotate - [select for diffs], Thu Aug 22 12:23:02 2019 UTC (4 years, 7 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2019Q3-base
Branch point for: pkgsrc-2019Q3
Changes since 1.38: +2 -2
lines
Diff to previous 1.38 (colored) to selected 1.30 (colored)
Recursive revbump from boost-1.71.0
Revision 1.38 / (download) - annotate - [select for diffs], Sat Jul 20 22:46:16 2019 UTC (4 years, 8 months ago) by wiz
Branch: MAIN
Changes since 1.37: +2 -2
lines
Diff to previous 1.37 (colored) to selected 1.30 (colored)
*: recursive bump for nettle 3.5.1
Revision 1.37 / (download) - annotate - [select for diffs], Mon Jul 1 04:08:05 2019 UTC (4 years, 8 months ago) by ryoon
Branch: MAIN
Changes since 1.36: +2 -1
lines
Diff to previous 1.36 (colored) to selected 1.30 (colored)
Recursive revbump from boost-1.70.0
Revision 1.36 / (download) - annotate - [select for diffs], Mon May 27 14:35:25 2019 UTC (4 years, 10 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2019Q2-base,
pkgsrc-2019Q2
Changes since 1.35: +2 -3
lines
Diff to previous 1.35 (colored) to selected 1.30 (colored)
libgit2: update to 0.28.2. v0.28.2 ------- This is a bugfix release with the following changes: * Fix include directory ordering when using bundled dependencies. * Fix infinite loop when searching for a non-existing repository with Windows-style paths including drive prefixes. * Fix paths with a trailing "/" not always being treated as directories when computing ignores. * Fix false negatives when computing ignores where ignore rules that are a prefix to a negative ignore rule exist. * Fix patches with CRLF line endings not being parsed correctly. * Fix segfault when parsing patches with file addition (deletion) where the added (deleted) file name contains a space. * Fix assertion failure when trying to write to a non-existent locked configuration file.
Revision 1.35 / (download) - annotate - [select for diffs], Thu Apr 25 07:32:47 2019 UTC (4 years, 11 months ago) by maya
Branch: MAIN
Changes since 1.34: +2 -1
lines
Diff to previous 1.34 (colored) to selected 1.30 (colored)
PKGREVISION bump for anything using python without a PYPKGPREFIX. This is a semi-manual PKGREVISION bump.
Revision 1.34 / (download) - annotate - [select for diffs], Mon Feb 25 09:21:36 2019 UTC (5 years, 1 month ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base,
pkgsrc-2019Q1
Changes since 1.33: +3 -2
lines
Diff to previous 1.33 (colored) to selected 1.30 (colored)
libgit2: Requires C99.
Revision 1.33 / (download) - annotate - [select for diffs], Sun Feb 24 10:15:26 2019 UTC (5 years, 1 month ago) by wiz
Branch: MAIN
Changes since 1.32: +2 -3
lines
Diff to previous 1.32 (colored) to selected 1.30 (colored)
libgit2: update to 0.28.1. v0.28.1 ------- This is a bugfix release with the following change: * The deprecated functions (`git_buf_free` and the `giterr_` family of functions) are now exported properly. In the v0.28 release, they were not given the correct external attributes and they did not have the correct linkage visibility in the v0.28 library. v0.28 ----- ### Changes or improvements * The library is now always built with cdecl calling conventions on Windows; the ability to build a stdcall library has been removed. * Reference log creation now honors `core.logallrefupdates=always`. * Fix some issues with the error-reporting in the OpenSSL backend. * HTTP proxy support is now builtin; libcurl is no longer used to support proxies and is removed as a dependency. * Certificate and credential callbacks can now return `GIT_PASSTHROUGH` to decline to act; libgit2 will behave as if there was no callback set in the first place. * The line-ending filtering logic - when checking out files - has been updated to match newer git (>= git 2.9) for proper interoperability. * Symbolic links are now supported on Windows when `core.symlinks` is set to `true`. * Submodules with names which attempt to perform path traversal now have their configuration ignored. Such names were blindly appended to the `$GIT_DIR/modules` and a malicious name could lead to an attacker writing to an arbitrary location. This matches git's handling of CVE-2018-11235. * Object validation is now performed during tree creation in the `git_index_write_tree_to` API. * Configuration variable may now be specified on the same line as a section header; previously this was erroneously a parser error. * When an HTTP server supports both NTLM and Negotiate authentication mechanisms, we would previously fail to authenticate with any mechanism. * The `GIT_OPT_SET_PACK_MAX_OBJECTS` option can now set the maximum number of objects allowed in a packfile being downloaded; this can help limit the maximum memory used when fetching from an untrusted remote. * Line numbers in diffs loaded from patch files were not being populated; they are now included in the results. * The repository's index is reloaded from disk at the beginning of `git_merge` operations to ensure that it is up-to-date. * Mailmap handling APIs have been introduced, and the new commit APIs `git_commit_committer_with_mailmap` and `git_commit_author_with_mailmap` will use the mailmap to resolve the committer and author information. In addition, blame will use the mailmap given when the `GIT_BLAME_USE_MAILMAP` option. * Ignore handling for files in ignored folders would be ignored. * Worktrees can now be backed by bare repositories. * Trailing spaces are supported in `.gitignore` files, these spaces were previously (and erroneously) treated as part of the pattern. * The library can now be built with mbedTLS support for HTTPS. * The diff status character 'T' will now be presented by the `git_diff_status_char` API for diff entries that change type. * Revision walks previously would sometimes include commits that should have been ignored; this is corrected. * Revision walks are now more efficient when the output is unsorted; we now avoid walking all the way to the beginning of history unnecessarily. * Error-handling around index extension loading has been fixed. We were previously always misreporting a truncated index (#4858). ### API additions * The index may now be iterated atomically using `git_index_iterator`. * Remote objects can now be created with extended options using the `git_remote_create_with_opts` API. * Diff objects can now be applied as changes to the working directory, index or both, emulating the `git apply` command. Additionally, `git_apply_to_tree` can apply those changes to a tree object as a fully in-memory operation. * You can now swap out memory allocators via the `GIT_OPT_SET_ALLOCATOR` option with `git_libgit2_opts()`. * You can now ensure that functions do not discard unwritten changes to the index via the `GIT_OPT_ENABLE_UNSAVED_INDEX_SAFETY` option to `git_libgit2_opts()`. This will cause functions that implicitly re-read the index (eg, `git_checkout`) to fail if you have staged changes to the index but you have not written the index to disk. (Unless the checkout has the FORCE flag specified.) At present, this defaults to off, but we intend to enable this more broadly in the future, as a warning or error. We encourage you to examine your code to ensure that you are not relying on the current behavior that implicitly removes staged changes. * Reference specifications can be parsed from an arbitrary string with the `git_refspec_parse` API. * You can now get the name and path of worktrees using the `git_worktree_name` and `git_worktree_path` APIs, respectively. * The `ref` field has been added to `git_worktree_add_options` to enable the creation of a worktree from a pre-existing branch. * It's now possible to analyze merge relationships between any two references, not just against `HEAD`, using `git_merge_analysis_for_ref`. ### API removals * The `git_buf_free` API is deprecated; it has been renamed to `git_buf_dispose` for consistency. The `git_buf_free` API will be retained for backward compatibility for the foreseeable future. * The `git_otype` enumeration and its members are deprecated and have been renamed for consistency. The `GIT_OBJ_` enumeration values are now prefixed with `GIT_OBJECT_`. The old enumerations and macros will be retained for backward compatibility for the foreseeable future. * Several index-related APIs have been renamed for consistency. The `GIT_IDXENTRY_` enumeration values and macros have been renamed to be prefixed with `GIT_INDEX_ENTRY_`. The `GIT_INDEXCAP` enumeration values are now prefixed with `GIT_INDEX_CAPABILITY_`. The old enumerations and macros will be retained for backward compatibility for the foreseeable future. * The error functions and enumeration values have been renamed for consistency. The `giterr_` functions and values prefix have been renamed to be prefixed with `git_error_`; similarly, the `GITERR_` constants have been renamed to be prefixed with `GIT_ERROR_`. The old enumerations and macros will be retained for backward compatibility for the foreseeable future. ### Breaking API changes * The default checkout strategy changed from `DRY_RUN` to `SAFE` (#4531). * Adding a symlink as .gitmodules into the index from the workdir or checking out such files is not allowed as this can make a Git implementation write outside of the repository and bypass the fsck checks for CVE-2018-11235.
Revision 1.32 / (download) - annotate - [select for diffs], Thu Dec 13 19:51:48 2018 UTC (5 years, 3 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2018Q4-base,
pkgsrc-2018Q4
Changes since 1.31: +2 -1
lines
Diff to previous 1.31 (colored) to selected 1.30 (colored)
revbump for boost 1.69.0
Revision 1.31 / (download) - annotate - [select for diffs], Sat Dec 1 20:18:18 2018 UTC (5 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.30: +2 -2
lines
Diff to previous 1.30 (colored)
libgit2: update to 0.27.7. v0.27.7 ------- This is a bugfix release with the following changes or improvements: - Our continuous integration environment has switched from Travis and AppVeyor to Azure Pipelines CI. - Fix adding worktrees for bare repositories. - Fix parsed patches not computing the old respectively new line numbers correctly. - Fix parsing configuration variables which do not have a section. - Fix a zero-byte allocation when trying to detect file renames and copies of a diff without any hunks. - Fix a zero-byte allocation when trying to resize or duplicate vectors. - Fix return value when trying to unlock worktrees which aren't locked. - Fix returning an unitialized error code when preparing a revision walk without any pushed commits. - Fix return value of `git_remote_lookup` when lookup of "remote.$remote.tagopt" fails. - Fix the revision walk always labelling commits as interesting due to a mishandling of the commit date. - Fix the packbuilder inserting uninteresting blobs when adding a tree containing references to such blobs. - Ignore unsupported authentication schemes in HTTP transport. - Improve performane of `git_remote_prune`. - Fix detection of whether `qsort_r` has a BSD or GNU function signature. - Fix detection of iconv if it is provided by libc. v0.27.6 ------- This as a security release fixing the following list of issues: - The function family `git__strtol` is used to parse integers from a buffer. As the functions do not take a buffer length as argument, they will scan either until the end of the current number or until a NUL byte is encountered. Many callers have been misusing the function and called it on potentially non-NUL-terminated buffers, resulting in possible out-of-bounds reads. Callers have been fixed to use `git__strntol` functions instead and `git__strtol` functions were removed. - The function `git__strntol64` relied on the undefined behavior of signed integer overflows. While the code tried to detect such overflows after they have happened, this is unspecified behavior and may lead to weird behavior on uncommon platforms. - In the case where `git__strntol32` was unable to parse an integer because it doesn't fit into an `int32_t`, it printed an error message containing the string that is currently being parsed. The code didn't truncate the string though, which caused it to print the complete string until a NUL byte is encountered and not only the currently parsed number. In case where the string was not NUL terminated, this could have lead to an out-of-bounds read. - When parsing tags, all unknown fields that appear before the tag message are skipped. This skipping is done by using a plain `strstr(buffer, "\n\n")` to search for the two newlines that separate tag fields from tag message. As it is not possible to supply a buffer length to `strstr`, this call may skip over the buffer's end and thus result in an out of bounds read. As `strstr` may return a pointer that is out of bounds, the following computation of `buffer_end - buffer` will overflow and result in an allocation of an invalid length. Note that when reading objects from the object database, we make sure to always NUL terminate them, making the use of `strstr` safe. - When parsing the "encoding" field of a commit, we may perform an out of bounds read due to using `git__prefixcmp` instead of `git__prefixncmp`. This can result in the parsed commit object containing uninitialized data in both its message encoding and message fields. Note that when reading objects from the object database, we make sure to always NUL terminate them, making the use of `strstr` safe.
Revision 1.28.2.1 / (download) - annotate - [select for diffs], Sat Oct 20 16:18:20 2018 UTC (5 years, 5 months ago) by spz
Branch: pkgsrc-2018Q3
Changes since 1.28: +2 -2
lines
Diff to previous 1.28 (colored) next main 1.29 (colored) to selected 1.30 (colored)
Pullup ticket #5848 - requested by bsiegert devel/libgit2: security update Revisions pulled up: - devel/libgit2/Makefile 1.29 - devel/libgit2/distinfo 1.14 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Oct 18 14:43:01 UTC 2018 Modified Files: pkgsrc/devel/libgit2: Makefile distinfo Log Message: devel/libgit2: update to 0.27.5 libgit2 0.27.5 (2018/10/5) This is a security release fixing the following list of issues: * Submodule URLs and paths with a leading "-" are now ignored. This is due to the recently discovered CVE-2018-17456, which can lead to arbitrary code execution in upstream git. While libgit2 itself is not vulnerable, it can be used to inject options in an implementation which performs a recursive clone by executing an external command. * When running repack while doing repo writes, packfile_load__cb() could see some temporary files in the directory that were bigger than the usual, and makes memcmp overflow on the p->pack_name string. This issue was reported and fixed by bisho. * The configuration file parser used unbounded recursion to parse multiline variables, which could lead to a stack overflow. The issue was reported by the oss-fuzz project, issue 10048 and fixed by Nelson Elhage. * The fix to the unbounded recursion introduced a memory leak in the config parser. While this leak was never in a public release, the oss-fuzz project reported this as issue 10127. The fix was implemented by Nelson Elhage and Patrick Steinhardt. * When parsing "ok" packets received via the smart protocol, our parsing code did not correctly verify the bounds of the packets, which could result in a heap-buffer overflow. The issue was reported by the oss-fuzz project, issue 9749 and fixed by Patrick Steinhardt. * The parsing code for the smart protocol has been tightened in general, fixing heap-buffer overflows when parsing the packet type as well as for "ACK" and "unpack" packets. The issue was discovered and fixed by Patrick Steinhardt. * Fixed potential integer overflows on platforms with 16 bit integers when parsing packets for the smart protocol. The issue was discovered and fixed by Patrick Steinhardt. * Fixed potential NULL pointer dereference when parsing configuration files which have "include.path" or "includeIf..path" statements without a value. To generate a diff of this commit: cvs rdiff -u -r1.28 -r1.29 pkgsrc/devel/libgit2/Makefile cvs rdiff -u -r1.13 -r1.14 pkgsrc/devel/libgit2/distinfo
Revision 1.30 / (download) - annotate - [selected], Fri Oct 19 12:29:57 2018 UTC (5 years, 5 months ago) by ryoon
Branch: MAIN
Changes since 1.29: +2 -2
lines
Diff to previous 1.29 (colored)
Update HOMEPAGE
Revision 1.29 / (download) - annotate - [select for diffs], Thu Oct 18 14:43:01 2018 UTC (5 years, 5 months ago) by taca
Branch: MAIN
Changes since 1.28: +2 -2
lines
Diff to previous 1.28 (colored) to selected 1.30 (colored)
devel/libgit2: update to 0.27.5 libgit2 0.27.5 (2018/10/5) This is a security release fixing the following list of issues: * Submodule URLs and paths with a leading "-" are now ignored. This is due to the recently discovered CVE-2018-17456, which can lead to arbitrary code execution in upstream git. While libgit2 itself is not vulnerable, it can be used to inject options in an implementation which performs a recursive clone by executing an external command. * When running repack while doing repo writes, packfile_load__cb() could see some temporary files in the directory that were bigger than the usual, and makes memcmp overflow on the p->pack_name string. This issue was reported and fixed by bisho. * The configuration file parser used unbounded recursion to parse multiline variables, which could lead to a stack overflow. The issue was reported by the oss-fuzz project, issue 10048 and fixed by Nelson Elhage. * The fix to the unbounded recursion introduced a memory leak in the config parser. While this leak was never in a public release, the oss-fuzz project reported this as issue 10127. The fix was implemented by Nelson Elhage and Patrick Steinhardt. * When parsing "ok" packets received via the smart protocol, our parsing code did not correctly verify the bounds of the packets, which could result in a heap-buffer overflow. The issue was reported by the oss-fuzz project, issue 9749 and fixed by Patrick Steinhardt. * The parsing code for the smart protocol has been tightened in general, fixing heap-buffer overflows when parsing the packet type as well as for "ACK" and "unpack" packets. The issue was discovered and fixed by Patrick Steinhardt. * Fixed potential integer overflows on platforms with 16 bit integers when parsing packets for the smart protocol. The issue was discovered and fixed by Patrick Steinhardt. * Fixed potential NULL pointer dereference when parsing configuration files which have "include.path" or "includeIf..path" statements without a value.
Revision 1.28 / (download) - annotate - [select for diffs], Sun Sep 23 15:11:42 2018 UTC (5 years, 6 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2018Q3-base
Branch point for: pkgsrc-2018Q3
Changes since 1.27: +2 -3
lines
Diff to previous 1.27 (colored) to selected 1.30 (colored)
devel/libgit2: update to 0.27.4 v0.27.4 ------- This is a security release fixing out-of-bounds reads when processing smart-protocol "ng" packets. When parsing an "ng" packet, we keep track of both the current position as well as the remaining length of the packet itself. But instead of taking care not to exceed the length, we pass the current pointer's position to `strchr`, which will search for a certain character until hitting NUL. It is thus possible to create a crafted packet which doesn't contain a NUL byte to trigger an out-of-bounds read. The issue was discovered by the oss-fuzz project, issue 9406. v0.27.3 ------- This is a security release fixing out-of-bounds reads when reading objects from a packfile. This corresponds to CVE-2018-10887 and CVE-2018-10888, which were both reported by Riccardo Schirone. When packing objects into a single so-called packfile, objects may not get stored as complete copies but instead as deltas against another object "base". A specially crafted delta object could trigger an integer overflow and thus bypass our input validation, which may result in copying memory before or after the base object into the final deflated object. This may lead to objects containing copies of system memory being written into the object database. As the hash of those objects cannot be easily controlled by the attacker, it is unlikely that any of those objects will be valid and referenced by the commit graph. Note that the error could also be triggered by the function `git_apply__patch`. But as this function is not in use outside of our test suite, it is not a possible attack vector.
Revision 1.27 / (download) - annotate - [select for diffs], Thu Aug 16 18:54:41 2018 UTC (5 years, 7 months ago) by adam
Branch: MAIN
Changes since 1.26: +2 -1
lines
Diff to previous 1.26 (colored) to selected 1.30 (colored)
revbump after boost-libs update
Revision 1.26 / (download) - annotate - [select for diffs], Tue Jun 5 18:48:22 2018 UTC (5 years, 9 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2018Q2-base,
pkgsrc-2018Q2
Changes since 1.25: +2 -3
lines
Diff to previous 1.25 (colored) to selected 1.30 (colored)
libgit2: update to 0.27.1. v0.27.1 --------- This is a security release fixing insufficient validation of submodule names (CVE-2018-11235, reported by Etienne Stalmans) and disallows `.gitmodules` files as symlinks. While submodule names come from the untrusted ".gitmodules" file, we blindly append the name to "$GIT_DIR/modules" to construct the final path of the submodule repository. In case the name contains e.g. "../", an adversary would be able to escape your repository and write data at arbitrary paths. In accordance with git, we now enforce some rules for submodule names which will cause libgit2 to ignore these malicious names. Adding a symlink as `.gitmodules` into the index from the workdir or checking out such files is not allowed as this can make a Git implementation write outside of the repository and bypass the `fsck` checks for CVE-2018-11235. libgit2 is not susceptible to CVE-2018-11233.
Revision 1.25 / (download) - annotate - [select for diffs], Sun Apr 29 21:31:33 2018 UTC (5 years, 10 months ago) by adam
Branch: MAIN
Changes since 1.24: +2 -1
lines
Diff to previous 1.24 (colored) to selected 1.30 (colored)
revbump for boost-libs update
Revision 1.24 / (download) - annotate - [select for diffs], Tue Apr 17 10:50:24 2018 UTC (5 years, 11 months ago) by wiz
Branch: MAIN
Changes since 1.23: +2 -2
lines
Diff to previous 1.23 (colored) to selected 1.30 (colored)
libgit2: update to 0.27.0. v0.27 --------- ### Changes or improvements * Improved `p_unlink` in `posix_w32.c` to try and make a file writable before sleeping in the retry loop to prevent unnecessary calls to sleep. * The CMake build infrastructure has been improved to speed up building time. * A new CMake option "-DUSE_HTTPS=<backend>" makes it possible to explicitly choose an HTTP backend. * A new CMake option "-DSHA1_BACKEND=<backend>" makes it possible to explicitly choose an SHA1 backend. The collision-detecting backend is now the default. * A new CMake option "-DUSE_BUNDLED_ZLIB" makes it possible to explicitly use the bundled zlib library. * A new CMake option "-DENABLE_REPRODUCIBLE_BUILDS" makes it possible to generate a reproducible static archive. This requires support from your toolchain. * The minimum required CMake version has been bumped to 2.8.11. * Writing to a configuration file now preserves the case of the key given by the caller for the case-insensitive portions of the key (existing sections are used even if they don't match). * We now support conditional includes in configuration files. * Fix for handling re-reading of configuration files with includes. * Fix for reading patches which contain exact renames only. * Fix for reading patches with whitespace in the compared files' paths. * We will now fill `FETCH_HEAD` from all passed refspecs instead of overwriting with the last one. * There is a new diff option, `GIT_DIFF_INDENT_HEURISTIC` which activates a heuristic which takes into account whitespace and indentation in order to produce better diffs when dealing with ambiguous diff hunks. * Fix for pattern-based ignore rules where files ignored by a rule cannot be un-ignored by another rule. * Sockets opened by libgit2 are now being closed on exec(3) if the platform supports it. * Fix for peeling annotated tags from packed-refs files. * Fix reading huge loose objects from the object database. * Fix files not being treated as modified when only the file mode has changed. * We now explicitly reject adding submodules to the index via `git_index_add_frombuffer`. * Fix handling of `GIT_DIFF_FIND_RENAMES_FROM_REWRITES` raising `SIGABRT` when one file has been deleted and another file has been rewritten. * Fix for WinHTTP not properly handling NTLM and Negotiate challenges. * When using SSH-based transports, we now repeatedly ask for the passphrase to decrypt the private key in case a wrong passphrase is being provided. * When generating conflict markers, they will now use the same line endings as the rest of the file. ### API additions * The `git_merge_file_options` structure now contains a new setting, `marker_size`. This allows users to set the size of markers that delineate the sides of merged files in the output conflict file. By default this is 7 (`GIT_MERGE_CONFLICT_MARKER_SIZE`), which produces output markers like `<<<<<<<` and `>>>>>>>`. * `git_remote_create_detached()` creates a remote that is not associated to any repository (and does not apply configuration like 'insteadof' rules). This is mostly useful for e.g. emulating `git ls-remote` behavior. * `git_diff_patchid()` lets you generate patch IDs for diffs. * `git_status_options` now has an additional field `baseline` to allow creating status lists against different trees. * New family of functions to allow creating notes for a specific notes commit instead of for a notes reference. * New family of functions to allow parsing message trailers. This API is still experimental and may change in future releases. ### API removals ### Breaking API changes * Signatures now distinguish between +0000 and -0000 UTC offsets. * The certificate check callback in the WinHTTP transport will now receive the `message_cb_payload` instead of the `cred_acquire_payload`. * We are now reading symlinked directories under .git/refs. * We now refuse creating branches named "HEAD". * We now refuse reading and writing all-zero object IDs into the object database. * We now read the effective user's configuration file instead of the real user's configuration in case libgit2 runs as part of a setuid binary. * The `git_odb_open_rstream` function and its `readstream` callback in the `git_odb_backend` interface have changed their signatures to allow providing the object's size and type to the caller.
Revision 1.23 / (download) - annotate - [select for diffs], Sun Mar 25 08:23:50 2018 UTC (6 years ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2018Q1-base,
pkgsrc-2018Q1
Changes since 1.22: +2 -3
lines
Diff to previous 1.22 (colored) to selected 1.30 (colored)
Update to 0.26.3 * Fix some security bugs Changelog: 0.26.3 This is a bugfix release. It includes the following non-exclusive list of improvements, which have been backported from the master branch: Fix cloning of the libgit2 project with git clone --recursive by removing an invalid submodule from our testing data. Fix endianness of the port in p_getaddrinfo(). Fix handling of negative gitignore rules with wildcards. Fix handling of case-insensitive negative gitignore rules. Fix resolving references to a tag if the reference is stored with its fully resolved OID in the packed-refs file. Fix checkout not treating worktree files as modified when only their mode has changed. Fix rename detection with GIT_DIFF_FIND_RENAMES_FROM_REWRITES. Enable Windows 7 and earlier to use TLS 1.2. 0.26.2 This is a security release fixing memory handling issues when reading crafted repository index files. The issues allow for possible denial of service due to allocation of large memory and out-of-bound reads. As the index is never transferred via the network, exploitation requires an attacker to have access to the local repository. 0.26.1 This is a security release that includes an update to the bundled zlib to update it to 1.2.11. Users who build the bundled zlib are vulnerable to security issues in the prior version. This does not affect you if you rely on a system-installed version of zlib. All users of v0.26.0 who use the bundled zlib should upgrade to this release.
Revision 1.22 / (download) - annotate - [select for diffs], Mon Jan 1 21:18:21 2018 UTC (6 years, 2 months ago) by adam
Branch: MAIN
Changes since 1.21: +2 -2
lines
Diff to previous 1.21 (colored) to selected 1.30 (colored)
Revbump after boost update
Revision 1.21 / (download) - annotate - [select for diffs], Mon Nov 20 23:04:05 2017 UTC (6 years, 4 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base,
pkgsrc-2017Q4
Changes since 1.20: +2 -1
lines
Diff to previous 1.20 (colored) to selected 1.30 (colored)
libgit2: remove python from bl3.mk cmake says it's only needed for tests
Revision 1.20 / (download) - annotate - [select for diffs], Thu Aug 24 20:03:11 2017 UTC (6 years, 7 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2017Q3-base,
pkgsrc-2017Q3
Changes since 1.19: +2 -1
lines
Diff to previous 1.19 (colored) to selected 1.30 (colored)
Revbump for boost update
Revision 1.19 / (download) - annotate - [select for diffs], Mon Jul 31 14:18:20 2017 UTC (6 years, 7 months ago) by taca
Branch: MAIN
Changes since 1.18: +2 -3
lines
Diff to previous 1.18 (colored) to selected 1.30 (colored)
Update libgit2 to 0.26.0. libgit2 2017/6/19 This is the first release of the v0.26 series, "Aufschub". The changelog follows. Changes or improvements Support for opening, creating and modifying worktrees. We can now detect SHA1 collisions resulting from the SHAttered attack. These checks can be enabled at build time via -DUSE_SHA1DC. Fix for missing implementation of git_merge_driver_source getters. Fix for installed pkg-config file being broken when the prefix contains spaces. We now detect when the hashsum of on-disk objects does not match their expected hashsum. We now support open-ended ranges (e.g. "master..", "...master") in our revision range parsing code. We now correctly compute ignores with leading "/" in subdirectories. We now optionally call fsync on loose objects, packfiles and their indexes, loose references and packed reference files. We can now build against OpenSSL v1.1 and against LibreSSL. GIT_MERGE_OPTIONS_INIT now includes a setting to perform rename detection. This aligns this structure with the default by git_merge and git_merge_trees when NULL was provided for the options. Improvements for reading index v4 files. Perform additional retries for filesystem operations on Windows when files are temporarily locked by other processes. API additions New family of functions to handle worktrees: git_worktree_list() lets you look up worktrees for a repository. git_worktree_lookup() lets you get a specific worktree. git_worktree_open_from_repository() lets you get the associated worktree of a repository. git_worktree_add lets you create new worktrees. git_worktree_prune lets you remove worktrees from disk. git_worktree_lock() and git_worktree_unlock() let you lock and unlock a worktree, respectively. git_repository_open_from_worktree() lets you open a repository via git_repository_head_for_worktree() lets you get the current HEAD for a linked worktree. git_repository_head_detached_for_worktree() lets you check whether a linked worktree is in detached HEAD mode. git_repository_item_path() lets you retrieve paths for various repository files. git_repository_commondir() lets you retrieve the common directory of a repository. git_branch_is_checked_out() allows you to check whether a branch is checked out in a repository or any of its worktrees. git_repository_submodule_cache_all() and git_repository_submodule_cache_clear() functions allow you to prime or clear the submodule cache of a repository. You can disable strict hash verifications via the GIT_OPT_ENABLE_STRICT_HASH_VERIFICATION option with git_libgit2_opts(). You can enable us calling fsync for various files inside the ".git" directory by setting the GIT_OPT_ENABLE_FSYNC_GITDIR option with git_libgit2_opts(). You can now enable "offset deltas" when creating packfiles and negotiating packfiles with a remote server by setting GIT_OPT_ENABLE_OFS_DELTA option with GIT_libgit2_opts(). You can now set the default share mode on Windows for opening files using GIT_OPT_SET_WINDOWS_SHAREMODE option with git_libgit2_opts(). You can query the current share mode with GIT_OPT_GET_WINDOWS_SHAREMODE. git_transport_smart_proxy_options() enables you to get the proxy options for smart transports. The GIT_FILTER_INIT macro and the git_filter_init function are provided to initialize a git_filter structure. Breaking API changes clone_checkout_strategy has been removed from git_submodule_update_option. The checkout strategy used to clone will be the same strategy specified in checkout_opts.
Revision 1.18 / (download) - annotate - [select for diffs], Sun Apr 30 01:21:33 2017 UTC (6 years, 10 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2017Q2-base,
pkgsrc-2017Q2
Changes since 1.17: +2 -1
lines
Diff to previous 1.17 (colored) to selected 1.30 (colored)
Recursive revbump from boost update
Revision 1.13.2.1 / (download) - annotate - [select for diffs], Fri Jan 13 20:34:41 2017 UTC (7 years, 2 months ago) by bsiegert
Branch: pkgsrc-2016Q4
Changes since 1.13: +3 -4
lines
Diff to previous 1.13 (colored) next main 1.14 (colored) to selected 1.30 (colored)
Pullup ticket #5191 - requested by taca devel/libgit2: security fix Revisions pulled up: - devel/libgit2/Makefile 1.14-1.16 - devel/libgit2/PLIST 1.6 - devel/libgit2/distinfo 1.8 --- Module Name: pkgsrc Committed By: wiz Date: Sun Jan 1 14:44:09 UTC 2017 Modified Files: [...] pkgsrc/devel/libgit2: Makefile [...] Log Message: Add python-3.6 to incompatible versions. --- Module Name: pkgsrc Committed By: adam Date: Sun Jan 1 16:06:40 UTC 2017 Modified Files: [...] pkgsrc/devel/libgit2: Makefile [...] Log Message: Revbump after boost update --- Module Name: pkgsrc Committed By: taca Date: Wed Jan 11 00:11:24 UTC 2017 Modified Files: pkgsrc/devel/libgit2: Makefile PLIST distinfo Log Message: Update libgit2 to 0.25.1, it includes security problem. For full changes, please refer CHANGESLOG.md file. * libgit2 v0.24.6 and libgit2 v0.25.1, January 9th, 2017 Includes two fixes, one performs extra sanitization for some edge cases in the Git Smart Protocol which can lead to attempting to parse outside of the buffer. The second fix affects the certificate check callback. It provides a valid parameter to indicate whether the native cryptographic library considered the certificate to be correct. This parameter is always 1/true before these releases leading to a possible MITM. This does not affect you if you do not use the custom certificate callback or if you do not take this value into account. This does affect you if you use pygit2 or git2go regardless of whether you specify a certificate check callback.
Revision 1.17 / (download) - annotate - [select for diffs], Wed Jan 11 14:25:42 2017 UTC (7 years, 2 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2017Q1-base,
pkgsrc-2017Q1
Changes since 1.16: +4 -2
lines
Diff to previous 1.16 (colored) to selected 1.30 (colored)
Add test target. Allow all python versions.
Revision 1.16 / (download) - annotate - [select for diffs], Wed Jan 11 00:11:24 2017 UTC (7 years, 2 months ago) by taca
Branch: MAIN
Changes since 1.15: +2 -3
lines
Diff to previous 1.15 (colored) to selected 1.30 (colored)
Update libgit2 to 0.25.1, it includes security problem. For full changes, please refer CHANGESLOG.md file. * libgit2 v0.24.6 and libgit2 v0.25.1, January 9th, 2017 Includes two fixes, one performs extra sanitization for some edge cases in the Git Smart Protocol which can lead to attempting to parse outside of the buffer. The second fix affects the certificate check callback. It provides a valid parameter to indicate whether the native cryptographic library considered the certificate to be correct. This parameter is always 1/true before these releases leading to a possible MITM. This does not affect you if you do not use the custom certificate callback or if you do not take this value into account. This does affect you if you use pygit2 or git2go regardless of whether you specify a certificate check callback.
Revision 1.15 / (download) - annotate - [select for diffs], Sun Jan 1 16:06:09 2017 UTC (7 years, 2 months ago) by adam
Branch: MAIN
Changes since 1.14: +2 -2
lines
Diff to previous 1.14 (colored) to selected 1.30 (colored)
Revbump after boost update
Revision 1.14 / (download) - annotate - [select for diffs], Sun Jan 1 14:43:31 2017 UTC (7 years, 2 months ago) by wiz
Branch: MAIN
Changes since 1.13: +2 -2
lines
Diff to previous 1.13 (colored) to selected 1.30 (colored)
Add python-3.6 to incompatible versions.
Revision 1.13 / (download) - annotate - [select for diffs], Fri Oct 7 18:25:43 2016 UTC (7 years, 5 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2016Q4-base
Branch point for: pkgsrc-2016Q4
Changes since 1.12: +2 -1
lines
Diff to previous 1.12 (colored) to selected 1.30 (colored)
Revbump post boost update
Revision 1.12 / (download) - annotate - [select for diffs], Tue Aug 30 10:24:40 2016 UTC (7 years, 6 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2016Q3-base,
pkgsrc-2016Q3
Changes since 1.11: +5 -5
lines
Diff to previous 1.11 (colored) to selected 1.30 (colored)
Update libgit2 to 0.24.1. pkgsrc changes: - re-enable libssh2 support - ensure pkgsrc curl and http-parser are picked up and enabled Upstream changes: 2f2575c Updating http parser to accept a `+` in the schema ff8e3f0 Handle git+ssh:// and ssh+git:// protocols support fa8b1a8 Adding spec coverage for ssh+git and git+ssh protocols 429155d Updating change to http_parser to reflect PR for nodejs/http-parser e44f658 Removing #define for SSH_PREFIX_COUNT and using ARRAY_SIZE instead b8dc15f Adding test cases that actually test the functionality of the new transport 4a93a7f Tabs 8ec3d88 Avoid subtraction overflow in git_indexer_commit e3862c9 Buffer sideband packet data cdded63 Remove duplicated calls to git_mwindow_close eb09ead odb: improved not found error messages 9ee498e Only buffer if necessary. 4ebf745 mwindow: free unused windows if we fail to mmap ffb1f41 describe: handle error code returned by git_pqueue_insert e39ad74 config_file: handle missing quotation marks in section header 0370dae Check for __CLANG_INTTYPES_H faf823d tests: transport: fix memory leaks with registering transports fa4b93a backport git_oid__cpy_prefix d0780b8 object: avoid call of memset with ouf of bounds pointer e114bba index: assert required OID are non-NULL 1a16e8b pack-objects: fix memory leak on overflow d96c063 submodule: avoid passing NULL pointers to strncmp 851c51a diff_tform: fix potential NULL pointer access 0b357e2 coverity: report errors when uploading tarball 8d3ee96 refdb_fs: fail if refcache returns NULL pointer dd78d7d blame_git: handle error returned by `git_commit_parent` f17ed63 blame: handle error when resoling HEAD in normalize_options 18c4ae7 filebuf: handle write error in `lock_file` 89e7604 config_cache: check return value of `git_config__lookup_entry` c1ec732 Setup better defaults for OpenSSL ciphers 4e91020 Start error string with lower case character cdde081 Use general cl_git_fail because the error is generic f587f38 CMake: do not overwrite but only append to CMAKE_C_FLAGS_DEBUG 9a668ab Option "LIBGIT2_PREFIX" to set the CMAKE's TARGET_PROPERTIES PREFIX d8fcafb Split the page size from the mmap alignment e97d2d7 commit: fix extraction of single-line signatures a1cf264 win32: free thread-local data on thread exit c86a65b config: don't special-case multivars that don't exist yet 3ec0f2e xdiff/xprepare: use the XDF_DIFF_ALG() macro to access flag bits 56da07c xdiff/xprepare: fix a memory leak fe1f477 Add a no-op size_t typedef for the doc parser ab062a3 tests: fix core/stream test when built with openssl off 3e2e824 refs: provide a more general error message for dwim ba52879 reset: use real ids for the tests b6130fe refs::create: strict object creation on by default e8d5df9 config: show we write a spurious duplicated section header a13c1ec config: don't write section header if we're in it 21d8832 config::write::repeated: init our buffer 1778908 ignore: don't use realpath to canonicalize path 26f2cef tree: re-use the id and filename in the odb object 13ebf7b tree: store the entries in a growable array af753ab tree: drop the now-unnecessary entries vector 1d59c85 status: update test to include valid OID 5cc7a5c tests: skip the unreadable file tests as root 2c1bc36 Plug a few leaks 6a35e74 leaks: fix some leaks in the tests ccfacb8 leaks: call `xdl_free_classifier` 8edadbf index::racy: force racy entry
Revision 1.11 / (download) - annotate - [select for diffs], Sat Jul 9 13:03:39 2016 UTC (7 years, 8 months ago) by wiz
Branch: MAIN
Changes since 1.10: +2 -2
lines
Diff to previous 1.10 (colored) to selected 1.30 (colored)
Remove python33: adapt all packages that refer to it.
Revision 1.10 / (download) - annotate - [select for diffs], Tue Mar 8 15:33:14 2016 UTC (8 years ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2016Q2-base,
pkgsrc-2016Q2,
pkgsrc-2016Q1-base,
pkgsrc-2016Q1
Changes since 1.9: +2 -3
lines
Diff to previous 1.9 (colored) to selected 1.30 (colored)
Update libgit2 to 0.24.0. v0.24 ------- ### Changes or improvements * Custom filters can now be registered with wildcard attributes, for example `filter=*`. Consumers should examine the attributes parameter of the `check` function for details. * Symlinks are now followed when locking a file, which can be necessary when multiple worktrees share a base repository. * You can now set your own user-agent to be sent for HTTP requests by using the `GIT_OPT_SET_USER_AGENT` with `git_libgit2_opts()`. * You can set custom HTTP header fields to be sent along with requests by passing them in the fetch and push options. * Tree objects are now assumed to be sorted. If a tree is not correctly formed, it will give bad results. This is the git approach and cuts a significant amount of time when reading the trees. * Filter registration is now protected against concurrent registration. * Filenames which are not valid on Windows in an index no longer cause to fail to parse it on that OS. * Rebases can now be performed purely in-memory, without touching the repository's workdir. * When adding objects to the index, or when creating new tree or commit objects, the inputs are validated to ensure that the dependent objects exist and are of the correct type. This object validation can be disabled with the GIT_OPT_ENABLE_STRICT_OBJECT_CREATION option. * The WinHTTP transport's handling of bad credentials now behaves like the others, asking for credentials again. ### API additions * `git_config_lock()` has been added, which allow for transactional/atomic complex updates to the configuration, removing the opportunity for concurrent operations and not committing any changes until the unlock. * `git_diff_options` added a new callback `progress_cb` to report on the progress of the diff as files are being compared. The documentation of the existing callback `notify_cb` was updated to reflect that it only gets called when new deltas are added to the diff. * `git_fetch_options` and `git_push_options` have gained a `custom_headers` field to set the extra HTTP header fields to send. * `git_stream_register_tls()` lets you register a callback to be used as the constructor for a TLS stream instead of the libgit2 built-in one. * `git_commit_header_field()` allows you to look up a specific header field in a commit. * `git_commit_extract_signature()` extracts the signature from a commit and gives you both the signature and the signed data so you can verify it. ### API removals * No APIs were removed in this version. ### Breaking API changes * The `git_merge_tree_flag_t` is now `git_merge_flag_t`. Subsequently, its members are no longer prefixed with `GIT_MERGE_TREE_FLAG` but are now prefixed with `GIT_MERGE_FLAG`, and the `tree_flags` field of the `git_merge_options` structure is now named `flags`. * The `git_merge_file_flags_t` enum is now `git_merge_file_flag_t` for consistency with other enum type names. * `git_cert` descendent types now have a proper `parent` member * It is the responsibility of the refdb backend to decide what to do with the reflog on ref deletion. The file-based backend must delete it, a database-backed one may wish to archive it. * `git_config_backend` has gained two entries. `lock` and `unlock` with which to implement the transactional/atomic semantics for the configuration backend. * `git_index_add` and `git_index_conflict_add()` will now use the case as provided by the caller on case insensitive systems. Previous versions would keep the case as it existed in the index. This does not affect the higher-level `git_index_add_bypath` or `git_index_add_frombuffer` functions. * The `notify_payload` field of `git_diff_options` was renamed to `payload` to reflect that it's also the payload for the new progress callback. * The `git_config_level_t` enum has gained a higher-priority value `GIT_CONFIG_LEVEL_PROGRAMDATA` which represent a rough Windows equivalent to the system level configuration. * `git_rebase_init()` not also takes a merge options. * The index no longer performs locking itself. This is not something users of the library should have been relying on as it's not part of the concurrency guarantees.
Revision 1.9 / (download) - annotate - [select for diffs], Sat Mar 5 11:28:23 2016 UTC (8 years ago) by jperkin
Branch: MAIN
Changes since 1.8: +2 -1
lines
Diff to previous 1.8 (colored) to selected 1.30 (colored)
Bump PKGREVISION for security/openssl ABI bump.
Revision 1.8 / (download) - annotate - [select for diffs], Sat Dec 5 21:25:35 2015 UTC (8 years, 3 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2015Q4-base,
pkgsrc-2015Q4
Changes since 1.7: +2 -2
lines
Diff to previous 1.7 (colored) to selected 1.30 (colored)
Extend PYTHON_VERSIONS_INCOMPATIBLE to 35
Revision 1.7 / (download) - annotate - [select for diffs], Tue Oct 6 14:56:12 2015 UTC (8 years, 5 months ago) by fhajny
Branch: MAIN
Changes since 1.6: +3 -7
lines
Diff to previous 1.6 (colored) to selected 1.30 (colored)
Update devel/libgit2 to 0.23.3. Simplify Github distfile handling. Backport a futimes fix from upstream master, fixes build on SunOS. Changes since 0.23.2: - blame: guard xdiff calls for large files - diff: don't feed large files to xdiff - merge_file: treat large files as binary - xdiff: convert size variables to size_t - GITERR_CHECK_ALLOC_ADDn: multi-arg adders
Revision 1.6 / (download) - annotate - [select for diffs], Sun Sep 13 12:21:13 2015 UTC (8 years, 6 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2015Q3-base,
pkgsrc-2015Q3
Changes since 1.5: +4 -5
lines
Diff to previous 1.5 (colored) to selected 1.30 (colored)
Update libgit2 to 0.23.2. Changes are too many to write here, please refer: <https://github.com/libgit2/libgit2/releases>.
Revision 1.5 / (download) - annotate - [select for diffs], Sun Jul 26 18:06:45 2015 UTC (8 years, 8 months ago) by nros
Branch: MAIN
Changes since 1.4: +2 -1
lines
Diff to previous 1.4 (colored) to selected 1.30 (colored)
Revbump because of security/libssh2 update.
Revision 1.4 / (download) - annotate - [select for diffs], Wed Jun 3 13:14:46 2015 UTC (8 years, 9 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2015Q2-base,
pkgsrc-2015Q2
Changes since 1.3: +6 -3
lines
Diff to previous 1.3 (colored) to selected 1.30 (colored)
Update libgit2 to 0.22.2 required by ruby-rugged. libgit2 v0.22.2 Maintenance Release @carlosmn carlosmn released this on 25 Mar 12 commits to maint/v0.22 since this release The following fixes have been backported to this maintenance release. All users of the library are encouraged to update. 1f25fe9 checkout: report correct invalid path 8633dd9 win32: further cleanups for 8.3 disabling 93be89c win32: cleanup 8.3 disabled tests 728a013 Fix test failures when 8.3 is disabled 1f726d0 git: make sure to close the network stream 3e163b6 checkout: free last created directory 3440c20 Initialize refs vector in git_remote_update_tips(). dcf6c0c Lower case the include directive of windows header 1dd5e28 http: do not try to use the cert callback on unencrypted streams dd243fe indexer: set an error message on duplicate objects in pack 3a1dc42 Put back the number of expected references to 6 from the test repo cf688ff Fixed active refspecs not reset by git_remote_upload() 7a5682f http: enforce the credential types f008aeb branch: do capture the error code 283f31a git_branch_delete() should ignore errors from non-existing reflogs aa409d5 Fix Mac build without OpenSSL d884d1c Fix race in git_packfile_unpack. 277d647 Reinit `reader` pointer after reading included config file 3bdcea8 Check rebase options version on public entry points 7d8e4e3 mkdir: respect the root path 69455bc stat: don't remove trailing '/' from root on win32 7aee248 repo: ensure we can create repo at filesystem root aa926fb Fix branch creation when branch name matches namespace of previously deleted branch 31ea8db Clarified git_repository_is_empty() documentation ed64a1b Add libssh2's library and include directories. 5c3e01d Ensure the diff hunk callback is specified before trying to dereference it fe61bb6 Ensure git_index_entry is not NULL before trying to free it ae0cfac openssl: Add all required includes for AF_INET6 and in6_addr. 4738a33 Fixed git_repository_set_bare() not setting "core.bare" correctly d0db408 Make sure sys/repository.h includes the required headers eefe2e8 Fixed typo in git_repository_reinit_filesystem() documentation 8693335 Make binary detection work similar to vanilla git d95c949 Include ws2tcpip.h in order to get in6_addr e1314dd Include openssl headers last 09c2477 Fixed error when including git2/include/sys/stream.h bd0a551 pathspec: do not try to dereference NULL 1ce9ea3 checkout tests: cleanup realpath impl on Win32 f9df7b6 checkout tests: emulate p_realpath poorly on Win32 8d65523 checkout: remove files before writing new ones b295294 checkout: drop newline in error message 99367df checkout tests: nasty symlinks 9f1c873 checkout: don't recreate previous directory 1ca7fa9 git_path_join_unrooted: return base len bd0e881 checkout: introduce git_checkout_perfdata Downloads libgit2 v0.21.5 Maintenance Release @ethomson ethomson released this on 17 Jan The following (critical) fixes have been backported to this maintenance release. All users of the library are encouraged to update. af769f4 checkout: introduce git_checkout_perfdata fc478d2 git_path_join_unrooted: return base len 629a579 checkout: don't recreate previous directory dd3c53f checkout tests: nasty symlinks 186177a checkout: drop newline in error message 7268a5a checkout: remove files before writing new ones e517b62 checkout tests: emulate p_realpath poorly on Win32 9a8753d checkout tests: cleanup realpath impl on Win32 8433078 Introduce test for checkout case-changing rename d853fb9 Always checkout with case sensitive iterator
Revision 1.3 / (download) - annotate - [select for diffs], Tue Jan 13 23:05:26 2015 UTC (9 years, 2 months ago) by wiedi
Branch: MAIN
CVS Tags: pkgsrc-2015Q1-base,
pkgsrc-2015Q1
Changes since 1.2: +2 -1
lines
Diff to previous 1.2 (colored) to selected 1.30 (colored)
bulk build wants openssl
Revision 1.2 / (download) - annotate - [select for diffs], Wed Oct 29 14:13:27 2014 UTC (9 years, 5 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2014Q4-base,
pkgsrc-2014Q4
Changes since 1.1: +3 -1
lines
Diff to previous 1.1 (colored) to selected 1.30 (colored)
Explicitly disable libssh2 support, security/libssh2 is too old anyway.
Revision 1.1 / (download) - annotate - [select for diffs], Wed Oct 1 13:12:31 2014 UTC (9 years, 5 months ago) by fhajny
Branch: MAIN
Diff to selected 1.30 (colored)
Import devel/libgit2 based on wip/libgit2. libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language which supports C bindings.